cellard (OP)
Legendary
Offline
Activity: 1372
Merit: 1252
|
|
April 09, 2019, 03:16:02 AM |
|
If one had a setup of 2 computers, one offline as cold storage, and one online, with offline's addresses in online's wallet as watch-only, both Core clients. Could you copy the block files from the synced online node into the offline computer, then as the current coins of your wallet show up, do whatever transaction you want to do using Coin Control and whatnot, then press "send" and get the result of this action in raw tx code, then convert this code into a QR, then pass this QR into the online node's computer and broadcast it? the idea is to avoid manually crafting the tx yourself which is a recipe for disaster if you screw up. Just thinking about doing what Coin Control does manually would give anyone normal an headache. So how about doing it all on the GUI and export the tx as raw into the online node? can you type step by step how you would do this?
If this was not clear I would try to rephrase it.
|
|
|
|
HCP
Legendary
Offline
Activity: 2086
Merit: 4361
<insert witty quote here>
|
|
April 09, 2019, 03:37:52 AM |
|
You could probably just use coinb.in to create an unsigned transaction... Click "Advanced Options", and make sure that the "Clear existing inputs when new inputs are loaded." option is UNCHECKED. You can then enter in an address or redeem script and it will find all the current UTXOs that exist... delete the ones you don't want to include in your transaction, then enter next address/redeem script and repeat until you have all the inputs you want. Then on the outputs page, setup the outputs you want... and TRIPLE check the value shown as "Transaction Fee" Click submit and you'll get unsigned raw TX... transfer this to your offline PC... sign it with the appropriate keys using signrawtransaction command... and then transfer the signedTX back to your online PC and broadcast.
|
|
|
|
cellard (OP)
Legendary
Offline
Activity: 1372
Merit: 1252
|
|
April 09, 2019, 04:03:16 AM |
|
You could probably just use coinb.in to create an unsigned transaction... Click "Advanced Options", and make sure that the "Clear existing inputs when new inputs are loaded." option is UNCHECKED. You can then enter in an address or redeem script and it will find all the current UTXOs that exist... delete the ones you don't want to include in your transaction, then enter next address/redeem script and repeat until you have all the inputs you want. Then on the outputs page, setup the outputs you want... and TRIPLE check the value shown as "Transaction Fee" Click submit and you'll get unsigned raw TX... transfer this to your offline PC... sign it with the appropriate keys using signrawtransaction command... and then transfer the signedTX back to your online PC and broadcast. Thanks but im too paranoid to use a website for that, even if you are just entering public addresses, you are entering them in batches and in some site with javaascript... I would really like to keep everything done within the wallet. I don't see why this wouldn't be possible. When you do something in the GUI, it should be possible to get the result of the actions you did on the GUI in raw format... I just need to know how to, after you build the tx with Coin Control, you import it in raw format, sign it, and broadcast it, all without leaving Core.
|
|
|
|
achow101
Moderator
Legendary
Offline
Activity: 3542
Merit: 6886
Just writing some code
|
|
April 09, 2019, 04:16:14 AM |
|
You could do that. If one had a setup of 2 computers, one offline as cold storage, and one online, with offline's addresses in online's wallet as watch-only, both Core clients. Could you copy the block files from the synced online node into the offline computer, then as the current coins of your wallet show up, do whatever transaction you want to do using Coin Control and whatnot, then press "send" and get the result of this action in raw tx code, then convert this code into a QR, then pass this QR into the online node's computer and broadcast it?
