Thanks for the detailed information.
Just a couple of queries.
Yeah, there is a bit of a space compromise when dealing with QR code and thus your computer only sees the partial transactions from the QR code PSBT. Hence, without the actual transactions, there is a risk of the user accidentally burning the fees should a malicious attacker modify the PBSTOkay thanks, I will try with usb stick. One way to the airgapped machine and try with qr code back to the watching wallet.
1. Am I correct in thinking that even if a key logger got to the airgapped machine then if you never export anything from that machine other than the qr code for electrum then it is impossible to lose coins.
2. With the issue with the warning and fees could be adapted to a much higher than expected amount. Does that mean that the worst damage would be the entire amount you are sending could be used as fees. Or worse that your wallet could be drained in fees?
3. When you import the signed.txn back to the watching wallet would you not spot the increased fees before you broadcast or is there a reason you couldn't see that.
That's untrue. Bitcoin addresses are meant to be a one-use address only, and using the same addresses repeatedly by sending change and other funds into the same address will compromise your privacy. The server can still deduce your identity when you are using the same addresses over and over againWhile I can see in the air gapped address that the new change address is one of my own addresses I'm not worried.
However if it ran out of new addresses and made up a new one I could not see in there I would be concerned that is some hackers address. So can I do
a/ click the tool box icon in electrum when making the tx and uncheck use new change address. So that it will return funds to my own known address.
b/ go to the airgapped machine and do something to generate more addresses until I see that new change address appear.
think those that are quite well known would be quite difficult to run on Windows. If you are using a server, then possibly Electrs is good: https://github.com/romanz/electrs. Read the usage column. If you are running Bitcoin Core on your current computer, then you should probably just use Bitcoin coreI could put bitcoin core on the same machine as my electrum watch only machine. Do you mean there is in this case a way to connect the watch only wallet to send via core without putting electrum server between them. ?
That's one of the warnings added to Electrum, specifically when the transaction is spending a non-SegWit/non-Taproot output that's not in the transaction history (e.g. offline).
It's part of "_check_risk_of_burning_coins_as_fees" function.
Here's the code for referenceIf I transfer the psbt with a usb rather than qr code I hope this would avoid this problem.
If this warning still flashes up after using a usb can I
A check the tx before I press submit on the hot wallet to ensure it is the correct amount of fees
B. Assume that worse case the entire send could be absorbed as fees not all of the btc in my wallet.
Both Electrum and Bitcoin Core's PSBT are interchangeable, you can export from Electrum, sign in Bitcoin Core and vice-versa.
That's if you're not using an older version of ElectrumThis is very interesting to me. So I can take the signed.txn file via qr code and scan it with bitcoin core or maybe load the signed.txn and load it into bitcoin core and broadcast it?
It's only to those who consider any unconfirmed transaction as "already received" since with RBF, the unconfirmed transaction can still be replaced with another output.
For those accounts that a confirmed transactions can change recipient (probably not RBF-related, can you share one?),
It may have just been a clipboard malware with integrated "vanity address" generator that can create a quite similar address with same first and/or last few charactersDo you mean even the recipients address can be change with RBF until confirmed?
If you are sure you are sending enough fees then should RBF turned off for max security?
I am going to search my reddit browsing history to see if I can find this example and post here.
Thank you for all information. Very helpful.
One further enquiry is
I see that someone said once you spend from an address you actually lower the encryption from 256bit to 128bit.
Does that mean that every time you spend again and again it goes down further so next it is 64bit ?
Or was this person not correct in stating this ?