Now that my bitcoin-core wallet is fully recovered can I prune the blockchain?
Sure. But in case of a resync being required, the whole blockchain has to be downloaded again. How can I transfer this bitcoin-core wallet into electrum-offline without going online?
By creating an offline electrum wallet and sending your funds to that new wallet (by creating that transaction in core + broadcasting it from your online device). |
|
|
|
Is there any way to tell when, how much, and at what purchase price I made those acquisitions? Any way to tell from the blockchain?
When and how much you acquired could be derived from the blockchain if you can decide whether an incoming transaction was a purchase or not. The price you paid can only be estimated (i.e. look up the price of BTC at that date). It is weird that you don't see any records on coinbase. Did you maybe use another account? Or a different exchange? |
|
|
|
is electrum the best modern cold storage plan?
There is no "best" way for cold storage. But using electrum is absolutely fine. does electrum have issues with missing change addresses?
No. And neither does armory. All you need to backup is your seed (mnemonic code in case of electrum and root key in case of armory). All of your addresses (including change addresses) are derived from that seed. if I am generating offline spends in electrum do I need to worry about change addresses?
No. You just have to use an online machine with the imported master public key to create the transactions. Then let them be signed by your offline wallet. |
|
|
|
[...] all my transactions start with 3 but surely i can not dictate what the receiver address is to control/lower the fees?
All your addresses start with 3  What determines the total fee you pay is the fee rate (sat/vB) and size (vB) of the transaction. It does not matter what kind of an output you create (-> receiving address), it matters which kind of output you spend (-> your type of address). |
|
|
|
Thanks for all, for replays. The wallet was created between 2010-2011 i have only password wich i created myself and i think at that time there was no needed any seed phrase. That PC i still have but Windows was reinstalled several times and maybe from 2013 it is not used. Tried scan HDD with Photorec, recuva, method written in this forum, but nothing helped.
If that truly is the case, then you'll probably looking for a bitcoin core wallet file (default name: wallet.dat). The password alone for itself is worthless. Only the password together with the wallet file will give you access to your coins. |
|
|
|
I prepared all the physical parts of my new Air Gapped PC. I want the best recommendation for the software side, should I install tails (which one?) or install any Linux open source OS, download electrum on online device, use USB to instill it
It doesn't matter which trusted unix OS you are going to install. For ease, stay with the most used/reputable ones (Debian, Ubuntu, Tails, Manjaro, ...). But you can use whatever you want as long as you verify its authenticity and trust its developers (no hannah montana linux or other meme OS). Then install electrum via an USB downloaded from your online device, yes. But make sure to verify its authenticity (on the offline PC) before installing it. |
|
|
|
Denn es könnte dann durchaus sein das dies die minimum order grenze ist und diese nicht erreichst mit deinem Betrag.
Eher unwahrscheinlich, denn es heißt ja "Invalid order: maximum size". Da OP uns hier nicht seinen supergeheimen Investment-Tipp verraten möchte, können wir auch nur spekulieren was genau er falsch gemacht hat. Aber im Prinzip: OP, du versuchst mehr zu kaufen als es der Exchange zulässt. Und das vermutlich weil du deine Zahl in ein falsches Feld eingetragen hast. Vielleicht hast du ausversehen versucht Shitcoins ***** im Wert von 50.000 BTC zu kaufen (anstatt 50.000 Einheiten des Shitcoins *****). Ich zweifle sehr, dass du so viel BTC besitzt. |
|
|
|
How is a stainless steel plate that good of an idea? Thing is if a thief sees it or gets access to it, they might be able to figure it out on what it is... don't you agree on this?
The main point of such a plate is not that a thief won't recognize it as a mnemonic code. The strength is that it survives a house fire and/or flood. It is about the safety here, not the security. I mean if you could hide it somewhere very well, i agree it would be a good idea.
