abhilodha (OP)
Newbie
Offline
Activity: 25
Merit: 5
|
|
August 10, 2021, 12:33:55 PM Last edit: August 10, 2021, 01:00:34 PM by abhilodha |
|
Lets say i want to transact a very important huge amount of btc transation of my life. Which one should i chose between Offline signing transaction via Electrum(gpgverified) or trezor bought from official site.
This is a hypothetical question. i want some expert opinion to confirm my bias that offline transaction on airgaped pc is more secure than a trezor.
|
|
|
|
Saidasun
|
|
August 10, 2021, 12:54:01 PM |
|
You can not do a offline transaction at least you cannot send a offline transaction you would need to connect to a node to send the transaction. A hardware wallet would be better if you need to send transactions if you mean receive transactions then a offline wallet will be fine and probably is safer or just as safe as a hardware wallet. Airgapped computers have risks if you do not abide by the advice search up "airgapped computer Bitcoin pitfalls" that will show you some of the common mistakes.
|
|
|
|
NeuroticFish
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
August 10, 2021, 01:04:18 PM |
|
Lets say i want to transact a very important huge amount of btc transation of my life. Which one should i chose between Offline transaction via Electrum(gpgverified) or trezor bought from official site.
This is a hypothetical question. i want some expert opinion to confirm my bias that offline transaction on airgaped pc is more secure than a trezor.
In theory they are pretty much equal. In reality I also feel like they're not. Air-gapped cold storage is safe because it's offline. But you have to be careful on how you transfer the tx to be signed by the cold storage and back to the live computer; also there are theoretical means to also hack into those too. Hardware wallet should be secured by its Secure Elements chip (but afaik Trezor doesn't have one). If done well HW should be safe. If you updated with no buggy and official firmware/app you should be good. All in all, HW has quite a number of "if" here and there and it's also plugged in "online" (it doesn't matter how often). This makes it also in my eyes less secure than a cold storage. But I know how to do a cold storage. One who doesn't know how to make it properly and use it properly has a much higher chance to get his money stolen than with HW. PS. OP, you should write better your post, as you can see the wording "offline transaction" can easily interpreted in the way you never broadcast the tx online.
|
|
|
|
tranthidung
Legendary
Offline
Activity: 2450
Merit: 4275
Farewell o_e_l_e_o
|
|
August 10, 2021, 01:11:27 PM |
|
With hardware wallets, you don't leak your private key when you sign your transactions so you are safe. Another common application of this solution is for cold-storage or hardware wallets. In that scenario, the extended private key can be stored on a paper wallet or hardware device (such as a Trezor hardware wallet), while the extended public key can be kept online. The user can create "receive" addresses at will, while the private keys are safely stored offline. To spend the funds, the user can use the extended private key on an offline signing bitcoin client or sign transactions on the hardware wallet device (e.g., Trezor).
|
|
|
|
bitmover
Legendary
Offline
Activity: 2478
Merit: 6316
bitcoindata.science
|
|
August 10, 2021, 01:20:02 PM |
|
Lets say i want to transact a very important huge amount of btc transation of my life. Which one should i chose between Offline signing transaction via Electrum(gpgverified) or trezor bought from official site.
This is a hypothetical question. i want some expert opinion to confirm my bias that offline transaction on airgaped pc is more secure than a trezor.
If you are making that question, it is because you are not comfortable with the technology They are both safe as long you understand how to make an offline transaction safely. As you don't look like a "tech guy", my suggestion is that you use a hardware wallet. Hardware wallets are designed to be easy to use and safe. You won't make a mistake using a hardware wallet. You will be fine.
|
|
|
|
MIner1448
Member
Offline
Activity: 938
Merit: 13
Tontogether | Save Smart & Win Big
|
|
August 10, 2021, 01:36:44 PM |
|
In any case, an hardware wallet would be better, if you mean a transaction, then in an hardware wallet, the blockchain sends a signal to your wallet in offline mode, this is, in my opinion, the most proven method and the safest than all the others. Yes, and all seasoned people always advise a hardware wallet in any case, under any circumstances.
|
|
|
|
Jawhead999
Legendary
Online
Activity: 1820
Merit: 1208
|
|
August 10, 2021, 01:37:45 PM |
|
Hardware wallet is secure and easy too use, but has some vulnerability and database hack. Even though they vulnerability has been fixed, it's doesn't prevent from other undiscovered vulnerability.
