Archives TodaySo, I’m looking for feedback on best practices for bulk production of paper wallets.
Currently, I’m using an strong encrypted hard drive on a computer that is not connected to the Internet (and never will be again). The computer was a clean install of Windows; I downloaded the necessary software for my applications and then took it off the Internet (it was only ever connected for about 10 hours). I’m using bitaddress to generate the bulk wallets, and saving the output to a . csv, Excel, and Word to get the output I want. I’m printing the wallets using a dumb, mid 2009 printer with 16mb of memory, and I’m tracking it dumps the memory every time I turn it off.
After every production run, I’m deleting the . csv, the Excel file, and the Word document, deleting all temporary files (particularly those used by Office) emptying the recycle bin, and running cipher /w: to overwrite any deleted files.
Anyone have any feedback on security concerns with this process? Between deleting all data used to generate the files, using a printer with a small amount of memory, and wiping my free space on the disk after every production run, I feel that the private keys and addresses are irrecoverable other than using the actual wallets I create. I feel like the fresh install of Windows, encryption, and non-Internet connectedness adds about as much assurance as possible that no one else could get the private keys.
My only thought is that someone really sneaky could theoretically pull some private keys off of the transfer roller, fuser, or toner drums by physically breaking into my location and using some kind of technique. But I think that would only reveal a fairly small number of recently printed keys, correct?
I would love not to produce any files, but that just isn’t an option for my application, and I believe that this protocol is very secure.
I welcome any feedback you may have.