Protecting your bitcoin with BitKey

Transferring Funds to Other People

The wallet stored in Blue is the only one that contains the private key material, and thus it is the only one that can sign transactions. In other words: You need to use the Blue wallet for making payments. However, since you cannot attach Blue to Internet-enabled systems, you cannot use the wallet directly. The procedure for making a transaction is cumbersome, inconvenient, and very safe.

In order to make a transaction, you must generate an unsigned transaction in your Unsafe machine using the wallet in Black (Figure 3), open the Send tab, and fill in the payment form. Hit Send and then save the unsigned transaction to a file. You may transfer this file to the Safe machine that has access to the Blue device using any means you find convenient. A third disposable flash drive is often the most convenient option. Run Electrum in Safe and go to Tools | Load Transaction | From File. Hit Sign and save your signed transaction to a file. Transfer this file to the Unsafe machine. Finally, on the Unsafe box, use Electrum, and select Tools | Load Transaction | From File in order to load your signed transaction. Hit Broadcast. Congratulations, your payment has just been sent to the Bitcoin network!

Figure 3: You need to create an unsigned transaction from your watch-only wallet and sign it using your private keys in order to make a payment.

Other Tools

BitKey also includes two utilities for creating paper wallets [5]:

  • BitAddress [6]
  • Bitcoin Paper Wallet [7]

Paper wallets are pieces of paper that contain a primary private and public key. The idea is that you can print and store a paper wallet in a safe location far from malware. Papers wallets are an alternative to the cold-online and cold-offline computer combination. The use of paper wallets is usually discouraged because it is extremely easy to lose the access to your coins if you make any mistake. Please, don't use paper wallets unless you understand their ins and outs. BitAddress offers instructions for the proper use of paper wallets if you are really interested in using them. Please, read the instructions carefully, and see the box entitled "Mistakes that Destroy your Money."

Mistakes that Destroy your Money

When you first create a Bitcoin wallet in any format and with any software, it creates a public-private key pair. This key pair is associated with a Bitcoin address that you use to receive funds.

The process followed when sending a payment, however, involves the creation of multiple sub-keys that have the main key pair as a master. Bitcoin clients track your account balance by tracking the input and output associated with your address.

For example, if you create an address and then Jack and Adam send you 1 bitcoin and 2 bitcoin each, your client will know that you have an input worth 1 bitcoin and another input worth 2 bitcoin. If you try to send 1.5 bitcoin to Adam one day later, your client will take the 2 bitcoin input, split it in two parts, send 1.5 bitcoin to Adam, and send the change (0.5 bitcoin) back to you. Your wallet software will send the change to a phantom address, that is, it will create a key pair attached to a new dynamically generated address and send the change to it.

The rationale for creating this change address is that it makes it harder for a hostile entity to track your transfers than just delivering the change to your main Bitcoin address. Each time you deliver a payment, a phantom address and a corresponding key pair are generated in the background. Since Bitcoin clients do this task automatically, the user is protected from the complexities of this method.

Problems occur when a user loses the key pairs that allow access to the money delivered to the user's own change addresses. If you create a paper wallet and money is delivered to it, all the inputs will be associated with your main address. If you later load this paper wallet in a software Bitcoin client and then make some payments, this program will generate multiple change addresses and key pairs that won't exist in the paper wallet at all. These change addresses will receive part of your funds. If you destroy the software wallet, you may lose all the funds associated with the change addresses.

Many people used to create a paper wallet in order to keep their main keys offline. They would then load the main key pair into a software wallet, make payments, and delete the software wallet in order to prevent it from being stolen by malware. The problem with this approach was that these users lost their access to the money associated with change addresses when they deleted their keys!

To get started with BitAddress, launch it from the BitKey desktop. Move your pointer randomly over the screen in order to obtain enough entropy for generating your Bitcoin address (Figure 4). A public-private key pair will be created and displayed on the screen, along with QR codes, in a printer friendly format. You may wish to print this paper, note your Bitcoin address down, and lock the paper wallet in a safe location. Treat this wallet as a piggy-bank. You may tell people to send money to you by giving your Bitcoin address to them. When you need to access your funds, import the private key of the paper wallet into any conventional Bitcoin client, spend all the funds, and destroy the paper. In theory, once you have imported the paper wallet into a regular Bitcoin client, you could treat it as you would treat any regular software wallet. However, once the private keys are imported in an Internet-enabled computer, they are exposed to potential compromise, and the common recommendation is to use all the funds up at once and discard the wallet forever. Reusing a spent paper wallet is dangerous, and money loss is more likely than not if you try. Look online for more on the dangers of address reuse [8].

