|
|
|
@ -1207,68 +1207,6 @@ following sections we will look at advanced forms of keys and addresses,
|
|
|
|
|
such as encrypted private keys, script and multisignature addresses,
|
|
|
|
|
vanity addresses, and paper wallets.
|
|
|
|
|
|
|
|
|
|
==== Encrypted Private Keys (BIP-38)
|
|
|
|
|
|
|
|
|
|
((("bitcoin improvement proposals", "Encrypted Private Keys
|
|
|
|
|
(BIP-38)")))((("keys and addresses", "advanced forms", "encrypted
|
|
|
|
|
private keys")))((("public and private keys", "encrypted private
|
|
|
|
|
keys")))((("passwords", "encrypted private keys")))((("security",
|
|
|
|
|
"passwords")))Private keys must remain secret. The need for
|
|
|
|
|
_confidentiality_ of the private keys is a truism that is quite
|
|
|
|
|
difficult to achieve in practice, because it conflicts with the equally
|
|
|
|
|
important security objective of _availability_. Keeping the private key
|
|
|
|
|
private is much harder when you need to store backups of the private key
|
|
|
|
|
to avoid losing it. A private key stored in a wallet that is encrypted
|
|
|
|
|
by a password might be secure, but that wallet needs to be backed up. At
|
|
|
|
|
times, users need to move keys from one wallet to another—to upgrade or
|
|
|
|
|
replace the wallet software, for example. Private key backups might also
|
|
|
|
|
be stored on paper (see <<paper_wallets>>) or on external storage media,
|
|
|
|
|
such as a USB flash drive. But what if the backup itself is stolen or
|
|
|
|
|
lost? These conflicting security goals led to the introduction of a
|
|
|
|
|
portable and convenient standard for encrypting private keys in a way
|
|
|
|
|
that can be understood by many different wallets and bitcoin clients,
|
|
|
|
|
standardized by BIP-38 (see <<appdxbitcoinimpproposals>>).
|
|
|
|
|
|
|
|
|
|
BIP-38 proposes a common standard for encrypting private keys with a
|
|
|
|
|
passphrase and encoding them with Base58Check so that they can be stored
|
|
|
|
|
securely on backup media, transported securely between wallets, or kept
|
|
|
|
|
in any other conditions where the key might be exposed. The standard for
|
|
|
|
|
encryption uses the Advanced Encryption Standard (AES), a standard
|
|
|
|
|
established by the NIST and used broadly in data encryption
|
|
|
|
|
implementations for commercial and military applications.
|
|
|
|
|
|
|
|
|
|
A BIP-38 encryption scheme takes as input a bitcoin private key, usually
|
|
|
|
|
encoded in the WIF, as a Base58Check string with the prefix of "5."
|
|
|
|
|
Additionally, the BIP-38 encryption scheme takes a passphrase—a long
|
|
|
|
|
password—usually composed of several words or a complex string of
|
|
|
|
|
alphanumeric characters. The result of the BIP-38 encryption scheme is a
|
|
|
|
|
Base58Check-encoded encrypted private key that begins with the prefix
|
|
|
|
|
+6P+. If you see a key that starts with +6P+, it is encrypted and
|
|
|
|
|
requires a passphrase in order to convert (decrypt) it back into a
|
|
|
|
|
WIF-formatted private key (prefix +5+) that can be used in any wallet.
|
|
|
|
|
Many wallet applications now recognize BIP-38-encrypted private keys and
|
|
|
|
|
will prompt the user for a passphrase to decrypt and import the key.
|
|
|
|
|
Third-party applications, such as the incredibly useful browser-based
|
|
|
|
|
http://bitaddress.org[Bit Address] (Wallet Details tab), can be used to
|
|
|
|
|
decrypt BIP-38 keys.
|
|
|
|
|
|
|
|
|
|
The most common use case for BIP-38 encrypted keys is for paper wallets
|
|
|
|
|
that can be used to back up private keys on a piece of paper. As long as
|
|
|
|
|
the user selects a strong passphrase, a paper wallet with BIP-38
|
|
|
|
|
encrypted private keys is incredibly secure and a great way to create
|
|
|
|
|
offline bitcoin storage (also known as "cold storage").
|
|
|
|
|
|
|
|
|
|
Test the encrypted keys in <<table_4-10>> using bitaddress.org to see
|
|
|
|
|
how you can get the decrypted key by entering the passphrase.
|
|
|
|
|
|
|
|
|
|
[[table_4-10]]
|
|
|
|
|
.Example of BIP-38 encrypted private key
|
|
|
|
|
|=======
|
|
|
|
|
| *Private Key (WIF)* | 5J3mBbAH58CpQ3Y5RNJpUKPE62SQ5tfcvU2JpbnkeyhfsYB1Jcn
|
|
|
|
|
| *Passphrase* | MyTestPassphrase
|
|
|
|
|
| *Encrypted Key (BIP-38)* | 6PRTHL6mWa48xSopbU1cKrVjpKbBZxcLRRCdctLJ3z5yxE87MobKoXdTsJ
|
|
|
|
|
|=======
|
|
|
|
|
|
|
|
|
|
[[p2sh_addresses]]
|
|
|
|
|
==== Pay-to-Script Hash (P2SH) and Multisig Addresses
|
|
|
|
|
|
|
|
|
|