Any risks I should think about?

[highfarmer]

I just want to take the chance to ask you bitcoin experts around here the a couple of question about this situation and if you know any risks that I should avoid.

The thing is this:

I have imported my old wallet on electrum. The balance is like it should, so it seems to be alright!
Now the plan is to transfer them to a market, or maybe store it on a hardware wallet. Eitherwise I will need to send them from the wallet. Are there any big risks you can come to think about?

I’ve heard that you should never transfer any amount lesser than the whole amount when you have imported a wallet, otherwise you might end with having the rest of the money ”disappearing”, is that correct? Never heard of it in reality but have read in a couple of discussions.

Anything else to keep in mind?

[hosseinimr93]

I’ve heard that you should never transfer any amount lesser than the whole amount when you have imported a wallet, otherwise you might end with having the rest of the money ”disappearing”, is that correct?

You can send any amount you want.
If you have imported a seed phrase, now you have a HD wallet and electrum will send the remaining balance to your change address.
If you have imported a single private key, electrum will send the remaining balance to the sending address (the address you imported using your private key)
In both cases, the remaining balance will be in your wallet and you will have full control over that.

[highfarmer]

I’ve heard that you should never transfer any amount lesser than the whole amount when you have imported a wallet, otherwise you might end with having the rest of the money ”disappearing”, is that correct?

You can send any amount you want.
If you have imported a seed phrase, now you have a HD wallet and electrum will send the remaining balance to your change address.
If you have imported a single private key, electrum will send the remaining balance to the sending address (the address you imported using your private key)
In both cases, the remaining balance will be in your wallet and you will have full control over that.

Ok, so the wallet adress and its private keys will stay the same, I can rely on the privatekey written down? I could even import it from a new computer if the old one got crashed and the wallet-files got destroyed?
Do you know where this roomers comes from? I mean that it is dangerous to just send a bit of the total amount when you import?

I have imported the whole thing with the private key.

[hosseinimr93]

Ok, so the wallet adress and its private keys will stay the same, I can rely on the privatekey written down? I could even import it from a new computer if the old one got crashed and the wallet-files got destroyed?

If you have imported your wallet using a single private key, your wallet includes a single address now. If you send any amount less than your total balance, your transaction will have two outputs. The first output will be the address which you are trying to send the fund to and the second output will be your own address. In other words, the change address will be same as the sending address.
So, the remaining balance will be in the address which you are sending the fund from and its private key is the only thing you will need to access your fund.

Do you know where this roomers comes from? I mean that it is dangerous to just send a bit of the total amount when you import?

You may lose your fund if you don't specify a change address.
As you are using electrum, there is nothing to worry about. Electrum will consider the sending address (or one of imported addresses, if there are more than one imported address) as the change address.

The thing you should pay attention to now is that, by sending a partial amount and sending the remaining balance to the sending address, you may damage your privacy.

[NotATether]

Ok, so the wallet adress and its private keys will stay the same, I can rely on the privatekey written down? I could even import it from a new computer if the old one got crashed and the wallet-files got destroyed?
Do you know where this roomers comes from? I mean that it is dangerous to just send a bit of the total amount when you import?

I have imported the whole thing with the private key.

It's perfectly safe to send a partial amount of your balance to another address. Perhaps you are thinking about those physical paper wallets for which you must scratch off a sticker to reveal a private key. Those are the kind of wallets for which the entire amount needs to be moved, because the private key now is visible on the paper wallet for anyone to see.

However, an electronic wallet will not reveal your private keys like this, as long as you encrypt it with a password and never write down your private keys. For those wallets it's alright to send a partial amount (including to other paper wallets).

[highfarmer]

Ok, so the wallet adress and its private keys will stay the same, I can rely on the privatekey written down? I could even import it from a new computer if the old one got crashed and the wallet-files got destroyed?
Do you know where this roomers comes from? I mean that it is dangerous to just send a bit of the total amount when you import?

I have imported the whole thing with the private key.

It's perfectly safe to send a partial amount of your balance to another address. Perhaps you are thinking about those physical paper wallets for which you must scratch off a sticker to reveal a private key. Those are the kind of wallets for which the entire amount needs to be moved, because the private key now is visible on the paper wallet for anyone to see.

However, an electronic wallet will not reveal your private keys like this, as long as you encrypt it with a password and never write down your private keys. For those wallets it's alright to send a partial amount (including to other paper wallets).

Ok, thank you for clearing that up!

Thank you for your answers, both of you!

The thing you should pay attention to now is that, by sending a partial amount and sending the remaining balance to the sending address, you may damage your privacy.

Oh, so someone can locate it when the transfer gets public?
But sending it all at once would get it impossible to someone else to steal it? They won't have the time to do that, right?

[ranochigo]

Oh, so someone can locate it when the transfer gets public?
But sending it all at once would get it impossible to someone else to steal it? They won't have the time to do that, right?

Thing with paper wallets is that they're different from desktop wallets which has a huge keypool and a wallet files which can contain up to thousands of keys for each. When you're spending from a paper wallet, the change has to go back to the same address as your paper wallet or the funds will be lost. Imagine the address of your paper wallet as X, your transaction will look like this:

X (0.002) -> Y (0.001)
               -> X (0.0005)
0.0005BTC fees

In that scenario, it's easy to identify that you're paying to Y and if there's any party interested to compromise your privacy that is easy.

To address your second question, it is still possible. Transactions are replaceable when flagged as opt-in RBF and/or the attacker enlist the help of a mining pool which will mine their replacement transaction (this is far more unlikely). The timeframe for this to happen is the time when you import your paper wallet into some desktop wallet for signing and when it gets the first confirmation, which is approximately 10 minutes, or more if you're unlucky and didn't pay enough fees.

To avoid this, I usually ask people to use the paper wallet on a computer with a freshly installed LiveCD. Yes, it isn't as secure as an airgapped computer but if you want to go that route, I would just suggest you to go for Electrum's airgapped wallet and not waste your time on a paper wallet.

[NotATether]

The thing you should pay attention to now is that, by sending a partial amount and sending the remaining balance to the sending address, you may damage your privacy.

Oh, so someone can locate it when the transfer gets public?
But sending it all at once would get it impossible to someone else to steal it? They won't have the time to do that, right?

Not for stealing, but partial payments that send the rest to the same addresses can be identified as you making the payment.

There are blockchain forensics companies such as Chainalysis who are making a profile of all bitcoin users by analyzing their transactions and one of the most common ways to know if the same person is making two different transactions is by checking if it sends the change to the same address. If it does (and does it many times), and the other transaction spends from that address and sends some back to itself, the forensics companies can identify the two sending addresses as belonging to the same person.

For example, Person 1's transactions:

 1.0BTC    0.6BTC                   0.5BTC     
bc1qxxx -----------> bc1qyyy -----------> bc1qzzz
   ^              A             |  ^        B                 |
    |          0.4BTC         |  |      0.1BTC            |
   +----------------------+ +---------------------+

Transaction A sends 0.6BTC from bc1qxxx to bc1qyyy. This is done by spending the 1BTC input in bc1qxxx and making two outputs of 0.6BTC and 0.4BTC in bc1qyyy and bc1qxxx respectively. This is the way wallets send money by default. Because it's the default way and most people will send transactions like that, forensics companies can identify that address bc1qxxx belongs to person 1 and bc1qyyy belongs to an unknown person.

When the forensics company sees transaction B, it sees one input of 0.6BTC from bc1qyyy and two outputs of 0.5BTC and 0.1BTC from bc1qzzz and bc1qyyy respectively. Again as this is the most common way people make transactions, the forensics firm can conclude that addresses bc1qxxx and bc1qyyy belongs to Person 1, and that bc1qzzz is an unknown address. Though if that were spent too, they can identify it as Person 1's address.

Now this is a weak assertion I made. It takes more than one (several actually) of these common transactions from the same address to definitely conclude it belongs to a person. Because for an address that's used only once, there is not enough information to assert that it's "a person's address".

I use the word person loosely here; it could also be a bot or script, and forensics firms can also correlate their transactions together.

And this is why using addresses only once is so effective, because it thwarts identification by blockchain forensics companies by denying them the ability to get more information. There are also services called mixers that scramble the relation between past and future transactions by using a more sophisticated form of single-address use.

[AB de Royse777]

I mean that it is dangerous to just send a bit of the total amount when you import?

With Electrum, you can easily send the remaining funds to your own address even if you do not want to send the remaining to another wallet. For example:

1. Imagine this your address, you have 1 BTC: bc1aaaa..........aaaaa
2. Address to send 0.2 BTC for any service or making a payment or moving funds: bc1xx..................xx

In the pay to box you will go like this:

Code:

bc1xx..................xx, 0.2
bc1aaaa..........aaaaa, !

After paying 0.2 and the fees whatever the amount will left, it will send back to address bc1aaaa..........aaaaa which was your input for the transection of course.

[HCP]

Do you know where this roomers comes from? I mean that it is dangerous to just send a bit of the total amount when you import?

The "rumours" came from actual instances where people lost coins because they did not understand how paper wallets, imported private keys and (most importantly) "change" worked... in some wallets.

The "common" way to "lose" coins was:

1. Create new wallet file
2. Import paper wallet private key to new wallet file
3. Spend partial amount... where "change" was returned to a completely new, randomly generated private key/address
4. Delete wallet file without making backup
5. Discover that your coins are no longer on your original private key/address

Essentially... instead of doing this:

OriginalAddress --|--> Recipient1
                          |--> OriginalAddress

Wallets were doing this:
OriginalAddress --|--> Recipient1
                          |--> NewChangeAddress

And users were not aware of "NewChangeAddress" and were not making records/backups of "NewChangeAddress" (and it's associated private key)... Then, in the future, they'd import the old OriginalAddress again, only to discover that it no longer had any coins.


NOTE: As noted by the other users, this is NOT a problem with Electrum... if you create an "imported wallet" (by importing private key(s) from a paper wallet)... it will only every have those imported private keys in it... it doesn't create new change addresses and any change generated by a transaction is sent back to the original address.

[bob123]

The thing you should pay attention to now is that, by sending a partial amount and sending the remaining balance to the sending address, you may damage your privacy.

Oh, so someone can locate it when the transfer gets public?
But sending it all at once would get it impossible to someone else to steal it? They won't have the time to do that, right?

No one can steal your coins, regardless of which of your addresses you use.

Further, if you don't already try to maintain a level of privacy, there is not much harm you can do.

Using the same address as a recipient / change address is fine.
It makes it easier for others to determine which is the "real" output and which is the change, nothing else.

All transactions are publicly visible anyways. Don't worry too much.