How do you manage your private keys to make transactions? (offline storage)

[cellard]

There are three ways that I can think off to store your private keys safely (offline)

1) Having a hardware wallet (Trezor, Ledger, and so on). The problem: Having to trust their custom RNG, their while hardware, that there will be no surprises (see trezord.exe phoning home)

2) Having a paper wallet (encrypted with BIP38). The problem: You can easily lose a piece of paper. The paper can also degrade over time. You would be also stuck with a single public key to get payments, so you would need one piece of paper per address... not good if you need to create new addresses constantly to relieve payments. Controlling coin inputs and outputs it's also harder without software involved.

3) Having an offline airgapped computer with Linux: This looks like the safest option to me. The problem: You need to pre-sign the transactions and Bitcoin Core does not have good support to do this so you are stuck with making raw transactions by hand which is a bit of a mess, then you need to pass this raw transaction into your online node. Armory has a nice GUI to do this but I wouldn't trust it too much. Electrum.. wouldn't trust my main stack to be held by an Electrum wallet (too paranoid about the seed being derived somehow)

So how do you personally manage your private keys in cold storage in order to make your transactions?

[1713242905]

1713242905

[gentlemand]

There are three ways that I can think off to store your private keys safely (offline)

1) Having a hardware wallet (Trezor, Ledger, and so on). The problem: Having to trust their custom RNG, their while hardware, that there will be no surprises (see trezord.exe phoning home)

You don't have to do this. You can create your own seed offline and insert it in the machine. They'll recognise anything that's valid. Beyond that I do wonder how many other horrors will be uncovered in the years to come with hardware wallets. The spoils would be humongous.

I used to be all paper. Now I'm all hardware.

The third option sounds cool but far too much ball ache. If I'm to spend at the moment I'll get rid of one of my numerous forks, stick the proceeds in a phone wallet and go retail crazy.

[cellard]

There are three ways that I can think off to store your private keys safely (offline)

1) Having a hardware wallet (Trezor, Ledger, and so on). The problem: Having to trust their custom RNG, their while hardware, that there will be no surprises (see trezord.exe phoning home)

You don't have to do this. You can create your own seed offline and insert it in the machine. They'll recognise anything that's valid. Beyond that I do wonder how many other horrors will be uncovered in the years to come with hardware wallets. The spoils would be humongous.

I used to be all paper. Now I'm all hardware.

The third option sounds cool but far too much ball ache. If I'm to spend at the moment I'll get rid of one of my numerous forks, stick the proceeds in a phone wallet and go retail crazy.

I just can't trust hardware wallets. I think airgapped linux laptop is the way to go, but im still unsure how to go about signing offline transactions... I tried to practice with testnet coin. Got a testnet node synced and set another testned core wallet on the offline machine, then I put the public keys on the online node to see my funds in watch-only mode, but crating the transactions is too complicated if you need to pick specific inputs. I mean, it's like trying to do the "Coin Control" part of the GUI but manually... a pain in the ass indeed.

[Robot1982]

Electrum.. wouldn't trust my main stack to be held by an Electrum wallet (too paranoid about the seed being derived somehow)

What's wrong with Electrum? I think you are very flexible with Electrum. You could use Electrum with 2 of 2 multisig (one seed on an online computer and another seed on an offline computer). You use the online wallet to watch your balance and to generate the transactions (including the first signature) then the offline wallet for the second signature and then again the online wallet to broadcast the transaction. You can do this very easily with Electrum. Or you could use 2 of 2 multisig with Electrum and a hardware wallet (one seed from Electrum and one seed from the hardware wallet). Or even 3 of 3 multisig with one Electrum online seed, one electrum offline seed and one hardware wallet seed.

Besides, Electrum is the first and currently only wallet that supports native segwit (bech32 addresses that start with bc1...).

[pebwindkraft]

...
Got a testnet node synced and set another testned core wallet on the offline machine, then I put the public keys on the online node to see my funds in watch-only mode, but crating the transactions is too complicated if you need to pick specific inputs...

I thought it is possible to assemble a tx completely on live net, with the watch-only address.
Then you’d bring the unsigned tx to the cold storage machine, and sign it. Then bring it back to the online machine, and send it... this would remove the burden of manually playing with the in and outs.

[hugeblack]

I have trouble remembering places "I can’t write my private key on a paper"So that I use technology.
1.1password: password manager for all my private keys and words. watch this https://www.youtube.com/watch?v=mcly2-b1W20
2. Hardware wallets: i use this cryptosteel "Cryptosteel comes with more than 250 stainless steel letter tiles engraved on each side. Codes and passwords are assembled manually from the supplied part-randomized set of tiles. Users are able to store up to 96 characters worth of confidential information in minutes, guaranteeing safety of the data with no need for specialized tools or third-party involvement.[Source and read full]"

[Taras]

2) Having a paper wallet (encrypted with BIP38). The problem: You can easily lose a piece of paper.

