Statement of Controls

5 stars based on 30 reviews

The following is provided to answer questions as to the efforts made to ensure the integrity of Casascius Physical Bitcoins. Private keys must be generated securely in order to prevent the possibility of theft by hackers, and copies must be controlled to prevent accidental discovery. In addition, private keys must be produced accurately, and must properly correspond to the Bitcoin addresses on the outside of the physical item.

Private keys are always produced on a dedicated computer that is set up temporarily for this purpose. This computer is never connected to the Internet at any point during the production process. The operating system for this computer is freshly installed for this purpose, as well as all of the software that will be used.

For all Casascius Physical Bitcoin addresses produced inWindows 7 was used, and Microsoft Access was used to manage the key list and to render them to paper. A custom application is used for generating the Bitcoin addresses to a text file.

Moving data between the key generation computer and other computers is accomplished via removable USB flash drives that have never been used for any prior purpose. At no point is private key material ever copied to drives based on flash memory technology, not even temporarily.

The key generation machine itself is equipped with one 80GB mechanical hard drive with magnetic rotating platters. The random number generator used is the Microsoft secure random number generator in the System.

Cryptography namespace of the Microsoft. In addition, the custom application also asks for a "mash" of characters from the keyboard of no fewer than 50 characters, each time the application is run, which is answered with a string of non-memorable characters by "spidering" fingers around the keyboard. The application generates a second pseudo-random byte stream using the SHA hash algorithm on this "mash" plus an incrementing nonce, and this second random number stream is combined with the first one using modular addition before being used as key material.

The "mash" string is never kept. Integrity of the calculation process, including the elliptic curve mathematics that convert the private key to a Bitcoin address, was checked by using the same custom application to convert private keys generated on other platforms to ensure it consistently calculated the same Bitcoin address as elsewhere.

In order to confirm the program works as expected, two sets of dummy keypairs were produced externally and exported to text files, and then the custom application was used to recreate the Bitcoin address from the given private key to ensure it matched the Bitcoin address. A set of keypairs generated by the official Bitcoin client 0. This procedure is repeated three times.

Afterwards, the drive is typically overwritten with a new operating system, and used for some other temporary purpose. The addresses for Series 1 physical Bitcoins were produced in advance of the hologram order.

Eleven thousand 11, addresses were created. The first 8 characters of the Bitcoin addresses were isolated into their own text file, and this text file was e-mailed to the hologram manufacturer, who used the file to produce an inkjet "overprint" across the middle of each hologram. This text file was sorted into alphabetical order non-case-sensitive, numbers first and this order is maintained throughout all of the production processes using this set of addresses.

When the addresses were created, they were printed to paper on sheets in grids of 15 by 22, or keys per sheet. This produced 34 sheets. Only one copy of each sheet, and hence, one copy of each private key was made.

The sheets are double-sided. On the back of each sheet, the private key is printed in black. On the front of each sheet, the prefix of the Bitcoin address is printed repetitively in light blue. The color coding is intended to help ensure that private keys are never loaded into coins upside-down. Each sheet was individually hand-inspected to ensure the following: On the private key side, the address prefix is also printed alongside the private key, in an area that remains outside the circular cutout, to assist with this verification.

For each page, all four corners are verified individually, to verify that the sequence is still intact and that it has not been disrupted for any reason, such as printing problems. Each page was also inspected for print quality, to ensure that each key printed completely and legibly. If a page had to be rejected for example, the printing on the front and back didn't alignthe page was set aside for secure destruction.

Secure destruction was accomplished by putting the pages in a high-speed commercial-grade kitchen blender containing water, and operating the blender in excess of 30, RPM, so that the unwanted key pages were rapidly reduced to a mass of wet pulp with no discernible characters.

Upon arrival of the holograms, it was discovered that they were neatly sequenced following the sort order in pages of 25 holograms, five rows by five columns. Based on this discovery, the key sheets were re-run through the printer, and overprinted with repeating red and black minor sequence numbers between 1 and 25 on the Bitcoin address side, so that the minor sequence number could serve as a secondary check for correctness during the coin production process. Assembling the coins is always done in groups of five coins, as the hologram pages are designed in a way where it's easiest to remove exactly five labels at a time via a transfer tape.

This ensures a consistent process, and allows for easy manual recognition of the proper sequence number set which will always be, or If a hologram becomes damaged which is somewhat frequent - the tamper evidence pattern can be easily made visible by accidentboth the private key and the hologram are discarded together and are never reprinted.

Alternately, the hologram may be torn off and replaced after writing a small "x" on the private key with a pen, and the result given away or sold as a scrap "opened" coin for the purpose of demonstrating an opened coin.

The complete Bitcoin addresses for these 11, keypairs have been published at Casascius. Series 2 physical Bitcoins were created in part to offer an enhanced verification scheme to increase the assurance that the private key on the inside corresponds to the Bitcoin address prefix on the outside.

