How does a bitcoin paper wallet work?

A bitcoin paper wallet is simply a public and private key printed together. It is an offline wallet, and is usually regarded as a type of cold storage, although it has some important differences that make its presence in that category debatable (more on this further down).

As the name suggests, paper wallets are usually made out of paper, although technically they could also be made of plastic or any other substance on which information can be durably printed.

bitcoin paper wallet
via bitaddress.org

What is printed on the paper wallet are the private and public keys, usually in QR form, with the latter also serving as the address. You could just copy and paste the keys onto a text document and print that out (erasing the copy on the computer afterwards). Or you could use one of the free web services that generate the printable wallet for you. The key generation is usually done in your browser, so they are never transmitted on the internet. To be safe, you should clear your browser after printing.

Some paper wallet services have a nifty design that you can cut, fold and seal, making them a lightweight and relatively secure form of storing bitcoins offline. You send your bitcoins to the public address displayed on the wallet, and then store it in a secure place.

What makes paper wallets secure is that they are totally offline. They are not within the reach of hackers, and your bitcoins are never trusted to a third party. As long as the paper wallet is secure, the bitcoins are secure.

But, therein lies the relative lack of security. Someone could find your hiding place, take your printout, spend all the bitcoins associated with those keys, and return the paper, so you would never know.

A more secure version would involve folding the paper so that the private key is hidden from sight, taping the fold with a seal that can’t be broken and replaced (just search for “tamper evident seals”, there are many different providers and models), and making sure that the private key cannot be seen even if the folded paper is held up to the light.

bitcoin paper wallet
image from bitcoinpaperwallet.com

Even that is not particularly secure. What if the folder, drawer or box that you keep it in floods? Sure, it’s unlikely, but when you’re securing a lot of bitcoins, it pays to think of worst case scenarios (and hey, what with climate change and all…). So, a tightly-sealed plastic bag would help. Or, if for whatever reason you have a machine that seals things in plastic, that would also be a good option (we may be verging on the surreal here, but some people do have them!).

So, how do you protect a paper wallet from fire? I have no idea. Keep it in the freezer? (That definitely would be “cold storage”, he he.)

Also, paper itself is not the most durable of substances. Apart from the obvious risks of fire or water damage, the ink could fade with time, making the keys unreadable. No readable keys, no bitcoin.

You can check your balance at any time using blockexplorer.com or blockchain.info (just type your public key into the search box).

 

bitcoin paper wallet
screenshot from blockchain.info

Most online wallets allow you to import your paper wallet data. To spend those bitcoins, you will be asked to type in the private key information, or scan the private key QR code (sometimes called the “spend” QR code). Because the private key will have now “touched” the internet, that does (however slightly) compromise its security, and it is advisable to move any remaining bitcoin to a new paper wallet.

Right there you have the main difference between paper wallets and other cold storage methods. With dedicated cold storage devices, the private key never touches the internet. With paper wallets, you do need to input the private key to sign the transaction. And, while steps can be taken to limit the danger, it is possible that the key can be intercepted. (Unlikely, but possible.)

It is worth remembering that the bitcoins are not actually stored in the wallet, they are on the blockchain, associated with those public and private keys – no-one can spend them without the private key, which is why it is important to keep that part of the paper wallet especially secure, and away from prying eyes.

bitcoin paper wallet
screenshot from bitaddress.org

Some good paper wallet generators:

Bitaddress.org and Walletgenerator.net are open-source random address and key generators that uses your browser’s JavaScript engine, so no keys are sent over the Internet. They’re simple and quick, and have a very cool random generator function in which you move your mouse around the screen to mix up the characters in a long string. That random sequence is then used to generate your public and private keys, which are displayed on the next screen, for printing.

Bitcoinpaperwallet.org will create a printout of a colourful paper wallet, with the appropriate fold lines, and will sell you tamper-evident stickers for sealing it shut.