Well, you could also make multiple copies of that piece of paper. Unlike cash, your bitcoins can be in multiple places at once, after all. Imagine losing your wallet on the subway, with all your cash in it, but wait! You have a backup at home! And a potential thief who finds the wallet can't access your cash without a password anyways.

[figmentofmyass]

There are three ways that I can think off to store your private keys safely (offline)

1) Having a hardware wallet (Trezor, Ledger, and so on). The problem: Having to trust their custom RNG, their while hardware, that there will be no surprises (see trezord.exe phoning home)

2) Having a paper wallet (encrypted with BIP38). The problem: You can easily lose a piece of paper. The paper can also degrade over time. You would be also stuck with a single public key to get payments, so you would need one piece of paper per address... not good if you need to create new addresses constantly to relieve payments. Controlling coin inputs and outputs it's also harder without software involved.

3) Having an offline airgapped computer with Linux: This looks like the safest option to me. The problem: You need to pre-sign the transactions and Bitcoin Core does not have good support to do this so you are stuck with making raw transactions by hand which is a bit of a mess, then you need to pass this raw transaction into your online node. Armory has a nice GUI to do this but I wouldn't trust it too much. Electrum.. wouldn't trust my main stack to be held by an Electrum wallet (too paranoid about the seed being derived somehow)

So how do you personally manage your private keys in cold storage in order to make your transactions?

i have most of my coins stored in cold storage, both paper wallets and encrypted .dat files on thumb drives and CDs. moving my real cold storage (and restoring it to new cold wallets) is inconvenient and difficult by design. an air-gapped electrum wallet is definitely necessary for my day-to-day transactions. there's no way around that for me.

i only keep < 10% of my coins in air-gapped spending wallets.......but i'm still at a loss for how core's HD wallet seed is so much more secure than electrum's. my paranoia (which is pretty high level as it is!) is more about malware that makes its way onto the thumb drive i use to transfer/broadcast transactions.

[nc50lc]

2) Having a paper wallet (encrypted with BIP38). The problem: You can easily lose a piece of paper. The paper can also degrade over time. You would be also stuck with a single public key to get payments, so you would need one piece of paper per address... not good if you need to create new addresses constantly to relieve payments. Controlling coin inputs and outputs it's also harder without software involved.

You can make a backup by encrypting a renamed text (notmyprvkey.txt) into a jpg (notmyprvkey.jpg) file containing the private key by compressing it using any 7zip tool together with a couple of real images.
Renaming the compressed file as "photos" or "porn" might deceive black hats.
This is better than just storing your backup in a hidden folder.

[Taras]

my paranoia (which is pretty high level as it is!) is more about malware that makes its way onto the thumb drive i use to transfer/broadcast transactions.

YES, I get those same exact fears in the back of my mind. One thing I want to try is to transfer data over an airgap via just a dumb QR code reader. Show QR on one screen, offline computer photographs it (with an offline camera peripheral) and decodes it, and then we could send information back to the online computer in the same way.

[AGD]

It is really simple:
-Create an offline wallet with Bitcoin Core and encrypt it (I recommend using PGP on top of the original encryption for privacy reasons)
-Backup this encrypted wallet.dat file anywhere you want. You can put it on several harddisks, usb sticks. You can send it attached to several email addresses.

[hatshepsut93]

On Core vs Electrum for airgap machine - IMO there's more risk that you screw up while dealing with raw transaction and accidently set the wrong amount/wrong fee/ wrong address then that Electrum has some serious vulnerability in its seed. But you can also have two cold wallets - one big Core wallet where you store your long-term savings that you are not going to touch for years, and a smaller Electrum cold wallet that you use to sign transactions more frequently, like every few months.

[cellard]

...
Got a testnet node synced and set another testned core wallet on the offline machine, then I put the public keys on the online node to see my funds in watch-only mode, but crating the transactions is too complicated if you need to pick specific inputs...

I thought it is possible to assemble a tx completely on live net, with the watch-only address.
Then you’d bring the unsigned tx to the cold storage machine, and sign it. Then bring it back to the online machine, and send it... this would remove the burden of manually playing with the in and outs.

Yeah this would be it. I remember reading someone claiming this was possible in the past but I don't know how the steps would look like.

So let's say I have a node online and synced with all my addresses added as watch-only, then the offline wallet in the airgapped computer (both are Bitcoin Core).

How do I make the transaction in the online node's wallet on the GUI as usual then pass it read on the offline machine to sign it with the offline private keys then back to the online node?

If I do the transaction as usual with the watch-only addresses with the ideal fee and all the inputs I want selected in "Coin Control", I can then do "dumprawtransaction" and then make a QR code of this, read it in the offline wallet, then what do I do with this?

I just want to know step by step to not fuck it up in the process.

[squatter]

It is really simple:
-Create an offline wallet with Bitcoin Core and encrypt it (I recommend using PGP on top of the original encryption for privacy reasons)
-Backup this encrypted wallet.dat file anywhere you want. You can put it on several harddisks, usb sticks. You can send it attached to several email addresses.

I keep most of my coins on encrypted wallet.dat, but it's not possible to do day-to-day spending this way. I just use them for coins I don't expect to move for months or years.

