Electrum Air Gapped Setup Versus Hardware Wallet

[ps1234]

The cost of a hardware wallet is not excessive, given the price of bitcoins. I'm looking to choose an approach.

I've read about the Electrum setup of a watching wallet online combined with a wallet holding the private keys, on an air-gapped computer.

If this is correctly set up, is the hardware wallet inherently more secure?

For example, if I compare the 2 approaches, how do the 2 setups compare if:

- Hardware failure?

- Malicious attacks?

While the hardware vendor client database can be hacked, allowing criminals to come knocking on my door, can the same happen with Electrum?

Also, looking longer term, what would be the consequences of developers ceasing to maintain Electrum?

Should I also export my private keys, in addition to the seed phrase (with appropriate safety and storage precautions)?

What other criteria should I consider?

I'd appreciate any advice from the experts.

[1714043750]

1714043750

[1714043750]

1714043750

[1714043750]

1714043750

[ranochigo]

If this is correctly set up, is the hardware wallet inherently more secure?

I'm compelled to say yes. Hardware wallets are specifically designed to be secure with convenience at the expense of their price tags. There are also hardware wallets which are able to be airgapped efficiently just like what you can do with Electrum. The only problem that I can see is with the leaks like Ledger's, telling everyone that you own a hardware wallet. I don't send any HW wallet to my residential address so that's fine with me.

- Hardware failure?

Similar. Both can be imported into another wallet easily.

- Malicious attacks?

Hardware wallets are mostly hardened against side channel attacks which most computers are not designed specifically for. The secure element present in some of them also prevents people from brute forcing or extracting the seeds out of the hardware wallet in the event that it gets stolen. AFAIK, some has limited attempts which will brick the entire device once that threshold is reached and thus making brute forcing pins ineffective.

While the hardware vendor client database can be hacked, allowing criminals to come knocking on my door, can the same happen with Electrum?

No.

Also, looking longer term, what would be the consequences of developers ceasing to maintain Electrum?

Nothing. You can extract the private keys from the HD seed generated with Electrum very easily and just import it into another wallet. It's open source as well so I highly doubt that it would just stop development and not create a fork from it and someone else taking the helm

Should I also export my private keys, in addition to the seed phrase (with appropriate safety and storage precautions)?

No. The 12 word seeds is all you need. You can of course do that but you'll be having to secure more things and have to continually update that list if you use your wallet frequently.

[Charles-Tim]

If this is correctly set up, is the hardware wallet inherently more secure?

No, electrum cold wallet is also very secure and safe, if done correctly, both are safe and secure. Also, electrum in that form is a cold wallet while the other electrum is a watch-only wallet. You need to be careful of your computer not to have malware that can attack your hardware wallet during bluetooth connection for transaction signing. While I still believe more in electrum cold wallet signing with QR code generating from the watch-only which is malware resistant. Although, we still need to totally do all necessities to avoid malware.

Hardware failure?

All you need to protect is your BIP39 seed phrase, ones you have it properly backup against damages and attackers, and safe from loss. You can import the seed phrase on another hardware wallet or BIP39 supported wallet which will generate back private keys, addresses, bitcoin and other fund balance immediately.

Malicious attacks?

About malacious attacks, there are some vulnerabilities reported in some reputed hardware wallets, while also they can be attacked if your wallet extension device (the computer you use to access it) is having malware. An example is the malware that changes recipient's address to hackers address, that is why you need to check and recheck the address you inputed before sending. The malware can be trasmited through the USB while QR code is still resistant to such which is safest for transaction signing.

While the hardware vendor client database can be hacked, allowing criminals to come knocking on my door, can the same happen with Electrum?

There are some ways to buy hardware wallet avoid your information being given. You can read the link below for that.

[GUIDE] How to buy a Hardware Wallet the right way

About electrum wallet cold storage, electrum wallet can not be connected to your email, home addresses and the likes, I will prefer to make use of electrum cold wallet. But read the guy above for how to buy hardware wallet appropriately to be able to buy hardware wallet without it linking to your information.

Also, looking longer term, what would be the consequences of developers ceasing to maintain Electrum?

I do not think electrum wallet will cease to exist because it is well supported and developed by Bitcoin developers. But if there is any doubt, know that electrum wallet is an open source wallet, it has a tool you can also use to generate the master private keys and private keys which you can be imported on other reputed Bitcoin wallet.

Should I also export my private keys, in addition to the seed phrase (with appropriate safety and storage precautions)?

You do not need to, ones you know the seed phrase that can be used to generate the private keys using some tools if need be. Like the link I posted above for electrum and iamcoleman for BIP39 seed phrases.