Mycelium offers an original and even more secure way to generate paper wallets, with a USB dongle that you plug directly into your printer. The device generates a paper wallet that automatically gets printed out, without ever having touched your computer.

mycellium entropy bitcoin paper wallet

No doubt others will also come up with ingenious ways to make paper wallets even more reliable. Meanwhile, the current offerings are ingenious, relatively simple, and provide an additional step in bitcoin security. Of course, care needs to be taken. You can’t go scribbling phone messages on the back of your wallet printout if you have bitcoins associated with it. But, following the security measures and advice given above, paper wallets offer a relatively easy way to keep your bitcoin safe and away from hackers and digital thieves. Paper is not the most durable of materials, though. So for serious bitcoin safety, you’re better off with a dedicated cold storage device.

(For more on how Bitcoin works, see Bitcoin Basics.)

What is cold storage?

Imagine a cold, freezing vault deep underground in the Swiss mountains, with icicles decorating the thick steel door. That’s cold storage.

cold storage bitcoin - by Erol Ahmed for Unsplash
by Erol Ahmed for Unsplash

But “cold storage” in the bitcoin world (and in the tech world in general) is a bit more accessible. It implies the storage of data (in the case of bitcoin, of your private keys) completely offline. It could just be a pendrive or even a printout of the key (yes, on old-fashioned paper), shut in a drawer. Or, if you have a lot of bitcoin, locked away in a vault.

Security

The important characteristic of cold storage is that it is not connected to the internet. This makes it especially secure, as there is virtually no way in for hackers or viruses. So, cold storage is used to “park” large amounts of bitcoin in a more secure manner.

Why “more secure”, rather than “totally secure”? If your storage device is damaged by water or fire and your keys are not retrievable, nor are your bitcoins. For “totally secure”, you’d probably have to resort to the aforementioned freezing vault in the Swiss mountains. But the idea does highlight the (relative) vulnerability of anything stored online. Many bitcoin holders keep most of their bitcoin in cold storage, and the minimum necessary for transactions in their online, desktop or mobile wallet.

How?

But, I hear you ask, to move bitcoin to and from the cold storage address, to spend and to receive, surely you have to connect online?

To move bitcoin to the cold address, no. A cold address can receive bitcoins without connecting, since the bitcoins are stored on the blockchain, not the device. The device only stores the keys. The bitcoins sit on the blockchain, but are associated with those keys. You can check on your balance at any time by entering your public address into the search bars in either blockexplorer.com, or blockchain.info.

To send those bitcoins to another address, either for a purchase or a transfer, you do need to input the keys online. This is either done manually (typing in the keys, or scanning the QR codes with your phone camera or your computer webcam), or by temporarily connecting the device (switching it on and connecting via wifi, or plugging it in to your computer).

A problem arises when you want to use a different cold storage address each time you send coins there, for privacy reasons (re-using addresses is not a very secure practice). If the “cold” side is not connected, how can the “hot” (= online) side know the addresses that it needs to send the coins to? One solution would be for the cold side to connect every now and then to send a bunch of addresses over to the hot side. But that would reduce the cold storage’s security (each connection opens up a vulnerability).

HD Wallets

Another, more secure, solution lies with the hierarchical deterministic wallets that we looked at last week. Both the hot and the cold side work with the same root, or “seed”, which is usually a long string of words. The hot side generates the addresses using one algorithm, while the cold side generates the corresponding private keys using an offline “sister” algorithm. If the hot side is compromised, the private keys are still safe, as are the associated bitcoins.

The physical wallet

When we talk about cold storage, what does it actually look like? What are the “cold storage devices” that we mentioned earlier?

They can be anything that can store data. A pendrive, a laptop, a tablet, a piece of paper, a mobile phone… Or, a dedicated cold storage wallet.

