13. Transcript
What is this?
1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN
Clues:
• no ambiguous numbers, it may be base58
• it begins with a 1
It is a P2PKH (Pay to Public Key Hash) Bitcoin
address
• it is the Bitcoin address when was generated
from a private key for a brain wallet of ""
• Like e3b0c442 I watch out for 1HZ
15
18. Transcript
What is this?
mx5u3nqdPpzvEZ3vfnuUQEyHg3gHd8zrrH
Clues:
• no ambiguous numbers, it may be base58
• it begins with an m
It is a P2PKH (Pay to Public Key Hash) Bitcoin
address for TestNet
• it is the TestNet bitcoin address equivalent to
1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEz
N generated from a brain wallet of ""
• Like e3b0c442 I watch out for 1HZ & mx5
20
20. Transcript
What is this?
L4rK1yDtCWekvXuE6oXD9jCYfFNV2cWRpVuPLBcCU2z8TrisoyY1
Clues:
• no ambiguous numbers, it may be base58
• it begins with a L
It is a compressed WIF (Wallet Import Format)
private key. Could be L* or K*
• but it is 1 character longer than a 5* WIF!
• when stored in blockchain, the public keys
are only 256 bits, vs 520 bits >50% smaller!
23
21. Transcript
What are Bitcoin Wallets?
• There are 2^160 P2PKH keys
• 1,461,501,637,330,902,918,203,684,832,716,
283,019,655,932,542,976 keys
• Which keys are yours?
• Wallets help you manage many keys
24
22. Transcript
Kinds of Wallets
• Software
• Brain, browser, bulk, deterministic, HD, multi-sig,
export (BIP38/39), escrow (BIP44/5), full node or
thin SPV (Simplified Payment Verification) or server
• Physical
• Paper, cold, FIPS hardware
• Hosted
• Exchange, multi-sig (BIP11/16), escrow (BIP44/5),
locked/unlocked keys, export (BIP38/39), etc.
25
23. Transcript
What is a Brain Wallet?
• In essence, your Bitcoins are stored in your
mind, by memorization of a passphrase
• The passphrase is turned into a 256 bit private
key using SHA256
• If you forget the passphrase, or are
incapacitated or die, the Bitcoins are lost
forever
• HOWEVER, passphrases are not very secure
29
24. Transcript
Passphrase Entropy
•A truly random 12 character password (MixeD CaSe,
Numb3r5, $peçial Characters) has 78 bits of entropy
• for example: mH*naG8}Np`$ or [Kh8}J@2t[%3
• Supercomputer or network: 55 days
• PC with GPU: 3018 years
30
25. Transcript
Passphrase Entropy
•A truly random 12 character password (MixeD CaSe,
Numb3r5, $peçial Characters) has 78 bits of entropy
• for example: mH*naG8}Np`$ or [Kh8}J@2t[%3
• Supercomputer or network: 55 days
• PC with GPU: 3018 years
•However, in practice humans are not good at
randomness, most 12 character passwords…
• Average network decrypt: 47 seconds
• PC with GPU in 11 days
31
26. Password Best Practices
Life With Alacrity blog
by Christopher Allen
http://
www.lifewithalacrity.com/
2009/09/password-best-
practices.html
Hidden Transcript
32
27. Transcript
Summary of Best Practices
•Have at least TWO passwords
•Create a “non-secure” password for non-financial websites
•Pick a memorable long word or short phrase,
•e.g.“amber waves”, “perspicacious”
•Shorten it to 7 characters
• “ambrwvs”, “prspccus”
•Convert a letter other then first to number
• O=0, L=1, E=3, S=5 e.g. “ambrwv5” or “pr5pccus”
•Use letter from domain name for last char, and capitalize it
• e.g. second o from google “ambrwv5O” or “pr5pccusO”
•Same technique but longer word for financial (minimum 12)
•Check your password's quality (using local Javascript code)
•Or use a password generator, or even better — “Diceware"
33
33. Transcript
What is a Paper Wallet?
• Using a brain wallet is risky
• You may forget your passphrase
• You may not have enough entropy
• So save it on paper!
• 256 bits of entropy
• WIF private key
• QR code for payments, QR code for WIF
39
38. Transcript
Why use BIP38?
• If your paper wallet is stolen, it must be
decrypted before being used
• Allows you to "give" a paper wallet to
someone, have them verify amount, then give
them password to decrypt.