What other criteria should I consider?

Protect your seed phrase, do not let it lost, do like three backup that will make you to be able to access it anytime you want and also do all that are compulsory to make it impossible for attackers to steal.

[ranochigo]

You need to be careful of your computer not to have malware that can attack your hardware wallet during bluetooth connection for transaction signing. While I still believe more in electrum cold wallet signing with QR code generating from the watch-only which is malware resistant. Although, we still need to totally do all necessities to avoid malware.

An air-gapped is not malware resistant. It is possible to infect an airgapped wallet though transferring information from an air gap is hard. Hardware wallets are not susceptible to malware attacks. They are designed to not be compromised through any malware as the private keys should never leave the device.

About malacious attacks, there are some vulnerabilities reported in some reputed hardware wallets, while also they can be attacked if your wallet extension device (the computer you use to access it) is having malware. An example is the malware that changes recipient's address to hackers address, that is why you need to check and recheck the address you inputed before sending. The malware can be trasmited through the USB while QR code is still resistant to such which is safest for transaction signing.

An important note, hardware wallet attacks are often fairly sophisticated, save for a few of the less developed ones. They often take advantage of any sidechannel vulnerabilities which can be evasive or costly and often comes after loads of research. In comparison, the main protection against any attacks is the airgap and the airgap only. Hardware wallets are designed to resist any malware attacks and would be alright to be connected to a computer infected with malware.

Hardware wallets would always have a confirmation before signing such that the user is aware of the addresses that is in the transaction. The similar case can be made for an air gapped wallet if the user doesn't check the transaction properly.

[Charles-Tim]

An air-gapped is not malware resistant.

Yes, you are right. I did not generally mean air-gapped wallets, like the hard drive ones that can still be vulnerable to malware attack while online during transaction. But, I mean electrum wallet making use of QR code for signing which I believe is more malware resistant. But, bluetooth can also be used instead of QR code, which I believe is not as malware-resistant if compared to QR code type. Just an opinion, I am all ears to correction.

[o_e_l_e_o]

I'm going to disagree with the post above and say that I prefer airgapped cold storage to hardware wallets. There have just been too many issues with hardware wallets in the last few years, from the database hack you mentioned through to unpatchable vulnerabilities allowing extraction of seed phrases, for me not to believe there are not other vulnerabilities or issues which exist but either have not yet been discovered or have not yet been disclosed. My feeling is that a properly set up, permanently airgapped device, using whole disk encryption, is safer than a hardware wallet, but I concede that such a set up is significantly more complicated than using a hardware wallet, and much more prone to user error. The side channel attacks mentioned are not high up on my list of possible attack vectors since my airgapped device is only ever used in a sealed room inside my house with no one else around, all curtains drawn, no webcams, etc.

Another big question to ask yourself is portability. There is no denying that a hardware wallet is far better than airgapped cold storage when it comes to carrying it around with you and transacting on the go.

[ps1234]

Thanks for those responses.

I am not clear if the Electrum seed phrase can be used directly in other BIP39 wallets.

I entered the Electrum seed for a wallet I just created in "The Electrum Mnemonic Seed Tester" tool, and it gives the same private keys as created in the wallet.

So, if I wanted to swap to another wallet (not Electrum) would I need to use the above tool as an intermediate step?

Also, if I went down the Electrum air gap route I would go through the following steps:

1. Prepare the air gap pc using a dedicated laptop, with a LAN, WiFi, Bluetooth etc disabled in the BIOS.

2. Instal a fresh copy of Windows 10 from a Microsoft DVD onto the laptop, checking that all networking is disabled.

3. On an online PC, do virus and malware checks, format a USB and download Electrum onto the USB, checking the signature.

4. Transfer the USB to the air gap laptop, and instal, with wallet encryption.

Would this be secure enough?

Portability is not high on my list.

[o_e_l_e_o]

I am not clear if the Electrum seed phrase can be used directly in other BIP39 wallets.

It cannot. Electrum uses their own system for creating seed phrases which is slightly different to the BIP39 system. You can read their motivation for doing so here: https://electrum.readthedocs.io/en/latest/seedphrase.html#motivation. There are one or two wallets which will accept Electrum seed phrases, but the majority of wallets will not. However, the way Electrum turns seed phrases in to addresses is still common knowledge and very easy to do. Any piece of open source BIP39 software could be changed to work with Electrum phrases with a few very small modifications. You do not have to worry about Electrum ceasing to exist in the future and you having no way of restoring access to your coins.

