Any way to create a Tx offline without Armory?

[IveBeenBit]

Hi all, I have enough BTC now that I'm starting to take security pretty seriously.

Here's my plan now for cold/hot storage.

I'm going to make a "brain wallet" and store the bulk of my BTC in there. For my "walking around money" I'm going to access it via the blockchain.info wallet.

I downloaded a bootable DVD iso of Ubuntu Privacy Remix and have been screwing around with that a bit. It's basically a Bootable DVD that doesn't access my hard drives and shuts off the network. Seems like a good way to defend against keyloggers, trojans, etc. to me.

Anyways, I also found this site: http://bitsend.rowit.co.uk/

That lets you apparently, send raw transaction data and broadcasts it to the network.

Are there any utilities or ways I can create & sign a transaction offline, put it on a USB drive and then send it to the network if I need to pull some coins out of cold storage?

I know Armory does something like this, but I would need to install the Armory client twice, not to mention the Satoshi client, blockchain, etc..

I'm looking for something a bit more lightweight. Also keep in mind I am not a programmer or hax0r in fact, today was the first day I ever used Linux. So I am probably the least 377T guy on the forum.

A knowledgeable friend of mine told me that given currently available software, it can't be done easily. Is that correct?

[1715689497]

1715689497

[1715689497]

1715689497

[finkleshnorts]

I use coins in the same way, and I have been looking for a program that does just this, without downloading a bunch of other software. It sounds like it would be very easy to create, for somebody who were familiar with the ins and outs of the protocol.

I imagine it being very lightweight:

1. Enter value
2. Enter your private key (sha256 brainwallet support a la bitaddress.org would be a plus)
3. Enter the address to send to

The program now creates a signed transaction, offline, ready to send to the network

4. Connect to the internet
5. upload/paste tx to send via a dedicated website (such as the one you mentioned) or a dedicated email address

This seems to me to be the most secure way to handle coins. No .dat file, no keys exposed to the web, etc.

Something simple like this could possibly even make its way into the iOS app store. Or have a clientside javascript web page that is accessible/savable from any device (a la bitaddress.org)

[flatfly]

Sure, if you don't mind typing a few simple commands, Electrum can do just that, and is lightweight. Look up the exact syntax in the online documentation. I would have posted an example but am not home right now. Let me know if you need more help.

[IveBeenBit]

Sure, if you don't mind typing a few simple commands, Electrum can do just that, and is lightweight. Look up the exact syntax in the online documentation. I would have posted an example but am not home right now. Let me know if you need more help.

I don't mind typing a few simple commands, but honestly the Electrum documentation totally confused me. This talk about unseeding and reseeding....

Anyways, here's what I'm looking to do (I know you probably understand, but I wanted to make it concrete so if you can give me an example using these values that would be great).

I'm going to send a bunch of my coins to BTC address: 12pHWoUhesnhZeqGWALpLtT97CDXASQGjp

The corresponding private key is: b3e11ad90056064ee673641b6a928faed985a72ee58f94c4bce0310d004d6a81

Incidentally the private key is also the sha256 hash of "flatfly."

When I go to make a "withdrawal" I want to create the transaction entirely offline and make sure I'm on a "clean" system. I'll be offline by booting to a Linux DVD with networking disabled etc.. So I will need to sign the transaction, save it to a flash drive, then reboot and send the Tx to the rest of the network.

And you're telling me I can do this by making sure the electrum client is included on my ubuntu live boot DVD and when I am at the command prompt I type...?

Thanks for any help, BTW!

[Lumpy]

I've been doing this with Electrum. It's a little tricky, but not too bad. With a brainwallet, you can mostly ignore the seed/deseed instructions.

I'll try and see if I can remember all of my steps.

Preparing the offline wallet:
1) Prepare an offline Linux distro. I have a USB version of Xubuntu that I boot once with networking to install PythonQt/Electrum and download a few tools, such as the Electrum wiki page (https://en.bitcoin.it/wiki/Electrum) for documentation and brainwallet.org for offline use. Then I physically disconnect my networking and reboot. Networking will never be connected again. Of course, you could prepare the packages in advance and NEVER use networking at all, or use a clean-install never-networked Windows PC, etc.
2) Once booted without networking, I open Firefox in Private Browsing Mode and use the downloaded brainwallet.org to generate my Bitcoin address. I save the address on my USB drive and send coins to it for safekeeping from my live system.

