Encrypt the PSBT file

[takuma sato]

Wouldn't you simply be better to access that encypted data remotely?
On a rented server, or, in you aren't homeless, access your home remotely?

Have nothing that matters stored on any hardware you carry into regions where that could matter ...

Well, which company would you trust when it comes to renting a server? And aren't you in the same dilemma? you are trusting someone else to store the data for you.

As far as accessing your own server at home, suppose that the country you left (where you have your running machines) becomes very anti-Bitcoin, and finds out you are dealing with cryptocurrencies, they could raid your house and steal your machines where everything is hosted.

I think 5 to 10 years (or sooner) from now, all these scenarios are very possible. Look at the covid insanity where you no longer have autonomy over your own body when it comes to vaccines, why is it so hard to imagine a world in which they raid you if you are dealing with "unregulated money"? This is where you have to ask yourself: Where can I host my bitcoins where I could recover them in case they took everything from me?

In this case, I only see a solution, and that is a sort of a pnemonic seed similar to the 12 word seed with Electrum which you can memorize, but Bitcoin Core does not support this (and I don't trust non-full node software). You could convert the hd wallet string of characters into something readable and memorize this perhaps?

[1714633168]

1714633168

[o_e_l_e_o]

This is where you have to ask yourself: Where can I host my bitcoins where I could recover them in case they took everything from me?

You always have the option of hidden offsite back up. A stainless steel plate with your 12 word seed engraved in it and buried somewhere secret or bolted the the concrete foundations of a building or something similar. Not very practical to access in the future when you need it, though.

You could convert the hd wallet string of characters into something readable and memorize this perhaps?

I always caution against using your memory for anything important, given how fickle memory is and how some very common and completely unpredictable illnesses and injuries can lead to memory impairment and therefore loss of all your coins. However, if you were dead set on doing this, then you could use some open source BIP39 software such as Ian Coleman to turn your memorized seed phrase in to raw private keys which can then be imported in to Core.

[n0nce]

This is a little bit off-topic, but I feel I have to clear up some misconceptions here.

In this case, I only see a solution, and that is a sort of a pnemonic mnemonic seed similar to the 12 word seed with Electrum which you can memorize, but Bitcoin Core does not support this (and I don't trust non-full node software). You could convert the hd wallet string of characters into something readable and memorize this perhaps?

This to me implies you use Bitcoin Core only to store all your BTC funds? Be aware, that while this is excellent software and running a node is an integral part of Bitcoin, which also helps your privacy, it's not the best for security. Bitcoin Core is a hot wallet. I would highly suggest instead using that node via Tor from one or multiple SPV wallets, which e.g. support mnemonics and HSMs / hardware wallets.

Here is how to install and access electrs remotely via Tor from any wallet. It can run on a mobile phone for example, which is great security wise due to sandboxing and secure boot (compared to traditional desktop OS). Especially if that phone application you use is open source, possibly compiled by you yourself and accesses keys that are stored on a Bluetooth-enabled HW wallet or (imo much better) an airgapped wallet that supports QR code communication.

You must understand, that while using Core is great for privacy, you're at risk due to using a hot wallet. Any airgapped / cold wallet or even HW wallet setup would be safer security wise. By configuring the 'light client' software to use your own BTC node to query balances and transactions, you retain the same privacy as if using Core directly.

[takuma sato]

This is a little bit off-topic, but I feel I have to clear up some misconceptions here.

In this case, I only see a solution, and that is a sort of a pnemonic mnemonic seed similar to the 12 word seed with Electrum which you can memorize, but Bitcoin Core does not support this (and I don't trust non-full node software). You could convert the hd wallet string of characters into something readable and memorize this perhaps?

This to me implies you use Bitcoin Core only to store all your BTC funds? Be aware, that while this is excellent software and running a node is an integral part of Bitcoin, which also helps your privacy, it's not the best for security. Bitcoin Core is a hot wallet. I would highly suggest instead using that node via Tor from one or multiple SPV wallets, which e.g. support mnemonics and HSMs / hardware wallets.

Here is how to install and access electrs remotely via Tor from any wallet. It can run on a mobile phone for example, which is great security wise due to sandboxing and secure boot (compared to traditional desktop OS). Especially if that phone application you use is open source, possibly compiled by you yourself and accesses keys that are stored on a Bluetooth-enabled HW wallet or (imo much better) an airgapped wallet that supports QR code communication.

You must understand, that while using Core is great for privacy, you're at risk due to using a hot wallet. Any airgapped / cold wallet or even HW wallet setup would be safer security wise. By configuring the 'light client' software to use your own BTC node to query balances and transactions, you retain the same privacy as if using Core directly.