You are not supposed to put it on your kitchen table tho. |
|
|
|
- ausserdem, wenn ich den hier eintrage ist er doch nicht mehr streng geheim und kann doch sicher irgendwie von Kriminellen "gefischt" werden !?
es heisst doch "mein streng geheimer seed bestehend aus den 12 wörtern"
Wenn dein Rechner mit Malware versetzt ist, ja klar. Wenn es hier um mehr Geld geht als nur ein paar Hundert € und es eine Menge ist, die du tatsächlich nicht verlieren möchtest / darfst, dann solltest du weitere Sicherheitsvorkehrungen treffen. Welche das genau sind, hängt natürlich von deinem System ab. Ein guter Rat wäre z.B. die Signatur von Electrum zu verifizieren (Die Suche hier im Forum und WWW liefert eine Menge Ergebnisse hierzu). Wenn du z.B. noch Windows 7 verwendest, dann würde ich das gar nicht an deinem Rechner machen. - auf der ersten electrum-Seite soll nur eingetragen sein " meine btc " ? oder trifft hier der Kommentar darunter zu
"Hier legst du dir jetzt ein neues Wallet an, den Namen kannst du frei vergeben ... danach auf "Next" klicken."
Heisst das also, ich soll hier zu wallet in der Spalte statt meine btc nun mir selbst einen neuen key mit 12 (englischen?) Worten konfigurieren,
damit dann der aktuell 3. wallet-key ?
Es handelt sich nicht um einen "wallet-key". Diese 12 Wörter sind der Mnemonic code, oder auch öfter als Seed phrase bezeichnet. Ein Wallet ist nämlich eine Software (bzw. Software in Verbindung mit Hardware), die deine ganzen Keys (Plural) für dich verwaltet. Wenn du bei Electrum dann deinen Mnemonic Code eingibst, dann erstellst du kein 3. "wallet key". Du gibst ja deinen alten ein. Du stellst ein Wallet her, was die Private Keys welche zum Mnemonic Code gehören, generiert. - was, wenn alles auf electrum fertig eingetragen, wie das Eingegebene sichern , wie geht es da weiter , damit ich schliesslich meinen BTC-Besitz
auf die bitcoin.de-Plattform zwecks Handel (Verkauf) bekomme ?
Dabei handelt es sich dann nur noch um eine Transaktion  Würde wie -doubleU- das erst nach dem erfolgreichen Zugreifen auf die BTC angehen. |
|
|
|
But what if you have to open your ledger live to a thief? Wouldn't when you log in, they would see two different ledger accounts? Thus one with 0.00066 balance and one with 0.004 btc balance?
You don't need to open ledger live. Anyone with access to your system can access all the relevant data from ledger live. Even without the password. That password (for ledger live) is just a gimmick, it does not encrypt anything. The data is stored in plain text and can be read by anyone who knows where to look for. Could you hide that somehow or delete it? Then again you would want both accounts to show up everytime you log into ledger live for personal use though. So how would that owkr?
The best answer would be: Don't use ledger live. |
|
|
|
Alright, so running as root without the --no-sandbox parameter is not permitted. [1980:0320/195209.105776:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /tmp/.mount_Trezor7lPlMN/chrome-sandbox is owned by root and has mode 4755.
Did you check whether the file /tmp/.mount_Trezor7lPlMN/chrome-sandbox is indeed owned by root with mode 4755? (Note that the path might change slightly after each restart). If not, enter the directory and do: sudo chown root chrome-sandbox
sudo chmod 4755 chrome-sandbox
|
|
|
|
The goal is to apply the concept of Defense in depth, so in case the security controls for address 1D2xxxxxx fail, I want to be sure that bitcoin can only be sent to address 1Ji2xxxxxx. The idea is implemented, in Squares Subzero ( https://developer.squareup.com/blog/open-sourcing-subzero/). "One specific customization we implemented is the ability to enforce that cold wallets can only send funds to a Square-owned hot wallet. Such layering provides defense in depth; forcing an attacker to compromise multiple systems in order to extract funds. It is also possible to build additional layers, where each layer can tradeoff convenience with the amount of funds being stored (onion model)." Actually, IMO this is a completely stupid approach. In this case, it is completely sufficient for an adversary to only compromise that hot wallet. There is literally no reason to compromise the cold wallet if the only recipient is that hot wallet. And since hot wallets - by definition - are less secure than cold wallets, the security of the whole setup is the security of that hot wallet (weakest link). This approach is definitely not recommendable. If you want multiple layers of security, choose a secret sharing scheme, or additional encryption etc... It completely depends on your setup. But the mentioned approach would actually decrease the security of your whole setup to the security of a hot wallet. |
|
|
|
Thanks, I'll do as you suggest! I have a wallet password that is 16 chars long, I'll add a few more chars to it.