You could do that. It's a bit inefficient though. Instead, I suggest that you use the PSBT RPCs. This is currently RPC only, but there is work to bring this to the GUI in the future. On your online computer, you can use walletcreatefundedpsbt to create a PSBT. You provide it outputs and any inputs you want to have included. Bitcoin Core will perform coin selection to select the rest of the coins. It will also add a change output if needed and set the appropriate transaction fee. The resulting PSBT contains all of the information needed to sign the transaction, so you can move that to your offline machine through whatever method and sign it there. Some more detailed instructions and examples can be found at https://github.com/bitcoin/bitcoin/blob/master/doc/psbt.md and https://github.com/bitcoin-core/HWI/blob/master/docs/bitcoin-core-usage.md#sending. They don't quite describe the airgapped setup case, but the examples there can be easily worked into the airgapped setup. Note that some features may not yet be available. They will be available in Bitcoin Core 0.18.0 which should be released in the next couple of days.
|
|
|
|
HCP
Legendary
Offline
Activity: 2086
Merit: 4361
<insert witty quote here>
|
|
April 09, 2019, 06:30:01 AM |
|
Thanks but im too paranoid to use a website for that, even if you are just entering public addresses, you are entering them in batches and in some site with javaascript... I would really like to keep everything done within the wallet. I don't see why this wouldn't be possible. When you do something in the GUI, it should be possible to get the result of the actions you did on the GUI in raw format... I just need to know how to, after you build the tx with Coin Control, you import it in raw format, sign it, and broadcast it, all without leaving Core.
Fair enough... So, essentially you're wanting the "preview"/"export" functionality from Electrum... but in Bitcoin Core. As achow101 has mentioned, there isn't any way of achieving that in the GUI at the present time... hopefully that PSBT stuff gets brought to the GUI in the not to distant future... that looks like pretty much exactly what you're after. Until that happens, you'd either have to use the RPC calls (which would still be quite labour intensive) or use an airgapped setup with Electrum which would also cater for your desired workflow.
|
|
|
|
cellard (OP)
Legendary
Offline
Activity: 1372
Merit: 1252
|
|
April 10, 2019, 03:15:47 AM |
|
Thanks but im too paranoid to use a website for that, even if you are just entering public addresses, you are entering them in batches and in some site with javaascript... I would really like to keep everything done within the wallet. I don't see why this wouldn't be possible. When you do something in the GUI, it should be possible to get the result of the actions you did on the GUI in raw format... I just need to know how to, after you build the tx with Coin Control, you import it in raw format, sign it, and broadcast it, all without leaving Core.
Fair enough... So, essentially you're wanting the "preview"/"export" functionality from Electrum... but in Bitcoin Core. As achow101 has mentioned, there isn't any way of achieving that in the GUI at the present time... hopefully that PSBT stuff gets brought to the GUI in the not to distant future... that looks like pretty much exactly what you're after. Until that happens, you'd either have to use the RPC calls (which would still be quite labour intensive) or use an airgapped setup with Electrum which would also cater for your desired workflow. Thanks and achow101. I think im going to wait so it's properly implemented within the GUI in Core. I have been waiting for proper offline transaction usage support for a long time... something user friendly. I think Armory has user friendly GUI support to do the whole "get a raw tx with X inputs" and then broadcast it when its signed. In order to encourage people proper security measures doing this within the GUI is a must. As far as Electrum goes, from what I've read, I cannot trust the whole "your wallet can be spawned with a seed" setup. Im too paranoid with the idea that the right combination of words can spawn your entire wallet. It's a bit fucked up actually.
|
|
|
|
pooya87
Legendary
Offline
Activity: 3640
Merit: 11039
Crypto Swap Exchange
|
|
April 10, 2019, 03:50:21 AM |
|
~ As far as Electrum goes, from what I've read, I cannot trust the whole "your wallet can be spawned with a seed" setup. Im too paranoid with the idea that the right combination of words can spawn your entire wallet. It's a bit fucked up actually.
well your bitcoin core wallet is also an HD wallet meaning it is "spawning" all your keypairs from a seed, it just doesn't give you any mnemonic! as for your paranoia, it all comes down to that random entropy the wallets are using. if it is good enough then the "combination of words" you see is showing that random entropy to you in a human readable form that you could write down.