Dedicated cold storage wallets

A more convenient and secure option is dedicated cold storage wallets, which can remain offline even when signing transactions. This may sound like magic, but the way it works is the following:

The electronic wallet is set up on an offline device (such as an old laptop, tablet or special hardware), using a previously downloaded program. A “watch only” copy (ie., only the public key, so it can only consult, not transact) is imported to your online computer using a pendrive, USB stick, or whatever you want to call it. This copy creates the transaction using the copied public key, and copies the transaction file onto the same USB device (or a different one, if you happen to have many lying around). The transaction is then imported into the software on the offline device, where it is signed using the private key. The signed transaction then gets downloaded onto the USB drive, and imported into the wallet software on the online device, which then broadcasts it to the network. There’s a lot of flaffing about with USB sticks, but your cold storage never “touches” the internet.

keepkey cold storage
screenshot from KeepKey

A new generation of gadgets promise to make cold storage even easier. Trezor, Ledger, KeepKey and Hardbit are some examples of the devices that make it easier to sign offline and then broadcast the transaction to the network. Most require plugging into an online computer, but strong encryption and barriers to keystroke hacking prevent an “attacker” (what the sector calls someone trying to get at your information) from getting access to the private key information stored there.

— x —

Cold storage is a recommendable solution for keeping significant bitcoin holdings safe. As with all ultra-secure options, though, it is not very straightforward, and should be used for storage, not for frequent transactions. Just as you keep most of your money in the bank but carry around cash for convenience even though it’s less safe, cold storage wallets are secure but online or mobile wallets are more convenient.

Bitcoin security is getting more and more attention these days, partially fuelled by media reports of hacking and theft, but also by more of us waking up to the idea that bitcoin is not just a payment mechanism. It is also an investment*, and investments need a different treatment than digital currencies bought for transaction purposes. Xapo is even developing a system that will allow you to store your bitcoins in outer space. Assuming that the satellite is recoverable, that removes any concern about jurisdictional risk, and highlights the importance of contemplating the worst case scenario. For anyone bullish on the potential value of the digital currency, the value and usefulness of cold storage, earth-bound or not, is becoming more obvious.

(*I am not recommending bitcoin as an investment. It is illiquid and risky, and you should form your own opinion before buying for investment purposes.)

What is an HD wallet?

While researching bitcoin wallets, I kept coming across the letters “HD”, which I at first thought might be the initials of the inventor. But no, they stand for “hierarchical deterministic”, and represent a pretty cool innovation that has made wallets even more practical. So, let’s try and put those two words with lots of syllables into plain language.

by Gabriel Santiago for Unsplash - HD wallets are a bit like trees, in that one "seed" can create many "branches" (=addresses)
by Gabriel Santiago for Unsplash – HD wallets are a bit like trees, in that one “seed” can create many “branches” (=addresses)

Old-style bitcoin wallets generate addresses and keys randomly. Random generation is obviously much more secure than user generation (given that users can be quite lazy or uncreative: “password” is still the most popular password). And new addresses are automatically generated when needed, which is convenient. But it also presents complications.

Wallets that transact frequently will have many associated addresses, since for privacy reasons some users prefer each bitcoin they purchase, or receive in exchange for a service, to have a separate address. Also, each transaction generates a “change address”: if I have three bitcoins at one address and want to spend two, I can’t just spend part of that address’ bitcoins, I have to spend the whole lot. So, I send all three and one automatically gets returned as change, to a new, automatically-generated address. Frequent transactors generate a lot of change addresses.

However, keeping up to date with the backups of a steadily increasing array of addresses is complicated. Backups are important, since if you lose your keys (your computer dies, your pendrive goes missing, whatever) you lose your bitcoins. Frequent generation of random addresses will require equally frequent backups, which can become a hassle.

What if there were a way to generate an almost infinite number of seemingly random addresses, but following some sort of pattern that could be replicated, but that at the same time was impossible to guess or hack?

Deterministic wallets (in this case “deterministic” can be taken to mean the opposite of “random”) generate addresses and keys according to a pre-set algorithm, which depends on a “seed”, or starting sequence of characters. This seed can be a sequence of words randomly assigned, and is a bit like a “master key” which can be used to generate any number of public and private key pairs.

With deterministic wallets, frequent backups are not as necessary, since your wallet addresses can be “re-created” from the seed string. Instead of spending a lot of time and computing power backing up a list of addresses, you focus on backing up the seed string. The rest can be recovered from that. You don’t need to worry about outdated backup copies.