Figure 4: BitAddress requires the user to generate entropy by moving the pointer randomly around the screen.

Also included with BitKey is WarpWallet, a utility for creating brainwallets [9]. A brainwallet is an easy-to-remember passphrase that can be fed to a brainwallet program in order to create a public and private Bitcoin key pair. The algorithm is deterministic – the same passphrase always generates the same key pair. The theory is that you can keep the passphrase in your head and avoid placing your Bitcoin keys on a computer until you really need to. When you need to access your money, you use the passphrase and WarpWallet to generate the keys and then import the private key into a regular Bitcoin program. Once imported, these wallets are similar to paper wallets and the same principles apply. As with paper wallets, brainwallets are dangerous, so use them with care.

Launch WarpWallet from the bar. Feed the program with a very secure passphrase, and provide it with your email address in order to generate the salt (Figure 5). The salt is extremely important, because unsalted brainwallets are considered extremely insecure (see the box entitled "Unsalted Brainwallets"). WarpWallet will generate and display a public-private key pair. Note the public address down and close the program. As with paper wallets, a brainwallet is a piggy bank. You can receive payments to your public address. When you are ready to spend the money, fire up WarpWallet, feed it with your passphrase and email address, and note down the private key that is generated. Import that private key into your Bitcoin client as before. Spend all the money at once! Brainwallets suffer drawbacks similar to paper wallets, so don't reuse your brainwallet address. (I know I have already mentioned the dangers of reusing addresses, but trust me, it is important.)

Figure 5: Brainwallets are like paper wallets, but instead of storing the keys on a piece of paper, the user remembers a passphrase and generates the keys by feeding the phrase to WarpWallet.

Unsalted Brainwallets

Brainwallets that are generated without salt are vulnerable to cracking using rainbow tables and other advanced cracking methods. Bots are known to exist that patrol the blockchain, searching for vulnerable brainwallets, cracking them, and stealing all their funds. If you really want to use a brainwallet, make sure the brainwallet program you use is salting the hashes. Otherwise, you risk giving away your money to automated thieves.

For maximum security, it is better to perform the wallet generation in cold-offline mode for both brainwallets and paper wallets and to load the private keys in hot-online mode just when you are going to spend them.

Finally, BitKey includes a password strength analyzer called zxcvbn (Figure 6). This tool uses advanced analysis to determine if a password or passphrase is safe.

Figure 6: A tool for measuring password strength is included with BitKey.

What BitKey Lacks

BitKey is a useful solution for people who wish to be very proactive about protecting their Bitcoin wallets; however, it is not without shortcomings.

The main problem is that you won't find much official documentation about how to implement BitKey and integrate it into your secure procedures. The most useful instructions are in an article written by Liraz Siri on the TurnKey site [10]. (BitKey was created by core developers with the TurnKey Linux project.)

The version of Electrum included with BitKey lacks a QR scanner. QR is a very useful way of importing unsigned transactions and keys into Electrum. The fact that the version included in BitKey lacks a QR scanner means the user must type the keys into Electrum, instead of letting the webcam do the task.

International users will notice the lack of a documented boot code that lets you select a keyboard layout at boot time, such as you will find in Knoppix. With BitKey, you boot straight into an English keyboard layout. If you need another layout, you will have to switch it manually with setxkbmap from a terminal emulator.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Bitmessage

    Forget email: Bitmessage harnesses the power of public key cryptography to create a decentralized, trustless P2P communications protocol. Messages are virtually impossible to spoof or tap.

  • Welcome

    Newsweek’s story uncovering the man they claim is the creator of BitCoin caused plenty of buzz. As this issue goes to press, the guy they fingered has announced he is filing a lawsuit, claiming that the assertions are false. But according to the story, his brother said “He’ll never admit to starting BitCoin.” So who should we believe?

    Many commentators have argued that the story is not sufficiently corroborated and shouldn’t have been printed, which might be true. But the question of the story’s treatment of facts masks another question that is receiving much less attention: Even if the allegations are true, is this really a news story?

  • FOSSPicks

    Graham reviews the best free software, including OBS Studio 20, Green Recorder 3.0, gtop, Bitcoin Core v0.14.2, Natron, Solarus, and more!

  • Welcome

    Law enforcement officers in Japan recently indicted former Mt. Gox CEO Mark Karpelès. The leader of the now-defunct Bitcoin repository has been in custody since June as investigators consider what might have happened to more than $183 million in lost Bitcoin funds.

  • Ask Klaus

    What’s new in Knoppix 7.4?

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95