• Simple version is just encryption (like AES) but
advanced version supports "intermediate"
codes so that 2nd parties can't see private key
44
41. Transcript
What is a Bulk Wallet?
• Every time you spend coins on a Bitcoin
address, you should never use it again.
• This means you need lots of private keys!
• A bulk wallet stores all your private keys
• The oldest software wallets are typically bulk
wallets
• Can still be useful today for "archive" storage,
such as on an encrypted USB key
47
42. Transcript
What is a Deterministic Wallet?
• Bulk Wallets need lots of private keys!
• big file to backup, could be compromised
• maybe lots of passphrases to remember
• maybe many pages of paper wallets
• Instead, a "master" private key is created, and
additional private keys are generated on the fly
48
43. Transcript
Type 1 Deterministic Wallet
• The Electrum wallet (and old versions of
Armory) create a chain of keys based on a
master
• Only a root key plus a chain code
• Much shorter mnemonic for saving master key
• 12 words e.g."magic spoken nearly nine fist
bathroom surprise north reach scrape illusion
courage"
49
45. Transcript
Type 2 Deterministic Wallet
• "Hierarchical Deterministic" or HD Wallets
• Defined in BIP32
• Creates a tree of master and child keys
• Allows delegate of a child private key to a
server to act as an agent on behalf of the
master private key holder
• BEWARE: With a child private key and the
master public key an attacker can derive
private master!
51
47. Transcript
Master Key Mnemonics
• Moving a master key from software wallet to
software wallet can be difficult
• BIP39 defines a standard 12 or 24-word
mnemonic for moving master keys
• Recreates BIP32 keys for HD wallets
• BIP32 master private: xprv9s21Z*
• BIP32 extended private: xprv9wzGf*
• BIP32 extended public: xpub6Ayd5S*
53
49. Transcript
What is this?
3EktnHQD7RiAE6uzMj2ZifT9YgRrkSgzQX
Clues:
• no ambiguous numbers, it may be base58
• it begins with a 3
• this is a P2SH (Pay to Script Hash) Address
• defined by BIP11 & BIP16, P2SH allows for
more complicated transactions that may
require multiple keys or signatures to redeem
55
52. Transcript
What is this?
SSS-5CJkUwdiUPZi2R8RJJzkUFvs1TWC22JAQD2T3QMyhuAvDgzrXKuhT5at
Clues:
• no ambiguous numbers, it may be base58
• it begins with a SSS
It is a Mycelium "Shamir Secret Share". It lets you
"split" a secret into shares github.com/cetuscetus/btctool
• Mycelium Wallet only. No BIP for this yet.
• There are other Shamir Secret Sharing
approaches. But cool tech!
58
53. Transcript
I want it all!
•BIP44 and BIP45 wallets are the most advanced
•Use multisig addresses (BIP11, BIP16)
•Use HD keys (BIP32)
•Use Mnemonic backups (BIP39)
•Use Structured HD keys (BIP43)
•Support multiple accounts & escrow:
•BIP44 — Trezor, Coinomi, Mycellium, Encompass
•BIP45 (BIP44 plus multiple currencies)— Copay
59
54. Transcript
Bitcoin vs Testnet
60
Type
Bitcoin
prefix
Testnet
prefix
Examples
Pubkey hash
(P2PKH address)
1 m or n
17VZNX1SN5NtKa8UQFxwQbFeFc3
mipcBbFg9gMiCh81Kj8tqqdgoZub1
Script hash
(P2SH address)
3 2
3EktnHQD7RiAE6uzMj2ZifT9YgRrkS
2MzQwSSnBHWHqSAqtTVQ6v47Xta
Public key
(WIF, uncompressed pubkey) 5 9
5EktnHQD7RiAE6uzMj2ZifT9YgRrkS
92Pg46rUhgTT7romnV7iGW6W1gb
Private key
(WIF, compressed pubkey) K or L c
L1aW4aubDFB7yfras2S1mN3bqg9n
cNJFgo1driFnPcBdBX8BrJrpxchBW
BIP32 private key xprv tprv
xprvs21ZrQH143K24Mfq5zL5MhWK
tprv8ZgxMBicQKsPcsbCVeqqF1KV
BIP32 public key xpub tpub
xpub661MyMwAqRbcEYS8w7XLSV
tpubD6NzVbkrYhZ4WLczPJWReQy
55. Bitcoin-Qt
Software Client
Desktop: Windows, Mac, Linux
+ Open Source
+ Maintained by the core Bitcoin
developers
+ Full Node—downloads full block
chain, no need to trust 3rd party SPV
servers
- Can take a few days to initially
download and sync the blockchain.
