I'm not a Windows user so not much help here. But I would like to share my modest knowledge. I followed these instructions to set up a full node behind Tor:

https://en.bitcoin.it/wiki/Setting_up_a_Tor_hidden_service

I used "Linux Method 2". The page also describes how to do this with Windows.

You have more plans, but maybe this will give you a start.

If you can invest a bit of money in the project, you could consider purchasing a suitable v-server. This should cost between 10$ and 20$ for a Linux machine per month. Windows is probably more expensive.

Thanks for the tip.  But what would be the limitations for my use case (cold wallet)?

The page also says:
It's about a full node, isn't it?

However, the Raspberry 2 will run without a network connection. I start the daemon with the "-noconnect" option. My main concern so far has been not so much the RAM but the RNG. I don't see that there are any problems with memory consumption. But I will allocate another 1GB of swap space.

Thank you very much, so I will use 26.


It's a Raspberry 2 with Raspberry Pi OS (based on Debian bookworm).

I apologize if this has been asked before.

I know that version 26 of the Core Client was released at the beginning of this month. But Bitcoin.org is still prominently offering version 25. See:

https://bitcoin.org/en/download

Does this have anything to do with stability?

I want to set up a device as a cold wallet. This machine will be disconnected from the network at some point and then never updated again. That's why I'm thinking about it. Should I use the 26 version or should I stick with 25? I am planning a (nowadays) normal hd wallet, as the core client currently generates by default.

They implement the different address types? (I see: pkh, sh(wpkh), tr and wpkh). When I switch to BIP 44 (in IanColeman's BIP39 tool), I get legacy addresses. Exactly the legacy addresses that getnewaddress outputs with:
And as Account Extended Public Key the xpubkey of the corresponding descriptor is displayed. I think I'm starting to understand this. I don't understand the math but what it does.  

Yes, that's what they look like. When you talk about "change", do you mean the Bitcoins, which are transferred to yourself if you do not spend the total amount in the inputs? This is the path with the "1" (m/84'/0'/0'/1) I think.  
If I set "External / Internal" to "1" in the BIP39 tool, the path changes and other addresses are generated. These are then the internal addresses for the change?

You have helped me a lot again.

Through your explanations, I think I finally understood. Thanks a lot. It was in front of my eyes all the time. My hdkeypath starts with "m/84". This means that it is an address in BIP84 format. Gosh, now I understand what those numbers in front of the paths mean. IanColeman's BIP39 tool generates all addresses, pubkeys and privkeys when I select BIP84. Great.

Is BIP84 ok? Can I use such an address normally on an online exchange like Kraken? I did nothing else. Bitcoin Core has chosen this format itself. Thus, I would hope that it is a common standard.

When I call "listdescriptors true" I get 8 entries, but they all have the same xprivkey. If I call "listdescriptors" I also get 8 entries, but with a total of 4 xpubkeys. IanColeman's BIP39 tool also shows me one xpubkey out of the four. In the line "Account Extended Public Key". With this xpubkey I can then make myself a watch-only wallet right?

Can I then also create unsigned transactions with the watch-only wallet, which I then sign on my cold wallet?

I will of course never transfer a private key to the watch-only wallet. Another thing I'm wondering: Aren't hd wallets easier to crack? After all, you "only" have to guess a private child key and then you can use the xpubkey to calculate the xprivkey. Right?

Hello achow101

Thank you for your patience. Yes, I thought hd wallets and descriptor wallets were synonyms. Now I understand it much better. So excuse my ignorance.

Thank you. That is already close. I have experimented with it and also used "bitcoin-cli getaddressinfo". To calculate the missing private keys in the hdkeypath I therefore followed these instructions

https://bitcointalk.org/index.php?topic=5351210.msg60007045#msg60007045

The tool calculates the public key for my test address in the keypath correctly but shows another bitcoin address.  

I will research further there. But if you have any idea what could be the reason, please let me know.

You have helped me enough as it is. Thanks again for that.

Hello achow101

Thank you so much for your detailed answers. I really appreciate it.


Good to know. I still have a lot to learn.


This is currently my main problem with the new hd wallet. I can find instructions on the net on how to save something on paper again. But they are quite obscure instructions and so far I do not really understand what I would really do there. Not having a paper wallet, not having my keys on paper, makes me feel insecure. I'm creating something, backing it up, but I don't understand exactly what it is.


Thank you for pointing this out. It shows me once again how little I know. Now I understand a little bit better why the client does not give out the keys, I think.


Why not? Every Bitcoin address still corresponds to a ECDSA keypair where the private key gives me control over the corresponding UTXO. Or does the hd wallet change anything about that?


In a pinch, I can just use a web blockchain explorer.


I don't even know what taproot is.

Working without printed keys or at least a seed goes against my personal guidelines of robustness. Of course, I could get over it, but I wouldn't feel safe with it. Having the private keys for the UTXO on paper is just a good feeling. When I only have wallet backups on electronic storage media, this is not robust for my taste. Software changes. The keys remain. I have to save the keys anyway. Why shouldn't I be able to write them down as well? It's just my emergency backup when everything else is lost. And it's independent of electronic devices. That's just to explain my motivation. Am I missing something or is my position suboptimal?

What actually happens when I convert a legacy wallet to an hd wallet? Then the already existing ECDSA keypairs remain the same or not? Please excuse the many questions without proper understanding. For me hd wallets are completely new.

Hello

I would like to set up a cold wallet with Bitcoin Core. Here's how I would created the wallet:


So far so good only this warning worries me:

I understand that it's all done through hd wallets now. But I can't find any good documentation on how to store and handle this for a cold wallet. What am I backing up there on paper and how do I get it in a simple way? How do I get the private key to an address? Will signing transactions with bitcoin-cli work the same way as with a legacy wallet?

I find it all confusing compared to how it used to be. How long will legacy wallets be supported? What disadvantages do I have when I use a legacy wallet as cold wallet?

I really only want to use bitcoin-cli  (in combination with "bitcoind -noconnect") and the usual Linux tools on my cold wallet machine (Raspberry Pi 2 ). Everything on the terminal. So should I better switch to a hd wallet or can I stay with legacy?
Thank you for your attention.

tiffy

Thank you all for the useful advice. I'm working through right now.


In fact, I don't know exactly what a full node is. In the meantime I have done some more research and I think the option "blocksonly" does what I want (only download blocks and ignore unconfirmed transaction). I would like to limit the network traffic for the time being.

And now maybe another stupid question: The Bitcoin Daemon doesn't do any mining? I haven't found any option with which I can switch off mining. As far as I understand, the mining software runs separately and only uses the Bitcoin Daemon to communicate with the network. Is my understanding correct? In that case, there would be nothing else for me to do at this point, because I don't want to mine.

I apologise if this has already been answered somewhere. But I'm having trouble finding best practices instructions for installing the bitcoin daemon (bitcoind) on a Linux Server (Debian 11).

Requirements:

• No mining
• No full node
• The daemon should connect to the network via a VPN or TOR (both are present)

I'm interested in a watch-only service that provides the complete blockchain online for me personally. I would like to be able to use RPC commands, e.g. to query the balance of a specific address.

I have solid experience with running Linux servers. No experience with running Bitcoin services. My understanding so far is that the bitcoin daemon is included in the Core Client and can be started independently of the QT client.

Thank you for your attention.