How to OFFLINE test a cold storage private key

[Delek]

Hi there bitcoin community!

I just created a cold storage address (offline, ubuntu live cd, paper wallet, BIP38) to have some amount in a more secure place than simply blockchain.info
I correctly restored the actual private key from the BIP38 encrypted one with my password and everything appears to be fine. I already sent some coins and I have 4 confirmations.

However, I feel that the unique way to be SURE that I can move the bitcoins in a future is to make a transaction test!
I have my private key and it generates my public address, but I have some strange feeling only doing that, I NEED to see that I will be able to move the coins!

Should I stop worrying about this o it is reasonable doing an output test?, doing this test will be like don't taking in mind the address reuse prohibition?
There's a way to make OFFLINE a transaction output, sign it, run an OP_CHECKSIG and reach "1 confirmation" only by myself?

[1713999300]

1713999300

[1713999300]

1713999300

[1713999300]

1713999300

[1713999300]

1713999300

[1713999300]

1713999300

[1713999300]

1713999300

[Reynaldo]

I don't really know what you mean by 1 confirmation only by my self.

You could try to sign a transaction offline, and then on a watch-only version of your wallet, you would broadcast the transaction and you'll see it live in the blockchain.

[Delek]

I don't want to broadcast the output, only run OP_DUP OP_HASH160 SIGNATURE OP_EQUALVERIFY OP_CHECKSIG on it locally to see if it returns transaction OK. Without touching internet.

[Muhammed Zakir]

Should I stop worrying about this o it is reasonable doing an output test?

As long as you don't connect the computer which you stored Bitcoins and don't use an infected USB or disks, you don't have to worry.

doing this test will be like don't taking in mind the address reuse prohibition?

There is no prohibition. It is mainly a matter of privacy and also reusing addresses especially in a buggy client may result in exposing your private key.

There's a way to test OFFLINE and a secure way to make a transaction output, sign it, run an OP_CHECKSIG and reach "1 confirmation" only by myself?

If you are afraid to test in main chain, you should use testnet or regtest. The easiest wa is to create a raw transaction, sign it and broadcast it from an online PC.

Edit:

I don't want to broadcast the output, only run OP_DUP OP_HASH160 SIGNATURE OP_EQUALVERIFY OP_CHECKSIG on it locally to see if it returns transaction OK. Without touching internet.

Use "decoderawtransaction <hex string>" in Bitcoin core to decode a transaction.

[amaclin]

I don't want to broadcast the output, only run OP_DUP OP_HASH160 SIGNATURE OP_EQUALVERIFY OP_CHECKSIG on it locally to see if it returns transaction OK. Without touching internet.

1. copy the database (all files in folder C:\Users\<user>\AppData\Roaming\bitcoin ) from your "hot" computer to "cold" computer
2. run bitcoin-qt on your "cold" computer
3. open debug console and execute command "sendrawtransaction ..."

in any problems there will be an error message.
in the case if everything is ok you will receive txid

4. remove wallet.dat with the test transaction from the cold computer because you do not want to send it

---------------------------------------------
and one another way (everything on hot PC):

1. backup hot computer wallet.dat
2. remove (yes, remove!) hot computer wallet.dat
3. disconnect from internet
4. start bitcoin-qt (this will create new temporary wallet.dat)
5. open debug console and execute command "sendrawtransaction ..."

6. close bitcoin-qt
7. remove temporary wallet.dat and restore wallet from backup

[Muhammed Zakir]

I don't want to broadcast the output, only run OP_DUP OP_HASH160 SIGNATURE OP_EQUALVERIFY OP_CHECKSIG on it locally to see if it returns transaction OK. Without touching internet.

1. copy the database (all files in folder C:\Users\<user>\AppData\Roaming\bitcoin ) from your "hot" computer to "cold" computer
2. run bitcoin-qt on your "cold" computer
3. open debug console and execute command "sendrawtransaction ..."

in any problems there will be an error message.
in the case if everything is ok you will receive txid

4. remove wallet.dat with the test transaction from the cold computer because you do not want to send it

---------------------------------------------
and one another way (everything on hot PC):

1. backup hot computer wallet.dat
2. remove (yes, remove!) hot computer wallet.dat
3. disconnect from internet
4. start bitcoin-qt (this will create new temporary wallet.dat)
5. open debug console and execute command "sendrawtransaction ..."

