How to use PSBT with online node and offline node for cold storage usage

[blade_house888]

My set up:

• One online node running Core 0.21.0, sync'd
• One offline node booting from an Ubuntu Live CD, no storage devices, unpacked Core 0.21.0 brought over via flash drive
• One encrypted cold wallet.dat (created ~2013), that will be provided to the offline node via flash drive

My goal is to use PSBT to spend the cold storage coins without ever decrypting the cold wallet.dat on the online machine.

My question is how do I do this?  The online node knows nothing about the cold wallet, so what's the first step?  Do I have to set up a watch only wallet on the online node or is there another way?

Thanks!

[1715230844]

1715230844

[1715230844]

1715230844

[ranochigo]

It's completely possible, though I'm currently having difficulty doing so but that is on testnet so I'm not too sure about main net.

On your offline computer, go to Help>Console and key in this:

Code:

getaddressinfo YOURADDRESS

You should get an output with loads of info. And take note of that field.


Generate another receiving address and transfer both the desc and that receiving address to the online Bitcoin Core.


Next, go to your online Bitcoin Core and key in this:

Code:

importmulti '[{"desc" : "wpkh(026641b79d7ffa40ddf994f0277c2649f3ddcbd871194ba6ef87687daea22ca503)#zl4yt8hu","timestamp" : 0,"label" : "watch-address-test", "watchonly": true}]'

after that,

Use the code below

Code:

walletcreatefundedpsbt '[]' '[{"DESTINATION ADDRESS":AMOUNT}]' '{"includeWatching":true,"changeAddress":"CHANGEADDRESS"}'

Afterwhich, you'll have a long string. Copy that and save it to a file and transfer it to the offline computer.



On the offline computer, go to the file and copy the string again. Then go to Bitcoin Core, File>Load PSBT from clipboard.

A dialog will show up with the information, double check that the change address specified is from your offline wallet, the destination is as intended as well as the amount. If everything checks out, press sign TX. Press Copy to clipboard and save it to a file for transfer to your online computer.

After moving it to your online computer, open the file and copy its contents to clipboard. On the online Bitcoin Core, go to File>Load PSBT from clipboard and check it one final time before pressing Broadcast TX.


Personally, I don't think Bitcoin Core is designed for airgapped storage as it doesn't offer master public keys to easily create a watch-only wallet or is the UI that optimized for such a thing as well.

[blade_house888]

Thanks for this information!  This is exactly what I'm looking for.  I will update this thread when I get back to my nodes to test this out, however I'm a little concerned it's not working on your testnet.

Personally, I don't think Bitcoin Core is designed for airgapped storage as it doesn't offer master public keys to easily create a watch-only wallet or is the UI that optimized for such a thing as well.

The reason I prefer Core for cold storage is needing the two pieces of the puzzle - the wallet.dat and encryption password.  This way I can confidently store these in separate location with no worries about theft, compared to a seed list.  Yes I realize you can split the seed sheet up into separate parts, but the Core route works for me.

[ranochigo]

Thanks for this information!  This is exactly what I'm looking for.  I will update this thread when I get back to my nodes to test this out, however I'm a little concerned it's not working on your testnet.

Oh, I didn't edit that part. It took me quite some time to demonstrate and get the syntax right.

It's working perfectly. The only part that is not working is getting it to work in the UI.

The reason I prefer Core for cold storage is needing the two pieces of the puzzle - the wallet.dat and encryption password.  This way I can confidently store these in separate location with no worries about theft, compared to a seed list.  Yes I realize you can split the seed sheet up into separate parts, but the Core route works for me.

You don't have to strictly backup your wallet (in the case of Electrum) using the seed phrase. If you want, you can back it up in a method similar to Core using the wallet file encryption with the seed and the addresses all being encrypted in the wallet file.

[NotATether]

Next, go to your online Bitcoin Core and key in this:

Code:

importmulti '[{"desc" : "wpkh(026641b79d7ffa40ddf994f0277c2649f3ddcbd871194ba6ef87687daea22ca503)#zl4yt8hu","timestamp" : 0,"label" : "watch-address-test", "watchonly": true}]'

Why are we only importing the sending address to the online wallet? Shouldn't we also import the change address since otherwise the walletcreatefundedpsbt command will not know of its existence?