No problem Make sure to pick a somewhat random password (no sentences, words, special dates, etc..). 16 chars is already a pretty good length. Depending on the charset, this should be sufficient already. For the moment I prefer a hybrid solution, as it does not slow the system down, and as I am a newbie with encryption systems, I am afraid I might ruin my whole OS installation.
A somewhat modern system won't get slowed down much by full disk encryption. The bottleneck most likely still will be the disk itself, instead of the additional operations required for encrypting/decrypting. But this obviously completely depends on your actual system. |
|
|
|
It should definitely be possible. You need to check the details of your wallet (by clicking on the wallet name, 3 dots or similar). You should be presented your master public key. I want to generate offline on my android phone
What do you want to generate offline? The private keys? And then import the master public key into an online device? |
|
|
|
A different attack vector, is if the laptop is stolen.
Well, this also falls under unauthorized access. As long as the encryption is strong (strong algorithm, good implementation and strong passphrase), you are fine. Regardless of whether you use the electrum built-in encryption (which is AES-256 btw), or any external encryption software. Electrums built-in password protection is already an encryption, no further encryption mechanisms required. |
|
|
|
|
I mean.. it depends.
It is not a bad idea. But if it is against unauthorized system access, you might as well just set an electrum password.
Electrum encrypts all the sensitive data with a key derived from your password. Use a strong enough passphrase, and you are fine. You don't need to use any external encryption (or even 2 encryption schemes).
Or are you concerned about a different attack vector? If it is just against unauthorized access, the electrum password is fine as long as you don't write it down on a piece of paper and stick it onto the monitor.
|
|
|
|
|
Be assured, you don't need any persistence storage on your bootable USB.
This warning is necessary since a lot of people simply skip the backup of the mnemonic code (or even "back it up" on the live distro itself).
If you properly back up your mnemonic code (i.e. not on your live distro), you are fine.
|
|
|
|
If someone will get access to my Coinomi wallet on Android 10 they can get access to my private keys?
If they gain access to your coinomi wallet, i.e. access to the wallet application on your device? Then definitely, yes. I mean if this someone have understanding of situation and get access full hardware access to my Android 10 smartphone storage.
That's a tough question. The storage is encrypted, by default. If you have an older model, some vulnerabilities might exist which allows to extract the master key. If the device is running (and decrypted) when someone gains access to it (i.e. it is booted and has been unlocked once by you), then a cold-boot attack might be possible where the whole device is cooled down, memory extracted and then directly accessed. The latter one is a sophisticated attack and not achievable for a random person. In general i'd say you are fine if the mobile is turned off. If it was turned on, the risk is higher but still low enough to not completely freak out if you don't store tons of crypto on it. Definitely make sure to never use these keys again tho and move your funds away as soon as possible. Don't store more money on a mobile wallet than you would carry with you in cash, and you are fine. |
|
|
|
|
Deine erste Frage kann ich leider nicht beantworten.
Die passende Antwort auf deine zweite Frage wäre: Ist eigentlich dir überlassen. Wordpress sollte sich für so etwas eignen, ja.
Aber.. gibt es solche Netzwerke nicht schon? Facebook Gruppen, Ebay Kleinanzeigen, etc... ? Überall dort können doch ebenfalls Studentenjobs angefragt/bereitgestellt werden?
Ich möchte dir deine Idee nicht schlecht reden, nur einen Denkanstoß liefern ob es deine Zeit wirklich wert ist, wenn es nicht eventuell schon solche Gruppierungen bzw. Anzeigenportale gibt.
|
|
|
|
Trotzdem nehme ich an, dass die Quote an Leuten, die hier helfen gegen Crypto auch eher 90%+ mist beinhaltet die dann einfach nichts sinnvolles machen. Oder einen Scamen etc.
Das kann ich mir gut vorstellen, ja. Aber was will man denn erwarten wenn man in Shittokens zahlt (wie hier oft der Fall ist) oder mit 10€ pro Stunde vergütet wird. Da wird keine qualitative Arbeit geleistet. Mit einem ordentlichen Budget, stehen auch plötzlich viele gute(!) Leute zur Verfügung. Die guten bewerben sich doch nicht für eine mit Shittokens bezahlte Arbeit. Genauso wenig für eine 10€/h Arbeit. Natürlich bleiben dann nur noch die Scammer und Möchtegerns übrig. |
|
|
|
|
Show Posts
