How do you manage your private keys to make transactions? (offline storage)

[Taras]

2) Having a paper wallet (encrypted with BIP38). The problem: You can easily lose a piece of paper.

Well, you could also make multiple copies of that piece of paper. Unlike cash, your bitcoins can be in multiple places at once, after all. Imagine losing your wallet on the subway, with all your cash in it, but wait! You have a backup at home! And a potential thief who finds the wallet can't access your cash without a password anyways.

But paper wallets, similarly to hardware wallets, are very recognizable objects (and it will be increasingly recognizable overtime),

Not necessarily. Look at how small they can be, such as the paper discs inside casascius coins. If it fits on that, can't you write it on the page of a book on your shelf? Books aren't immediately recognizable as money. What about a curtain rod? There's nothing stopping me from turning that into a wallet. Just stick some numbers in there where they can't be seen.

A lot of people make their paper wallets look like money because that's fun to do. It doesn't have to be that way.

[1715596499]

1715596499

[cellard]

2) Having a paper wallet (encrypted with BIP38). The problem: You can easily lose a piece of paper.

Well, you could also make multiple copies of that piece of paper. Unlike cash, your bitcoins can be in multiple places at once, after all. Imagine losing your wallet on the subway, with all your cash in it, but wait! You have a backup at home! And a potential thief who finds the wallet can't access your cash without a password anyways.

But paper wallets, similarly to hardware wallets, are very recognizable objects (and it will be increasingly recognizable overtime),

Not necessarily. Look at how small they can be, such as the paper discs inside casascius coins. If it fits on that, can't you write it on the page of a book on your shelf? Books aren't immediately recognizable as money. What about a curtain rod? There's nothing stopping me from turning that into a wallet. Just stick some numbers in there where they can't be seen.

A lot of people make their paper wallets look like money because that's fun to do. It doesn't have to be that way.

Good point. You could just put your paper wallet in the middle of a big fat book and it would be hidden pretty well. Im not sure about anything else tho. Any hardware wallets are still a problem and could be recognized during scans on airports.

If eventually the governments become extremely paranoid about Bitcoin, they may start looking for these on every border, so have that in mind. A generic USB or any other generic storage device is always better than a HW in this sense. The paper wallet hidden inside a book idea is also good (unless they start checking books too...)

All things considered, hardware wallets suck unless you are sure that nobody is going to find it, and nothing can guarantee that, which is why I advise against them, among other things such as having to trust that they are legit.

[Taras]

2) Having a paper wallet (encrypted with BIP38). The problem: You can easily lose a piece of paper.

Well, you could also make multiple copies of that piece of paper. Unlike cash, your bitcoins can be in multiple places at once, after all. Imagine losing your wallet on the subway, with all your cash in it, but wait! You have a backup at home! And a potential thief who finds the wallet can't access your cash without a password anyways.

But paper wallets, similarly to hardware wallets, are very recognizable objects (and it will be increasingly recognizable overtime),

Not necessarily. Look at how small they can be, such as the paper discs inside casascius coins. If it fits on that, can't you write it on the page of a book on your shelf? Books aren't immediately recognizable as money. What about a curtain rod? There's nothing stopping me from turning that into a wallet. Just stick some numbers in there where they can't be seen.

A lot of people make their paper wallets look like money because that's fun to do. It doesn't have to be that way.

Good point. You could just put your paper wallet in the middle of a big fat book and it would be hidden pretty well. Im not sure about anything else tho. Any hardware wallets are still a problem and could be recognized during scans on airports.

If eventually the governments become extremely paranoid about Bitcoin, they may start looking for these on every border, so have that in mind. A generic USB or any other generic storage device is always better than a HW in this sense. The paper wallet hidden inside a book idea is also good (unless they start checking books too...)

All things considered, hardware wallets suck unless you are sure that nobody is going to find it, and nothing can guarantee that, which is why I advise against them, among other things such as having to trust that they are legit.

Remember also that private keys can be encoded in many creative ways. For example, you can write some notes on the side of a page in a textbook, and then use that text as a private key. Chinese customs looks at the notes, and sees scholarly etchings, not a bitcoin key. When in reality you could have your savings stored in those notes.

[cellard]

2) Having a paper wallet (encrypted with BIP38). The problem: You can easily lose a piece of paper.

Well, you could also make multiple copies of that piece of paper. Unlike cash, your bitcoins can be in multiple places at once, after all. Imagine losing your wallet on the subway, with all your cash in it, but wait! You have a backup at home! And a potential thief who finds the wallet can't access your cash without a password anyways.

