 Show Posts
|
|
Pages: [1]
|
As I've been trying to get more educated on bitcoin, I came across this wiki link on seed phrases. https://en.bitcoin.it/wiki/Seed_phraseSeed phrases, like all backups, can store any amount of bitcoins. It's a concerning idea to possibly have enough money to purchase an entire building with the key just sitting on a sheet of paper without any protection. For this reason many wallets make it possible to encrypt a seed phrase with a password.
The password can be used to create a two-factor seed phrase where both "something you have" plus "something you know" is required to unlock your bitcoins.
This works by having the wallet creating a seed phrase and asking the user for a password. Then both the seed phrase and extra word are required to recover the wallet. Electrum and some other wallets call the passphrase a "seed extension", "extension word" or "13th/25th word". The BIP39 standard defines a way of passphrase-protecting a seed phrase. A similar scheme is also used in the Electrum standard. If a passphrase is not present, an empty string "" is used instead.
Warning! Forgetting this password will result in the bitcoin wallet and any contained money being lost. Do not overestimate your ability to remember passphrases especially when you may not use it very often. Also, the seed phrase password should not be confused with the password used to encrypt your wallet file on disk. This is probably why many wallets call it an extension word instead of a password.It got me thinking... 1. Why doesn't every hardware wallet support the use of a seed phase + password? It seems like a really simple way to add a layer of protection in case the seed phrase you've written down is discovered. Right now, written seed phrases are like writing your bank account and log-in credentials on a piece of paper and hoping nobody finds it. 2. Do modern hardware wallets like the Ledger Nano S Plus, Nano X, Trezor, etc. already support applying a password to seed phrases? Is it just a feature that's hidden and not promoted that much? |
|
|
|
|
First of all, I just wanted to say thank you to all of you who patiently answer questions for us newbies. We appreciate it more than you know. I'm getting ready to transfer BTC from an exchange to self custody on a Ledger hardware wallet. I've tried to get as educated as I can, but wanted to confirm if I'm missing anything in terms of best practices before starting. Here's what I have in mind:
(Kind-of) Air-Gapped Computer
1. I bought a dedicated Windows laptop, re-formatted the hard drive and installed a fresh copy of Windows directly from Microsoft
2. I ran Windows Update to get the latest security patches
3. I installed the Chrome browser
It should be a clean machine with no malware, bloatware or adware. I refer to it as "kind-of air gapped" because I had to connect to the Internet to download Windows from the Microsoft web site, download patches through Windows Update, and install Chrome. I read the purists saying you have to have a virgin computer that never touched the Internet, and install Linux on it, but I wonder if this is really necessary given that my private keys are stored on the hardware wallet and never make it to the PC. Technically, I guess it's not an air-gapped system, but more of a dedicated computer that will only be used for the following things:
- To install and update the hardware wallet and install/run the ledger software and apps
- To set up a watch-only wallet
- To log into the exchange web site to transfer my coins to my hardware wallet
- To run a full node (if I need to)
I don't plan to use it for anything else, but in the back of my mind I'm wondering if any of this is necessary and/or putting my coins at risk
Setting Up the Hardware Wallet
1. Setup the Ledger. Create the seed phrase and write it down on paper (no photos, no copy paste, no online storage, etc.)
2. Make sure I go only to the real Ledger web site, install the Ledger software, and download the Ledger apps for the handful of coins I'm interested in storing (nothing too crazy - just half a dozen of the major, established coins)
Set up a watch only software wallet on my PC
I haven't done this yet, but was wondering if I could get your advice on best practices for doing this. Some specific questions I have:
Q. I was thinking of using the Electrum software wallet. Are there any better options?
Q. Any concerns with installing the watch only wallet on my regular daily-use PC instead of the dedicated crypto PC?
Q. Are there any best practices for setting up a watch only wallet?
Transfer the coins from the exchange to the hardware wallet
Here, I'm assuming that the general process is to log into the ledger software, say I want to transfer coins to to my hardware wallet. Take the public key/wallet address Ledger generates and give that to the exchange to initiate the transfer. I was planning to do all of this on the dedicated computer. Then wait for a while for the transaction to be validated and the transfer to be completed. I can use a block chain explorer to monitor what's happening with the transaction. Wait until multiple confirmations are showing to feel confident that everything went through, and check the watch only wallet to confirm the right balance is showing. Some general questions I have here:
Q. Am I missing anything or getting anything wrong in these steps?
Q. The biggest risk seems to be accidentally sending the private key instead of the public key. Is that foolproof on modern hardware wallets (e.g., do you have to go through a stupid amount of work to get the private key, making it less likely to screw up) or is there something to watch out for?
Q. Do public wallet addresses always start with 1 or 3 (which something I'd read)? How many characters long are public keys compared to private ones? Is there some other high confidence way confirm the string is the public key and not the private one?
Q. What blockchain explorer would you all recommend using?
Q. Do I need to set-up a full node to do this (i.e., is it really necessary)? If so, should I set up the node on my dedicated computer, or on my regular daily use PC? Does it matter?
Q. Lastly, can anyone help me understand the concept of sweeping and if it's something I need to explicitly do? Does ledger automatically take care of that?
Please let me know if I'm thinking about any of this the wrong way, and thanks again for your patience and willingness to help me figure this out! BTC still seems too complicated for mainstream adoption, but I'm committed to getting on board, and hoping someday that I can pay the knowledge forward.
|
|
|
|
|
I've read the hardware wallet mega thread, but still don't have a clear answer on what wallets are recommended and which ones to stay away from. What are the best hardware wallets on the market today, and which ones would you recommend for storing mainstream coins like BTC, ETH, SOL, MATIC, etc.? I'm looking for a cold wallet for long-term storage, and am open to air gapped solutions with a solid track record as well. Which ones would you recommend and why?
Thanks in advance! This community is very helpful, and it's a blessing that there are resources like this beginners forum for those of us who are early in our crypto journey.
|
|
|
|
|