- Clunky UI, no BIP32,38,39,44,45
Hidden Transcript
61
56. Armory
Software Client
Desktop: Windows, Mac, Linux
+ Open Source
+ Multiple wallets, cold and
fragmented paper backups
+ BIP32 (HD)
+&- Full Node—sits on top of Bitcoin-
QT (days to download and sync)
- Clunky UI, no BIP 38,39,44,45
Hidden Transcript
62
57. Electrum
Software Client
Desktop: Windows, Mac, Linux
Mobile: Android
+ Open Source
+ Thin client — connects to SPV
servers
+ Quick install and setup time, good
for beginners.
+ Bulk OR deterministic addresses
- NOT BIP38 nor BIP39 (Electrum's
word seed backups not compatible)
Hidden Transcript
63
58. Mycelium
Software Client
Mobile: Android
+ Open Source
+ Thin client—connects to their
servers
- Only their servers
+ Most advanced Android Wallet with
multisig (BIP11, BIP16), BIP32 (HD
Keys), BIP38 (Mnemonic), BIP44
(escrow), onion-TOR, cold storage
(encrypted PDF or Trezor)
Hidden Transcript
64
59. Bread Wallet
Software Client
Mobile: iPhone
- Open Source
+ Extremely easy to use (too simple?)
+ SPV client— not full node, but not
dependent on anyone's dedicated
servers
- SPV can sometimes be slow
+ HD Keys (BIP32), encrypted (BIP38)
& Mnemonic Export (BIP39)
+ Can sweep private keys and BIP38!
Hidden Transcript
65
60. Hive Wallet
Software Client
Mobile: iPhone, Android, Mobile Web
- Open Source
+ Supports Waggle (GPS) & QR code
+ SPV client— not full node, but not
dependent on anyone's dedicated
servers
- SPV can sometimes be slow
+ Supports HD Keys (BIP32) and
Mnemonic Export (BIP39)
+ Also supports Litecoin
Hidden Transcript
66
61. Bither Wallet
Software Client
Desktop: Windows, Mac, Linux
Mobile: iPhone, Android
- Open Source
+ SPV client— not full node
+ Supports HD Keys (BIP32),
Encrypted Private (BIP38), Mnemonic
Export (BIP39 + QR)
+ Interesting "cold iPhone" storage
idea
- Crashes importing BIP39
Hidden Transcript
67
62. Coinbase
Hosted Wallet
Desktop: Browser
Mobile: iPhone, Android, Opera
+ Hosted by an bitcoin exchange, thus
you can buy Bitcoin directly via bank
+ Supports two-factor auth via one-
time auth (Google Auth or Authy)
+ APIs for services like LibraTax
- Hosted completely on server
- No HD Keys (BIP32) or multi-sig
- No export (but can sweep to paper)
Hidden Transcript
68
63. Blockchain.info
Hosted Wallet
Desktop: Browser
Mobile: iPhone, Android, Opera
+ Most popular hosted wallet
+ Runs all in browser via Javascript
+ Free, supports two-factor auth via
email
+ You can import/export your keys (but
no BIP38/39 support!)
- No HD Keys (BIP32) or multi-sig
- Limited customer support
Hidden Transcript
69
64. Copay
Hosted Wallet
Desktop: Browser
Mobile: iPhone, Android, Opera
+ Open Source
+ Great Javascript Library
+ Runs all in browser via Javascript
+ Export/Import BIP48
+ multi-sig (BIP11, BIP16) and BIP45
support (BIP44 escrow plus multiple
currencies
+ BIP45 escrow only with Copay
Hidden Transcript
70
65. Trezor
Hardware Wallet
Desktop: Setup via USB
+ Secure hardware
+ Easy to use
+ Supports HD keys (BIP32), export
(BIP38/39), and multi-sig (BIP44)
- Costs $119
- Requires USB and plugin to boot and
setup with desktop
- No two-factor auth
- Difficult to security review hardware
Hidden Transcript
71