How does a bitcoin paper wallet work?

A bitcoin paper wallet is simply a public and private key printed together. It is an offline wallet, and is usually regarded as a type of cold storage, although it has some important differences that make its presence in that category debatable (more on this further down).

As the name suggests, paper wallets are usually made out of paper, although technically they could also be made of plastic or any other substance on which information can be durably printed.

bitcoin paper wallet

What is printed on the paper wallet are the private and public keys, usually in QR form, with the latter also serving as the address. You could just copy and paste the keys onto a text document and print that out (erasing the copy on the computer afterwards). Or you could use one of the free web services that generate the printable wallet for you. The key generation is usually done in your browser, so they are never transmitted on the internet. To be safe, you should clear your browser after printing.

Some paper wallet services have a nifty design that you can cut, fold and seal, making them a lightweight and relatively secure form of storing bitcoins offline. You send your bitcoins to the public address displayed on the wallet, and then store it in a secure place.

What makes paper wallets secure is that they are totally offline. They are not within the reach of hackers, and your bitcoins are never trusted to a third party. As long as the paper wallet is secure, the bitcoins are secure.

But, therein lies the relative lack of security. Someone could find your hiding place, take your printout, spend all the bitcoins associated with those keys, and return the paper, so you would never know.

A more secure version would involve folding the paper so that the private key is hidden from sight, taping the fold with a seal that can’t be broken and replaced (just search for “tamper evident seals”, there are many different providers and models), and making sure that the private key cannot be seen even if the folded paper is held up to the light.

bitcoin paper wallet
image from

Even that is not particularly secure. What if the folder, drawer or box that you keep it in floods? Sure, it’s unlikely, but when you’re securing a lot of bitcoins, it pays to think of worst case scenarios (and hey, what with climate change and all…). So, a tightly-sealed plastic bag would help. Or, if for whatever reason you have a machine that seals things in plastic, that would also be a good option (we may be verging on the surreal here, but some people do have them!).

So, how do you protect a paper wallet from fire? I have no idea. Keep it in the freezer? (That definitely would be “cold storage”, he he.)

Also, paper itself is not the most durable of substances. Apart from the obvious risks of fire or water damage, the ink could fade with time, making the keys unreadable. No readable keys, no bitcoin.

You can check your balance at any time using or (just type your public key into the search box).


bitcoin paper wallet
screenshot from

Most online wallets allow you to import your paper wallet data. To spend those bitcoins, you will be asked to type in the private key information, or scan the private key QR code (sometimes called the “spend” QR code). Because the private key will have now “touched” the internet, that does (however slightly) compromise its security, and it is advisable to move any remaining bitcoin to a new paper wallet.

Right there you have the main difference between paper wallets and other cold storage methods. With dedicated cold storage devices, the private key never touches the internet. With paper wallets, you do need to input the private key to sign the transaction. And, while steps can be taken to limit the danger, it is possible that the key can be intercepted. (Unlikely, but possible.)

It is worth remembering that the bitcoins are not actually stored in the wallet, they are on the blockchain, associated with those public and private keys – no-one can spend them without the private key, which is why it is important to keep that part of the paper wallet especially secure, and away from prying eyes.

bitcoin paper wallet
screenshot from

Some good paper wallet generators: and are open-source random address and key generators that uses your browser’s JavaScript engine, so no keys are sent over the Internet. They’re simple and quick, and have a very cool random generator function in which you move your mouse around the screen to mix up the characters in a long string. That random sequence is then used to generate your public and private keys, which are displayed on the next screen, for printing. will create a printout of a colourful paper wallet, with the appropriate fold lines, and will sell you tamper-evident stickers for sealing it shut.

Mycelium offers an original and even more secure way to generate paper wallets, with a USB dongle that you plug directly into your printer. The device generates a paper wallet that automatically gets printed out, without ever having touched your computer.

mycellium entropy bitcoin paper wallet

No doubt others will also come up with ingenious ways to make paper wallets even more reliable. Meanwhile, the current offerings are ingenious, relatively simple, and provide an additional step in bitcoin security. Of course, care needs to be taken. You can’t go scribbling phone messages on the back of your wallet printout if you have bitcoins associated with it. But, following the security measures and advice given above, paper wallets offer a relatively easy way to keep your bitcoin safe and away from hackers and digital thieves. Paper is not the most durable of materials, though. So for serious bitcoin safety, you’re better off with a dedicated cold storage device.

