Wallet Logo

BitcoinPaperWallet.com

Latest release: ?? ( 22nd September 2017 ) 🔍 Last analysed 4th May 2022 . Leaks Keys
14th April 2013

Jump to verdict 

Do your own research!

Try out searching for "lost bitcoins", "stole my money" or "scammers" together with the wallet's name, even if you think the wallet is generally trustworthy. For all the bigger wallets you will find accusations. Make sure you understand why they were made and if you are comfortable with the provider's reaction.

If you find something we should include, you can create an issue or edit this analysis yourself and create a merge request for your changes.

The Analysis 

Background

Originally started by Canton Becker in 2013, bitcoinpaperwallet used the same code as bitaddress.org. Becker sold it to an unknown buyer in 2018. This has generated some controversy and warnings.

The site allowed users to generate public and private key pairs through the website. Users can save a copy of the website and run it on an offline computer. It supports BIP38 and users can put an encrypted password to make the private key more secure.

Users can also order a “kit” which included a custom Ubuntu Live CD with the BitcoinPaperWallet.com software, some printing medium and stickers.

Analysis

The site goes to great lengths to explain to the user the risks involved with this approach:

The advantage with BIP38 is that if your paper wallet is stolen or compromised, the private key cannot be recovered without your password. Even a very short password adds a strong degree of protection. However, if you encrypt your private key with BIP38 and you lose your password, it will be impossible for you to recover the funds you have sent to this wallet.

Also, note that not all Bitcoin wallet applications or web services are able to import or “sweep” BIP38 encrypted keys. In this case, you will have to use the Validate or Decrypt feature on this webpage to reveal the unencrypted Wallet Import Format (WIF) key as an intermediate step before sweeping the balance.

WARNING: Before sending any funds to a BIP38-encrypted wallet, first do a test make sure you are able to decrypt the printed private key back to ordinary WIF format.

Unless you have a strong understanding of the BIP38 encryption and decryption workflow, click cancel, print your paper wallet without BIP38, and just keep it safe and hidden like you would jewels or cash.

The new owner of the site is unknown. It is possible that the code that generates the key pairs may be compromised.

Users can order remastered Ubuntu 14.04.1 Live CDs with the code, but we were not able to locate the repository for this remastered version. There’s a certain level of trust that is placed towards the anonymous online vendor.

Finally, once a user is able to run the software in an offline environment, the risk is always there in leaking the keys during print or later use of the paper wallet.

(dg)

Verdict Explained

This product requires sharing private key material!

As part of our Methodology, we ask:

Does the device hide your keys from other devices? If not, we tag it Leaks Keys!

Some people claim their paper wallet is a hardware wallet. Others use RFID chips with the private keys on them. A very crucial drawback of those systems is that in order to send a transaction, the private key has to be brought onto a different system that doesn’t necessarily share all the desired aspects of a hardware wallet.

Paper wallets need to be printed, exposing the keys to the PC and the printer even before sending funds to it.

Simple RFID based devices can’t sign transactions - they share the keys with whoever asked to use them for whatever they please.

There are even products that are perfectly capable of working in an air-gapped fashion but they still expose the keys to connected devices.

This verdict is reserved for key leakage under normal operation and does not apply to devices where a hack is known to be possible with special hardware.

The product cannot be independently verified. If the provider puts your funds at risk on purpose or by accident, you will probably not know about the issue before people start losing money. If the provider is more criminally inclined he might have collected all the backups of all the wallets, ready to be emptied at the press of a button. The product might have a formidable track record but out of distress or change in management turns out to be evil from some point on, with nobody outside ever knowing before it is too late.