“Hierarchical” deterministic wallets allow for the generation of keys from a “master” seed, in a cascade, an hierarchy, a stream of keys/addresses depending on one at master level. This allows for the sharing of keys below the master level – you can hand your auditor a sub-level key, even a private one (the one that allows spending of the bitcoins associated with that address), and not worry about him or her figuring out the private key for all the addresses that “belong” to the master seed. While this scenario is not free of security risks, it does open up an interesting range of possible uses within teams and even corporations.

To summarize: HD wallets are especially cool in that you can recover your addresses from a seed phrase, and you can “split” a bitcoin account into several addresses, sharing those among interested parties without compromising the others. The full repercussions of this have yet to be explored, as with most things bitcoin. And twists and evolutions will no doubt increase functionality and security in incremental steps.

Web-based vs. desktop vs. mobile bitcoin wallets

Assuming you’ve decided to download a bitcoin wallet, do you want a web, desktop or a mobile version?

This is more confusing than it sounds, since each performs a different function, with different levels of security. As we’ve seen before, a wallet is simply a way to store your public and private keys, and to display the net amount of bitcoin that you have associated with those keys. They can usually also show you the transaction history of those keys.

The word “wallet” may be confusing as it implies that your bitcoins are stored in it. They’re not, they’re actually stored on the blockchain, which itself is stored on servers (bitcoin “nodes”) around the world. Thanks to the user interface, the wallet just looks like it stores your bitcoins. And just like an online bank, it can show you your transaction history.

bitcoin wallet

Web-based wallets

Web-based wallets store your keys online, which is convenient as you can access them from any computer. However, it is not as secure as some other options, as your keys are stored on someone else’s server. Those servers are well protected – no wallet service provider wants to be hacked – but they’re not under your control. Since this is what bitcoin was created to avoid – your funds being in someone else’s control – this solution may seem ironic. It is convenient, though, especially if your wallet service provider also allows you to purchase bitcoin through their exchange.

Some web-based wallets such as Blockchain encrypt the keys before storage in the online server, which is a slightly more secure option than those that store the keys on their servers, such as Coinbase.

Desktop wallet

It’s worth remembering that an online wallet is not the same as a desktop wallet, although you access your online wallet via your desktop. For a desktop wallet, you install the software directly on your PC. Assuming that your security is thorough, this is one of the safer options, but if your hard drive is hacked, chances are your bitcoin keys will be copied and your bitcoins transferred without your knowledge. In other words, your bitcoins will be stolen.

Most desktop wallet are “lightweight”, which means they don’t download the entire blockchain (just as well, since it currently occupies almost 50GBs). Lightweight wallets only store block headers, rather than entire blocks – this allows them to take up less than a tenth of the space. However, the trade-off is that they are less secure than full blockchain wallets as they can’t examine all the transactions in the blocks to make sure that they are valid, because they doesn’t have the transaction history. Lightweight wallets, otherwise known as “SPV” (for Simplified Payment Verification), can only validate the transactions that concern them. They trust the fully validating nodes to check all the others.

If you have downloaded the bitcoin protocol, that acts as a wallet as well as a full node.

Mobile wallet

The mobile wallet is the most practical option in that your bitcoin are accessible at any time. Your smartphone can be used to pay for products with bitcoin, or to easily transfer funds to someone else. Your camera scans the recipient’s QR address, which is so much easier than typing in a long string of letters and characters. True, the desktop and web versions usually allow for copy and paste, but pointing your phone at a pixelated square is simpler and faster. Some phones enable NFC connections, which means that all you have to do in certain circumstances is tap your phone against a reader to pay.

Mobile wallets are also SPV or “lightweight” (see above), which compensates a reduction in necessary space with a reduction in thoroughness and blockchain integrity, but for most daily applications, they work very well.

However, since your phone can be lost or stolen, and your keys along with it, you could lose your bitcoins unless you have been smart enough to keep secure backups.

— x —

This may seem like a confusing sea of options, and differentiating between the different providers can get complicated. But it is not necessary to choose just one. Most bitcoin users have several wallets, to cover a variety of different needs. I have three, two of them web-based (Coinbase and Blockchain) and one mobile version (Blockchain, for now).