(For more on how Bitcoin works, see Bitcoin Basics.)

What is cold storage?

Imagine a cold, freezing vault deep underground in the Swiss mountains, with icicles decorating the thick steel door. That’s cold storage.

cold storage bitcoin - by Erol Ahmed for Unsplash
by Erol Ahmed for Unsplash

But “cold storage” in the bitcoin world (and in the tech world in general) is a bit more accessible. It implies the storage of data (in the case of bitcoin, of your private keys) completely offline. It could just be a pendrive or even a printout of the key (yes, on old-fashioned paper), shut in a drawer. Or, if you have a lot of bitcoin, locked away in a vault.


The important characteristic of cold storage is that it is not connected to the internet. This makes it especially secure, as there is virtually no way in for hackers or viruses. So, cold storage is used to “park” large amounts of bitcoin in a more secure manner.

Why “more secure”, rather than “totally secure”? If your storage device is damaged by water or fire and your keys are not retrievable, nor are your bitcoins. For “totally secure”, you’d probably have to resort to the aforementioned freezing vault in the Swiss mountains. But the idea does highlight the (relative) vulnerability of anything stored online. Many bitcoin holders keep most of their bitcoin in cold storage, and the minimum necessary for transactions in their online, desktop or mobile wallet.


But, I hear you ask, to move bitcoin to and from the cold storage address, to spend and to receive, surely you have to connect online?

To move bitcoin to the cold address, no. A cold address can receive bitcoins without connecting, since the bitcoins are stored on the blockchain, not the device. The device only stores the keys. The bitcoins sit on the blockchain, but are associated with those keys. You can check on your balance at any time by entering your public address into the search bars in either, or

To send those bitcoins to another address, either for a purchase or a transfer, you do need to input the keys online. This is either done manually (typing in the keys, or scanning the QR codes with your phone camera or your computer webcam), or by temporarily connecting the device (switching it on and connecting via wifi, or plugging it in to your computer).

A problem arises when you want to use a different cold storage address each time you send coins there, for privacy reasons (re-using addresses is not a very secure practice). If the “cold” side is not connected, how can the “hot” (= online) side know the addresses that it needs to send the coins to? One solution would be for the cold side to connect every now and then to send a bunch of addresses over to the hot side. But that would reduce the cold storage’s security (each connection opens up a vulnerability).

HD Wallets

Another, more secure, solution lies with the hierarchical deterministic wallets that we looked at last week. Both the hot and the cold side work with the same root, or “seed”, which is usually a long string of words. The hot side generates the addresses using one algorithm, while the cold side generates the corresponding private keys using an offline “sister” algorithm. If the hot side is compromised, the private keys are still safe, as are the associated bitcoins.

The physical wallet

When we talk about cold storage, what does it actually look like? What are the “cold storage devices” that we mentioned earlier?

They can be anything that can store data. A pendrive, a laptop, a tablet, a piece of paper, a mobile phone… Or, a dedicated cold storage wallet.

Dedicated cold storage wallets

A more convenient and secure option is dedicated cold storage wallets, which can remain offline even when signing transactions. This may sound like magic, but the way it works is the following:

The electronic wallet is set up on an offline device (such as an old laptop, tablet or special hardware), using a previously downloaded program. A “watch only” copy (ie., only the public key, so it can only consult, not transact) is imported to your online computer using a pendrive, USB stick, or whatever you want to call it. This copy creates the transaction using the copied public key, and copies the transaction file onto the same USB device (or a different one, if you happen to have many lying around). The transaction is then imported into the software on the offline device, where it is signed using the private key. The signed transaction then gets downloaded onto the USB drive, and imported into the wallet software on the online device, which then broadcasts it to the network. There’s a lot of flaffing about with USB sticks, but your cold storage never “touches” the internet.

keepkey cold storage
screenshot from KeepKey

A new generation of gadgets promise to make cold storage even easier. Trezor, Ledger, KeepKey and Hardbit are some examples of the devices that make it easier to sign offline and then broadcast the transaction to the network. Most require plugging into an online computer, but strong encryption and barriers to keystroke hacking prevent an “attacker” (what the sector calls someone trying to get at your information) from getting access to the private key information stored there.