I use Bitcoin Core for cold wallet too. Bitcoin Core on laptop 1, fully synced with watch only addresses. Bitcoin Core on laptop 2, airgapped with no wifi card and pkeys for signing. And now with PSBT you just have to save the PSBT in an sdcard and put it on the online laptop to broadcast. Back then it was a pain in the ass with getrawtransaction etc. But still, Bitcoin Core is very primitive when it comes to cold wallet features but I can trust it above other software. Also the more software and different stuff you use the bigger chance that there is a bug somewhere. I assume Bitcoin Core is the most peer reviewed software on the planet at this point, so while I miss features for cold storage by other wallets, I just use the same software for both hot and cold. Hopefully in the future they work on better cold storage support.
I think people like Luke Dash Jr also use either Core or Knots as wallet, or at least back then I think he was recommending it, but now im not sure if they moved to coldcard.

I know someone that has been using Bitcoin Core in a linux laptop that he only uses for this, uses it both for storage and broadcasting but deletes the wallet.dat once he has broadcasted what he wants. Also, what he does is he syncs the blockchain, once fully synced, turns off internet, then decrypts an aes file with wallet.dat on it which he has saved somewhere else, loads the wallet file on Core, clicks send to send a transaction so it becomes pending until you have network, turns on internet, transaction is broadcasted, quickly turns off internet and monitors the transaction on his regular computer on some blockchain explorer, once its all confirmed and well he saves the wallet.dat back on the encrypted file, saves it somewhere else, shreds the file. Considering he only transacts a few times a year I would say it's almost impossible that he gets hacked. He can't be bothered with learning how to use anything else and works for him.

[PrimeNumber7]

I assume Bitcoin Core is the most peer reviewed software on the planet at this point, so while I miss features for cold storage by other wallets, I just use the same software for both hot and cold. Hopefully in the future they work on better cold storage support.

Bitcoin core is generally something that is safe to run, although all software potentially has bugs and vulnerabilities. Security vulnerabilities have been found in bitcoin core before, although they have generally been quietly reported so they could be fixed before the bugs become public.

You can look at tests that are performed on the code, (and run them yourself if you like), and can see which parts of the code doesn’t have any tests performed on. It is very rare for software to have 100% test coverage, and even when it does, chances are that there are edge cases in which tests are not run.

This obviously doesn’t mean the code is deficient or that it contains vulnerabilities, it just means that it hasn’t been tested. To “test” code, you check to make sure it performs the task it is intended to run, and produces the output it is intended to produce.

[o_e_l_e_o]

Also, what he does is he syncs the blockchain, once fully synced, turns off internet, then decrypts an aes file with wallet.dat on it which he has saved somewhere else, loads the wallet file on Core, clicks send to send a transaction so it becomes pending until you have network, turns on internet, transaction is broadcasted, quickly turns off internet and monitors the transaction on his regular computer on some blockchain explorer, once its all confirmed and well he saves the wallet.dat back on the encrypted file, saves it somewhere else, shreds the file.

He still has his unencrypted wallet on an machine which is connected to the internet, regardless for how brief a time that is the case. That is a security risk.

Also, deleting the unencrypted wallet file does not delete the data from the hard drive - you are only deleting the pointers telling the OS where the file is, essentially telling the OS that this is now free space which can be written over. But unless you actually write over it, the previous data (his unencrypted wallet) still exists and can be recovered and accessed.

He can't be bothered with learning how to use anything else and works for him.

Well, if he's happy accepting those risks then that's his decision, but if he already has this second computer which he only uses for bitcoin, then I don't understand why he wouldn't just keep it permanently airgapped.

[Dabs]

What was described is not cold storage.

I once used just Bitcoin Core for the same purposes in two different machines. It was harder back then. I know dooglus used to use this same method as well, he had good reason to do it too as he was holding about 60k BTC of other people's coins, up until he stopped accepting BTC for his site and restarted to a shitcoin.

Electrum is pretty much peer reviewed and open source for both desktop / laptop / linux / windows and android and is a very good combination to use as cold storage that you can easily do transactions with an air-gapped device using just QR codes. So the 12 words (or even 24 words if you know how to make it do that) is a nice alternative, that you can engrave..

If you run your own Electrum server, then you are also running a full node. If not, the other Electrum servers on the network, most of them you can probably "trust" enough to work for your purposes, you just do not have a guarantee of privacy. You don't need to run an Electrum server to use the app.

If you are going across different international borders, unless they strip search you, you can easily hide a small piece of paper, or stitch / embroider the words on the clothes that you are wearing.

microSD cards are easily smuggled inside toys, other electronic devices, taped to your belt or shoe or something. You probably have and will continue to have access to a passport or other papers, a wallet in your pocket? ...

If you're running away from a country that will kill you for bitcoin, I'm sure you'll find a way to smuggle with you, on your person, what you need. And if you need to resort to storing it as a draft on some public gmail account (as a backup) then do that. If you don't make it to the other side alive, most likely no one else will get your bitcoins.

If you are renting a server, you don't need to trust the owners of that server, you just need to trust that it will be operational and online when you need it. Encrypting files with a password only you know (and tested that it decrypts) is all you need. You just need to make it across the border.