Air gapped storage can be the most secure wallet (but it's not 100% safe since malware can still infect) if you know how to set up properly, using right tools and know various malicious attack that can steal your Bitcoin even using air gapped storage (e.g. malware).
|
| CHIPS.GG | | | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀░▄░▀▀▀▀▀░▄░▀███▄ ▄███░▄▀░░░░░░░░░▀▄░███▄ ▄███░▄░░░▄█████▄░░░▄░███▄ ███░▄▀░░░███████░░░▀▄░███ ███░█░░░▀▀▀▀▀░░░▀░░░█░███ ███░▀▄░▄▀░▄██▄▄░▀▄░▄▀░███ ▀███░▀░▀▄██▀░▀██▄▀░▀░███▀ ▀███░▀▄░░░░░░░░░▄▀░███▀ ▀███▄░▀░▄▄▄▄▄░▀░▄███▀ ▀████▄▄▄▄▄▄▄████▀ █████████████████████████ | | ▄▄███████▄▄ ▄███████████████▄ ▄█▀▀▀▄█████████▄▀▀▀█▄ ▄██████▀▄█▄▄▄█▄▀██████▄ ▄████████▄█████▄████████▄ ████████▄███████▄████████ ███████▄█████████▄███████ ███▄▄▀▀█▀▀█████▀▀█▀▀▄▄███ ▀█████████▀▀██▀█████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀████▄▄███▄▄████▀ ████████████████████████ | | 3000+ UNIQUE GAMES | | | 12+ CURRENCIES ACCEPTED | | | VIP REWARD PROGRAM | | ◥ | Play Now |
|
|
|
Lucius
Legendary
Offline
Activity: 3416
Merit: 6149
Crypto Swap Exchange🈺
|
|
August 10, 2021, 02:08:16 PM |
|
This is a hypothetical question. i want some expert opinion to confirm my bias that offline transaction on airgaped pc is more secure than a trezor.
If you have a properly made air-gapped wallet and a secure way to broadcast a transaction, there is no doubt that it is a more secure way than any hardware wallet, whether it is open source or has/does not have a secure element. What you should always look out for is clipboard malware if you use a hardware wallet, which is why such devices exist, among other things. I'm not sure if it's possible to compromise a transaction that was made offline, and if there is a danger of clipboard malware or some other way for the transaction parameters to change the moment they come in contact with the infected online device?
|
|
|
|
ranochigo
Legendary
Offline
Activity: 3038
Merit: 4420
Crypto Swap Exchange
|
|
August 10, 2021, 02:19:02 PM |
|
I would lean towards a Trezor, or hardware wallets in general. The main point of a hardware wallet (and also your air-gapped wallet) is to protect yourself against a malware attack. That is by far the greatest threat to Bitcoin users. Hardware wallets are specifically programmed to not reveal your seeds/private keys using the MCU and thus any communication should be sanitized and will make it difficult to compromise as compared to an air-gapped wallet.
Loads of users do not know how to properly setup an air-gapped wallet, comparatively, hardware wallets are more suitable for the general userbase as compared to an air-gapped wallet. If you'd like, HW wallets like ColdCard has an SD card feature which allows you essentially achieve an airgap as well.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18746
|
|
August 10, 2021, 03:19:06 PM |
|
Lets say i want to transact a very important huge amount of btc transation of my life. Which one should i chose between Offline signing transaction via Electrum(gpgverified) or trezor bought from official site. Where are the private keys for this huge amount of coins stored at present? What about the seed phrase? Depending on how and where the seed phrase was generated might dictate which method you have to use, or which method is best to use. Completely hypothetically, I would probably recommend a hardware wallet. I use both hardware wallets and cold storage, I feel my cold storage is probably marginally safer than a hardware wallet, but I also appreciate my cold storage set up is significantly more complicated than setting up and using a hardware wallet, with far more possibilities for fatal errors. If you are not sure which one is right for you, then the answer is a hardware wallet. If you are super paranoid, you can always use your hardware wallet via a clean airgapped computer. This doesn't mitigate any physical attacks on the hardware wallet, but it would help to mitigate against things like clipboard malware or any unknown vulnerabilities which could leak your private keys from your hardware wallet.
