Intentionally ugly paper wallets for Bitcoin (and other coins) – Security through obscurity, punk rock style

Share

I’ve been making “hide in plain site” ugly paper Bitcoin wallets. It’s a lot of fun. You might dig it too. And making your own ugly paper wallets could be a really fun rainy-day project with the kids.

I’m mainly making these to practice because pretty soon we’ll be able to make ugly paper wallets for BipCoin. A little birdy told me that a future version of some CryptoNote software will have the ability to easily export private keys from (non-Monero) CryptoNote coins in plain text. Of course it will be two private keys, not one, for each wallet. Everything in CryptoNote is more obscured. And that’s a good thing.)

Let’s call these paper wallets low-fi physical steganography. There’s a full BTC public and private key (with no BTC in it) in each of these images (except the one of beautiful paper wallets by someone else, and the photo of the physical folded up wallet with a kitty on it). For the other four, including the one up above, if you click on my images to get the full size version and print that on legal size paper, it can be scanned with any phone.

Kept in a pile of old fliers, these would not stand out. That might even be a better strategy than keeping them in a safe that would be obvious as a place to keep valuables. I’ve heard of people keeping paper wallets in small portable safes a thief can carry out. If a thief can get the safe out of your house, they have all the time in the world to get it open. Most burglars who aren’t looking for Bitcoin in particular would be far more likely to take jewelry and cash than old punk rock fliers.

The QR code scans to this:

1sQ9hDMHSuy44E4SfZ6qB9PyuLFgYCbehXXXXXXXX5KJEALrnpp8YvA64QR8yM5opL1LLSgtiGfZeeXKj3xKZBaJDx98

That’s a public BTC address followed by a bunch of Xs then a BTC private key. It’s all you’d need to import into wallet and spend the BTC therein. (info on how is here.) If you want to know if your particular wallet can do this, Google import private keys into (wallet name).

A few thoughts:

-Get creative. You don’t have to use punk rock posters and libertarian memes, but use something that you would be likely to have. Party invites, collages, charts and graphs, anything that would fit for you to have. Even better if you keep it in a pile of similar things that are the real deal of whatever they’re supposed to be. lol.

–I wouldn’t hang these on a wall and assume no one will figure it out and steal your Bitcoin, but I think these are more “secret” than really the really beautiful Bitcoin wallets with hologram seals that some people make, like this:

Those are a work of art, and they’re a blast to buy and sell at Porcfest, but too obvious for long-term cold storage.

–DO NOT GENERATE THE QR CODE WITH A WEB-BASED SERVICE. Do it offline, using all the usual precautions people use for the beautiful wallets: OS on a disc, USB cable for printer, not Wi-Fi, etc. etc. Also, once you import the keys into a wallet, if it’s a large amount of BTC, parse it out to some other wallets with less in them. And spend from a wallet without much at a time in it so people can’t see how much you have.

I used this program to make my QR codes. I used this program to make the bar codes to obscure the QR code. (I was trying to put the keys in a bar code, but they don’t hold enough text, like 12 or 13 characters. But you could actually just use all bar codes, but it would require several of them, and you’d have to have some way to know the order of them to put them together. Putting them into the artwork in order top to bottom would work. Or bottom to top for more secrecy.

Let me know in comments if anyone knows of better programs for either.

–Print with the highest-rez your printer can do. Print settings: high, 1200 dpi. Hard proofing, etc. Black & white is fine, but color is good too. Though a black & white QR code will “hide” better in a black & white pic than in a color pic where it’s the only think that’s black & white. Black & white looks even more punk than color, because back in the day color Xerox was WAY too expensive for fliers. Color ink-jet printing sill is to expensive to print up a thousand fliers for a local gig. (Do people still print fliers? I haven’t been in a band since 1993.

–You can make color QR codes that will scan. Experiment. But I’m more partial to the black & white ones. Look more like punk rock posters from back in the day, and I miss that stuff. And no color is even more different than the beautiful color ones most people make.

