Electrum Private Keys in Hardware Memory

[Sidney986]

When signing offline transaction are the private keys at any point stored in hardware memory unencrypted as the transaction is signed?

I ask because I want to do the following without exposing my private keys to hardware memory.

1 Boot Windows normally
2 Run BTC Electrum and create btc transanction while online.
2 save file to memory card to sign the transaction offline
3 On same computer Boot trial version of linux on memory card that can be written to.
4 Run Electrum and sign the transaction, reboot and transmit on same computer via windows online.

Note, I wont be typing in seed keys or private keys.  Just importing the saved electrum wallet file that contains those signing keys to sign the file.

Hope this is understandable.

I could do this on an air gapped computer but have problems with that one.  So this is the alternative.  That's why I need to be sure as Electrum signes the file that no unencrypted private keys are stored in the computers hardware as I will be going back online with same computer to broadcast the transaction.

[1715180038]

1715180038

[1715180038]

1715180038

[1715180038]

1715180038

[1715180038]

1715180038

[HCP]

When signing offline transaction are the private keys at any point stored in hardware memory unencrypted as the transaction is signed?

Yes, the keys have to, at some point, be "unencrypted", otherwise the system could not possibly use them to sign the transaction.

That's why I need to be sure as Electrum signes the file that no unencrypted private keys are stored in the computers hardware as I will be going back online with same computer to broadcast the transaction.

Theoretically, after a "hard" restart (ie. power disconnected), the RAM should be, for all intents and purposes, "wiped"...

As far as I'm aware, outside of "lab test" type conditions where you can deep freeze the RAM modules and preserve their state for a few minutes after power is removed, there isn't really a viable "attack" to retrieve the contents of RAM once the machine is depowered.

Or did you mean "persistent" memory like HDD/SDD? If so, that shouldn't be an issue as the private keys are only kept in RAM for the absolute minimum required amount of time, they're not stored on disk unencrypted unless your wallet file has no password.

[AB de Royse777]

It's better if you use two device. One will be offline completely.

Device A: Online
Device B: Offline
And a USB stick.

Take Electrum client to Device B.
Install Electrum and create your desire wallet. Write down the seeds (use creativity¹), if needed, make few copies and store them in different place. Have one with you.
Once the wallet is ready, get the Public Master Key and restore the wallet in Device A.
Delete the wallet from Device B. You only restore when you need to sign a transaction and then again delete it. You do not need to have the copy in an electronic device since you have the seeds with you.

Using  device A, you can create transactions and export them to the USB stick so that you can sign the files from device B. Once signed from device B then take the signed file to device A and broadcast it.

¹You can trick others very easily. For example when you write down the words you can change the orders which you only know or you can miss some words again you will only know the missing words. The sky is your limit.

I hope this helps.

[pooya87]

the keys are going to be loaded in memory to compute the signatures (among other things cryptographically) but usually the cryptography code sets the memory and then after it is done computing it resets it first and then moves on. like this for example:

Code:

memset(myarray, 0, sizeof(myarray));

so the same place in RAM will contain all zeros in the end.

on an online system the risk is having a malware that would steal your keys as you enter your password and simply empties the wallet file without needing to look at memory for keys, when you use an airgap system then there is no risks and there is no persistence anymore.

[nc50lc]

2 Run BTC Electrum and create btc transanction while online.

I take that you meant "Run Watch-only Electrum". Otherwise, using a dual boot system will be useless.

-snip-

Additionally, this is why the user will be prompted to re-enter their password everytime the wallet needs the keys.
Because it'll never save the password and keys after signing a transaction/decrypting a wallet it even in RAM.

[Sidney986]

2 Run BTC Electrum and create btc transanction while online.

I take that you meant "Run Watch-only Electrum". Otherwise, using a dual boot system will be useless.

-snip-

Additionally, this is why the user will be prompted to re-enter their password everytime the wallet needs the keys.
Because it'll never save the password and keys after signing a transaction/decrypting a wallet it even in RAM.

Yes.  Step two is a watch only wallet for creating the transactions.

So from what I have read, i'm reasonably safe as linux will have no online connection, unlikely to have maleware and the memory will be written with zero's and wiped when shutdown.

Thanks for the clarfication.

[Sidney986]

It's better if you use two device. One will be offline completely.

Device A: Online
Device B: Offline
And a USB stick.

Take Electrum client to Device B.
Install Electrum and create your desire wallet. Write down the seeds (use creativity¹), if needed, make few copies and store them in different place. Have one with you.
Once the wallet is ready, get the Public Master Key and restore the wallet in Device A.
Delete the wallet from Device B. You only restore when you need to sign a transaction and then again delete it. You do not need to have the copy in an electronic device since you have the seeds with you.

Using  device A, you can create transactions and export them to the USB stick so that you can sign the files from device B. Once signed from device B then take the signed file to device A and broadcast it.

¹You can trick others very easily. For example when you write down the words you can change the orders which you only know or you can miss some words again you will only know the missing words. The sky is your limit.

I hope this helps.

Yes, that is what I normally do but I leave the wallet file on the linux os that is booted from the memory card.

[o_e_l_e_o]

i'm reasonably safe as linux will have no online connection, unlikely to have maleware and the memory will be written with zero's and wiped when shutdown.

Provided you are careful not to make any mistakes, then this set up will be fairly safe. Make sure Linux remains permanently offline - if you have an ethernet cable then unplug it, and if you can physically unplug your WiFi card then even better. I also would use separate USB sticks - one for saving the unsigned and signed transactions to for transferring between OSs, and a second with your Linux distro and full Electrum wallet on it. That way the full wallet file (although hopefully password protected) is never exposed to an internet connected OS or environment.

[Sidney986]

i'm reasonably safe as linux will have no online connection, unlikely to have maleware and the memory will be written with zero's and wiped when shutdown.

Provided you are careful not to make any mistakes, then this set up will be fairly safe. Make sure Linux remains permanently offline - if you have an ethernet cable then unplug it, and if you can physically unplug your WiFi card then even better. I also would use separate USB sticks - one for saving the unsigned and signed transactions to for transferring between OSs, and a second with your Linux distro and full Electrum wallet on it. That way the full wallet file (although hopefully password protected) is never exposed to an internet connected OS or environment.

Thanks, thats what I do except I never log in when in Linux OS as I dont want to go through the process of removing and reinstalling wifi card from notebook each time. I understand that I have to be very careful using this method.

[HCP]

You probably don't need to remove the WiFi card, as you should actually be able to just disable the networking within Linux OS to make it impossible for it to even go online. This is why "Tails OS" is so popular and useful for this, as it has the "No Network" option built in to the boot menu.

It should be possible to achieve something similar with other Distros... what Linux distro were you going to use?

[bob123]

There is not a single memory, but multiple.

The private keys will get exposed to the main memory (RAM) and the processor caches.
However, the way you proposed it, they won't get exposed to the permanent memory (your hard drive).

This setup is relatively same. Better than your regular windows desktop wallet, since a "simple" infection of windows won't compromise your private keys.
More sophisticated malware however (e.g. rootkits) might still be able to compromise your setup.

If you are not storing tens of thousands of dollars (if you would, you shouldn't use that setup anyway), you don't need to worry about targeted attacks and therefore are pretty fine.