Bitcoin Forum

I want to have a complete understanding how the electrum client operates.  I understand that when you generate your wallet, it provides you with the 12-word-seed as a backup.  So if I lose my wallet, I can re-create it with the seed.

My question is, does that re-create an unencrypted version of the wallet?  So if my wallet is encrypted but someone somehow stole my seed, could they steal my bitcoins without knowing my encryption password?  Or does the seed re-create the encrypted wallet?  If that's the case, wouldn't changing my encryption password render my seed useless?

Or is it simply the case that my seed is paired with a static encryption password, and if I change that password then proceed to lose my computer, i would need to resort back to my original password after i recover my wallet?

Your seed is the key that you need to have in a safe place or in your brain (brainwallet :P). If anyone has access to your seed, he has access to all your previous and future private keys.

The encryption is set to protect your seed in the wallet file, so someone having access to your computer can't spend your coins.

Your your privkeys are derived from the seed, and the password protects it.

Hope it is clear enough as you seem to be really confused.

Yes


Yes

The seed allows you to recreate the wallet in full. If you want to be even more specific about it, you need the seed + the algorithm to derive private keys from that seed i.e. the electrum software.

The purpose of the wallet password is to encrypt the wallet file on your hard drive. In case somebody were to get access to the wallet file on your hard drive they would still need to know the password in order to decrypt the wallet. The wallet password does not protect the seed paper backups in any way just the wallet file.

do I understand it correctly that if I remember my 12 word seed I can lose my harddrive, my house can burn down...
and I can still restore all of my addresses/coins just by installing electrum on a different client and
entering the 12 word seed?

sounds too good to be true tbh

or is it even possible to do the following:

1. download and install electrum on a safe computer
2. generate seed and a few addresses
3. uninstall electrum
...

and just install it again when I need to access my coins?

Or could I even import a single of the addresses into blockchain.info
without touching the rest?
How would this work? Because obviously I won´t be entering my seed on
blockchain.info so how do I prove to the website that I own
the address?
(think I need a private key? how do I get one for one of my addresses)


sorry for the questions but I really need to feel sure about my knowledge about
electrum before buying ~100 BTC and storing them for the long haul

Yes. It's not magic. It's software. You can try it out for yourself if you don't believe us :D


Yes. You can also install a watch only wallet that will allow you to see all your addresses and transactions without being able to spend any coins. You can install this on your regular computer without risking your money.


Not sure what you mean here. Why would you import into bc.i's my wallet when you can just electrum to send, receive coins?

Anyway you can get at the private key of a single address. Just right click on the address in electrum and select the relevant option.

If you are going to store a large amount you should setup an offline wallet. That is a wallet on a dedicated computer that stays offline. You can couple this with a watch only wallet on your online computer for handing out addresses. See this page: https://electrum.org/tutorials.html#offline-mpk

nevermind, thank you for the great explanation. A watch-only wallet already covers my purpose :)

oh and one more question:

what´s the purpose of the master key?

I realize that:
-the seed is needed for generating addresses, recovering the wallet...
-the password is needed in order to encrypt the wallet

But what´s the purpose of the master key? Should I make
a backup of it? Or what´s the most common usage for it.
Do I need it at all?

The MPK lets you create a seedless wallet (a wallet without private keys). This wallet can create new receiving addresses in your deterministic wallet, but you cannot spend from it.

A seedless wallet is also called a watch-only wallet or a receiving-wallet.


You should never export any private key from your deterministic wallet. If you leak the private keys the other private keys in the deterministic sequence might be calculated

Yes you understand correctly. As long as you can remember your 12 words, or have them stored in bank vault. Don't store in your house obviously :)

To clarify the private keys alone are not enough. You need the master public key + one or more private keys. But, yes, the risk arising from exposing a private key in a deterministic wallet is greater than doing the same in a non-deterministic wallet. The risk is greater because the master public key is not really protected as such by electrum. Anyone that has access to your system can read the master public key from the wallet file.


Bitcoin is based on asymmetric encryption so there are two keys behind every address - private and public. The private key has to be kept secret while the public key can be revealed to the world. You can derive the public key from the private key but not vice versa. The address is a hash of the public key.

Stuff encrypted with the public key can only be decrypted with the private and vice versa. Messages signed by the private key can be verified by anyone using the public key. Sending bitcoins is simply signing off ownership using your private key.

In Electrum there are two master keys. The master private key and the corresponding master public key. The master private key is used internally in Electrum and is not exposed in the user interface. It is derived from the seed and extended for each address to create address specific private keys. The master public key can be independently extended to arrive at address public keys. The difference is that with the master public key you can only generate public keys and corresponding addresses not private keys.

You can use the master public key to create watch only wallets. Unlike bitcoin address public keys the electrum master public key should not be exposed to the world at large because, if it were, people could see all your wallet transactions past, present and future. So exposing the master public key leads to a loss of privacy. But you don't need to backup the master public key to secure your coins. The seed is enough.