The three options covered here are especially useful for frequent transactions. With a few taps or clicks you can send bitcoin to any other wallet, move funds amongst your own, or purchase more to top up your holdings. These wallets do, however, imply a trade-off between ease of access and level of security. They are easier to use, but not as secure as some other more complex options. To safely hold a significant amount of bitcoin, offline storage is a stronger solution, and we’ll talk more about that next week.

(For more on how Bitcoin works, see Bitcoin Basics.)

How does a bitcoin wallet work?

As we’ve seen already, there are many different kinds of bitcoin wallets (also called bitcoin clients). Each has different characteristics and functionalities, but each works in basically the same way: they store your public and private keys.

Your bitcoins – or rather, the pieces of code that represent them – are not actually stored in your wallet. They are stored on the blockchain, which in turn is stored on node computers all around the world.

bitcoin wallet

What your wallet contains is your bitcoin address, which is the same as your randomly generated public key (a long string of numbers and characters). Anyone can see this, it’s public information. The wallet also contains the private key that goes with that address/public key. Without the combination of the two keys, you can’t use your bitcoins. Actually, most wallets contain several addresses, and hold the public and private key pairings that make each of them work.

Obviously, most bitcoin wallets today do a lot more than that. They also relate your public and private keys to the bitcoins that match those keys, and display the list of related transactions and the current balance in a clean user interface (ie. a nice, easy-to-understand format).

But it’s important to understand that the wallet doesn’t actually contain your bitcoin. It contains permission to spend your bitcoin. And if you lose access to that permission to spend, then you effectively also lose your bitcoins, because you no longer have access to them. That is why it is so important to keep the keys secure.

Some wallets, especially the older ones, are full node wallets. This means that you download the entire blockchain, and act as a relayer or transmitter of transactions, even those that you had nothing to do with. You receive transactions from nodes and pass them on to other nodes, and thus contribute to the updating of the bitcoin network. While no actual work on your part is involved (the transmitting is done automatically), it is onerous – the blockchain occupies approximately 40GB of memory.

Most wallets, however, are “thin wallets”, or an SPV wallet (which stands for Simplified Payment Verification). If you have a wallet on your mobile phone, it’s almost certainly one of these, and an increasing number of desktop wallets are also offering this option. SPV wallets do not download the entire blockchain, they only download block headers. There are concerns that this weakens the security of the network as a whole, since they cannot tell the difference between a block with valid transactions and one with invalid ones. (Segregated Witness offers a potential solution to this problem, but the project is still at the testing phase.) But they rely on nodes to check the transactions for validity, and assume that after a certain number of blocks have been added on top, a transaction can be counted on to be correct.

Wallet technology is evolving rapidly in terms of efficiency and functionality, so this overview does not hope to cover all wallet types, but the basic principle is the same for most: wallets hold your keys, not your bitcoins, although the distinction is actually not that relevant for the average user. Bitcoin wallets are a fundamental piece in the path to increase bitcoin use beyond geeks and techies, as it is the only face of bitcoin that most will ever see. Wallet ease of use and security will increase confidence in transactions, while at the same time encourage more use cases. With more users comes even more innovation, and the entire sector – from front-end wallets to back-end miners and including the many applications in between – benefits.

What is a bitcoin wallet?

Before owning any bitcoins, you need somewhere secure to store them. That place is called a “wallet”. Since bitcoin is really just a snippet of code, your wallet will probably live on your computer and/or mobile device, but physical storage gadgets are also used, and there even is such a thing as a paper wallet. Here we’ll take a look at the different types of wallets, with a brief overview of how they work.

But first, it’s important to clarify something that will help to understand how they work. You store your bitcoins at your Bitcoin address, not your wallet. What your wallet holds is the private key that gives you access to your Bitcoin address (which is also your public key). If the wallet software is well designed, it will look as if your bitcoins are actually there, which makes using bitcoins more convenient.

