Newbie question about cold storage electrum wallet: how secure my method is?

[butka]

As a beginner in the world of bitcoin, I wanted to ask the more experienced members of this forum how secure my cold storage method for keeping bitcoin is.

This is something I picked up on the internet, while searching for an affordable but relatively secure solution. I know that hard wallets are supposed to be super secure (or at least majority of people think so), but the up-front investment was too much for me at this time.

The method I am describing below is based on this guide http://docs.electrum.org/en/latest/coldstorage.html but I have no idea if I'm doing everything right.

For this, I basically used 2 electrum wallets and 2 computers.

Computer A + Wallet A --> for cold storage, always disconnected from internet
Computer B + Wallet B --> for broadcasting transactions and as "watching-only wallet"

So here it goes:

1) Set up computer A: In my case, this was an old laptop nobody uses any more to be used as cold storage.

2) Install electrum A: Here I installed electrum, just the way one would normally do. After installing it, but before creating my wallet, I disconnected the network. I decided never to connect it to internet again. I even turned off the wireless connection in the BIOS, so that there's no back door that could potentially be exploited.

3) Create wallet A: Now I created my NEW cold storage wallet A. Then I exported its Master PUBLIC Key (MPK), and stored it in a file on a USB stick, so I can transfer it to computer B.

4) Install electrum B on computer B: This is my normal computer that I use every day, always connected to the internet. Here I installed electrum again, but I didn't create any new wallets.

5) Import MPK on computer B, wallet B: This time, rather than creating new wallet, I imported the Master Public Key of wallet A, and created a " watching-only wallet".

So far so good, everything seems to work great.

In particular I can watch my funds, knowing that electrum B wallet doesn't contain my private keys.

The only downside to this approach (that I can see on my own) is that there's a little bit of hustle when I have to make a transaction.

It goes like this:

Create my transaction as unsigned on wallet B -->save it on USB stick --> transfer to computer A --> import in wallet A --> sign the transaction by wallet A --> save the signed transaction on USB --> transfer back to computer B --> open by watching wallet B --> broadcast by wallet B.

Now to my question again: how secure do you think this is? Is this juggling with files and USB's something that could pose a danger? For example, is it possible that I somehow transfer a virus via USB to my cold storage computer? Any suggestions to improve on this solution? Thanks.

[1713999188]

1713999188

[1713999188]

1713999188

[1713999188]

1713999188

[Xynerise]

Windows version of Electrum doesn't support QR codes, or it'd be easier than using a USB stick all the time.

[butka]

Does that mean that this could work with QR codes on 2 linux computers?

[Xynerise]

Does that mean that this could work with QR codes on 2 linux computers?

If you want to read QR codes, yes.
Scan the QR code from the offline computer with the online one.

[butka]

If you want to read QR codes, yes.
Scan the QR code from the offline computer with the online one.

Thanks for the advice. That would be much easier than dealing with a USB stick.

[Abdussamad]

The risk of a USB virus is always there. Apart from that you're good.

[butka]

Thanks for the reassurance, Abdussamad. I will try to implement the QR codes of the linux electrum wallet, as suggested by Xynerise, to try to deal with that last possible back door.

[pooya87]

when we say "cold storage" it doesn't mean a wallet that is offline. that is an incomplete definition. instead Cold Storage means a wallet that (1) was created in a safe environment and (2) will remain in a safe environment. your wallet A was not made in a safe environment because your computer was connected to the internet before.
imagine an operation room in a hospital, the doctor doesn't just run in the room wishing he doesn't contaminate anything then go wash up and wear those special clothes.
what you need to do is to format that laptop of yours for wallet A, install a fresh Operating System (i prefer Linux here) and then install the wallet. in the installation step i prefer to transfer the wallet files (.tar.gz file) to it instead of downloading it directly from the internet but you can do that here but only this.
(note that you should remember to verify the signature of the tarball here)

the QR thing that was suggested is very good.

The only downside to this approach (that I can see on my own) is that there's a little bit of hustle when I have to make a transaction.

another part of the cold storage definition that is omitted is that this wallet is your cold wallet not hot wallet, a cold wallet is where you store funds that you don't want to use every day. for example if you want to buy some BTC and store it for 1 year you do that. but if you want to have some funds that you buy stuff with from shops you use a hot wallet (like a wallet on your cell phone or desktop) instead.
it is like the difference between putting your money in a savings account in a bank or having some money in your back pocket. you don't put a million dollar there, you have a couple of bucks there and your million dollar is in bank.

[butka]

when we say "cold storage" it doesn't mean a wallet that is offline. that is an incomplete definition. instead Cold Storage means a wallet that (1) was created in a safe environment and (2) will remain in a safe environment...
... another part of the cold storage definition that is omitted is that this wallet is your cold wallet not hot wallet, a cold wallet is where you store funds that you don't want to use every day.

