Bitcoin Forum

1. Download Tails, and make a bootable USB with it.

2. Boot Tails on an offline computer.

3. Open Electrum, and create a wallet.

4. Back up your seeds, and addresses.

5. Turn off the computer, and pull USB.

6. Burn the USB. If you are very paranoid, burn the computer too.

I believe this guide will become handy for newbies coming after the conclusion of the bear market. 8)

That works, of course. But there's no particular reason to use Tails, since you're staying offline. Tails is only different from other live os'es when using it online, any live os would work for this purpose.



Or just use a USB based CD drive. USB flash drives are susceptible to their own class of malware, CDs are a better tech if security is the aim (CDs can be made read-only)


Also, if you're already feeling paranoid, burning USB drives (or computers) in your back yard (or anywhere) could make you feel worse. And also make you appear a little suspicious to anyone who notices you doing it.

This should be obvious, but Electrum which included on Tails isn't up-to-date. Bug regarding wallet/seed creation don't happen and new address/wallet standard rarely changed, but people should know about this fact.


This is completely unnecessary if you use linux that only runs at RAM or you use CD-R/DVD-R as boot media. You also could remove all storage drive, leaving only your USB, CD-R or DVD-R if you're that paranoid.

Also, it's not really good action from environmental side.

I think this should be explained further, as this is the most important part in order to ensure that you can access your funds again.

If you have a lot of books (and you can take care of them very carefully) you can use your books as a way to back up your seed. Choose 12/24 books, depends on your seeds (or just choose 1, 2, whatever you wish). In each book, mark a word (or a font) that represent your seed with invisible ink. To make it easier to remember, use the 1st page of the first book, 2nd page of the second book and so on. Take care of your books.

---

And of course, this is not really the best way to backup your seeds. There are other alternatives.

This would work nicely, except under one important circumstance: if everybody uses this method, then everyone knows how to find everyone else's seed, look through their books with an ultraviolet torch


When you come up with a way of storing your wallet seed in a hidden way, take this advice: don't tell anyone (in particular, don't tell the internet :))

if someone is really paranoid enough to do something like this then they must also be paranoid enough not to trust Electrum itself specifically its random number generator engine. for these people using computers is not a good suggestion.
instead they can use physical ways of creating their private keys using dice, coin flip,... there are also enough articles about how to use these methods too.

I'll skip ideas for backing up the seeds, that has been discussed in many topics.

How do you store the addresses, and how can you be absolutely sure nobody has altered them for their own address? A digital copy is not enough, if you encrypt it you need to use an offline system again, and if you write it down in your own handwriting it's very annoying to use.

But Tails Linux already has Electrum as part of its set of tools that is already pre-installed.


Good point. CDs are more recommendable. But USB drives are also "ok enough" because they will never be used online.


Hahaha. Ok, maybe destroying the USB drive, and the computer's RAM through the microwave oven might be enough.

Sorry, but just to add that a USB can be set up with "read only".

For me, what works better is an air-gapped/never touched the internet VM in virtualbox , in which I've installed a downloaded and signature-verified copy of electrum as my cold wallet.

I put the related XPUB in my regular-use/online computer as a watching-only Electrum wallet.

A transaction is pretty easy....create the unsigned tx, put it on a trusted USB and insert to the cold VM...sign it, return it to the watching wallet, and broadcast.

I'm as paranoid as about anyone, so my Electrum wallet connects to my own Electrum Personal Server installed on my own full bitcoind node.

Easy, and secure.


I

Isn't Tails' main feature that it is amnesic and doesn't leave any data between sessions (aside from opt-in persistent storage)? Or any other live OS would act in the same way?



I've installed Tails on a USB one year ago and it had some really ancient version of Electrum, something like 2.7.9. It obviously couldn't open my SegWit wallets so I had to install a newer version brought from another USB drive.


Paranoia can be dangerous if it is combined with lack of fundamental knowledge, such people can end up creating their own crypto, generating weak random numbers or just simply encrypting too much and then losing their keys.


VM's can't be considered air-gapped, if the first layer is pwned, all next layers are pwned too.

If it's not explicitly designed to do so, another LiveOS might allow some session data to survive, but this is only possible if using a writable medium like USB flash (and hence why I mentioned using CDs as a failsafe; you don't even have to worry about Tails having a data persistence bug if you run it from a CD, it's not possible for any data to be written to the CD accidentally or by design)



Ah, I didn't know that.

Simply suggestion to back up the seeds.

Dremel 290-05 120-Volt Industrial Engraver (https://www.amazon.com/Dremel-290-05-120-Volt-Industrial-Engraver/dp/B000VZIGA0?ref_=fsclp_pl_dp_1)
https://images-na.ssl-images-amazon.com/images/I/71oyyHsXuuL._SX466_.jpg

Metal Plate with 3M Adhesive (https://www.amazon.com/Adhesive-Magnetic-Holder-Tablet-Rectangle/dp/B07252L1RS)
https://images-na.ssl-images-amazon.com/images/I/514VS9CHq8L._SX425_.jpg

Or write down your seeds on a piece of paper or cardboard, and try laminating it yourself. There are lots of "do it yourself" guides on the internet.

Really interesting post.