|
|
|
|
haasanjui
Member
Offline
Activity: 434
Merit: 11
|
|
August 10, 2021, 03:39:30 PM |
|
Hardware wallet is safe. In hardware wallet there are many security terms if we follow these we never lost or be scammed and it is modern way to transfer money. It is huge benifit for business man and huge companies.
|
|
|
|
abhilodha (OP)
Newbie
Offline
Activity: 25
Merit: 5
|
|
August 10, 2021, 05:22:44 PM |
|
Lets say i want to transact a very important huge amount of btc transation of my life. Which one should i chose between Offline signing transaction via Electrum(gpgverified) or trezor bought from official site.
This is a hypothetical question. i want some expert opinion to confirm my bias that offline transaction on airgaped pc is more secure than a trezor.
If you are making that question, it is because you are not comfortable with the technology They are both safe as long you understand how to make an offline transaction safely. As you don't look like a "tech guy", my suggestion is that you use a hardware wallet. Hardware wallets are designed to be easy to use and safe. You won't make a mistake using a hardware wallet. You will be fine. u can call me an advanced user. surely i do not understand code though. today i did the offline sign a transaction on an always offline pc which had a clean install of windows 10 with only two softwares installed electrum(gpg verified) and deepfreeze installed. after doing the transaction i wiped the OS. i want to tell u something and this is on record. once trezor developers were in a ask me anything program on youtube and my question to them was "is it theoritical/technologically possible for a compromised pc to retrieve private keys from trezor while its connected" their answer was yes it possible but with current technology cannot do. May be one day i will become ''tech guy" and read the code myself and how trezor actually works. And i will get the answer that why inserting trezor on internet cafe is same as safe as signing an offline transaction on a clean always offline pc in an airgaped room.
|
|
|
|
Maidak
Legendary
Offline
Activity: 1890
Merit: 1058
Vave.com - Crypto Casino
|
|
August 10, 2021, 07:58:28 PM |
|
Lets say i want to transact a very important huge amount of btc transation of my life. Which one should i chose between Offline signing transaction via Electrum(gpgverified) or trezor bought from official site. This is a hypothetical question. i want some expert opinion to confirm my bias that offline transaction on airgaped pc is more secure than a trezor.
Cold storage wallet means that your private key will never come in contact with online. Private keys will be in written form in a metal or something that is not easily damaged. Because online contact only has a chance to leak, Otherwise, it is protected. Hardware wallet is also secured if you believe the provider, cause they said there is no feature in HW to reveal your private keys though it is stored your keys and you have to connect it online. So, HW is less secured than cold storage.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18746
|
|
August 10, 2021, 08:19:46 PM |
|
once trezor developers were in a ask me anything program on youtube and my question to them was "is it theoritical/technologically possible for a compromised pc to retrieve private keys from trezor while its connected" their answer was yes it possible but with current technology cannot do. This is the correct and responsible answer. Anyone telling you their piece of technology, hardware, software, whatever, is completely immune to attack and could never possibly be compromised is lying to you at best, and at worst incompetent and doesn't understand security. There is no such thing as an impenetrable device. Perhaps it is incredibly secure, perhaps there are no known attack vectors against it, perhaps it has never been successfully attacked, perhaps it has been extensively audited and pen tested and remains secure, but for someone to say there is no possible scenario now or in the future where there exists at least a chance of compromise is just plain wrong. All of the above can also be said for airgapped wallets. There are known attacks which can extract private keys from airgapped devices (however unlikely these attacks are, they do exist), and there are almost certainly other attacks which we don't know about yet. There are known attacks against hardware wallets (which are also incredibly unlikely), and there are almost certainly other attacks which we don't know about yet. It all comes down to balance of risk. Both solutions, if used properly, are incredibly secure, and are far far more likely to be compromised by user error than by malware or physical attacks.