I see. I shouldn't use that terminology, that is, "cold storage". Especially given my use of USB, which violates the definition of it each time. Thanks for pointing that out.

your wallet A was not made in a safe environment because your computer was connected to the internet before.

In fact, I thought of that myself, that my wallet A could have been contaminated before, while computer A was still connected to the internet.
But here's my logic.
Even if computer A was compromised before wallet A was installed, say, even if there was a virus, what could it do?
It could steal my private key, but there's no network to transmit it. Wouldn't I still be safe?

[ranochigo]

In fact, I thought of that myself, that my wallet A could have been contaminated before, while computer A was still connected to the internet.
But here's my logic.
Even if computer A was compromised before wallet A was installed, say, even if there was a virus, what could it do?
It could steal my private key, but there's no network to transmit it. Wouldn't I still be safe?

Probably. The worst case scenario would be that the virus managed to create an address that was somehow predictable and your addresses are weakened. I've never heard of any virus that is able to do this though so take that as a hypothetical scenario.

If anything, you should be using a Raspberry Pi with Raspbian. Linux are pretty hard to have malware on it, especially if its a computer that you probably wouldn't use. It costs 35 bucks and its easy as hell to setup. I've done it in an hour.

[butka]

The worst case scenario would be that the virus managed to create an address that was somehow predictable and your addresses are weakened. I've never heard of any virus that is able to do this though so take that as a hypothetical scenario.

Aha, I would have never thought of that!

If anything, you should be using a Raspberry Pi with Raspbian. Linux are pretty hard to have malware on it, especially if its a computer that you probably wouldn't use. It costs 35 bucks and its easy as hell to setup. I've done it in an hour.

Thanks. Point taken about Linux, also in combination with Raspberry Pi. Next on my to do list.

And thank you all for helping me understand new tips and tricks about how to keep my wallet more secure.

[bob123]

Is this juggling with files and USB's something that could pose a danger? For example, is it possible that I somehow transfer a virus via USB to my cold storage computer?

This definetely can be a danger to your cold storage.
Every single interaction/interface between your cold wallet and your online-connected device poses a danger.

The worst case scenario would be that the virus managed to create an address that was somehow predictable and your addresses are weakened.

This would require to download a malicious version of electrum (with a smaller key space) or it would require the malware to somehow influence the entropy of electrum before the wallet is created.
This is one of the less-probable versions of a malware one would encounter.

[butka]

(note that you should remember to verify the signature of the tarball here)

This would require to download a malicious version of electrum (with a smaller key space) or it would require the malware to somehow influence the entropy of electrum before the wallet is created.

The signature of the tarball was something I definitely didn't bother to check. Even though I downloaded the wallet from the electrum website, phishing/malware can never entirely be ruled out, right? To have a piece of mind (in view of the potentially malicious versions of electrum) checking the signature should be a must. Thanks.

[HCP]

Definitely a must... A simple read through of the various threads here claiming that "Electrum stole my Bitcoin" shows numerous cases of users who are "100% sure" they downloaded a legit version from the "official" site...

Only to actually look at their download history and discover they got it from Electrumwallet.com or electrumonline.com or electrumsource.com or some other scam clone site.

The only way to be 100% sure your copy is legit is to check the digital signature of the download. The scammers can't fake that!

[pooya87]

additional to visiting the wrong or malicious Electrum website you can never know whether Electrum.org (the real website) is compromised or not. for all you know, when YOU download the wallet a hacker might have hacked the website 10 seconds ago and replaced the files with his own malicious versions.

which it also means that it is a good idea to check and see if you are really getting the real Public Key of the real author (Thomas V). like asking on the forum (0x2BD5824B7F9470E6), checking Github (https://github.com/spesmilo/electrum/blob/master/pubkeys/ThomasV.asc)

[butka]

additional to visiting the wrong or malicious Electrum website you can never know whether Electrum.org (the real website) is compromised or not. for all you know, when YOU download the wallet a hacker might have hacked the website 10 seconds ago and replaced the files with his own malicious versions.

which it also means that it is a good idea to check and see if you are really getting the real Public Key of the real author (Thomas V). like asking on the forum (0x2BD5824B7F9470E6), checking Github (https://github.com/spesmilo/electrum/blob/master/pubkeys/ThomasV.asc)

Great point. But, just for the sake of argument, what's the possibility of this forum or Github being hacked?

[ranochigo]

Great point. But, just for the sake of argument, what's the possibility of this forum or Github being hacked?

Very very high. This forum was hacked many many times, through bugs or exploit or just good ol' social engineering on their host. The last serious incident was with the compromise of Bitcointalk's host and the user data were stolen.

Github was also compromised IIRC.

If someone have enough resources, compromising a website is relatively easy. If you don't verify your downloads through the PGP key, then you cannot assume ThomasV has validated it or it is authentic.