Having an offline airgapped computer with Linux: This looks like the safest option to me. The problem: You need to pre-sign the transactions and Bitcoin Core does not have good support to do this so you are stuck with making raw transactions by hand which is a bit of a mess, then you need to pass this raw transaction into your online node. Armory has a nice GUI to do this but I wouldn't trust it too much. Electrum.. wouldn't trust my main stack to be held by an Electrum wallet (too paranoid about the seed being derived somehow)

I wasn't aware that Armory had a GUI for offline signing. Any opinions here on Armory vs. Electrum? I use the latter, but I'd feel a lot more secure if I could do this with Core. Also, is it true that Electrum's seed might be easier to derive? What's the difference among the different HD wallets regarding seed security?

[Kakmakr]

Paper wallets are not that big a deal for me. I use a air-gapped computer & printer to print multiple paper wallets and I store duplicates in 3 different locations. I also split my stash into small chuncks, to reduce the risk of having to restore everything, every time I want to claim fork coins or when I want to use some.

The hardware wallets are used for small amounts on a daily basis. ^smile^

[AGD]

It is really simple:
-Create an offline wallet with Bitcoin Core and encrypt it (I recommend using PGP on top of the original encryption for privacy reasons)
-Backup this encrypted wallet.dat file anywhere you want. You can put it on several harddisks, usb sticks. You can send it attached to several email addresses.

I keep most of my coins on encrypted wallet.dat, but it's not possible to do day-to-day spending this way. I just use them for coins I don't expect to move for months or years.
...

I don't think, that a 'day-to-day-wallet' needs to be secured in an offline wallet in most of the cases.

[cellard]

Having an offline airgapped computer with Linux: This looks like the safest option to me. The problem: You need to pre-sign the transactions and Bitcoin Core does not have good support to do this so you are stuck with making raw transactions by hand which is a bit of a mess, then you need to pass this raw transaction into your online node. Armory has a nice GUI to do this but I wouldn't trust it too much. Electrum.. wouldn't trust my main stack to be held by an Electrum wallet (too paranoid about the seed being derived somehow)

I wasn't aware that Armory had a GUI for offline signing. Any opinions here on Armory vs. Electrum? I use the latter, but I'd feel a lot more secure if I could do this with Core. Also, is it true that Electrum's seed might be easier to derive? What's the difference among the different HD wallets regarding seed security?

Im just not sure about the whole deterministic approach thing. I remember reading that it reduced overall entropy. Your seed could also be derived from a number of signatures.. I don't see how it's a good idea to have all these relationships between things and not just have private keys separated from each other like the old wallet.dat format?? at least for cold storage. Achow I think said that the HD format for Core is not bip32 and it's safer than Electrum but im not sure.

I don't know about Armory details but you can see a video in action here (offline transactions in Armory):

https://www.youtube.com/watch?v=ZGjL4BllFtM

And here how to do offline transactions in Electrum:

https://www.youtube.com/watch?v=DQumISxkJsQ

And here how to do offline transactions in Bitcoin Core:

https://www.youtube.com/watch?v=jWKuqP-zTFk


As you see it's harder with Core, but, if you can do it in the online node with the GUI, then pass the transaction into the offline node, sign it, then pass it back to the node, it could be done easier (with that extra step but it's worth the peace of mind of getting an ideal fee and getting things done in the GUI where it's harder to fuck it up than with crafting raw transactions)

[joaco]

I have a paper wallet for my savings in Ethereum and some ERC20 tokens I've in there. Then I have an address that I use with Metamask for some transactions I do weekly, not the best but it's ok for me.

All my Bitcoins are in a paper wallet with two copies carefully stored in secret and safe places. I won't sell or use them in any way for a long time, so that way is ok for me. Maybe in a while I create some new wallets and send all the Bitcoin there, in order to avoid problems with the paper. As I don't send bitcoins don't need hardware wallets or any kind of way to manage private keys to send transactions offline.

[cellard]

2) Having a paper wallet (encrypted with BIP38). The problem: You can easily lose a piece of paper.

Well, you could also make multiple copies of that piece of paper. Unlike cash, your bitcoins can be in multiple places at once, after all. Imagine losing your wallet on the subway, with all your cash in it, but wait! You have a backup at home! And a potential thief who finds the wallet can't access your cash without a password anyways.

But paper wallets, similarly to hardware wallets, are very recognizable objects (and it will be increasingly recognizable overtime), so a thieft will save it just in case, because he knows there's bitcoins in there, he can also force you reveal a password.

With a wallet.dat file you can put it in a generic usb, hide it well, and nobody would know you own BTC. You don't want some thieft to break into your house at night and then he finds out you have a ledger of a paperwallet, because he will beat you up until you say your password. If all they find is some USB it's harder for them to know it's bitcoin related.

[Games.Bitcoin]

I'm actually quite interested to learn more about the rationale behind making a particular choice in terms of offline storage, as far as I see in the end it boils down to what your comfortable with if anyone could correct this view if I'm wrong I'm open to hearing more?