Electronic wallets can be downloaded software, or hosted on the web (“in the cloud”, as we say these days). The former is simply a formatted file that lives on your computer or device, and that facilitates transaction formatting. Hosted wallets tend to have a more user-friendly interface and more on-the-go functions, but you will be trusting a third party with your private keys. There are a few hybrid models, and some really strange ones, and each provider is slightly (in some cases very) different from the rest. This summary is meant as a general overview of the different types, not a list or a recommendation of specific services.

One very cool function worth mentioning is that most wallets will convert your public bitcoin address into a QR code, which makes it so much easier to send bitcoins directly from your phone. You just hold your phone’s camera up to the square, scan it, and the address is entered into the “send” location.

Here’s mine:

(feel free to send me some bitcoins if you wish!)
(feel free to send me some bitcoins if you wish!)

Software wallet

Installing a wallet directly on your computer gives you the security that you control your keys. Most have relatively easy configuration, and are free. The disadvantage is that they do require more maintenance in the form of backups. If your computer gets stolen, hacked or corrupted and your private keys are not also stored somewhere else, you lose your bitcoins.

The original software wallet is the Bitcoin Core protocol, the program that runs the Bitcoin network. You can download this here and become a node (that doesn’t mean that you need to mine bitcoins) with wallet capability, but you’d also have to download the ledger of all transactions since the dawn of bitcoin time (2009). As you can guess, this takes up a lot of memory (over 20GB).

Most wallets in use today are “light” wallets, or SPV (Simplified Payment Verification) wallets, which do not download the entire ledger but sync to the real thing. Armory is a good example of a software bitcoin wallet, as are Electrum and MultiBit.

Web-based wallet

Web-based wallets offer increased convenience – you can generally access your bitcoins from any device if you have the right passwords. All are easy to set up, come with desktop and mobile apps which make it easy to spend and receive bitcoins, and most are free. The disadvantage is the lower security. With your private keys stored in the cloud, you have to trust the host’s security measures, and that it won’t disappear with your money, or close down and deny you access.

Several offer a wide range of services such as bitcoin purchase or sale, multi-wallet generation, coin mixing (to hide the origin), offline storage, merchant services, bank account connection, search function for address of people you know or people near you, maps of places near you that accept bitcoins…  Some are accessible via a web page, others as a browser extension, and almost all have a smartphone app. Among the best-known ones are Blockchain, Coinbase, Xapo and Hive.

 

image via KeepKey
image via KeepKey

Hardware wallets

Hardware wallets are small devices that occasionally connect to the web to enact bitcoin transactions. They are extremely secure, as they are generally offline and therefore not hackable. They can be stolen or lost, however, and the bitcoins that belong to the stored private keys along with it.

Trezor, KeepKey, LedgerWallet and Case are recent examples of efficient hardware wallets.

Paper wallets

Perhaps the simplest of all the wallets, these are pieces of paper on which the private and public keys of a bitcoin address are printed. Ideal for the long-term storage of bitcoins (away from fire and water, obviously), or for the giving of bitcoin as a gift, these wallets are more secure in that they’re not connected to a network. They are, however, easier to lose. With services such as bitadress.org and bitcoinpaperwallet.com, you can easily create a new address and print the wallet on your printer. Fold, seal and you’re set. Send some bitcoins to that address (the QR code that you see in the picture), and then store it safely or give it away.

image via BitcoinPaperWallet
image via BitcoinPaperWallet

Warpwallets

This relatively obscure variety invokes some heavy cryptography to make it not necessary to store private keys anywhere other than in your head. If your memory’s as bad as mine, this is understandable cause for concern, but apparently all you have to do is remember a long phrase (such as the first sentence from your favourite book, or the first few lines from your favourite Beatles song).

— x —

Even within these categories there is a wide variety of services and functions, some very technical, some incredibly useful, and some both. Going into more detail will involve delving into cryptography and connectivity, which is best saved for individual profiles and security updates. Bitcoin wallets is a fascinating sector, impacted by technology, regulation and some unusual business models. And it’s a rapidly changing sector, too. The capabilities of the wallets are deepening in line with our understanding of how it all works, consolidating in line with the regulator’s interest, and broadening in line with our increasing use of digital currency.

(For more on how Bitcoin works, see Bitcoin Basics.)