|
Title: Electrum best security and usability Post by: bomberb17 on July 16, 2017, 05:44:55 PM Hello, I'm a new Electrum user, coming from Multibit classic.
What I did in Multibit classic as an extra layer of security was backing up the whole AppData\Roaming\Multibit folder into an encrypted .zip file (and deleting the original files afterwards) I know that cold storage is the most secure option but it takes a lot of time to do all the steps required for sending coins, not to mention that I need an extra offline computer for this purpose. Would a similar encrypted backup of AppData\Roaming\Electrum work? Title: Re: Electrum best security and usability Post by: BitcoinNewsMagazine on July 16, 2017, 07:00:12 PM If you are going to use Electrum for cold storage and do it right you need either 1) two computers and follow the instructions (http://docs.electrum.org/en/latest/coldstorage.html) of the developer or 2) just buy a Trezor or Nano S and use with Electrum. The second option is more convenient and less expensive for most.
Title: Re: Electrum best security and usability Post by: bomberb17 on July 17, 2017, 05:58:31 AM Ok so I tested it and the method seems to work.. Yes I know that cold storage/trezor offer maximum security but I believe that this method offers a balance of usability and security.
Another question: Assume that I have a bitcoin address and its private key. I open a new electrum wallet, and I choose to import that private key (I type it manually). I then encrypt my wallet. Electrum then 'magically' finds my bitcoin address, how does it do that? Title: Re: Electrum best security and usability Post by: Abdussamad on July 17, 2017, 11:16:03 AM Hello, I'm a new Electrum user, coming from Multibit classic. What I did in Multibit classic as an extra layer of security was backing up the whole AppData\Roaming\Multibit folder into an encrypted .zip file (and deleting the original files afterwards) I know that cold storage is the most secure option but it takes a lot of time to do all the steps required for sending coins, not to mention that I need an extra offline computer for this purpose. Would a similar encrypted backup of AppData\Roaming\Electrum work? yes but you could also just set a password in electrum to encrypt the wallet and then use file menu > save copy to backup the wallet file. you don't really need the whole data directory. Title: Re: Electrum best security and usability Post by: BitcoinNewsMagazine on July 17, 2017, 12:38:15 PM OP using a setup where private keys will ever be visible to malware is taking a rather large chance when a Trezor is cheap.
Title: Re: Electrum best security and usability Post by: Abdussamad on July 17, 2017, 02:49:14 PM OP using a setup where private keys will ever be visible to malware is taking a rather large chance when a Trezor is cheap. your sig says ledger and your post says trezor :) Title: Re: Electrum best security and usability Post by: HCP on July 19, 2017, 04:25:29 AM ... Because the bitcoin address is derived from the private key... I open a new electrum wallet, and I choose to import that private key (I type it manually). I then encrypt my wallet. Electrum then 'magically' finds my bitcoin address, how does it do that? So if you have the private key, you get to the address just by following the necessary steps: Private Key -> Public Key -> SHA256 -> RIPEMD160 -> add some bytes -> Couple of SHA256s -> add some more bytes -> Base58check encode -> Bitcoin Address You can see the step by step process in action here: http://gobittest.appspot.com/Address NOTE: don't enter any of your actual private keys in this website ;) Title: Re: Electrum best security and usability Post by: bomberb17 on July 19, 2017, 04:03:22 PM Ok I tried to test it by creating a new wallet, I've got a key in Base58 format but it doesn't work in the website since it needs the key in a different format.
Anyway I got the idea ;) Title: Re: Electrum best security and usability Post by: HCP on July 19, 2017, 07:18:47 PM Ok I tried to test it by creating a new wallet, I've got a key in Base58 format but it doesn't work in the website since it needs the key in a different format. There is a number of different test suites there: http://gobittest.appspot.com/Anyway I got the idea ;) The one you want for testing WIF keys is: http://gobittest.appspot.com/PrivateKey |