Airgap wallet vs airgap pc

[Rmate]

Hello,
I would like to know how safe is the Airgap wallet if it is used on 2 devices. Basically 1 device its completely offline therefore acts as an airgap computer.  Of course there still is bluetooth and wifi but from what I know its harder to insert a malware in a phone and also the phone will stay on airplane mode all the time. Now , I am not an expert and I don't know how really these things work that's why I ask you.
Also can you tell me when you have to sign the transaction with the qr code is there any way the app can display the address you want to send but in fact the app is sending to another address? Or is there any way for a man in the middle to interfere with the app and steal the money even during the transaction or at any other time?

A hardware wallet is not really an option for me as it can pe tampered and I also don't trust ledger security because I've heard people complaining about them.
My second option would be an airgapped pc but I also heard there are ways to extract private key from that airgapped pc. Assuming that your airgapped pc was infected already with a malware it can send electromagnectic signals to an infected phone and steal that key. And I heard there are other ways too.
I am a bit confused and I don't really know coding but if someone who really knows about this can help me I would really appreciate.
Thanks in advance and all the best!

[1714670065]

1714670065

[1714670065]

1714670065

[1714670065]

1714670065

[1714670065]

1714670065

[o_e_l_e_o]

I would like to know how safe is the Airgap wallet if it is used on 2 devices.

When you say 2 devices, I am assuming you mean one device with the full wallet which is permanently airgapped, and one device with only a watch only wallet with no private keys which is connected to the internet. Such a set up is very safe, and if done correctly, one of the best ways to store your coins.

Also can you tell me when you have to sign the transaction with the qr code is there any way the app can display the address you want to send but in fact the app is sending to another address?

If your live wallet does send a different address via the QR code, then you will be able to see that on your airgapped wallet before signing the transaction. As long as you always double check things and don't just blindly sign everything, then your coins will remain safe.

Assuming that your airgapped pc was infected already with a malware

Whatever device you are using as your airgapped device should first be airgapped and then completely formatted and have a clean OS installed on it. That way you can be sure there is no pre-existing malware.

[Rmate]

Thanks for reply,
Yes when I say 2 devices I mean 1 phone having the app Airgap vault which does have the private key.
The other phone would have the Airgap Wallet installed which would send the transaction by QR code and then I sign it with the airgapped phone (airgap vault app).
1. question here (maybe very stupid question for you but I cant find a logic answer in my mind): I downloaded the app and right after that I went in airplane mode . After being in Airplane mode I configured the Airgap Vault on the phone and received the 24 words seed phrase along with the recovery key and I also created my cryptocoins addresses. Now my questions is , since I ve done all of this completely offline how will the blockchain know about my address and private key? I don't understand how something that was created on an airgapped device completely out of the world can be a part of the blockchain which only exists online, I think . Now I am afraid to send the money to that address because I don't know if it should've been done while I was still online or the way I did it was the right way to do it.
I want to mention that for security I reset the phone to factory and connected it to a safe network(as it can be these days) to be sure there is no malware. But still, the only way to have the app installed was to connect it to a network therefore it was not airgapped, reset and never went online . This way I think malwared could have come either from the network , or from the app itself I suppose... Would be a better idea to transfer the files through bluetooth , sd card or anything else ?

2.About the airgap pc , I've read that when you send the transaction to the airgap pc you can also have the malware that's why would be better to use unwritable usb or cd's and destroy after every use. But if the malware is there it can send information through various ways: Electromagnetic,Acoustic,Thermal,Optical. What can it be done to be secured 100% against these methods in the case you take the malware .

3.My concern is that trough these methods they can take maybe more easily the private key from a phone. Or maybe not because you don't have to send the transaction physically therefore there is no possibility for malware infestation unless it was there before first setup. Am I right? In this case 2 phones using qr codes would make it safer than an airgapped pc?