But paper wallets, similarly to hardware wallets, are very recognizable objects (and it will be increasingly recognizable overtime),

Not necessarily. Look at how small they can be, such as the paper discs inside casascius coins. If it fits on that, can't you write it on the page of a book on your shelf? Books aren't immediately recognizable as money. What about a curtain rod? There's nothing stopping me from turning that into a wallet. Just stick some numbers in there where they can't be seen.

A lot of people make their paper wallets look like money because that's fun to do. It doesn't have to be that way.

Good point. You could just put your paper wallet in the middle of a big fat book and it would be hidden pretty well. Im not sure about anything else tho. Any hardware wallets are still a problem and could be recognized during scans on airports.

If eventually the governments become extremely paranoid about Bitcoin, they may start looking for these on every border, so have that in mind. A generic USB or any other generic storage device is always better than a HW in this sense. The paper wallet hidden inside a book idea is also good (unless they start checking books too...)

All things considered, hardware wallets suck unless you are sure that nobody is going to find it, and nothing can guarantee that, which is why I advise against them, among other things such as having to trust that they are legit.

Remember also that private keys can be encoded in many creative ways. For example, you can write some notes on the side of a page in a textbook, and then use that text as a private key. Chinese customs looks at the notes, and sees scholarly etchings, not a bitcoin key. When in reality you could have your savings stored in those notes.

True, but if you are a Bitcoin Core user and you have all of your private keys on a wallet.dat file, you can't do that. You are going to need a device to store your wallet.dat file, so an USB seems like the best way to go. You could also encrypt your entire laptop, but beware, if you lose the password, it's game over. I lost a password for some encrypted drives with veracrypt, and I can't no longer access them.

You could just send your wallet.dat file to yourself in an email temporarily while you cross borders, just encrypt it and hide it well, it should be ok as a temporary measure.

I just don't trust BIP38 enough to have all of my BTC on there, so I need ways to keep wallet.dat safe.

[AGD]

2) Having a paper wallet (encrypted with BIP38). The problem: You can easily lose a piece of paper.

Well, you could also make multiple copies of that piece of paper. Unlike cash, your bitcoins can be in multiple places at once, after all. Imagine losing your wallet on the subway, with all your cash in it, but wait! You have a backup at home! And a potential thief who finds the wallet can't access your cash without a password anyways.

But paper wallets, similarly to hardware wallets, are very recognizable objects (and it will be increasingly recognizable overtime),

Not necessarily. Look at how small they can be, such as the paper discs inside casascius coins. If it fits on that, can't you write it on the page of a book on your shelf? Books aren't immediately recognizable as money. What about a curtain rod? There's nothing stopping me from turning that into a wallet. Just stick some numbers in there where they can't be seen.

A lot of people make their paper wallets look like money because that's fun to do. It doesn't have to be that way.

Good point. You could just put your paper wallet in the middle of a big fat book and it would be hidden pretty well. Im not sure about anything else tho. Any hardware wallets are still a problem and could be recognized during scans on airports.

If eventually the governments become extremely paranoid about Bitcoin, they may start looking for these on every border, so have that in mind. A generic USB or any other generic storage device is always better than a HW in this sense. The paper wallet hidden inside a book idea is also good (unless they start checking books too...)

All things considered, hardware wallets suck unless you are sure that nobody is going to find it, and nothing can guarantee that, which is why I advise against them, among other things such as having to trust that they are legit.

Remember also that private keys can be encoded in many creative ways. For example, you can write some notes on the side of a page in a textbook, and then use that text as a private key. Chinese customs looks at the notes, and sees scholarly etchings, not a bitcoin key. When in reality you could have your savings stored in those notes.

True, but if you are a Bitcoin Core user and you have all of your private keys on a wallet.dat file, you can't do that. You are going to need a device to store your wallet.dat file, so an USB seems like the best way to go. You could also encrypt your entire laptop, but beware, if you lose the password, it's game over. I lost a password for some encrypted drives with veracrypt, and I can't no longer access them.

You could just send your wallet.dat file to yourself in an email temporarily while you cross borders, just encrypt it and hide it well, it should be ok as a temporary measure.

I just don't trust BIP38 enough to have all of my BTC on there, so I need ways to keep wallet.dat safe.

- I have seen Veracrypt being unable to restore encrypted files several times (of course using the correct password). I wouldn't trust it with my money. I never had problems with GPG, so its my first choice.
- I use email as an additional backup for my double encrypted wallet.dat files. Crossing borders without a hassle is a nice side effect.