I know that it technically shouldn't matter whether a change address is loaded because you could set it to anything anyway, but since it has its own parameter to the RPC call, this might be a problem.

[ranochigo]

Why are we only importing the sending address to the online wallet? Shouldn't we also import the change address since otherwise the walletcreatefundedpsbt command will not know of its existence?

I know that it technically shouldn't matter whether a change address is loaded because you could set it to anything anyway, but since it has its own parameter to the RPC call, this might be a problem.

The reason that it is labelled as such in the RPC is for the user to be aware that any remaining amount after deducting both the sending amount as well as the fees would be sent to the address as specified. I'm not sure why you would want to import a change address, it doesn't do anything anyways?

I don't think it really matters if the address is imported or not. The reason for us to be importing the address as such is to be able to retrieve its UTXOs but there isn't anything to be done for a change address.

[HCP]

Personally, I don't think Bitcoin Core is designed for airgapped storage as it doesn't offer master public keys to easily create a watch-only wallet or is the UI that optimized for such a thing as well.

I concur... theoretically, it *should* be possible with the "descriptor" wallet functionality... but because Bitcoin Core uses hardened key derivation all the way down to the address level, you can't simply use the master private key that you can extract from the wallet.

Additionally, while trying to use importmulti on an "empty" descriptor wallet using an xpub (to create a watching only wallet that automatically generates addresses so you don't have to manually import them), I kept getting "command not supported by this wallet type" errors

I'm sure I was probably doing something wrong... but setting up online/offline airgap with Bitcoin Core is a very manual and labour intensive task... I would not recommend it.

[achow101]

I concur... theoretically, it *should* be possible with the "descriptor" wallet functionality... but because Bitcoin Core uses hardened key derivation all the way down to the address level, you can't simply use the master private key that you can extract from the wallet.

Descriptor wallets follow BIPs 44/49/84. The keys are no longer derived with fully hardened derivation paths. This is done at the expense of dumpprivkey now being disabled.

Additionally, while trying to use importmulti on an "empty" descriptor wallet using an xpub (to create a watching only wallet that automatically generates addresses so you don't have to manually import them), I kept getting "command not supported by this wallet type" errors

Use importdescriptors

I'm sure I was probably doing something wrong... but setting up online/offline airgap with Bitcoin Core is a very manual and labour intensive task... I would not recommend it.

The setup could be better, but once it is setup, the PSBT workflow has been significantly improved. Sending transactions can be done entirely from the gui.

[HCP]

Descriptor wallets follow BIPs 44/49/84. The keys are no longer derived with fully hardened derivation paths. This is done at the expense of dumpprivkey now being disabled.

Nice to see the implementation of the BIPs...

Additionally, while trying to use importmulti on an "empty" descriptor wallet using an xpub (to create a watching only wallet that automatically generates addresses so you don't have to manually import them), I kept getting "command not supported by this wallet type" errors

Use importdescriptors

I can't believe I missed this! <facepalm> 

I'll have to check that out later today when I have a bit more time.

The setup could be better, but once it is setup, the PSBT workflow has been significantly improved. Sending transactions can be done entirely from the gui.

Awesome... that is excellent news! As I said, I'll have a bit of an experiment and report back (hopefully later today).

[blade_house888]

Next, go to your online Bitcoin Core and key in this:

Code:

importmulti '[{"desc" : "wpkh(026641b79d7ffa40ddf994f0277c2649f3ddcbd871194ba6ef87687daea22ca503)#zl4yt8hu","timestamp" : 0,"label" : "watch-address-test", "watchonly": true}]'

I can't get this importmulti command to work.

If I use the full desc string from the getaddressinfo output I get an error: "Error: Invalid command line".  That string is in the format: sh(wpkh([8-chars-here/0'/0'/3']very-long-string-here))#checksum.

All other variations give me: "success": false - with the error "Provided checksum 'string' does not match computed checksum 'string'".

Any ideas?