4.My last question is , if I use the phone as an Airgapped device should I try to destroy bluetooth/wifi/antennas hardware (if there is any way) or is it safe to leave it as it is? I don't know if there is a way for the hacker to disable my airplane mode and making my phone go online to steal my private key.

Sorry if I sound too dumb but I am a very curious person and also want to have the best security possible. I also do have friends that use crypto and sometimes they rely on my advices as they are more novice than me and I want to be able to give them the best solutions to keep their money safe.

Thank you very much for your time!
 

[o_e_l_e_o]

since I ve done all of this completely offline how will the blockchain know about my address and private key?

The network will never know your private key - that's the whole point of doing it all offline. In terms of your address - every address already exists. I can send coins to any valid address at any time, regardless of whether or not someone has already generated it in their wallet.

Now I am afraid to send the money to that address because I don't know if it should've been done while I was still online or the way I did it was the right way to do it.

Doing it online would completely negate the whole point of an airgapped wallet. What you have done so far is correct.

Would be a better idea to transfer the files through bluetooth , sd card or anything else ?

This is what I would do. Format device, keep it airgapped in airplane mode, transfer app on via an SD card.

What can it be done to be secured 100% against these methods in the case you take the malware .

Preventing physical access to your house would be enough to protect against most of them, but such methods of attack are incredibly rare and incredibly difficult. You would have to be a very specific target of some very technical criminals to have to be concerned about these attack vectors.

In this case 2 phones using qr codes would make it safer than an airgapped pc?

There are too many variables to definitively say one is better than the other. I like an airgapped computer running a clean install of Linux and using full disk encryption, but two phones using QR codes is still a good set up.

if I use the phone as an Airgapped device should I try to destroy bluetooth/wifi/antennas hardware (if there is any way) or is it safe to leave it as it is?

If you can physically remove the relevant hardware than that is better than simply disabling it. That is part of the reason I prefer using a computer, as it is far easier to remove the hardware than on a phone. You might find the connectivity hardware to be embedded in to various boards and near impossible to remove or destroy without affecting the phone's normal functioning.

[ranochigo]

After being in Airplane mode I configured the Airgap Vault on the phone and received the 24 words seed phrase along with the recovery key and I also created my cryptocoins addresses. Now my questions is , since I ve done all of this completely offline how will the blockchain know about my address and private key? I don't understand how something that was created on an airgapped device completely out of the world can be a part of the blockchain which only exists online, I think . Now I am afraid to send the money to that address because I don't know if it should've been done while I was still online or the way I did it was the right way to do it.

Blockchain doesn't have to know your address or anything. Addresses are not stored in the Blockchain and is just a derivation of your ECDSA public key, together with some additional information. You absolutely do not have to be online for this. Addresses are never "registered" with any central authority or stuff. In fact, when you're generating an address, you're just generating an ECDSA key pair on the secp256k1 curve which has a random 256bit number which is incredibly big. The probability of another individual generating the exact same key is astronomically low.

I want to mention that for security I reset the phone to factory and connected it to a safe network(as it can be these days) to be sure there is no malware. But still, the only way to have the app installed was to connect it to a network therefore it was not airgapped, reset and never went online . This way I think malwared could have come either from the network , or from the app itself I suppose... Would be a better idea to transfer the files through bluetooth , sd card or anything else ?

I don't know about the app that you're using. I would never use a phone as an airgapped set up. Unless you sideload the application using APK or something similar with prior validation, there is a good chance that you've accidentally downloaded a malicious version of the intended app. I'm not sure what's the probability of this happening but I've seen plenty of those fake apps on Google Play recently.

2.About the airgap pc , I've read that when you send the transaction to the airgap pc you can also have the malware that's why would be better to use unwritable usb or cd's and destroy after every use. But if the malware is there it can send information through various ways: Electromagnetic,Acoustic,Thermal,Optical. What can it be done to be secured 100% against these methods in the case you take the malware .

Hardware wallets are specifically designed to reduce such signatures and if you're paranoid about that, you have to use a hardware wallet. There is no way around it.

As to whether the malware can copy information from the offline computer, I'm not aware of any viruses that are as advance as this. I'll say that there is a fairly low chance as such malware would be fairly complex to be able to achieve such a feat by exploiting the vulnerabilities within the signing app and having it to execute a malicious code as well. I don't consider that as a huge risk.

3.My concern is that trough these methods they can take maybe more easily the private key from a phone. Or maybe not because you don't have to send the transaction physically therefore there is no possibility for malware infestation unless it was there before first setup. Am I right? In this case 2 phones using qr codes would make it safer than an airgapped pc?

You can use QR codes as a transfer medium using airgapped PCs as well. IMO, given the relatively small number of mobile users as compared to desktop wallet, I wouldn't see their level of security to one that would rival Electrum, Bitcoin Core and other desktop wallets.

4.My last question is , if I use the phone as an Airgapped device should I try to destroy bluetooth/wifi/antennas hardware (if there is any way) or is it safe to leave it as it is? I don't know if there is a way for the hacker to disable my airplane mode and making my phone go online to steal my private key.

If you're paranoid, then you should.

If you're inexperienced with cold storage set up, I would strongly dissuade you from pursuing such implementations. They are fairly confusing and complex for the average newbies and could result in unnecessary problems and headaches. In the case of Ledger, for which other than the database blunder, has been performing fairly well, it's a good HW wallet. If you're scared about the wallets being tampered, you should be scared about the bootloader/firmware of your phones being tampered as well. I wouldn't be surprised if there's some sort of intentionally inserted backdoor, though Apple has publicly refused but who knows? If you want a more open wallet, try using ColdCard.

I cannot recommend you to use phones as cold storage unless you know what you're doing. There is no way a phone could achieve the level of security that a hardware wallet can provide. If you have the money to spend and want to avoid headaches, go for hardware wallet.

If you still want to do this, consider using Electrum's method instead. It's quite a proven and tested method.
https://electrum.readthedocs.io/en/latest/coldstorage.html

[Rmate]

If you're inexperienced with cold storage set up, I would strongly dissuade you from pursuing such implementations. They are fairly confusing and complex for the average newbies and could result in unnecessary problems and headaches. In the case of Ledger, for which other than the database blunder, has been performing fairly well, it's a good HW wallet. If you're scared about the wallets being tampered, you should be scared about the bootloader/firmware of your phones being tampered as well. I wouldn't be surprised if there's some sort of intentionally inserted backdoor, though Apple has publicly refused but who knows? If you want a more open wallet, try using ColdCard.

I cannot recommend you to use phones as cold storage unless you know what you're doing. There is no way a phone could achieve the level of security that a hardware wallet can provide. If you have the money to spend and want to avoid headaches, go for hardware wallet.

If you still want to do this, consider using Electrum's method instead. It's quite a proven and tested method.
https://electrum.readthedocs.io/en/latest/coldstorage.html

There are people that had problems with HW wallets. A few days ago a guy lost 386 eth and he is not the only one. The problem I see with HW wallets is that you have to connect it to pc which can't be airgapped. I know that you need to physically approve but he said that he's done everything properly and he is not the only one. Another guy tried to connect after 4-5 months to check his account but at that time there were problems with the ledger and he couldn't see the balance. After a while (couple of months from what I remember) he checked again to see the balances and seen that it was a transfer made exactly the day he checked the acount (few months before). If the phone its tampered it stays offline anyway so I think its better with a phone/pc because you never connect it, only use it for signing. On the other hand the ledger has to be connected, therefore there is always a chance for new malware to come in. Maybe today there are no malwares that exist to steal your money from the ledger but because you connect it every time you have the chance that someone creates a malware that is bypassing the ledger rules. Idk, as I said I really dont know coding but I kind of use my logic and it seems that ledger is not better than airgap device even if the device it's a phone.
About the part of being hard and giving me headaches I don't really care, I like to learn and trust me that if I lose the money there would be no higher headache than that ) . I love to get headaches that I can deal with than headaches than you can do nothing about.

Thanks all for replies and taking your time to explain it to me.
Wish you all the best!

[tbct_mt2]

[Guide] Secure air-gapped crypto wallet storage method
How to Install Tails OS on USB flash drive for Wallet Purpose. It is not airgap but help you to protect your private keys from threats when you need to use a public computer.

[hatshepsut93]

My second option would be an airgapped pc but I also heard there are ways to extract private key from that airgapped pc. Assuming that your airgapped pc was infected already with a malware it can send electromagnectic signals to an infected phone and steal that key. And I heard there are other ways too.

4.My last question is , if I use the phone as an Airgapped device should I try to destroy bluetooth/wifi/antennas hardware (if there is any way) or is it safe to leave it as it is? I don't know if there is a way for the hacker to disable my airplane mode and making my phone go online to steal my private key.

It's much more likely to have a malware that just turns on the turned off network connection, rather than executing some sophisticated side-channel attacks. Also, stealing private keys and sending them to a remote server is just one way a malware can steal your coins - it could also try to inject its own addresses to your wallet, tamper with your RNG, try to replace the recipients address in transactions that you send. The point of airgap is not to just prevent malware from sending your private keys, the point is to prevent any malware from reaching such system.

[o_e_l_e_o]

Unless you sideload the application using APK or something similar with prior validation

If you don't do this, then your wallet isn't permanently airgapped, since you've had to connect to the internet to download the app. If using Electrum like you suggest, then download the .apk to a computer, verify it, and then transfer to your phone via SD card.

There is no way a phone could achieve the level of security that a hardware wallet can provide. If you have the money to spend and want to avoid headaches, go for hardware wallet.

I would argue that everyone who bought a Ledger is having a huge headache with the leak of their personal data and wish they had used an old mobile right now. If you encrypt your wallet on the device and encrypt the device (as most modern phones do automatically when you turn them off) the level of security is still more than adequate.

-snip-

On the flip side, there has never been a proven remote attack against a Ledger device which did not require user error, such as someone signing a malicious transaction without paying attention to what they were doing. The whole point of a hardware wallet is that the computer you connect it to doesn't need to be airgapped - the private keys never leave the device. Although, given both the recent hack and Ledger's approach to it, I would definitely not recommend buying a Ledger. An airgapped cold storage set up is the best way to store your coins right now.

[ranochigo]

I would argue that everyone who bought a Ledger is having a huge headache with the leak of their personal data and wish they had used an old mobile right now. If you encrypt your wallet on the device and encrypt the device (as most modern phones do automatically when you turn them off) the level of security is still more than adequate.

Well... Yeah I guess there's a point to be made there. My POV is that yes, they did mess up and that was a pretty bad incident on Ledger's part but hardware wallet still remains an attractive alternative. To be fair, whatever happened doesn't undermine the benefits that a hardware wallets has. Being designed specifically to store Bitcoin securely and making it as 'KISS' as possible does make the user experience that much better. Perhaps not Ledger but perhaps those that has done appropriate security measures or have practiced better opsec would've eliminated the risks of this happening, using a PO box, reshippers address, fake name, neighbour's house etc. I guess people don't really think about preserving their privacy when it comes to things like this. If you want a hardware wallet that's easy to use, transparent and airgapped, then use ColdCard.

I've had pretty bad experiences with mobile wallets initially which is why I never looked back. AFAIK, most are not that userfriendly when a user wants to use it as a cold storage that would be resemble at least an Electrum/Bitcoin Core/most desktop hardware wallets. I personally found it quite insecure to be using phones and would very much prefer LiveCDs instead. They will provide more security than a normal desktop wallet but I found the more well known ones quite limited in terms of capabilities and most of them seems to be less audited.