Watching Wallet with Electrum:
1) On my live networked computer, I set up a new wallet with Electrum and then generate a rubbish address pair with brainwallet.org. I then import it to my new wallet with a command like:

electrum import 1FqroyWA2FVRsiAeAeaWjpq4kHqHucxVF9:5J5N8wd4UDgGDWsBDRAcUpiNaCZZzpWGDCUnzf26n5oUKjJNpMQ

2) I then edit electrum's wallet file (electrum.dat by default), find 'imported_keys' and replace the rubbish address (1FqroyWA2FVRsiAeAeaWjpq4kHqHucxVF9 in this case) with my real offline address. You can leave the private key as it is or erase it. I just erase it and leave the field as ''.
3) I start electrum and freeze the offline wallet address. Now I can see funds as they come in but can't try to spend them (Electrum would throw an error if I did anyway since it doesn't have the private key)

Creating an Offline Transaction
1) I copy the wallet file to my offline USB, reboot without networking and put it in place (~/.electrum/electrum.dat). I then use brainwallet.org offline in Private Browsing mode to create the correct private key and paste it into the wallet file. To create a transaction, the syntax is:

electrum mktx [-s sourceaddr] [-c changeaddr] [-f fee] <toaddress> <amount>

Which spits out the raw transaction. You sent it into a text file to use later, for example:

electrum mktx -s 1FqroyWA2FVRsiAeAeaWjpq4kHqHucxVF9 -c 1FqroyWA2FVRsiAeAeaWjpq4kHqHucxVF9 -f 0.001 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T 100 > tx.txt

Which would send 100 BTC from 1FqroyWA2FVRsiAeAeaWjpq4kHqHucxVF9 to 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T with a fee of 0.001 BTC and all change returning back to the same brainwallet. I usually test the output first before writing it to the text file.
4) Copy the text file to your USB stick (or separate stick if you don't have rw access). For good measure, I delete bash history, etc. then reboot.
5) Now that I have the raw transaction, I can paste it into a website that will send it, or just send it with electrum:

electrum sendtx <raw transaction with lots of numbers here>

6) MOST IMPORTANT STEP. I destroy the USB drive by shredding followed by incineration. The computer's hard drive gets the sledge hammer. Sometimes I burn the house down for good measure. A little time consuming, a little expensive, but in the end... it's all worth it to protect my bits!

[xioustic]

Seems like an easier way would be using the javascript-only Offline Tx Utility provided here: https://www.strongcoin.com/blog/the_easiest_way_to_create_secure_offline_bitcoin_transactions

The script from that link coupled with a saved copy of brainwallet.org and you have a fully off-line, browser-based PrivateKey & Transaction generator. All the system would need at the point of generating an off-line transaction is an accurate transaction log for the public address the private key(s) corresponds to, which can be gotten at http://blockexplorer.com/q/mytransactions/<publickey> (http://blockexplorer.com/q/mytransactions/1BountYypWttTvAJcMJVvSRDfX3TJ182To for example).

If blockexplorer went down though, not sure where you would go from there. You would need to be able to generate an accurate transaction log for your public key somewhere else in the same format blockexplorer provides in order to generate valid transactions.

Anyone else have any easier ideas?

I tend to do all my cold-walleting using a Live XP USB Drive on a computer with no internal hard drive. The Live XP runs in the memory of the computer. The only thing stored on the USB Drive other than the XP boot information are these two scripts, and a folder where I put the up-to-date transaction log from blockexplorer for whatever public key(s) need to send transactions.

EDIT: Upon closer inspection, brainwallet.org even has a transaction generator at the top now. This rules out the need for the Offline Tx Utility I linked. All you need is either a Blockchain Explorer or a BlockChain.info dump on transactions for your public key and you're good-to-go!