— x —

Cold storage is a recommendable solution for keeping significant bitcoin holdings safe. As with all ultra-secure options, though, it is not very straightforward, and should be used for storage, not for frequent transactions. Just as you keep most of your money in the bank but carry around cash for convenience even though it’s less safe, cold storage wallets are secure but online or mobile wallets are more convenient.

Bitcoin security is getting more and more attention these days, partially fuelled by media reports of hacking and theft, but also by more of us waking up to the idea that bitcoin is not just a payment mechanism. It is also an investment*, and investments need a different treatment than digital currencies bought for transaction purposes. Xapo is even developing a system that will allow you to store your bitcoins in outer space. Assuming that the satellite is recoverable, that removes any concern about jurisdictional risk, and highlights the importance of contemplating the worst case scenario. For anyone bullish on the potential value of the digital currency, the value and usefulness of cold storage, earth-bound or not, is becoming more obvious.

(*I am not recommending bitcoin as an investment. It is illiquid and risky, and you should form your own opinion before buying for investment purposes.)

What is an HD wallet?

While researching bitcoin wallets, I kept coming across the letters “HD”, which I at first thought might be the initials of the inventor. But no, they stand for “hierarchical deterministic”, and represent a pretty cool innovation that has made wallets even more practical. So, let’s try and put those two words with lots of syllables into plain language.

by Gabriel Santiago for Unsplash - HD wallets are a bit like trees, in that one "seed" can create many "branches" (=addresses)
by Gabriel Santiago for Unsplash – HD wallets are a bit like trees, in that one “seed” can create many “branches” (=addresses)

Old-style bitcoin wallets generate addresses and keys randomly. Random generation is obviously much more secure than user generation (given that users can be quite lazy or uncreative: “password” is still the most popular password). And new addresses are automatically generated when needed, which is convenient. But it also presents complications.

Wallets that transact frequently will have many associated addresses, since for privacy reasons some users prefer each bitcoin they purchase, or receive in exchange for a service, to have a separate address. Also, each transaction generates a “change address”: if I have three bitcoins at one address and want to spend two, I can’t just spend part of that address’ bitcoins, I have to spend the whole lot. So, I send all three and one automatically gets returned as change, to a new, automatically-generated address. Frequent transactors generate a lot of change addresses.

However, keeping up to date with the backups of a steadily increasing array of addresses is complicated. Backups are important, since if you lose your keys (your computer dies, your pendrive goes missing, whatever) you lose your bitcoins. Frequent generation of random addresses will require equally frequent backups, which can become a hassle.

What if there were a way to generate an almost infinite number of seemingly random addresses, but following some sort of pattern that could be replicated, but that at the same time was impossible to guess or hack?

Deterministic wallets (in this case “deterministic” can be taken to mean the opposite of “random”) generate addresses and keys according to a pre-set algorithm, which depends on a “seed”, or starting sequence of characters. This seed can be a sequence of words randomly assigned, and is a bit like a “master key” which can be used to generate any number of public and private key pairs.

With deterministic wallets, frequent backups are not as necessary, since your wallet addresses can be “re-created” from the seed string. Instead of spending a lot of time and computing power backing up a list of addresses, you focus on backing up the seed string. The rest can be recovered from that. You don’t need to worry about outdated backup copies.

“Hierarchical” deterministic wallets allow for the generation of keys from a “master” seed, in a cascade, an hierarchy, a stream of keys/addresses depending on one at master level. This allows for the sharing of keys below the master level – you can hand your auditor a sub-level key, even a private one (the one that allows spending of the bitcoins associated with that address), and not worry about him or her figuring out the private key for all the addresses that “belong” to the master seed. While this scenario is not free of security risks, it does open up an interesting range of possible uses within teams and even corporations.