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
April 10, 2019, 08:26:51 AM |
|
~ As far as Electrum goes, from what I've read, I cannot trust the whole "your wallet can be spawned with a seed" setup. Im too paranoid with the idea that the right combination of words can spawn your entire wallet. It's a bit fucked up actually.
well your bitcoin core wallet is also an HD wallet meaning it is "spawning" all your keypairs from a seed, it just doesn't give you any mnemonic! as for your paranoia, it all comes down to that random entropy the wallets are using. if it is good enough then the "combination of words" you see is showing that random entropy to you in a human readable form that you could write down. pooya87 is right. All (proper) walllets use the same mechanism. They use one seed (not mnemonic, but seed) which has been generated with a good amount of entropy (usually 256 bit) to derive all private keys. Some wallets (the majority, excluding bitcoin core) do encode this seed via BIP39 which then gives you the human-readable mnemonic code composed of 12 / 24 words. In the end, it is all the same. Just the depiction of the big random number (seed) differs. Security-wise it doesn't matter how you encode the seed. All that matters is the entropy used to generate it.
|
|
|
|
cellard (OP)
Legendary
Offline
Activity: 1372
Merit: 1252
|
|
April 14, 2019, 02:01:03 AM |
|
~ As far as Electrum goes, from what I've read, I cannot trust the whole "your wallet can be spawned with a seed" setup. Im too paranoid with the idea that the right combination of words can spawn your entire wallet. It's a bit fucked up actually.
well your bitcoin core wallet is also an HD wallet meaning it is "spawning" all your keypairs from a seed, it just doesn't give you any mnemonic! as for your paranoia, it all comes down to that random entropy the wallets are using. if it is good enough then the "combination of words" you see is showing that random entropy to you in a human readable form that you could write down. Replying to you and also to bob123: I know they changed the format from the original wallet.dat after 0.13 or so and then it became an HD wallet too, but in a post I remember achow101 explained some differences in the way the seed is generated and basically said that the way it works is that wallet.dat HD format is safer than Electrum's HD format and you are protected from key derivation attacks. So when I did read that I decided that I will not bother with Electrum and will leave things as they are because im too scared to screw up in the process and then long term being paranoid about Electrum fucking me over. Not to mention all the numerous exploits we've seen lately with the update model.
|
|
|
|
pooya87
Legendary
Offline
Activity: 3640
Merit: 11039
Crypto Swap Exchange
|
|
April 14, 2019, 03:24:35 AM |
|
~ As far as Electrum goes, from what I've read, I cannot trust the whole "your wallet can be spawned with a seed" setup. Im too paranoid with the idea that the right combination of words can spawn your entire wallet. It's a bit fucked up actually.
well your bitcoin core wallet is also an HD wallet meaning it is "spawning" all your keypairs from a seed, it just doesn't give you any mnemonic! as for your paranoia, it all comes down to that random entropy the wallets are using. if it is good enough then the "combination of words" you see is showing that random entropy to you in a human readable form that you could write down. Replying to you and also to bob123: I know they changed the format from the original wallet.dat after 0.13 or so and then it became an HD wallet too, but in a post I remember achow101 explained some differences in the way the seed is generated and basically said that the way it works is that wallet.dat HD format is safer than Electrum's HD format and you are protected from key derivation attacks. So when I did read that I decided that I will not bother with Electrum and will leave things as they are because im too scared to screw up in the process and then long term being paranoid about Electrum fucking me over. yeah it was your own question last year. and it is not about being HD or using mnemonic (the part i bold in your initial comment in first quote). if you read it again as @achow101 said the only problem is that Electrum is using non-hardened paths. and the only risk of that is IF you reveal your master public key AND at least 1 of your private keys. Not to mention all the numerous exploits we've seen lately with the update model.
that is not a reason not to trust an implementation. bugs and exploits happen and as a developer you can not avoid them. bitcoin-core also had lots of bugs some of which were serious but that doesn't make it any less secure.
|
|
|
|
malevolent
can into space
Legendary
Offline
Activity: 3472
Merit: 1724
|
|
April 14, 2019, 10:30:15 PM |
|
Thanks but im too paranoid to use a website for that, even if you are just entering public addresses, you are entering them in batches and in some site with javaascript... I would really like to keep everything done within the wallet.
As it says on the bottom of the website, you can download it and run it offline (ideally on an air-gapped machine).
|
Signature space available for rent.
|
|
|
|