BASH21 Easy Bash paper wallet generator

16 replies 277 views
alt21Senior Member
Posts: 398 · Reputation: 1732
#1Oct 26, 2019, 10:25 AM
Check it out on Github: https://github.com/apogio/bash21 A bit of background: So I've been under the weather lately, and I thought it would be a good time to mess around with my coding skills. I got some ideas from a post I saw. Honestly, I’m not a fan of paper wallets, but I figured working on one in bash could help me understand bitcoin better. Just a few disclaimers: 1. I’m totally new to Bash scripting. 2. I won’t be using this program myself, and I suggest you only use it for learning purposes. What you need: Here’s the script: How to use it: Create a .sh file anywhere on your computer: Copy the code and save it. The easiest way is to use nano: Make it executable for your user: Run it: What you'll get: 1. A file named keys.gpg containing your sensitive wallet info (keys, etc.), encrypted with the password you set when running it. 2. A file legacy_address.png featuring a QR code for the wallet's legacy (P2PKH) address. 3. A file segwit_address.png showing a QR code for the wallet's segwit (P2WPKH-P2SH) address. 4. A file addresses.txt with the addresses in plain text. 5. A file wallet.pdf that has the QR codes for the legacy address and the WIF. About the keys.gpg file format: The wallet PDF looks like this: Just a couple of notes: The entropy comes from /dev/urandom. I used methods from the openssl library, including sha256, ripemd160, and ec. I know my coding isn’t great, but hey, it’s my first bash script. I’ve checked the results on Ian Coleman’s site and imported them.
6 Reply Quote Share
shard_degenFull Member
Posts: 68 · Reputation: 298
#2Oct 26, 2019, 04:16 PM
For your first attempt with Bash, it looks like you're already a pro! heheh. At least to my eyes. I tried something similar but using C and GMP library, just for fun and also to learn. I also know the code could be better, mostly when it comes to the ECDSA math. I used too many variables where I coul have reused old ones but I think the thing works. I didn't know about that site you mentioned to test keys and I just tried one of my generated key and it seemed to work! I started a post in a local board only to keep track of my work and not lose the drive to get to my goal which was to generate a valid public key from a private key (also generated using only /dev/urandom). I saved a "copy" of my code in gitlab here (for anyone interested in taking a look at the code): https://gitlab.com/PsySc0rpi0n/bitcoinexp It was a good learning experience and also I get to know GMP library that I didn't even know it was needed stuff like that to be able to handle such large numbers as Bitcoin uses! Of course that I also don't recommend to use my code with anything real. This was just for experimenting / playing and I didn't even got as far as you did!
0 Reply Quote Share
alt21Senior Member
Posts: 398 · Reputation: 1732
#3Oct 27, 2019, 04:02 AM
I will definitely check it since I am good in C. I will let you know if I have any suggestions. Well I think it is a very reputable website with multiple tools regarding Bitcoin. Take a look at it. Some people use it offline in order to generate wallets too. I don't, but I am just saying.
3 Reply Quote Share
shard_degenFull Member
Posts: 68 · Reputation: 298
#4Oct 27, 2019, 07:51 AM
I bet you'll find a lot to improve in my code. I did nothing special as the library I used do 99% of the job. The difficult part for me was to understand how to use the library and the terminology they used in docs!
1 Reply Quote Share
hash_bossLegendary
Posts: 1166 · Reputation: 5261
#5Oct 27, 2019, 08:49 AM
FYI, Bitcoin Core stopped using OpenSSL due to security concern[1]. Don't be discouraged. I use Linux daily, but i almost never create Bash script. And when i do, it's not as good as yours. [1] https://bitcoincore.org/en/2016/02/23/release-0.12.0/
2 Reply Quote Share
alt21Senior Member
Posts: 398 · Reputation: 1732
#6Oct 29, 2019, 12:32 PM
This is super important! Thanks for notifying me! I will try to find a way to avoid openssl. I can use sha256sum instead of openssl sha256 but I don't know what to use for ripemd160 and ec. Anyway, good catch! Edit: From what I read, there hasn't been an event that caused this change, but rather the fact that the attack space against openssl is much larger, due to its huge feature set. I mean, Core devs said that openssl does much more than the validation of the ECDSA signatures and therefore they changed it to something that does "just the validation". I agree with the choice, but perhaps it is an overkill to change it for this simple script I have written which only generates a public key from the private key. Core devs needed 3 years of development to produce libsecp256k1. I will look more into it! Very flattering, thanks! I just added a new section to the OP, for generating the wallet straight into a password encrypted file. The script asks for a password. If you add the password, it will create a keys.gpg file where the keys are password protected. Then the script will print the address to the standard output where you can copy it from and use it as you wish. Essentially, now, the script doesn't expose any key data to the end user. The output is forwarded to gpg and is password encrypted in a file. The only detail that is exposed is the address. [moderator's note: consecutive posts merged]
3 Reply Quote Share
humbleledgerLegendary
Posts: 1027 · Reputation: 6554
#7Oct 29, 2019, 02:33 PM
I like bash, but never looked into how to create a WIF private key. I like it If you're bored enough for a challenge: how about using qrencode and ImageMagick to create a really cool looking printable (PDF or high resolution image), ideally with Segwit address and redundancy in printing the keys?
