Bitcoin Forum

I understand that HD wallet is the most secure option but if the only options were Electrum with 2FA and Electrum using cold storage which one is more secure and why (or maybe they're equally secure)?

The advantage of HD wallets is that it can give you numerous addresses and increase your privacy, not your security.


A cold wallet without 2FA is much more secure than a hot 2FA wallet.

Even if your wallet is 2FA, there's still the chance that your seed phrase is compromised and your fund is stolen without any need to 2FA code. You should always generate and keep the seed phrase (or your private keys) offline.
With 2FA, you also have to pay additional fee to trustedcoin.
Also note that 2FA is useless if you install the authenticator application on the same device as your wallet.

Exactly, I can decide to generate a paper wallet with BIP38 encryption enabled on an safe, secure and open source airgapped device which offers enough safety and security even without using BIP38 encryption. But just that HD wallet will generate more than enough addresses that can be used for each transaction to enhance privacy.

This is what most people will be doing, unconscious of the fact that if their device is compromised, the 2FA is also compromised.

But while using 2FA on Electrum, the seed phrase is not stored on the wallet (I am not sure if the seed phrase is stored on the wallet file). If the 2Fa app is on another device, I think this is secure enough also, but TrsutedCoin do request for extra fee which can be discouraging as you mentioned.

If the two wallet is setup appropriately, I think both are good enough, but I will prefer Electrum cold wallet and using watch-only for tracking transactions because its seed phrase and keys are completely generated offline.

You are right. The seed phrase isn't stored on the wallet file. But there's still the probability that your computer is compromised and your seed phrase is stolen when creating the wallet.
Even if the wallet is 2FA, it should be created on an air-gapped device.

For having a secure 2FA wallet, you should:
1. Create the wallet on an airgapped device
2. Move the wallet file to an online computer
3. Register on trustedcoin

You are right, the seed phrase is not stored in the wallet file.
Considering that Electrum 2FA is actually a 2of3 multisig wallet, and also the fact that your seed generates 2 of the 3 keys, you can already guess that storing the seed phrase in the wallet file would render the 2FA moot. In fact that is how you remove 2FA, by using your seed phrase and bypassing the third key.

HD is not more secure, it's just easier to recover and easier to backup too.

And about 2FA, this is how I see it: with or without 2FA, it's still a hot wallet. Just think: both 2Fa and wallet are on device(s) connected to the internet. Sometimes even the same device.
On the other hand, a cold storage is meant to be safest, as long as you use it properly and make no mistakes (from generating the wallet offline and safely storing the seed to keep it always and 100% always offline and the ways of transferring the unsigned/signed transactions between the cold storage and the companion watch only online wallet).

Let's say I use cold storage, what if my system is infected, can the unsigned/signed transaction file/QR code get infected and steal my private keys from offline wallet?

A cold storage by definition can not be infected because it has to remain cut-off from the rest of the world, commonly referred to as "air gaped". The only way it can be infected is if it stops being cold storage, like if you connect that computer to the network or connect an infected device to it through USB port.

So the answer to your question depends on how it was infected and by what. An infection through the network could steal your keys, an infection through a new device could alter what you sign like the destination address that includes the signed tx file.

Almost everything can happen in computers if you aren't careful enough. Let's take an example where your machine is infected, but you've never connected to the internet. Also, let's assume you've verified the signature of Electrum and you're ready to use it.

During the generation of the seed phrase, your computer may choose to return non-random results, such as values from a specific range, the attacker is only aware of. Therefore, they can steal your money, without cheating you with keyloggers, trojan etc.

Another attack: A program runs in your background that scans for wallet files in your hard drive. Once it finds one, it can change it. I can continue this even further and say that they can replace their changed Electrum with yours. (Which is much easier to implement)

Like the above said don't connect it to the internet and any USB devices if you don't want your PC to be infected.

If you are going to make an offline transaction and want to transfer the unsigned transaction to the cold storage I suggest you better install a camera in your cold-storage PC and use a QR code to scan which is safer than using a USB drive. Or if you are fast typing you can manually type the raw transaction for safety.