Ballet Cold Storage cards are manufactured using a patented two-factor key generation (2FKG) process that utilizes the BIP38 open-source standard. The two-factor private key on each Ballet card is composed of a private key entropy and a passphrase entropy that can decrypt it. The private key entropy and passphrase entropy are generated using open-source software on offline, air-gapped computers by different employees in secure facilities thousands of miles apart. The private key entropy and passphrase entropy are deleted and overwritten with random data immediately after the manufacturing process is complete. The process is designed so that no single employee or attacker who breaks into the manufacturing facility can access both components of the two-factor private key.
The unencrypted private key required to spend the coins stored on a Ballet card is never actually generated until the end user removes the tamper-evident sticker and scratch-off material from the physical Ballet card and combines the two pieces of data by entering the passphrase entropy and scanning the private key entropy with the Ballet Crypto app. For more information on Ballet’s patented 2FKG manufacturing process, please visit: https://www.ballet.com/2FKG