3 Reply Quote Share
alt21Senior Member
Posts: 398 · Reputation: 1732
#8Oct 29, 2019, 07:58 PM
Thanks! Well I am sick, so I am really bored. So you would like to have the address printed on a QR code? Or the WIF key too? Also what do you mean by saying redundancy in key printing?
4 Reply Quote Share
humbleledgerLegendary
Posts: 1027 · Reputation: 6554
#9Oct 29, 2019, 11:25 PM
Who isn't? Both. With some cool art work. Print it more than once, in case part of the paper gets damaged. There used to be a nice paper wallet website, which unfortunately turned into a scam after it was sold so I won't link it. But the design was nice, and something like it, running from the command line would a very cool thing to have. And with Segwit, of course.
4 Reply Quote Share
alt21Senior Member
Posts: 398 · Reputation: 1732
#10Oct 31, 2019, 07:34 PM
Good idea! I will implement it. By the way I just implemented the qr code generation for the address. Now, the script generates: 1. A file keys.gpg which includes the sensitive data (keys etc.) of the wallet. The file is encrypted with the password that you set at execution time. 2. A file address.png which displays a QR code for the wallet's address. 3. A file address.txt which includes the address in text format
1 Reply Quote Share
HumbleBullFull Member
Posts: 54 · Reputation: 378
#11Oct 31, 2019, 08:02 PM
This is a great work apogio, Bash script was my first coding language, so, i will try it this week and see if a can add some cool stuff to it. it would be nice to have all the diferent kind off addres for the same Hash160, i know i have that script somewhere, but have to search it.
0 Reply Quote Share
im_lynxHero Member
Posts: 515 · Reputation: 2161
#12Nov 1, 2019, 01:45 AM
Yes, that was the former site of Canton Becker and his original code is preserved in his original Github repo. I also liked Canton Becker's way of folding the paper wallet and his printing templates. I still have a paper wallet in my family funded which I generated in maybe 2014 or 2015 from Canton Becker's offline code. As LoyceV said, after Canton Becker sold his website to some scumbag(s), the new owner's site pretends to be as trustworthy as Canton's original, but it is a total scam. The site's Javascript code is crooked and obfuscated and provably doesn't generate random private keys but rather ones that are known to the site owner. There's no wannabee randomness involved even when the site mimics user generated entropy by mouse movement like bitaddress.org does. You will loose funds if you still dare to create paper wallets from the scammer's site. To be clear: Canton Becker's original site code didn't scam users, the new site owner changed the paper wallet generator code to a scammy one! And why this scammer can still operate his fraudulent business is beyond my comprehension.
3 Reply Quote Share
alt21Senior Member
Posts: 398 · Reputation: 1732
#13Nov 1, 2019, 07:37 AM
Hello and thanks mate. Yeah I can certainly do that. In fact the only thing that changes is the prefix when you create the address. Instead of using 00 you must use 05. I will certainly try it and update the project. Thanks
2 Reply Quote Share
hash_bossLegendary
Posts: 1166 · Reputation: 5261
#14Nov 2, 2019, 03:48 AM
Yeah, the main reason was attack space. That's why i used term "concern". It's definitely overkill to replace OpenSSL entirely for your script, especially when it seems there's major change on OpenSSL organization and security after heartbleed[1]. [1] https://www.securityweek.com/evolution-openssl-security-after-heartbleed/
2 Reply Quote Share
alt21Senior Member
Posts: 398 · Reputation: 1732
#15Nov 2, 2019, 07:03 AM
Hi all. I just added Nested Segwit addresses. I also changed the output files to: 1. keys.gpg: encrypted keys directory 2. addresses.txt: file that includes P2PKH and P2SH addresses in text format. 3. segwit_address.png: QR code for the segwit address. 4. legacy_address.png: QR code for the legacy address.
1 Reply Quote Share
alt21Senior Member
Posts: 398 · Reputation: 1732
#16Nov 4, 2019, 06:58 PM
@LoyceV suggested that I would create a pdf where both the private key and the address would be scanned using QR codes I 've implemented it and I 've updated the OP. In short, you will need imagemagick which can be downloaded easily using apt. The code has been updated to include the wallet file generation: The PDF file will look like this: I am not entirely sure whether I like it, because I prefer the original version, where the private key is stored in a GPG encrypted file, but since it's an educational endeavour and not used in real life, I implemented it.
4 Reply Quote Share
alt21Senior Member
Posts: 398 · Reputation: 1732
#17Nov 4, 2019, 08:24 PM
Added the Github link at the top of the OP. https://github.com/apogio/bash21
2 Reply Quote Share
?Reply
Sign in to reply to this topic

Related topics