How Peter Kroll’s Paper Wallet Protects Cryptocurrency
Since its invention, a recurring question for cryptocurrency holders has been how to best secure their digital assets. This question of security carries the greatest weight when one understands the stakes of holding unprotected cryptocurrency — vulnerability to hackers.
Since 2011, software developers have kept this problem at the back of their minds. One such innovator, Peter Kroll, recently joined Rob Mitchell on Episode #56 of The Bitcoin Game to discuss the background of his ventures and the technical details of his most lauded project in cryptocurrency security.
BitAddress and the Paper Wallet
Kroll’s primary contribution to the field of cryptocurrency-based security has been his invention of the first paper wallet at Bitaddress.org. Having launched the original website anonymously in 2011, he was able to hone a system of security that addresses several of the most prominent flaws of cryptocurrency security.
Kroll’s website solves several core problems in a remarkably elegant way. To begin with, the HTML code for the website itself does not need an internet connection to execute after its page has been loaded. This means someone can perform the entire process of generating a new wallet without being vulnerable to a cyberattack across the internet.
The program then adds a human-component circumvention, asking users to move their computer mice in erratic patterns, to eliminate the problem that coded systems are unable to generate truly random numbers. Using intervals decided by pseudorandom numbers and other factors, the program captures the exact pixel that the mouse cursor was on at any given moment and uses the number of this pixel to generate the hash for a bitcoin wallet.
Kroll explained that this strategy has been useful since the early days. For many browsers, he explained, “there wasn’t a secure random number generator, meaning it’s not secure for cryptographic purposes.”
Although pieces of hardware had complex pseudorandom number generators, they were “seeded with a timestamp that’s not unique enough, so you need to add some human-based randomness.”
The common seeds found on certain pieces of hardware made them categorically vulnerable to similar forms of cyberattack. This concern ended up being validated for Kroll when it was revealed that “the Android platform had a weakness in its secure random number generator, and Google didn’t fix that on old models; they only fixed it on models moving forward.” His strategy of mixing hardware randomness with user-generated randomness adds a layer of security that is not flawed in a categorical way.
For a final piece of security, a wallet is given a QR code that can be printed out onto a piece of paper, thus keeping it offline and insulated from a cyberattack. In doing this, Kroll’s security program manufactures novel wallet addresses that are protected from several of the most common vectors of theft.
The Vision Behind the Technology
In addition to explaining the technical details of his groundbreaking platform, Kroll also gave context to what inspired him in the cryptocurrency environment. Furthermore, he went on to give a detailed technical explanation of some of the history, underlying philosophies, and potential futures of previous forks and altcoins throughout the history of cryptocurrency.
Over the course of the interview, Kroll gave a number of personal details about why he ended up working in the cryptocurrency space. He started by recollecting his earliest interactions with the world of technology development.
“When my mom brought home our first computer,” Kroll recalled, “you couldn’t really do much on it. Programming seemed the natural thing to do.”
For a 14-year-old during the dotcom boom, the costs of many specialty pieces of software were completely prohibitive. Learning to program at a young age motivated Kroll to seek opportunities when the value of software would spike next.
His experience building micropayment venues in this era, naturally, attracted him to Bitcoin. It also prepared him to quickly see the inherent flaws in its security. By creating his website so early in the space, Kroll’s platform became a significant influence in the world of cryptocurrency. It also allowed him to iron out all the kinks in the program before vast audiences adopted it.
Toward the end of the interview, Kroll began speaking about some of his future ventures, trying to similarly hammer out all of the potential quandaries in developing a diversified hedge fund for crypto assets. In this segment, he laid out some of the core philosophical differences that led to the current status of altcoins as well as advice for how to proceed with alternative cryptocurrencies in the future.
For more podcasts and articles on these topics, visit the Let’s Talk Bitcoin Network.