–You could be even more obscure if you put a bunch of QR codes in the art of the poster. You’d know which one is the right one. Or if you forget, you can just start scanning and trying until you get your fortune to pay the guards to smuggle you out to LibPar.

–if you ARE going to store these in a safe (figuring that might still remain after the burglar, ex-wife and tax man take everything else in the safe), print them on archival acid-free printer paper.

–If being used for long-term storage, attic is better than basement. Silverfish and other insects eat paper. Mold and flooding are also an issue in basements. But even in an attic, putting it with some other papers in a tin box or something like that is better than not. Maybe store with some silica gel anti-humidity paks too. The tin box will also protect this (with other papers) from mice and raccoons. Mice and raccoons love attics, and will shed paper to make nests.

Raccoons are really smart too. They can probably get the tin box open if it’s not locked. They’re probably not smart enough to spend your Bitcoin though.

–This is an inexpensive solution that is MUCH better than just sticking the papers in the attic in a cardboard box: put them in the attic with other papers in a fireproof lockable metal box. That lock won’t keep out a burglar, but it will keep a possum from opening the box with his opposable thumbs. And possums like attics. Also, don’t store the papers with anything that has ever held food without being washed. The smell will attract mammals and insects.

–Test the wallet to make sure it actually scans before filling with Bitcoin.

–Don’t use a bunch of Xs for your deliminator like I did. Use something that would seem random to a stranger but have meaning to you maybe.

–Be creative and make things up for your wallet, but make them believable. There is not and never was a storefront art gallery called “Gateway Drug Galleries” on the corner of 6th and Minna in San Francisco, but if you’ve ever been to that block, you know there damn well could be.

–Technically, you don’t even need to include the public key, just the private key. I used both for my examples. But here are instructions on Mycelium on how to remove money from a paper wallet if all you have is the private key. In fact, if you have them the way I put them, you’d need to scan it then paste them t

–In some situations you may need to mask the area around the QR code in order to scan. you could use paper, or cut it out and scan it on a white background. QR readers can usually ignore an amount of entropy, but for instance if you had your QR code surrounded directly by a bunch of other QR codes, it might be problematic.

–Just because something will scan on a screen doesn’t mean it will scan when printed. It’s pretty close, but all else the same, an image printed on an inkjet printer needs to be a tiny bit larger than the same image on a screen. The idea is to get the images to print as small as you can and still have them scan.

–VERY IMPORTANT: After removing all coin from a paper wallet, DESTROY THE PAPER WALLET. Best is probably burning, then crumpling the ashes. Chewing and swallowing the part with the QR code would also work. Of you could just move it quickly to another wallet.

–Someone said to me Good idea “until it goes mainstream – then everyone knows what to look for.” My reply: lol. Yup. I thought about keeping to to myself. But I thought maybe it would inspire more ideas of “hiding in plain sight” rather than making coin paper wallets look like something beautiful and obvious.

–You can fold them up if you want them to be pocket sized. use BipCot, BipCoin and State Speech is Hate Speech stickers for mine, and don’t try to be elegant about placement. (Buy the stickers with BipCoin or Bitcoin or PayPal here.). But make sure the fold does not go over the QR code. It could make it hard to scan later.

It looks like something a homeless early 80s crust punk would have made out of tape to keep his drugs and spare change from panhandling in. But with kitties:

Please post a link below if you upload your own examples.

Thanks!

–MWD

Below are the other three ugly paper wallets I made. They all look punk as fuck printed out on a black & white ink-jet printer. The would look even more punk as fuck if you xeroxed them, but then they might not scan (if someone tries it, let me know.) More importantly, modern copy machines usually keep a digital copy of every copy they make. NOT secure. And that kid behind the counter at Kinkos probably DOES use BTC and probably does know what a paper wallet is.

Old 80s real punk rock flyer with a bunch of stuff added.

 

This last one is just the QR code stuck over the bar code on some old Winston Smith Dead Kennedys art:

1 Comment

  1. Pingback: ON NOT GETTING HACKED. – BipTunia

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.