|
|
|
|
bL4nkcode
Copper Member
Legendary
Offline
Activity: 2142
Merit: 1307
Limited in number. Limitless in potential.
|
|
August 10, 2021, 08:24:08 PM |
|
May be one day i will become ''tech guy" and read the code myself and how trezor actually works. And i will get the answer that why inserting trezor on internet cafe is same as safe as signing an offline transaction on a clean always offline pc in an airgaped room.
I bet you don't need to read source codes for them to call you a tech guy or in able to understand on why its still safe to use a HW on infected device/desktop. Enough knowledge on how it basically work is enough, and the idea that your HW's and the airgapped computer's private key never get in touch on computer's network is enough for your to say its much safer than using any mobile and desktop wallets or exchanges.
|
|
|
|
semobo
|
|
August 10, 2021, 08:30:26 PM |
|
Both are safe but in practical if you made single mistake while transacting the broadcasting message to the device which is connected online then your funds are at risk but with hardware wallets its more safe but nothing is completely safe until you know what you are doing and what are the results are going to be.
|
|
|
|
5thFear
|
|
August 10, 2021, 09:03:31 PM |
|
Hardware wallet is the safest in my opinion, if you are not used to sharing your secrets. But if that happens, then there is nothing safe. So if you can remember the storage place of your hardware wallet, then it is the safest.
|
|
|
|
hatshepsut93
Legendary
Offline
Activity: 3038
Merit: 2161
|
|
August 10, 2021, 09:48:05 PM |
|
Both are highly secure from a point of view of average users. I would recommend hardware wallets to less experienced users and cold storage to more experienced users (though they already know what to do and don't need any advice). Hardware wallet is a bit simpler to use, while cold storage is a bit less likely to be targeted by hackers. In both cases, you still need to carefully verify that your addresses haven't been replaced before sending, that you're using clean systems, etc.
|
|
|
|
dkbit98
Legendary
Offline
Activity: 2408
Merit: 7561
|
|
August 12, 2021, 09:49:14 AM |
|
Lets say i want to transact a very important huge amount of btc transation of my life. Which one should i chose between Offline signing transaction via Electrum(gpgverified) or trezor bought from official site.
Using airgapped pc for sending transactions is fine if you are advanced crypto user with lot of coins and if you know what you are doing, but if you are average crypto user without confirmed clean computer and linux operating system, than it is probably easier to use trezor hardware wallet with passphrase option. Both devices are not connected to internet and there are pros and cons for both approaches, if you don't already have airgapped computer it would take time installing and setting everything up. Ordering hardware wallet devices can also be problematic for privacy so I would suggest using PO boxes or alternative address and reading this [GUIDE] How to buy a Hardware Wallet the right way.
|
|
|
|
ranochigo
Legendary
Offline
Activity: 3038
Merit: 4420
Crypto Swap Exchange
|
|
August 12, 2021, 09:54:12 AM |
|
May be one day i will become ''tech guy" and read the code myself and how trezor actually works. And i will get the answer that why inserting trezor on internet cafe is same as safe as signing an offline transaction on a clean always offline pc in an airgaped room.
It shouldn't be impossible to read the code; you only have to find out if Trezor, at any point will communicate the seed through the USB interface. If it doesn't, then you should be safe. I don't think it is a problem with our current technology. HW wallets are designed to keep your seeds safe and the only reason why it would ever become unsafe is if the seed is revealed through a zero-day vulnerability; ie. design oversight. Obviously, airgaps can be compromised and it is also possible for zero day exploits to appear.
|
|
|
|
|