[etotheipi]

Just for reference, the requirements to run Armory on an offline computer are basically nil.  You don't need the blockchain, you don't need Bitcoin-Qt/bitcoind.  You only need to install the library dependencies, which are all conveniently packaged with the Linux installer on the downloads page (use Armory_0.77_Offline_ALL_Ubuntu_10.04-32bit.zip).  I run this on an ancient laptop with a 1.6 GHz proc and 512 MB of RAM.  It runs fine.

However, using it on the online computer is not so lightweight.  Armory 0.81+ will use about 600 MB RAM on the online computer.  But you already have Bitcoin-Qt/bitcoind installed and running there and the blockchain file is auto-detected, so there's really nothing else to do except make sure it's running.  (btw, any version of Armory can be installed on the offline computer, regardless of the version on the online computer)

Once you have it, all this command-line stuff becomes completely unnecessary.  Blockchain.info/blockexplorer are unnecessary.  Downloading necessary transaction data is done by Armory on the online computer, from the Bitcoin network directly and it's completely automated.  Just get a USB key and the rest is point-and-click.  There is [a lot] more information in the Using offline wallets in Armory tutorial.

I know this thread is about not using Armory for this.  But I want to make sure that your desire not to use Armory isn't due to misunderstandings about how it works.  Really, I'm not sure if offline transactions can get any simpler, and any computer that boots can be used for the offline system.  The only bottleneck is the online system.

[xioustic]

eto,

If I could get a mini LiveCD that is offline only and has a primary focus of just signing transactions using Offline Armory, I'd be happy.

As it stands now, I'm signing transactions (ie generating valid transactions) using a Mini XP LiveCD that is installed (using BartPE) to a bootable USB stick. The LiveCD portion of the USB stick literally only takes up 300MB on its own. The operating system only exists within RAM. With the built-in browser, I can open the offline copy of BrainWallet.org and use that to sign all my pending transactions. I can do this on any machine that can boot from a USB device built in the last 10+ years.

I continue to use the USB stick for other things as it has a 16GB capacity and continues to serve its function. When I want to sign some transactions, I copy the destination addresses and the tx amounts down in notepad (or on a notepad) and save the latest transaction history from Block Explorer / BlockChain.info to a txt file on the USB drive for the LiveCD to access later.

There is no sensitive data on the USB stick ever. The BrainWallet.org site is capable of regenerating my private key for my cold wallet using my memorized PassPhrase, so the private key is never stored anywhere except temporarily in RAM. Once the computer loses power it's all finito.

The BrainWallet.org site runs on just about anything that can run javascript, and saved offline it takes up a total of 344kb.

Can Armory somehow compete with that yet? RAM only, no private key stored anywhere, and the LiveCD's footprint capable of doing all this is about 300MB and boots from USB? I imagine making a Linux LiveCD specifically for offline Armory would be simple, but then you'd still need the offline wallet to store the private key persistently in order to be able to sign transactions.

I do like that with Armory all the BlockChain handling is already handled when you create pending transactions. This removes the dependency from Block Explorer / BlockChain.info for retrieving public key transaction history. That's about the only benefit I can see.

[etotheipi]

eto,

If I could get a mini LiveCD that is offline only and has a primary focus of just signing transactions using Offline Armory, I'd be happy.

As it stands now, I'm signing transactions (ie generating valid transactions) using a Mini XP LiveCD that is installed (using BartPE) to a bootable USB stick. The LiveCD portion of the USB stick literally only takes up 300MB on its own. The operating system only exists within RAM. With the built-in browser, I can open the offline copy of BrainWallet.org and use that to sign all my pending transactions. I can do this on any machine that can boot from a USB device built in the last 10+ years.

I continue to use the USB stick for other things as it has a 16GB capacity and continues to serve its function. When I want to sign some transactions, I copy the destination addresses and the tx amounts down in notepad (or on a notepad) and save the latest transaction history from Block Explorer / BlockChain.info to a txt file on the USB drive for the LiveCD to access later.

There is no sensitive data on the USB stick ever. The BrainWallet.org site is capable of regenerating my private key for my cold wallet using my PassPhrase, so the private key is never stored anywhere except temporarily in RAM. Once the computer loses power it's all finito.