[Colorblind]

Another Idea to further protect your online wallet would be using P2HS addresses and store your funds on those. This way your funds won't be protected just with your private key but also by some logic that is executed on the blockchain. Simplest thing that came's to mind is to use some not-so obvious function of transaction inputs as a password that have to be added to spend funds. This way even if your key is leaked - your funds will most likely to be safe if you only leak private keys somehow.

[Teubwel]

There are three ways that I can think off to store your private keys safely (offline)

1) Having a hardware wallet (Trezor, Ledger, and so on). The problem: Having to trust their custom RNG

You can add a custom password aka seed extension. If its entropy source is something like dice rolls and it's 128-bits of entropy strong or stronger, even with a bad RNG on the Trezor, your funds are secure.

[pebwindkraft]

I thought it is possible to assemble a tx completely on live net, with the watch-only address.
Then you’d bring the unsigned tx to the cold storage machine, and sign it. Then bring it back to the online machine, and send it... this would remove the burden of manually playing with the in and outs.

Yeah this would be it. I remember reading someone claiming this was possible in the past but I don't know how the steps would look like.

So let's say I have a node online and synced with all my addresses added as watch-only, then the offline wallet in the airgapped computer (both are Bitcoin Core).

How do I make the transaction in the online node's wallet on the GUI as usual then pass it read on the offline machine to sign it with the offline private keys then back to the online node?

If I do the transaction as usual with the watch-only addresses with the ideal fee and all the inputs I want selected in "Coin Control", I can then do "dumprawtransaction" and then make a QR code of this, read it in the offline wallet, then what do I do with this?

I just want to know step by step to not fuck it up in the process.

I had spent some time with Bitcoin Core 0.16 in offline mode, and didn't get to succeed for different reasons. When looking into cold storage and Bitcoin Core, majority seems to talk about keys being offline. So far so good. When it comes to signing a transaction, that seems to be another issue. I stepped over this thread with a remarkable comment from Pieter:

https://bitcoin.stackexchange.com/questions/50924/new-bitcoin-core-0-13-2-as-cold-storage-wallet

I have meanwhile tried to creat a tx on an online system, transfer it to the cold storage system, and get it signed. I started easy, with a simple P2PKH transaction. When I brought this to the cold storage to sign with bitcoin 0.16.1, the bitcoin-cli signrawtransaction command would reply with missing link to previous transaction:

bitcoin-cli -regtest signrawtransaction 010000000164518c0612559b8...19cef8f75a8700000000
...
"error": "Input not found or already spent"

when I tried to provide it additional info, I had the same result:

bitcoin-cli -regtest signrawtransaction 010000000164518c0612559b8...19cef8f75a8700000000 '[{"txid": "'$UTXO_TXID'","vout": '$UTXO_VOUT',"scriptPubKey": "'$UTXO_ScriptPK'"}]' '["'$Src_PrivKey'"]'
...

I was wondering, how the system would check the details. As I am no C/C++ dev, I am not too eager to look into the code... But obviously the client verifies contents, to make sure only "valid" transactions go to the network. This is good user protection, and probably very positive.

I also did some tests with (non-multisig) P2SH and redeemscripts. I created a funding transaction on the live system, and wanted to spend the P2SH. So I had to sign on the cold storage system. Results are also unsuccessful. I tried:

bitcoin-cli -regtest signrawtransaction 0200000001cbfd553ee1a2018a155263f34b1ea3b25348ba9f063c1d5f92861fc1dd95a9aa00000 00000ffffffff0178b69a3b000000001976a914d7cb7ff474d67cc0763b941db49d26dd8ff6b914 88ac00000000 '''[{"txid": "'$UTXO_TXID'","vout": '$UTXO_VOUT',"scriptPubKey": "'$UTXO_ScriptPK'","redeemScript": "'$RedeemScript'"}]''' '''["'$Src_PrivKey'"]'''
...
"error": "Invalid OP_IF construction"

This INVALID OP_IF error happened to several versions of the created raw transactions and redeemscripts. It seems that bitcoind doesn't have enough info to add the signatures. This doesn't necessarily mean, the tx is invalid (one could manually add the sigs from a different program  ). As shown here, I can make a P2SH successful going through (just a hash comparison, without signatures):

https://bitcoin.stackexchange.com/questions/74753/htlc-hash-time-lock-contract-using-bitcoin-qt/74953#74953

From my experience, signing transactions offline with Bitcoin Core is not best way to go. And by this I don't mean to blame the core dev - au contraire! The design seems to go into user protection, and not fulfill dev's ("my") requirements.