I'm happy to help with secure paper wallet support. Bitcoin core is already used offline by the Glacier Protocol, though there's no official offline support.

I extended the Glacier Protocol with an extra password derivation function. I used Scrypt with 2GB RAM requirement, though maybe using Argon2id V1.3 would be better.

Also I'd prefer using BIP45 Multisig HD Wallets over a multisig address, as in the current Glacier Protocol implementation the redeem key is public because of the test withdrawal transaction.

On Sat, Sep 30, 2017 at 6:49 AM, Jonas Schnelli via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:

> Hi,
>
> I'm writing to suggest and discuss the addition of paper wallet
> functionality in bitcoin-core software, starting with a single new RPC
> call: genExternalAddress [type].
>

AFAIK, client implementations such as your proposal are off-topic for this ML.
Better use bitcoin-core-dev (ML or IRC) or Github (bitcoin/bitcoin) for such proposals.

> On 09/29/2017 02:03 PM, Luke Dashjr wrote:
> Paper wallets are a safety hazard, insecure, and generally not advisable.
>

I have to agree with Luke.
And I would also extend those concerns to BIP39 plaintext paper backups.

IMO, private keys should be generated and used (signing) on a trusted, minimal and offline hardware/os. They should never leave the device over the channel used for the signing I/O. Users should have no way to view or export the private keys (expect for the seed backup). Backups should be encrypted (whoever finds the paper backup should need a second factor to decrypt) and the restore process should be footgun-safe (especially the lost-passphrase deadlock).

/jonas

_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev