Typing the seed - How safe is it?

[HCP]

can I just copy the private keys form electrum into ledger nano,
instead of sending the bitcoins to it, to avoid fees?
Or is that the worst way to to it?

No, you can't do that... Ledger Nano does not have the ability to import private keys because, as you have already guessed, it is indeed the worst way to do it...

The entire premise of a hardware wallet, is that the seed and private keys are only ever generated/stored within the device itself (aside from your offline/paper backup of the 24 word backup phrase). If you take a seed or keys that were generated elsewhere, and import them into your hardware wallet, there is no way of knowing if that seed or private keys were potentially exposed since they were created.

Fees are currently relatively cheap in the 10sats/byte range... don't risk your coins for the sake of a couple of bucks worth of fees!

[Abdussamad]

If your computer is 100% clean, there should be no issue doing it. HOWEVER, and it's a big however, would you really risk your funds? Seeds should only be typed once; to recover a wallet and sweep it into another safe one; discarding said seed for security reasons.

There is no law prohibiting you from re-using a "burnt" seed, but same question again; would you really risk your funds over a slim chance of losing them?

Answering your last question; you can move funds on electrum without typing the seed again, you only need the wallet file and the password. If you don't have any or one of those, you'll have to type the seed to restore the wallet (and moving the funds out of there ASAP).

to create a new wallet you have to type the new seed in again. it's a part of the wallet creation process. so you can't get away from typing the seed in.

[Csmiami]

----

But you actually can. Hardware wallets don't require typing them (IIRC), and if you are using electrum, you could just type the first letter of the word and click the right word on the suggested word list. If an attacker had some spyware on you, he'd only have the initial letter of each word, and getting the right seed from that is a close to imposible task.

[bob123]

But you actually can. Hardware wallets don't require typing them (IIRC)

Trezor (don't know which models exactly) require to type in the mnemonic code into your PC to actually restore it on your hardware device.
However, the words get shuffled, which makes it not trivial to gain access to the correct mnemonic code (24! = 6.2 * 10²³) possibilities.

and if you are using electrum, you could just type the first letter of the word and click the right word on the suggested word list. If an attacker had some spyware on you, he'd only have the initial letter of each word, and getting the right seed from that is a close to imposible task.

If you type the first letter, there are only a few possibilities left.
So it mathematically should be quite easy to recover the correct mnemonic code with only ~4-10 possible words per position.
 
And further, if your computer is compromised, you should also assume that the attacker sees everything you do. This includes mouse movement.

[o_e_l_e_o]

If you type the first letter, there are only a few possibilities left.
So it mathematically should be quite easy to recover the correct mnemonic code with only ~4-10 possible words per position.

How did you arrive at 4-10 words per position? Given that there are 2048 words in the BIP39 word list, then there are on average 2048/25 = 81.92 words beginning with each letter, since it does not use any words beginning with "x". 81²⁴ is 6.36*10⁴⁵, which is still outwith the realms of brute forcing. You could get very unlucky and have a seed phrase with 3 or 4 words each beginning with under-represented first letters such as "y" and "z", but I still don't think it would bring the overall difficulty down enough to be able to be brute forced.

If you consider the first two letters of each word, then your range is between 1 and 48, with words beginning with "re" being the most common. That would potentially be breakable depending on the precise words in your seed phrase.

[bob123]

How did you arrive at 4-10 words per position?

By miscalculating by the factor 10 in my head.

It indeed seems to be somewhat the same order of magnitude as 24 words in an unknown order.
Nonetheless, this is quite irrelevant in the case when a secret has to be entered on a (potentially) compromised computer. Especially when the input is being processed by a software wallet instead of a hardware wallet.

[Mankov]

Thank you all for the helpful informations!

My Eelectrum-Wallet-Dat-Files are created in 2019,
how long are they usable in newer electrum versions?
Or are they never run out of compatibility?

And how likely is it that somebody can load
the dat files from an inactive usb-stick or external
harddrive without connecting it to a computer?

Because I heard that there are possibilitys to load files
from computer which is switched off.  
Maybe I should delete all my wallet-dat-files and just
have the seed?

[bob123]

My Eelectrum-Wallet-Dat-Files are created in 2019,
how long are they usable in newer electrum versions?
Or are they never run out of compatibility?

They should always be usable.
Of course no one can guarantee what will happen in the future. But you will always be able to simply download an older version of electrum which works with your current wallet file to export the private keys or sign transactions.

And how likely is it that somebody can load
the dat files from an inactive usb-stick or external
harddrive without connecting it to a computer?

This sounds a little bit like sci-fi to me.
I personally never heard of a practical attack vector where someone can "load" data from a flash memory without accessing it physically.

I mean, you wouldn't need to connect it to a computer.. but you definitely would need to connect it to a device.

Because I heard that there are possibilitys to load files
from computer which is switched off. 
Maybe I should delete all my wallet-dat-files and just
have the seed?

You can simply use encryption. Electrum offers you to encrypt your wallet file.
That's sufficient in your case.

If you however don't need your wallet on your computer, you are free to delete it.
Physically storing the mnemonic code is sufficient in this case.

[Mankov]

Ok. Yes I`ve protected the wallet-files with a good password.
What happens If someone would steal the wallet-files,
is it possible to brutforce the passwords?

[bob123]

Ok. Yes I`ve protected the wallet-files with a good password.
What happens If someone would steal the wallet-files,
is it possible to brutforce the passwords?

It depends on your password.

Did you choose a 4 char password? Then yes.
Did you choose a 12 char password with numbers only? Then yes.
Did you choose a 40 char password which is a common phrase (e.g. from a book)? Then yes.
Did you choose a somewhat random password with either at least 12-15 chars (letters only) or 10+ chars using letters, numbers and special characters? Then no, it can't be efficiently bruteforced.

[khaled0111]

Thank you all for the helpful informations!

My Eelectrum-Wallet-Dat-Files are created in 2019,
how long are they usable in newer electrum versions?
Or are they never run out of compatibility?

When you import an old wallet file into a new version of Electrum, it will be converted to the newest format. However, new wallet files can't be read by older versions of Electrum (in case they use different formats).
https://github.com/spesmilo/electrum/blob/master/RELEASE-NOTES
This is why it is always adviced to download the latest version and save your wallet's seed somewhere safe.

[HCP]

Trezor (don't know which models exactly) require to type in the mnemonic code into your PC to actually restore it on your hardware device.
However, the words get shuffled, which makes it not trivial to gain access to the correct mnemonic code (24! = 6.2 * 10²³) possibilities.

Yeah... on the Trezor ONE, you have to enter via the recovery process on the PC: https://wiki.trezor.io/User_manual:Recovery__T1#Recovery_process

It does only require entering 1 char and will provide a dropdown list of words to select from etc... and in a random word order.

They also have the "advanced recovery" process where you can click in a 9x9 box (similar to the PIN entry) to "type" the word by selecting an incrementally more specific letter sequence... The example they use is entering the word "Heavy", where you select: "H-L" --> "HA-HE" --> "HEA" --> "heavy"... which helps obfuscate things even more: https://wiki.trezor.io/User_manual:Advanced_Recovery