swiping private keys without risks

[glimpse]

Hi guys,
I do HODL my BTC in cold storage while I'd like to transfer them on my brand new hardware wallet.
I was thinking to swipe the keys with MyCelium.
What is the safest way to do it?
I heard is not safe to make more than one transaction with coins swiped out from cold storage.
So would you advise me to send just a few satoshi to my hardware wallet to test or can I send ALL of them, after triple check of the address?
Thanx for any other suggestion
GIVE A MAN A GUN AND HE WILL ROB A BANK.
GIVE A MAN A BANK AND HE WILL ROB EVERYONE

[1714783421]

1714783421

[1714783421]

1714783421

[20kevin20]

I heard is not safe to make more than one transaction with coins swiped out from cold storage.

That is because Bitcoin uses change addresses. For privacy purposes, when you spend only part of your balance, the rest of it (the change) goes to another unused address. So if you have 1 BTC on a paper wallet and spend only 0.25 BTC, the change (0.75 BTC) goes to a newly generated, unused address.

Paper wallets have private keys written on them, not seeds. When you're sweeping a paper wallet, you're swiping the balance off a privkey. Private keys allow access to only one address, while seeds generate multiple addresses.

With that being said, if private keys allow access to only one address but when you make a transaction the change goes into another one... where will the change go? Into an address you do not have ownership over.

This could be avoided by using coin control. But as you don't know much about this process yet, I would advise against this method because you probably do not want to mess up.

So would you advise me to send just a few satoshi to my hardware wallet to test or can I send ALL of them, after triple check of the address?

Send everything.

[NeuroticFish]

I do HODL my BTC in cold storage while I'd like to transfer them on my brand new hardware wallet.

Do you have the coins on cold storage as offline wallet, or are they on paper wallet?
Because the proper way to use a cold storage is to only sign transactions.

Then you maybe export from the cold storage only the master public key or the relevant addresses to an online computer/wallet, create from there the transaction, get it back to the cold storage (with an USB stick for example), sign it, get it back to online computer and broadcast it.

A possibly clearer explanation is here: https://electrum.readthedocs.io/en/latest/coldstorage.html


If you know how to use properly a cold storage it's safer than the hardware wallet. I always recommend hardware wallets only for every day transactions, while the HODL funds should stay on offline cold storage.
If done properly, like the Electrum example (HD wallet, export only master public key, ..), even change address can be used correctly, so you should be good.

Also keep in mind that there's always testnet if you want to try out this kind of things.

If you have paper wallet(s) I recommend you also read threads like https://bitcointalk.org/index.php?topic=5296973

[bob123]

So if you have 1 BTC on a paper wallet and spend only 0.25 BTC, the change (0.75 BTC) goes to a newly generated, unused address.
[...]
With that being said, if private keys allow access to only one address but when you make a transaction the change goes into another one... where will the change go? Into an address you do not have ownership over.

No, not necessarily.
This completely depends on the wallet used.

If using electrum for example, transactions using the imported private key will send the change back to the original address.

Paper wallets have private keys written on them, not seeds.

Not necessarily.
It depends on the wallet OP has. But usually this is the case, yes.

What is the safest way to do it?
I heard is not safe to make more than one transaction with coins swiped out from cold storage.
So would you advise me to send just a few satoshi to my hardware wallet to test or can I send ALL of them, after triple check of the address?

The safest way would probably be to use a desktop wallet (e.g. electrum) together with an offline computer.
Download the original electrum and verify its signature. Then use an offline device (or a live booted linux distro in offline mode) with electrum to create and sign a transaction sending the funds to your hardware wallet.
Then copy the transaction to a USB stick and move it to an online PC to broadcast it.

This can either be done with all of your funds or with just a few satoshi first to check that everything works as expected.

If you do everything correctly (this means, to check the change address), then it is fine to send multiple times from the same address / paper wallet.

[LoyceV]

I do HODL my BTC in cold storage while I'd like to transfer them on my brand new hardware wallet.

But why? I'm serious: if your current setup is working and secure, why put all your eggs in one basket?

That being said: I wouldn't use Mycelium for any serious amounts, it's a mobile hot wallet.

The safest way would probably be to use a desktop wallet (e.g. electrum) together with an offline computer.
Download the original electrum and verify its signature. Then use an offline device (or a live booted linux distro in offline mode) with electrum to create and sign a transaction sending the funds to your hardware wallet.

Correction: you'll have to create the transaction on a hot Electrum wallet. When you import the address, it downloads all transactions so you can create an unsigned transaction.
Then copy that transaction to your offline air-gapped computer running from a Linux LIVE CD, import the private key into Electrum, sign the transaction, and copy the transaction back to your online system. The point of all this is to ensure your private key never touches any device that's connected to the internet.

