jonald_fyookball (OP)
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
March 03, 2014, 11:42:45 PM |
|
Hi, I have electrum and seems easy enough to send/receive.
Electrum website says: Cold Storage: You can have secure offline wallets and still safely spend from an online computer.
What are the steps to do this?
thanks!
Jonald
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3682
Merit: 1580
|
|
March 04, 2014, 01:04:18 AM |
|
|
|
|
|
jonald_fyookball (OP)
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
March 04, 2014, 05:35:05 AM |
|
Thanks! Wow this looks pretty darn secure. Is there any way coins could be stolen if this approach was used?
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3682
Merit: 1580
|
|
March 04, 2014, 11:16:02 AM |
|
Thanks! Wow this looks pretty darn secure. Is there any way coins could be stolen if this approach was used?
Malware could get to the offline PC via the USB stick. It would have to be malware that runs when you put the USB stick into the computer i.e. malware that exploits an OS vulnerability. Otherwise you are not really running any executable files off the USB stick. All you'll be doing is opening, closing and saving text files.
|
|
|
|
jonald_fyookball (OP)
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
March 05, 2014, 03:30:37 AM |
|
Are you saying malware on the offline PC could cause it to change the recipient while you are signing it? Cause I don't see how any other way malware would be a prob on the offline PC here....and if so, Wouldn't that be able to be detected visually?
|
|
|
|
btcbot
|
|
March 05, 2014, 05:41:27 AM Last edit: March 05, 2014, 04:36:45 PM by btcbot |
|
You really can't be sure - that's why I only access my cold storage Electrum from a Tails USB drive. I've installed Electrum on a persistent drive within the Tails system. https://tails.boum.orgI use my usual computer. Unplug the ethernet cable. Reboot into Tails and voila...
|
Don't tip me... tip the Riseup folks who protect activists around the world.
|
|
|
Abdussamad
Legendary
Offline
Activity: 3682
Merit: 1580
|
|
March 05, 2014, 03:47:24 PM |
|
Are you saying malware on the offline PC could cause it to change the recipient while you are signing it? Cause I don't see how any other way malware would be a prob on the offline PC here....and if so, Wouldn't that be able to be detected visually?
Malware could encrypt (with the malware author's password) and embed the offline wallet's seed within the transaction so that when you broadcast the transaction you would also be broadcasting the encrypted seed. The malware author could then read the seed from the blockchain, decrypt it and steal your bitcoins.
|
|
|
|
jonald_fyookball (OP)
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
March 06, 2014, 02:23:54 AM |
|
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3682
Merit: 1580
|
|
March 06, 2014, 02:53:26 AM |
|
LOL don't worry! It's highly unlikely we will see such sophisticated malware in the wild anytime soon. You asked the question so I thought I'd show you one extreme scenario.
|
|
|
|
jonald_fyookball (OP)
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
March 13, 2014, 05:46:06 PM |
|
Is there any slight possibly that a wallet would FAIL to regenerate from a correctly stored/typed seed? If not, is there any reason to keep the wallet file on the offline computer at all? (It seems safest to delete electrum entirely if the coins are going into deep cold storage, and just have a watch-only wallet from online computer along with the seed memorized/stored safely.
|
|
|
|
btcbot
|
|
March 13, 2014, 06:22:03 PM |
|
Is there any slight possibly that a wallet would FAIL to regenerate from a correctly stored/typed seed? If not, is there any reason to keep the wallet file on the offline computer at all? (It seems safest to delete electrum entirely if the coins are going into deep cold storage, and just have a watch-only wallet from online computer along with the seed memorized/stored safely.
Not to be rude to the great dev team here, but this happened to me TODAY. It turned out to be a bug in 1.9.6, when I loaded the unsigned transaction on my offline Tails Electrum - it couldn't find the address and failed silently. Fixed by an update - but it was a little scary!
|
Don't tip me... tip the Riseup folks who protect activists around the world.
|
|
|
jonald_fyookball (OP)
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
March 13, 2014, 08:45:23 PM |
|
Is there any slight possibly that a wallet would FAIL to regenerate from a correctly stored/typed seed? If not, is there any reason to keep the wallet file on the offline computer at all? (It seems safest to delete electrum entirely if the coins are going into deep cold storage, and just have a watch-only wallet from online computer along with the seed memorized/stored safely.
Not to be rude to the great dev team here, but this happened to me TODAY. It turned out to be a bug in 1.9.6, when I loaded the unsigned transaction on my offline Tails Electrum - it couldn't find the address and failed silently. Fixed by an update - but it was a little scary! hmmmm well thats good it was fixed..i wasnt talking about loading transactions, just restoring the wallet itself from a seed.
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3682
Merit: 1580
|
|
March 14, 2014, 01:40:33 AM |
|
Is there any slight possibly that a wallet would FAIL to regenerate from a correctly stored/typed seed? If not, is there any reason to keep the wallet file on the offline computer at all? (It seems safest to delete electrum entirely if the coins are going into deep cold storage, and just have a watch-only wallet from online computer along with the seed memorized/stored safely.