6. close bitcoin-qt
7. remove temporary wallet.dat and restore wallet from backup

Isn't "decoderawtransaction <hex string>" simpler/easier than this?

[amaclin]

Isn't "decoderawtransaction <hex string>" simpler/easier than this?

Decoding transaction does not perform checking that private key is suitable for spending funds

[Abdussamad]

You can install a wallet such as electrum 1.9.8 (not 2.0.x coz that won't work for this) or bitcoin core on your offline system. Then import the private key and sign a message with it. Then verify the signature. This should tell you whether the private key "works" or not.

Relevant:

Attempt signing with all the keys and verify the results. (Bitcoin core does this internally. And I strongly recommend it, it's a little terrifying that nothing else does. It's too easy to have a bitflip cause the creation of an invalid key, and too easy to defend against)

You don't need to download the blockchain for this purpose.

[Delek]

But what I'm actually requesting is to CREATE AN OUTPUT, check the full script to get the OK without doing the broadcast. There's no tool to make this task?

[Abdussamad]

But what I'm actually requesting is to CREATE AN OUTPUT, check the full script to get the OK without doing the broadcast. There's no tool to make this task?

Creating a transaction does not involve the private key so what do you intend to test with that? Signing a transaction is where the private key comes into play. It is easier to sign an arbitrary message and verify the signature.

[Delek]

Where does the private key gets involved on Bitcoin transactions then?, signing an arbitraty message is not what bitcoin does while spending coins. I need to replicate what a miner/client will check but OFFLINE.
https://en.bitcoin.it/wiki/OP_CHECKSIG

[Muhammed Zakir]

Where does the private key gets involved on Bitcoin transactions then?,

When signing transaction. Anybody can create an unsigned transaction but without signing it, it can't be spend.

signing an arbitraty message is not what bitcoin does while spending coins. I need to replicate what a miner/client will check but OFFLINE.
https://en.bitcoin.it/wiki/OP_CHECKSIG

You want to use OP code to verify a transaction?

In computing, an opcode (abbreviated from operation code) is the portion of a machine language instruction that specifies the operation to be performed.

OP_CHECKSIG is script opcode used to verify that the signature for a tx input is valid.

----

A script is essentially a list of instructions recorded with each transaction that describe how the next person wanting to spend the Bitcoins being transferred can gain access to them.

=snip=
The script is actually a predicate.  It's just an equation that evaluates to true or false.  Predicate is a long and unfamiliar word so I called it script.

The receiver of a payment does a template match on the script.  Currently, receivers only accept two templates: direct payment and bitcoin address.  Future versions can add templates for more transaction types and nodes running that version or higher will be able to receive them.  All versions of nodes in the network can verify and process any new transactions into blocks, even though they may not know how to read them.
 =snip=

[Delek]

Ok so I used brainwallet.github.io offline and called SIGN and VERIFY functions with my private key (signed the message "Hola!"); the verify process was correct. Is this enough to consider the cold storage private key and public address valid?

[guitarplinker]

Ok so I used brainwallet.github.io offline and called SIGN and VERIFY functions with my private key (signed the message "Hola!"); the verify process was correct. Is this enough to consider the cold storage private key and public address valid?

Yes, if you were able to verify that the signed message came from your offline, generated bitcoin address, then you'll be able to access the private key and all funds associated with that address.

[amaclin]

Ok so I used brainwallet.github.io offline and called SIGN and VERIFY functions with my private key (signed the message "Hola!"); the verify process was correct. Is this enough to consider the cold storage private key and public address valid?

Yes, imho

[Delek]

Great! 

I was a little bit worried because of some cases of invalid generated Bitcoin addresses with malfunctioning private keys, in particular:
* This reddit post: http://www.reddit.com/r/Bitcoin/comments/2t3vn0/i_cant_send_my_btc_a_triangle_apear_i_use_multibit/
* "Unspendable Bitcoins" chapter of this Microsoft document: http://research.microsoft.com/pubs/204914/734.pdf