[bob123]

Correction: you'll have to create the transaction on a hot Electrum wallet.

Right, thanks for the heads up. I missed that.

Obviously the transaction has to be created on an internet-connected device prior to be signed with the offline wallet.

The rest stays the same.

[20kevin20]

No, not necessarily.
This completely depends on the wallet used.

If using electrum for example, transactions using the imported private key will send the change back to the original address.

I still think it's a bad practice to import private keys and only spend them partially, especially for a newbie. Until a new user gets the hang of how wallets and coin control work, it's safer imo to transfer the entire balance instead.

[NotATether]

No, not necessarily.
This completely depends on the wallet used.

If using electrum for example, transactions using the imported private key will send the change back to the original address.

I still think it's a bad practice to import private keys and only spend them partially, especially for a newbie. Until a new user gets the hang of how wallets and coin control work, it's safer imo to transfer the entire balance instead.

I disagree. By transferring less funds, there are fewer bitcoins on the table to lose if they accidentally bork their transactions.

People shouldn't have to know how coin control works or that an address can have many inputs associated with it in order to be able to send from a single address.

[LoyceV]

I disagree. By transferring less funds, there are fewer bitcoins on the table to lose if they accidentally bork their transactions.

I'll show you an example I read years ago: Alice has 5 Bitcoin on a paper wallet, imports the private key into a wallet, and sends 1 Bitcoin to Bob. Then, Alice deletes the wallet, and stores the paper wallet, thinking there is 4 Bitcoin left.
Later, when Alice tries to make another transaction, she discovers the paper wallet is empty.
This example illustrates why it's paramount to empty a paper wallet completely, unless you know what you're doing. It depends on the wallet you're using what happens to your change, and that's not something to be left to chance.

People shouldn't have to know how coin control works or that an address can have many inputs associated with it in order to be able to send from a single address.

Unfortunately, that's not how Bitcoin works in the basics. It depends on the wallet you're using, and if the wallet is a piece of paper, you're entirely on your own.

[bob123]

I disagree. By transferring less funds, there are fewer bitcoins on the table to lose if they accidentally bork their transactions.

I'll show you an example I read years ago:
[...]
This example illustrates why it's paramount to empty a paper wallet completely, unless you know what you're doing. It depends on the wallet you're using what happens to your change, and that's not something to be left to chance.

To be honestly, you always need to know what you are doing.
You can either lose your coins through deleting the private key to the change address or by sending the coins to a wrong address (e.g. because of a clipping board changing malware).

Either way, you always need to know what you are doing. Especially if you aren't using a somewhat fool proof wallet.

[LoyceV]

To be honestly, you always need to know what you are doing.

True. The pitfall with "change" is how counter intuitive it is: if you give someone $100 to pay $50, you expect to get $50 back. With Bitcoin, you don't know you're giving more than you should, and if you've ever used a bank you don't expect to get any change. So of course, if you know what you're doing you're fine, but as a general advice sweeping all funds at once is safest.
That being said: I've sent change back to the same paper wallet in the past.

[odolvlobo]

You want a software wallet that will sweep your private keys directly into the hardware wallet. I think Electrum will do that. Mycelium will not.

[LoyceV]

I think Electrum will do that. Mycelium will not.

That's incorrect. It's been years since I've used it, but in Mycelium you can scan a private key (QR-code), then scan an address (also QR) where to send it to. Funds doesn't have to be stored on Mycelium in between.

[odolvlobo]

I think Electrum will do that. Mycelium will not.

That's incorrect. It's been years since I've used it, but in Mycelium you can scan a private key (QR-code), then scan an address (also QR) where to send it to. Funds doesn't have to be stored on Mycelium in between.

Maybe there is a way, but I couldn't find it. I tried and Mycelium imported the key. It will still require another step to send the coins to the hardware wallet. I suppose that is sufficient, but sweeping the key directly into a hardware wallet would only take a single step.

[SpanishSoldier]

Hi guys,
I do HODL my BTC in cold storage while I'd like to transfer them on my brand new hardware wallet.
I was thinking to swipe the keys with MyCelium.
What is the safest way to do it?
I heard is not safe to make more than one transaction with coins swiped out from cold storage.
So would you advise me to send just a few satoshi to my hardware wallet to test or can I send ALL of them, after triple check of the address?
Thanx for any other suggestion
GIVE A MAN A GUN AND HE WILL ROB A BANK.
GIVE A MAN A BANK AND HE WILL ROB EVERYONE

If I were you, I would have used https://coinb.in for this purpose. That's one of the easiest way to securely sweep a private key IMHO.

[Abdussamad]

swiping usually means sending the coins to an address in the software wallet. so the paper wallet private key no longer controls the funds. the funds are in the software wallet and can be backed up via the seed or whatever that the software supports. the change issue does not arise in this case and it's not the same as importing private keys.