Yes you can do that. Write down the seed on a piece of paper. Delete the wallet. Practice restoring it. Once you are confident you have it down pat you can delete the wallet permanently.
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3682
Merit: 1580
|
|
March 14, 2014, 01:43:56 AM |
|
Is there any slight possibly that a wallet would FAIL to regenerate from a correctly stored/typed seed? If not, is there any reason to keep the wallet file on the offline computer at all? (It seems safest to delete electrum entirely if the coins are going into deep cold storage, and just have a watch-only wallet from online computer along with the seed memorized/stored safely.
Not to be rude to the great dev team here, but this happened to me TODAY. It turned out to be a bug in 1.9.6, when I loaded the unsigned transaction on my offline Tails Electrum - it couldn't find the address and failed silently. Fixed by an update - but it was a little scary! In older versions you had to nudge electrum to generate addresses beyond the gap limit. I can understand how it might be scary, though.
|
|
|
|
jonald_fyookball (OP)
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
March 14, 2014, 01:58:40 AM |
|
very cool. Thank you Abdussamad.
This is a great feeling, knowing my coins are secure in cold storage now.
Are you part of Electrum dev team?
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3682
Merit: 1580
|
|
March 14, 2014, 04:30:21 AM |
|
very cool. Thank you Abdussamad.
This is a great feeling, knowing my coins are secure in cold storage now.
Are you part of Electrum dev team?
No, I'm not.
|
|
|
|
btcbot
|
|
March 14, 2014, 05:44:47 AM |
|
Is there any slight possibly that a wallet would FAIL to regenerate from a correctly stored/typed seed? If not, is there any reason to keep the wallet file on the offline computer at all? (It seems safest to delete electrum entirely if the coins are going into deep cold storage, and just have a watch-only wallet from online computer along with the seed memorized/stored safely.
Not to be rude to the great dev team here, but this happened to me TODAY. It turned out to be a bug in 1.9.6, when I loaded the unsigned transaction on my offline Tails Electrum - it couldn't find the address and failed silently. Fixed by an update - but it was a little scary! In older versions you had to nudge electrum to generate addresses beyond the gap limit. I can understand how it might be scary, though. I exaggerate a bit, but being offline so I can't look up how to increase the gap limit in the console was problematic. I also, had made a big deal in my mind of it being the first time I'd restored my seed entirely from memory, so there were a few 'aw...'. In any case, Electrum truly is a very impressive system.
|
Don't tip me... tip the Riseup folks who protect activists around the world.
|
|
|
Leogheo
Member
Offline
Activity: 93
Merit: 10
|
|
March 14, 2014, 09:23:52 AM |
|
How to make offline transactions using your Master Public Key:
Get an offline computer. This can be a physical device or a separate installation on your current computer. I would advice a Debian installation with encrypted home folder for extra security.
[Offline PC] Install Electrum via a USB-Key. [Offline PC] Create a new wallet. Write down the seed and memorize it, after which you should probably destroy the seed or keep it safe in a lockbox. [Offline PC] Go to Settings -> Import/Export and copy your "Master Public Key" and put it in a text file on your USB-Key. [Online PC] Install Electrum and select Restore in the dialog box shown on the first start up, use the "Master Public Key". [Online PC, existing Electrum installation] See below how to make Electrum to restore or open alternative, non-default, wallet.
You now have an online wallet where you can check your balances and give out new addresses, but you can't however spend the coins. So if an attacker would be able take over your online computer your coins can't be lost.
To make a transaction do the following:
[Online PC] Go to the send tab and make a transaction. Instead of sending it, Electrum will detect a seedless wallet and query for a location to save the transaction. Select your USB-Key. [Offline PC] Go to Settings -> Import/Export -> "Load raw transaction". Select your transaction from the USB-Key. It will detect it's not signed and will prompt you to do so now. Fill in your password and sign the transaction. Save the new, signed, transaction to your USB-Key. [Online PC] Go to Settings -> Import/Export -> "Load raw transaction". Select the signed transaction and it will ask you if you want to broadcast it.
|
|
|
|
AussieHash
|
|
June 17, 2014, 12:09:26 PM |
|
Is it possible to sign the 'seedless' transaction via a QR code, without breaching the air gap with a USB drive ?
|
|
|
|
bitbaby
|
|
June 17, 2014, 12:18:30 PM |
|
You know I couldn't understand this raw transaction, watch wallet etc mumbo jumbo, so here is what I did, installed electrum on an offline machine, which never ever comes online, it doesn't even knows what google looks like. I created bunch of addresses. got their keys and saved them on that computer itself and on other usbs (they also never go online).
Send my coins to one of those addresses and they're secure and when I feel the need to perform a transaction, install electrum on an online computer, let it sync, import the key to the address who has the bitcoins. send to whomever I need to send. for ex. I have 1 Btc and I need to send someone 0.1 Btc. I send 0.1 to him and the rest of coins I send to myself to the other address which again hasn't seen the lights of the day. And never ever use the old address again.
And I feel it's pretty secure.
|
|
|
|
|