[pooya87]

additional to visiting the wrong or malicious Electrum website you can never know whether Electrum.org (the real website) is compromised or not. for all you know, when YOU download the wallet a hacker might have hacked the website 10 seconds ago and replaced the files with his own malicious versions.

which it also means that it is a good idea to check and see if you are really getting the real Public Key of the real author (Thomas V). like asking on the forum (0x2BD5824B7F9470E6), checking Github (https://github.com/spesmilo/electrum/blob/master/pubkeys/ThomasV.asc)

Great point. But, just for the sake of argument, what's the possibility of this forum or Github being hacked?

i agree with @ranochigo, i just want to add a little thing about Web of Trust [1]. the way using PGP should really be like is that you build a WOT of your own. for example you start from somewhere, lets say you know me personally so you meet me face to face and get my PGP pubkey and then go home and add it to your trusted signatures. then some day you want to install Electrum and since i have been around a long time and i know for a fact what the right pubkey of Electrum dev is, you ask me to confirm it. then what i do is that i sign 0x2BD5824B7F9470E6 with my PGP private key and give you the signature to verify with my public key that you already had. now your WOT is grown a little more.

[1] https://en.wikipedia.org/wiki/Web_of_trust

[tublo]

As a beginner in the world of bitcoin, I wanted to ask the more experienced members of this forum how secure my cold storage method for keeping bitcoin is.

This is something I picked up on the internet, while searching for an affordable but relatively secure solution. I know that hard wallets are supposed to be super secure (or at least majority of people think so), but the up-front investment was too much for me at this time.

The method I am describing below is based on this guide http://docs.electrum.org/en/latest/coldstorage.html but I have no idea if I'm doing everything right.

For this, I basically used 2 electrum wallets and 2 computers.

Computer A + Wallet A --> for cold storage, always disconnected from internet
Computer B + Wallet B --> for broadcasting transactions and as "watching-only wallet"

So here it goes:

1) Set up computer A: In my case, this was an old laptop nobody uses any more to be used as cold storage.

2) Install electrum A: Here I installed electrum, just the way one would normally do. After installing it, but before creating my wallet, I disconnected the network. I decided never to connect it to internet again. I even turned off the wireless connection in the BIOS, so that there's no back door that could potentially be exploited.

3) Create wallet A: Now I created my NEW cold storage wallet A. Then I exported its Master PUBLIC Key (MPK), and stored it in a file on a USB stick, so I can transfer it to computer B.

4) Install electrum B on computer B: This is my normal computer that I use every day, always connected to the internet. Here I installed electrum again, but I didn't create any new wallets.

5) Import MPK on computer B, wallet B: This time, rather than creating new wallet, I imported the Master Public Key of wallet A, and created a " watching-only wallet".

So far so good, everything seems to work great.

In particular I can watch my funds, knowing that electrum B wallet doesn't contain my private keys.

The only downside to this approach (that I can see on my own) is that there's a little bit of hustle when I have to make a transaction.

It goes like this:

Create my transaction as unsigned on wallet B -->save it on USB stick --> transfer to computer A --> import in wallet A --> sign the transaction by wallet A --> save the signed transaction on USB --> transfer back to computer B --> open by watching wallet B --> broadcast by wallet B.

Now to my question again: how secure do you think this is? Is this juggling with files and USB's something that could pose a danger? For example, is it possible that I somehow transfer a virus via USB to my cold storage computer? Any suggestions to improve on this solution? Thanks.

You can try Bitkey: https://github.com/bitkey/bitkey and https://bitkey.io/.

[butka]

i agree with @ranochigo, i just want to add a little thing about Web of Trust [1]. the way using PGP should really be like is that you build a WOT of your own. for example you start from somewhere, lets say you know me personally so you meet me face to face and get my PGP pubkey and then go home and add it to your trusted signatures. then some day you want to install Electrum and since i have been around a long time and i know for a fact what the right pubkey of Electrum dev is, you ask me to confirm it. then what i do is that i sign 0x2BD5824B7F9470E6 with my PGP private key and give you the signature to verify with my public key that you already had. now your WOT is grown a little more.
[1] https://en.wikipedia.org/wiki/Web_of_trust

This is new to me. If I understand this concept correctly, it should eliminate the need to trust an abstract website and its security setup. Rather, I could trust a real person that I know, or even better several individuals to verify that I have, e.g., an authentic electrum wallet. Has this concept been accepted to date? I mean, do you people use it when installing sensitive software from the internet?

You can try Bitkey: https://github.com/bitkey/bitkey and https://bitkey.io/.

I haven't really heard about bitkey before. Is there a widespread use of it? Again I ask this question because of trust. For electrum, I can be pretty sure that (due to its widespread use) its source code has been thoroughly vetted before. So I just have to trust the signature. Sure, as you indicated, there's the source code of bitkey, but how many people have gone through the code to check it?

On the other hand,  bitkey seems to be similar to tails, which I have been considering to use as a form of more secure linux. How different bitkey is with respect to tails?