Just thinking . Few things:

- Tails has lots of software (https://tails.boum.org/doc/about/features/index.en.html) that could potentially have a backdoor. Similar to what happened with nodejs package for bitpay exploit
- Also electrum itself has lots of python packages dependecies which is uncessary overhead just for seed creation

Is it possible to generate a secure seed using just simple linux commands without electrum. Can we have a barebones Unix with just basic booting packages and tools and then do this just by commandline ?

Cheaper than burning a laptop and more paranoid way:
1. Buy $2 Arduino or $10 Raspberry Pi without any network connectivity
2. Connect monitor and keyboard and boot basic Linux from sd card
3. Open command line and type source code of your cryptocurrency public/secret key pair generation function from printed github page
4. Write down the result
5. Destroy your $10 microchip investment
6. ???
7. PROFIT!

Hi,

The seed is derived from a private key from a known algorithm available here (https://github.com/bitcoin/bips/blob/master/bip-0039/bip-0039-wordlists.md) so you can make an implementation in another way.
The private key from which the key is derived is just a random number. On Linux you could generate a private key this way (omitting order of the curve) :
But there may be better sources of entropy.

I was considering usnig Electrum to create a cold storage setup, however I have been convinced that using anything but a full client is insanity. Look at the recent events as posted by theymos on the sticky:

https://bitcointalk.org/index.php?topic=5090097.0

Just stick to full blockchains. Get a full client that you can trust like Core, run it in an online computer with no coins, then run another Core client in the airgapped computer. Move raw transactions into the online computer and broadcast them.

I don't see why bother with any other software. "As a newbie" is not really an excuse. Start with the real thing. Developing bad habits its not good in Bitcoin.

There's no arguing that Core is better than any other wallet, but it's wrong to dismiss other wallets. Electrum has been around for years, it was reviewed by many people, it's one of the most popular wallets, and for a reason.
Almost every software has some bugs, this is a reality. When a serious bug was discovered in Core client earlier this year, people didn't say that it's insane to use Bitcoin, we just accepted that software is not perfect.
The recent Electrum vulnerability didn't render it broken in a sense that attackers could easily steal private keys, it abused error massages from servers to execute a social engineering attack. If you are using it as cold storage, you would be unlikely to get affected because you'd need to get through many steps - first you'd need to broadcast a transaction on your watch-only Electrum wallet that is connected to a malicious server, than you'd need to download a malicious client and install it on your air-gapped machine, and only then your coins would get stolen if you sent some coins again.

Bitcoin ecosystem remains a harsh place for unexperienced people, and for anyone involved it's important to develop a deeper understanding of cybersecurity.

Plus let's be in the reality that not all Bitcoin investors will be patient or motivated enough to run bitcoind/Core wallet, and download the blockchain. That was one of the causes why we have other tools that were developed for the community, such as Electrum.

For purely cold storage purposes, I believe the guide is as good as the user's ability to secure his seeds.

You can't really compare the bug that was found in Core, which was theoretical at best, and fixed anyway before it even had a chance to do anything.

The Electrum bug as explained by theymos sounded as if you were just a click away from losing your coins:


When has Bitcoin Core had anything like that? I mean fuck, I could have believed that was a real update myself and click on there. At least if you are going to use Electrum with Tails, be sure to download the latest one, check the gpg keys, and disable internet when generating the wallet, then create a watch-only wallet and put the private keys in cold storage to never see the internet again. This also requires a level of expertise, at the end of the day there are no shortcuts to Bitcoin security. I understand not wanting to download the entire blockchain but you will still need the watch-only/airgap private keys dual setup as a must.

I wouldn't compare the two either, but the recent bug in Core was far more serious. It was "theoretical" in the sense that all bugs that haven't been exploited yet are theoretical. Since you quoted theymos:


I encountered the Electrum attack. To be honest, it wasn't very convincing. It was a social engineering attack, not an actual vulnerability in the software. You would have had to open an external untrusted website, download the software, and also neglect to verify it. Plus, the malware only worked if you kept your Electrum keys online, which isn't necessary (http://docs.electrum.org/en/latest/coldstorage.html).

The Electrum wallet in Tails are outdated, so some exploit might be used to capture your seed. It is also not recommended to create the persistent volume, if you are prompted to do that.

Some early malware like BADUsb hides in the firmware of the USB drives, so it can be adapted to capture private keys and your Seed, if they wanted to. If you re-use the USB before you destroy it, then your Seed will be compromised.

These days you can buy a old second hand computer for the price of a USB drive, so I would much rather buy a old computer and printer <low specs> and print a bunch of paper wallets and destroy that.  ;) 

But if we are talking about that level of paranoia, then everything can be hacked, and stolen from you. Hardware wallets, your smart phones, your computers, the software, the operating systems, Bitcoin, everything.

Good point. For this purpose there's really no need for a persistent volume.
About the rest, this is way above my level of paranoidity.

I'm still happy with my ledger nanos. Of course eventually every hardware wallet can get hacked - as seen on wallet.fail - but you would need physical access. To get motivated to break into my house one would first need to know that I even have bitcoins.

I think the short howto is really good.

Speaking about alternatives for Tails, has anyone used the distro bitkey? I've been using that quite a lot lately and its really convenient.
https://bitkey.io/

But I'm not completely sure this is safe, too. Could theoretically include a malicious electrum version, too.

Bitkey is ok, but it has not been updated since since 2017, or early 2018. For purposes of cold storage, I would still choose Tails, and follow as instructed in the OP.

The people maintaining Tails are very active in patching the OS for bugs and from security exploits.