Upload
brian-fabian-crain
View
253
Download
2
Embed Size (px)
Citation preview
Bitcoin Startups Berlin - April 22 2014
Cold Storage with Bit-Card
Brian Fabian Crain
Outline
❖ Context: Wallets, Thefts, New Users!
❖ Bit-Card!
❖ BIP0038!
❖ Testing the System!
❖ Conclusion!
❖ The Road Ahead
Bitcoin Wallets
Thefts
❖ MtGox (~700,000 BTC?)!
❖ Chinese Exchange GBL ($4.1m)!
❖ Sheep Market Place (~$100m)!
❖ Inputs.io ($1.2m)!
❖ Malware!
❖ Total: ~820,000 BTC (~6% of money supply)
Mainstream Adoption
What’s a New User To Do?
The Bit-Card System
❖ bit2factor.org (Generate Intermediate Codes)!
❖ Receive-Only Card!
❖ Encrypted Paper Wallet (2)!
❖ Blockchain.info (To spend money)
Bit-Card.de
❖ Company based in Leipzig!
❖ Carsten Unger is often at meet ups!
❖ Have sold 100,000+ cards
Types of Wallets
❖ Unencrypted Paper Wallets (Presents/hologram safe)!
❖ Encrypted BIP38 paper wallets
BIP38Passphrase
Intermediate
Intermediate
AddressEncrypted Private Key
Confirmation
Confirmation
Verification
Email/Order
Scrypt
SHA256/AES256
Bitcoin Address
Encrypted Private Key underneath
Confirmation Code
Bit-Card.de URL with balance
Arrangement
Password
Parents’ House
Bank Safe Recovery Instructions
Home
Scrypt
❖ A password-based key derivation function!
❖ Expensive to brute-force, takes 100s of ms!
❖ Requires large amount of memory
Could Scrypt-ASICs Break BIP38?
❖ Memory-demand for Litecoin: 128kB!
❖ Memory-demand for BIP38: 16MB!
❖ Cryptocurrencies: Require Partial Hash Collision!
❖ BIP0038 would need exact match!
❖ With a reasonably secure password: No
Spending From Cold Storage
Problems
❖ QR code scan fails with bad light!
❖ No QR code for confirmation code!
❖ Very little information - QR Codes not labeled!
❖ Danger of change addresses!
❖ Not (really) reusable
Conclusion
❖ Usability is not there yet.!
❖ Solid system for intermediate-advanced Bitcoin users, who want alternative to offline Armory.
Resources
❖ Bit-Card.de (Thanks to Carsten!)!
❖ BIP0038 (Not very readable)!
❖ bit2factor.org