|
Title: Most secure way of moving coins from cold storage to hot Post by: xabbix on December 29, 2013, 03:14:17 PM Let's say I have some coins on an Armory client on an offline computer.
Now I want to keep that computer offline, but would like to spend some of the coins. What is the most secure way of doing that? I could print a paper wallet of my cold wallet but that will include ALL coins and I would like to use just a fraction of it. Thanks Title: Re: Most secure way of moving coins from cold storage to hot Post by: TierNolan on December 29, 2013, 03:54:17 PM Let's say I have some coins on an Armory client on an offline computer. Now I want to keep that computer offline, but would like to spend some of the coins. What is the most secure way of doing that? I could print a paper wallet of my cold wallet but that will include ALL coins and I would like to use just a fraction of it. Thanks Armory supports a watching-only wallet. Boot up your offline computer and get it to create a watching-only wallet. You need to get that wallet from your offline computer to your online computer (normally via usb ... don't copy the offline wallet). If you import that wallet into your online computer, then it can produce transactions for your offline wallet. However, it can't sign them. Once you have setup the online watching-only wallet, spending the money is (relatively) easy. Create a transaction and save it to usb. Load the transaction into your offline computer and sign it. This updates the file on the usb. Return the usb to your online computer and it will broadcast the transaction. Title: Re: Most secure way of moving coins from cold storage to hot Post by: xabbix on December 29, 2013, 03:58:53 PM Great! Thanks!
Title: Re: Most secure way of moving coins from cold storage to hot Post by: bitpop on December 30, 2013, 11:38:34 AM I would also sweep to new key just in case
Android rng exploit exposed private key just signing. Better safe than sorry. Title: Re: Most secure way of moving coins from cold storage to hot Post by: behindtext on December 30, 2013, 01:36:42 PM Let's say I have some coins on an Armory client on an offline computer. Now I want to keep that computer offline, but would like to spend some of the coins. What is the most secure way of doing that? I could print a paper wallet of my cold wallet but that will include ALL coins and I would like to use just a fraction of it. Thanks Armory supports a watching-only wallet. Boot up your offline computer and get it to create a watching-only wallet. You need to get that wallet from your offline computer to your online computer (normally via usb ... don't copy the offline wallet). If you import that wallet into your online computer, then it can produce transactions for your offline wallet. However, it can't sign them. Once you have setup the online watching-only wallet, spending the money is (relatively) easy. Create a transaction and save it to usb. Load the transaction into your offline computer and sign it. This updates the file on the usb. Return the usb to your online computer and it will broadcast the transaction. do keep in mind that usb does have firmware and that firmware can propagate malware. Title: Re: Most secure way of moving coins from cold storage to hot Post by: LiteCoinGuy on December 30, 2013, 03:23:14 PM and if you hold a large amount of coins you could buy a cheap laptop on which you only handle your coins.
Title: Re: Most secure way of moving coins from cold storage to hot Post by: Flanagan on December 30, 2013, 05:33:55 PM For further assurance regarding this, I want to add this question:
I did create wallet in OFFLINE computer, made a Watch only copy, transferred with a USB pendrive that Watch only copy to ONLINE computer. Now, my question concerning the USB malware possibility: Is there any chance that the USB could have carried the paper wallet (that I created within armory in the offline computer) or keys of the original wallet from the offline computer to the online computer? Title: Re: Most secure way of moving coins from cold storage to hot Post by: TierNolan on December 30, 2013, 07:52:31 PM Now, my question concerning the USB malware possibility: Is there any chance that the USB could have carried the paper wallet (that I created within armory in the offline computer) or keys of the original wallet from the offline computer to the online computer? If you assume an unlimitedly powerful hacker then yes. However, the security assumption is that your offline computer is safe. In theory, the OS could have been corrupted when you downloaded it. The advantage of the offline computer is that there is only one moment that it can be compromised (at creation). After that, it is safe. However, if the offline computer auto-runs usbs, then there is a risk every time you plug in the usb. Ideally, an "Armory" version of linux would have auto-run guaranteed to be disabled. There are also suggestions for doing things like using the speakers to transmit data via sound signals. |