To summarize: HD wallets are especially cool in that you can recover your addresses from a seed phrase, and you can “split” a bitcoin account into several addresses, sharing those among interested parties without compromising the others. The full repercussions of this have yet to be explored, as with most things bitcoin. And twists and evolutions will no doubt increase functionality and security in incremental steps.

Web-based vs. desktop vs. mobile bitcoin wallets

Assuming you’ve decided to download a bitcoin wallet, do you want a web, desktop or a mobile version?

This is more confusing than it sounds, since each performs a different function, with different levels of security. As we’ve seen before, a wallet is simply a way to store your public and private keys, and to display the net amount of bitcoin that you have associated with those keys. They can usually also show you the transaction history of those keys.

The word “wallet” may be confusing as it implies that your bitcoins are stored in it. They’re not, they’re actually stored on the blockchain, which itself is stored on servers (bitcoin “nodes”) around the world. Thanks to the user interface, the wallet just looks like it stores your bitcoins. And just like an online bank, it can show you your transaction history.

bitcoin wallet

Web-based wallets

Web-based wallets store your keys online, which is convenient as you can access them from any computer. However, it is not as secure as some other options, as your keys are stored on someone else’s server. Those servers are well protected – no wallet service provider wants to be hacked – but they’re not under your control. Since this is what bitcoin was created to avoid – your funds being in someone else’s control – this solution may seem ironic. It is convenient, though, especially if your wallet service provider also allows you to purchase bitcoin through their exchange.

Some web-based wallets such as Blockchain encrypt the keys before storage in the online server, which is a slightly more secure option than those that store the keys on their servers, such as Coinbase.

Desktop wallet

It’s worth remembering that an online wallet is not the same as a desktop wallet, although you access your online wallet via your desktop. For a desktop wallet, you install the software directly on your PC. Assuming that your security is thorough, this is one of the safer options, but if your hard drive is hacked, chances are your bitcoin keys will be copied and your bitcoins transferred without your knowledge. In other words, your bitcoins will be stolen.

Most desktop wallet are “lightweight”, which means they don’t download the entire blockchain (just as well, since it currently occupies almost 50GBs). Lightweight wallets only store block headers, rather than entire blocks – this allows them to take up less than a tenth of the space. However, the trade-off is that they are less secure than full blockchain wallets as they can’t examine all the transactions in the blocks to make sure that they are valid, because they doesn’t have the transaction history. Lightweight wallets, otherwise known as “SPV” (for Simplified Payment Verification), can only validate the transactions that concern them. They trust the fully validating nodes to check all the others.

If you have downloaded the bitcoin protocol, that acts as a wallet as well as a full node.

Mobile wallet

The mobile wallet is the most practical option in that your bitcoin are accessible at any time. Your smartphone can be used to pay for products with bitcoin, or to easily transfer funds to someone else. Your camera scans the recipient’s QR address, which is so much easier than typing in a long string of letters and characters. True, the desktop and web versions usually allow for copy and paste, but pointing your phone at a pixelated square is simpler and faster. Some phones enable NFC connections, which means that all you have to do in certain circumstances is tap your phone against a reader to pay.

Mobile wallets are also SPV or “lightweight” (see above), which compensates a reduction in necessary space with a reduction in thoroughness and blockchain integrity, but for most daily applications, they work very well.

However, since your phone can be lost or stolen, and your keys along with it, you could lose your bitcoins unless you have been smart enough to keep secure backups.

— x —

This may seem like a confusing sea of options, and differentiating between the different providers can get complicated. But it is not necessary to choose just one. Most bitcoin users have several wallets, to cover a variety of different needs. I have three, two of them web-based (Coinbase and Blockchain) and one mobile version (Blockchain, for now).

The three options covered here are especially useful for frequent transactions. With a few taps or clicks you can send bitcoin to any other wallet, move funds amongst your own, or purchase more to top up your holdings. These wallets do, however, imply a trade-off between ease of access and level of security. They are easier to use, but not as secure as some other more complex options. To safely hold a significant amount of bitcoin, offline storage is a stronger solution, and we’ll talk more about that next week.

(For more on how Bitcoin works, see Bitcoin Basics.)