So, if I wanted to swap to another wallet (not Electrum) would I need to use the above tool as an intermediate step?

You could use the above tool to extract the private keys to individual addresses and then use those private keys to sweep the funds, yes. There are also a number of other ways you could do this.

Also, if I went down the Electrum air gap route I would go through the following steps:

I would use an open source OS, such as Linux distro of your choice, rather than any version of Windows. Also make sure you format the computer before installing any fresh OS on it. If you can physically remove the WiFi, ethernet, etc. hardware rather than just disabling it, then even better.

[ranochigo]

There have just been too many issues with hardware wallets in the last few years, from the database hack you mentioned through to unpatchable vulnerabilities allowing extraction of seed phrases, for me not to believe there are not other vulnerabilities or issues which exist but either have not yet been discovered or have not yet been disclosed.

Other than the database hack, I don't think having the vulnerabilities is too much of an issue. Most of the vulnerabilities involves sophisticated equipment to glitch the firmware and seems like it came after hours of intensive research to discover. There's nothing much to research on for airgaps wallets because there isn't any incentives to do so. Of course, side channel attacks is not an issue for most but you can never really get too paranoid as well. Kind of helps that their competitors are always trying to hack each other's device as well.

1. Prepare the air gap pc using a dedicated laptop, with a LAN, WiFi, Bluetooth etc disabled in the BIOS.

2. Instal a fresh copy of Windows 10 from a Microsoft DVD onto the laptop, checking that all networking is disabled.

3. On an online PC, do virus and malware checks, format a USB and download Electrum onto the USB, checking the signature.

4. Transfer the USB to the air gap laptop, and instal, with wallet encryption.

Would this be secure enough?

My air-gapped storage before I started to use a HW wallet involves a Raspberry Pi which is much cheaper than even an old laptop. I'd check the signature on the airgapped wallet instead of the online computer, it's not the target computer to run the wallet after all.

[pooya87]

I'd say it is partly a matter of preference.
I personally prefer to do things myself so I always go with the air gapped setup using Electrum and a Linux distro offline. That is also because I don't want to put my trust in a company and their product. As Leo said above there have been issues with hardware wallets and they do have vulnerabilities.
But it may not be easy for others to do the same, after all creating a secure cold storage is not easy. It is also harder to spend from this setup than it is to spend from a hardware wallet.

[dkbit98]

There is no universal answer here and it depends if you are newbie, average user or tech expert.

Your own setup can be very safe if you are advanced user, BUT I would never recommend anyone to use AirGapped setup if you are newbie and just getting to know how Bitcoin works.
It is complicated for average users and there are to many steps in the process that with one small mistake can result in losing or locking your coins forever.
There are so many horror stories with people overcomplicating things like this and I heard Andreas Antonopoulos speaking how people are sending him messages about this all the time.
Jameson Lopp for example is using both options and he tried and used almost all hardware wallets.

Having hardware wallets is good enough for average users BUT I would only choose open source option and I would never buy and order them with my real name, address or phone number, to avoid future leaks.

[o_e_l_e_o]

Most of the vulnerabilities involves sophisticated equipment to glitch the firmware and seems like it came after hours of intensive research to discover.

I don't disagree with you, but the fact that these vulnerabilities keep popping up with some regularity means there is a not-insignificant chance that there are more as of yet unknown or undisclosed vulnerabilities, perhaps one or two of which are much easier to exploit.

Depends on how you transfer unsigned transaction from online computer and signed transaction from airgapped computer. Using USB drive is easiest option, but i have concern the USB drive could infected with Windows virus/malware.

I would say that using two webcams is easier than using USBs, and although it is more costly if you do not currently own two webcams, it is also much safer. Saving transactions to file, copying them to and from USB drives, importing them from file, etc., is much more time consuming than just clicking "Display as QR Code" and pointing a camera at the screen.


If you do choose to go with a hardware wallet OP, I would always advocate using a strong and random passphrase (or perhaps several for plausible deniability), and for maximum security opting to enter it manually on the device each time you want to use it, as opposed to storing it on the device which some wallets will allow you to do.

[ps1234]

There is no universal answer here and it depends if you are newbie, average user or tech expert.

Your own setup can be very safe if you are advanced user, BUT I would never recommend anyone to use AirGapped setup if you are newbie and just getting to know how Bitcoin works.
It is complicated for average users and there are to many steps in the process that with one small mistake can result in losing or locking your coins forever.

I would say that I'm a newbie/average user.

But the steps in https://electrum.readthedocs.io/en/latest/coldstorage.html#coldstorage seem to be well described. Following it step by step appears to be straightforward. Receiving BTC is the same whether Electrum is air-gapped or not.