Thus, the series 2 holograms have no overprinting, but instead have a small transparent window that allows a portion of the circular key paper to be seen from the outside of the coin. An initial run of 1, Bitcoin addresses was created for the first Series 2 holograms. This yielded 3 key pages addressesthe last ten were discarded. The Bitcoin addresses have been published at Casascius. These 1, addresses were completely consumed by Decembereach address either having been placed into a coin, or discarded.

A second run of 17, addresses was produced in December These were picked from a larger set of slightly over 2 million Bitcoin addresses generated for this run, so that Bitcoin addresses with special prefixes could be used e. Addresses were selected from the following prefixes: The digital copies of the addresses, including unused addresses from the set of over 2 million, have been securely deleted.

From this run of 17, unlike the prior 12, the byte public keys were kept in addition to the Bitcoin addresses, to facilitate key schemes where two public keys are combined to create a composite key for enhanced security.

The public keys are not considered to be a security risk - they are published in the block chain during every Bitcoin transaction anyway. Nevertheless, the complete list of public keys is not intended for publication, and is kept on removable media. The process for creation of key pages is the same as for Series 1, except that the Bitcoin address prefix is repeatedly printed in green on the front side, and there is no minor sequence number.

The same checks are performed on each individual page by hand as on series 1. Because Series 2 keys do not require matching with a pre-numbered hologram, they are cut without concern for sequence, placed into an envelope or jar, and are used in essentially random order as they are picked. Series 2 keys have been exclusively cut using a laser cutting machine.

The laser cutting machine cuts a single page of key circles in a single operation lasting about six minutes. In contrast, series 1 holograms were individually cut with a large hole punch by hand prior to the acquisition of the laser machine.

During cutting, the private key side is face up and visible to the operator of the machine, who can easily see if there is ever an occurrence where the laser occludes or otherwise damages the private key. In such a condition which is rarethe machine can be paused at any time, and the damaged private key easily removed, crumpled, and thrown into the trash.

During cutting, key circles are occasionally sucked into the machine's ventilation system averaging about 1 key circle per page of Those key circles are discarded and never used, nor are they ever reprinted. A database is used for tracking the funding status of the coins. Funding the coins is performed by manual entry of the 8-character prefix on the reverse of the coin or the last 5 characters thereof.

The database is consulted to ensure accuracy, and to ensure a coin isn't funded more than once, and to look up the remaining characters of the Bitcoin address. When a batch of coins is ready to be funded, the database produces a Linux shell script that can be transported to another machine which is used to manage the actual Bitcoins.

The Bitcoins themselves are kept in an offline paper wallet which displays the Bitcoin addresses and private keys as QR codes. A Wasp-brand hardware 2D barcode wedge which connects via USB and acts as a keyboard is used for importing Bitcoins into the transaction processing machine for immediate use, so the exposure of having Bitcoins stored online is minimized as much as possible.

In most cases, the incoming payments for the purchases of Casascius Physical Bitcoins are used to fund the physical coins themselves. Most of the time, no attempt is made to correlate the payments with the coins, or to ensure that the same bitcoins received as payment go to fund a particular customer's physical coins.

Statement of Controls The following is provided to answer questions as to the efforts made to ensure the integrity of Casascius Physical Bitcoins. Private key generation, preparation, and storage Synopsis: Ensure that there is no possibility of access to private keys via "hacking". Ensure that private keys are generated using a suitable random number generator, so they cannot be predicted in the future.

Ensure that the key generator consistently produces valid keypairs. Ensure that each private key is only printed exactly once. Ensure that each private key is legible and complete. Ensure that each private key properly corresponds to the address on the outside. Series 1 Physical Bitcoins The addresses for Series 1 physical Bitcoins were produced in advance of the hologram order.

Series 2 Physical Bitcoins Series 2 physical Bitcoins were created in part to offer an enhanced verification scheme to increase the assurance that the private key on the inside corresponds to the Bitcoin address prefix on the outside.

Funding the coins A database is used for tracking the funding status of the coins.

Bitcoin buy ukash paysafecard

  • Xenobot tibia forum

    Chryptohopper bunny trial settings that work for me crypto trading bot passive income 07game online

  • Iobit malware fighter pro 23016 final full crack

    Coinbase buy bitcoin instantly banking

Zcash support is coming to alphabay on july 1st

  • Why are plasmids effective vectors in recombinant dna technology quizlet

    Script bot auto update status

  • Bitpim bitcoin stock price

    Bitcoin miner bitmain antminer s7

  • Compatibilidade amorosa entre escorpiao e gemeos

    Lego mindstorms nxt 1.0 software download windows 7

Dogecoin in us dollars

10 comments No loop current orb signaling bitstamp

Litecoin gpu miner ubuntu download

B2X (SegWit2x) cryptocurrency, fork Bitcoin check out the info B2X, strategies, cost. Binary option robot plus - Binare optionen forex, Forex binary. The head is the highest point, and the right shoulder means a turn to a downtrend.