1
I don't mean hardware wallet like Trezor but simply a device that is non-programmable, and not network connectable but will generate key pairs (+ the associated address would be handy but that could be done in software on only the pubkey without too much risk?) at the push of a button.
I'm wondering if this is one way to create a paper wallet and have it receive a number of BTC:
1.Generate a privkey/pubkey pair
2.Write the privkey down, duplicate it and store the copies safely. I guess this could potentially be split into pieces and stored in several separate places so that breach or loss of one does not give away the full privkey or lose the information needed to recreate it (like a paper RAID array implemented with three familiy members?) [and write recovery instructions in your testament]
3.Generate the bitcoin address associated with the pubkey (not so risky, afaict)
4.Receive the payment at this address
Until it comes to spending the BTC (which could be quite some time in the future) there would be no need for a software wallet, and certainly no need to use an online key generator.
In the absence of a hardware key generator I suppose downloading trusted code from sourceforge or somewhere and running it yourself on a non-networked computer is pretty much as secure?
(I realize rolling dice is fine to generate a privkey but the associated pubkey pretty much has to be done in code somewhere, no?).
Does this sound feasible?
thanks, I see your point. That said Trezor is hardware desgined specifically to generate key pairs with a little more added on, is it not? The brand has much to lose if it's found out that something untoward has happened but that could be nothing compared to the gains. I have a Trezor and there's no reason to believe the company is anything but honest but I don't see a that big of a distinction between the two cases. – darren – 2014-12-12T04:14:55.263
The offline signing-only wallet sounds useful, thanks for the pointer. We're still putting our trust in someone by selecting the "secure wallet" to use but I can see the logic. – darren – 2014-12-12T04:21:26.403
Trezor's main purpose is secure signing, and it mostly derives key pairs from a seed rather than generating them from a random number. I have reasonable trust in the public faces of Trezor, but I don't know anything about the people who designed the hardware, manufactured the hardware, or delivered the hardware---and any one of them could've changed the specs in a way that's very hard to detect. – David A. Harding – 2014-12-12T04:22:27.993