Because of the extra step of signing the transaction on the air gapped wallet, it's not as easy nor as quick to spend BTC, as using a hardware wallet, or a non-airgap setup.

But I think if we are considering an air gap solution, it's because we are dealing with non-trivial value. In which case, care and time are amply repaid, and outweigh speed or convenience.

[pooya87]

Because of the extra step of signing the transaction on the air gapped wallet, it's not as easy nor as quick to spend BTC, as using a hardware wallet, or a non-airgap setup.

Keep in mind that you can always create and use multiple types of wallets for different purposes and each with a different amount. Let's say you have 10BTC:
1. Paper wallet storing 6BTC for long term HODL and not touched for years
2. Air gapped Electrum storing 3BTC as a cold storage that can be accessed if needed
3. Hardware wallet storing 1BTC as a safe but quickly accessible wallet that could be carried around (eg. when traveling)
4. Hot wallet on desktop or mobile storing 0.05BTC to spend on stuff you want to buy or receive payments!

[ps1234]

pooya87, that's an excellent strategy...if only I had 10BTC 

Seriously though, can you please explain why you favour the paper wallet for long term HODL when this WiKi https://en.bitcoin.it/wiki/Paper_wallet#:~:text=A%20paper%20wallet%20is%20the,and%20should%20not%20be%20used. so strongly discourages it?

If I do generate a paper wallet, would this https://github.com/pointbiz/bitaddress.org be a suitable tool?

[Wind_FURY]

OP, the Electrum air-gapped set up option is better for your OPSEC in that no one knows that you are a Bitcoin user. It has become especially concerning after Ledger leaked their customers’/users’ personal information.

[ranochigo]

Seriously though, can you please explain why you favour the paper wallet for long term HODL when this WiKi -snip- so strongly discourages it?

I think paper wallets are not terrible as it is basically just another way to store your keys or seeds. The points as stated in the wiki are completely valid and are indeed downsides of paper wallets. Generating a paper wallet would most likely involve an offline computer so rather than doing that, I'll just make an Electrum wallet, export the master public key, write the seed and laminate it.

If you want to make it more indestructible, use some metal stamping tool to etch it into a block of metal.

If I do generate a paper wallet, would this https://github.com/pointbiz/bitaddress.org be a suitable tool?

Here lies another problem; that hasn't been any new commits for the past few years which means it doesn't have segwit support. Not exactly a big problem but it works fine if you want to generate legacy address.

[ps1234]

Thanks to all for the superb advice.

One final question, is whole disk encryption recommended in addition to wallet encryption?

I'm going to disagree with the post above and say that I prefer airgapped cold storage to hardware wallets. -snip - My feeling is that a properly set up, permanently airgapped device, using whole disk encryption, is safer than a hardware wallet,

I believe that an air gap Electrum wallet is the best solution for me.

[o_e_l_e_o]

One final question, is whole disk encryption recommended in addition to wallet encryption?

I prefer whole disk encryption for a number of reasons.

Firstly, I use it regularly on most of my devices, so I am very familiar with it.
Secondly, it eliminates the risk of leaving behind unencrypted information accidentally. If I accidentally save some sensitive information or a piece of software creates some unencrypted back up or log, it doesn't matter since it will all be encrypted anyway when I'm finished using the device.
Thirdly, it provides plausible deniability. If someone finds an encrypted hard drive, they have no idea that there might be bitcoin on it. If someone finds an encrypted Electrum wallet file, it's a different story. You can also take this further by using hidden volumes to decrypt different data to what you are really protecting.

Whether or not these are vectors of attack which would concern you is up to you. I would recommend LUKS for Linux or VeraCrypt if you go with Windows.

[pooya87]

pooya87, that's an excellent strategy...if only I had 10BTC 

Seriously though, can you please explain why you favour the paper wallet for long term HODL when this WiKi https://en.bitcoin.it/wiki/Paper_wallet#:~:text=A%20paper%20wallet%20is%20the,and%20should%20not%20be%20used. so strongly discourages it?

I've always said that this wiki page is greatly exaggerated. Basically it's whole argument is that because people may not correctly create paper wallets then they are considered unsafe. This is true about everything, even your hardware wallet if used incorrectly could be unsafe.

A correctly created paper wallet is the safest option in my opinion.
A correct way is:
1. Created offline on a clean and secure OS
2. Using a trusted tool (open source and verified)
3. The tool generates mnemonics
4. Is encrypted before written on paper
5. More than one backup is created from it and stored separately in safe places.