The BrainWallet.org site runs on just about anything that can run javascript, and saved offline it takes up a total of 344kb.

Can Armory somehow compete with that yet? RAM only, no private key stored anywhere, and the LiveCD's footprint capable of doing all this is about 300MB and works on USB? I imagine making a Linux LiveCD specifically for offline Armory would be simple, but then you'd still need the offline wallet to store the private key persistently in order to be able to sign transactions.

I do like that with Armory all the BlockChain handling is already handled when you create pending transactions. This removes the dependency from Block Explorer / BlockChain.info for retrieving public key transaction history. That's about the only benefit I can see.

I forgot we were talking about brainwallets (or at least one aspect of them).  Towards this purpose, Armory is not the best-suited tool.  I was more targeting the offline-wallet management use-case, in which case you expect to have the data on a hard-drive or USB key (encrypted of course), it just won't ever touch the internet. 

However, Armory could be great for this if I made brainwallets easier.  I'm hesitant to do that, though... but that's another discussion.  However, the gist is still possible:  you boot into your live session, and "restore from paper backup", and you use your brain-wallet passphrase to "restore" your brainwallet.  It will create a wallet and all the addresses with it in a "file", but since it's a live session, that file is in RAM and will disappear along with the power.   You'll have to make a watching-only copy of this ethereal wallet to be transferred to the online computer.  But once you have that, you have full control from online Armory: maintaining balances, confirming incoming payments, constructing transactions, etc.

So it is very possible, you just have to have an extra utility on the offline system to convert your brainphrase to an Armory wallet seed.

And btw, nothing sensitive ever touches the USB key that is used to shuttle transaction data for signing.

[Lumpy]

Seems like an easier way would be using the javascript-only Offline Tx Utility provided here: https://www.strongcoin.com/blog/the_easiest_way_to_create_secure_offline_bitcoin_transactions

The script from that link coupled with a saved copy of brainwallet.org and you have a fully off-line, browser-based PrivateKey & Transaction generator. All the system would need at the point of generating an off-line transaction is an accurate transaction log for the public address the private key(s) corresponds to, which can be gotten at http://blockexplorer.com/q/mytransactions/<publickey> (http://blockexplorer.com/q/mytransactions/1BountYypWttTvAJcMJVvSRDfX3TJ182To for example).

If blockexplorer went down though, not sure where you would go from there. You would need to be able to generate an accurate transaction log for your public key somewhere else in the same format blockexplorer provides in order to generate valid transactions.

Anyone else have any easier ideas?

I tend to do all my cold-walleting using a Live XP USB Drive on a computer with no internal hard drive. The Live XP runs in the memory of the computer. The only thing stored on the USB Drive other than the XP boot information are these two scripts, and a folder where I put the up-to-date transaction log from blockexplorer for whatever public key(s) need to send transactions.

EDIT: Upon closer inspection, brainwallet.org even has a transaction generator at the top now. This rules out the need for the Offline Tx Utility I linked. All you need is either a Blockchain Explorer or a BlockChain.info dump on transactions for your public key and you're good-to-go!

Thanks for the tips! Simpler than using Electrum.

[molecular]

Seems like an easier way would be using the javascript-only Offline Tx Utility provided here: https://www.strongcoin.com/blog/the_easiest_way_to_create_secure_offline_bitcoin_transactions

I'm using (a slightly modded version of) this for my savings brainwallet. works like a charm.

[BitHits]

What if you do this and put in a low tx fee ?

[molecular]

What if you do this and put in a low tx fee ?

Same thing that happens if you put in a low tx fee using a bitcoin wallet.

[RoxxR]

According to the 1.7 release notes, Electrum now does Armory-style offline transactions.

[phathash]

I prefer the reference client to other implementations. Offline tx would be nice.

Possibly a way to do it with Bitcoin-Qt is to setup a cleanly installed machine/Ubuntu USB flash drive with the full blockchain, take it offline and then copy your encrypted wallet to it. Sign a tx, burn the wallet to CD and copy it to another clean Ubuntu instance. From that second instance you would never sign a tx or message. View only. The decryption key would never be released into memory. Let it download the blockchain. It will broadcast the tx.