In fact, you can probably just use an expiring file upload site or even expiring paste bin type of site. Make it a few days before you travel, expiring in 3 months, should be enough time. You probably can access it on the other side within a couple of days or a week at worst? Maybe? ... Hopefully.

I don't know how bad you think your own situation can be, but right now you seem to have internet access. Paper backups are good. Seal them in an envelope. Stainless steel or other materials are better. Most people can take a little cash or credit card or something with them as they cross borders, you can find a way to write down whatever words you need on them.

[btc2marspro]

Bitcoin is not anonymous. It is fully viewable public ledger. Anonymous money is a fallacy. If you want privacy, may be to use privacy coin or fiat?

Carrying the PSBT file throught a border and then getting the laptop checked in customs for instance.

Then don't carry it through customs. As achow has said, it is going to be publicly viewable to the entire world once you broadcast it, so you can store it on the cloud, email it to someone else or yourself, post it on a blog, any method of digital storage which you can access later once you arrive at your destination. If you do all this with a brand new and otherwise anonymous cloud/email/whatever account, then there is minimal additional risk to your privacy.

I've heard stories of people getting their laptops confiscated if they had full disk encryption and refuse to deliver a password.

If border agents are interested enough in you to force you to decrypt your entire disk, then they are going to be interested enough in individual encrypted files or containers to force you to decrypt them too. If you really want to hide something from border agents, then don't take it across the border with you. If you must, then a hidden volume with some "decoy" encrypted data is probably the way to do it, which is far outside the scope of Bitcoin Core.

I can't agree with this logic of "the entire world will know". The entire world will know X transaction happened but not that it's tied to you. The problem is linking this data to you. It's the basic pseudonymous principle of making transactions in Bitcoin. So if for instance you save a .psbt file in an usb pendrive and you forget to delete it, and someone gets access to the USB physically and manages to tie this USB pendrive to you, then they would know you are an owner of bitcoins. So you have now become a target.
But assuming this will remain as it is then you'll just have to guarantee that the file is put inside a Veracrypt container or something before it leaves your airgapped laptop.
As far as cloud storage. All of these "anonymous email" services aren't really anonymous. And "anonymous cloud services" require that you dox yourself via paying a subscription usually. You would to find one that accepts BTC and mix the coins and hope it all goes well. There's also the problem that you never know what happens with this data if you don't control the servers physically. I haven't found any reasonable way to store stuff in the cloud and call it "safe".

Carrying the PSBT file throught a border and then getting the laptop checked in customs for instance.

Wallet software is way more obvious than a PSBT. And wallet software will contain far more private information than a PSBT.

PSBTs are just base64 strings, you wouldn't know that it is Bitcoin related unless you are looking for it specifically.

And again, you can just encrypt the PSBT with a third party tool. Then it will look like an encrypted file, instead of specifically an encrypted PSBT as adding an encryption standard would make.

I have always wondered why the wallet.dat is not fully encrypted, but in any case you wouldn't move the wallet.dat file around to sign between computers as you would with the PSBT ones. Of course it's the same thing: never move the wallet.dat file around if it's not fully encrypted with a third party software.

[n0nce]

~

That sounds great! The techniques you described all make sense to me and should be pretty secure, as you say. Of course, critiques such as deleted files being recoverable, are valid as well, but I am not sure if there has been malware already that recovers deleted files. I think because this case is quite the edge-case.
Regarding 'cold storage support', since v22.0 Hardware Wallets should now be supported. Everyone's definition of 'cold storage' varies a bit, but I thought it may be interesting for you.

[takuma sato]

~

That sounds great! The techniques you described all make sense to me and should be pretty secure, as you say. Of course, critiques such as deleted files being recoverable, are valid as well, but I am not sure if there has been malware already that recovers deleted files. I think because this case is quite the edge-case.
Regarding 'cold storage support', since v22.0 Hardware Wallets should now be supported. Everyone's definition of 'cold storage' varies a bit, but I thought it may be interesting for you.

It wasn't simply deleting the file but overwritting it with shred on the linux console, shred -zvun 16 specifically will make sure no one can recover it.

...

I would like to avoid Electrum because im only familiar with Bitcoin Core's coin control and I have no idea what im doing outside of that. As a way to get an alternative to the lack of being able to store 12 or 24 words (memorizing them because if you have to store them, it's the same problem as storing a wallet file) I was thinking about ways to get the HD seed of Bitcoin Core human-readable. For instance, this hd seed is 33 characters, would it be possible to convert this to words?

tb1qzqtu25qsue0a5pp3hg8lkftclf8ds

If you could memorize this, then you could use Bitcoin Core as electrum, since if you can memorize that, you can create a new wallet and enter "sethdseed tb1qzqtu25qsue0a5pp3hg8lkftclf8ds" and you would get the wallet.


How do you rate storing encrypted files on email providers instead of dropbox type sites?

Then once you cross the border, you delete the file, but probably there would be traces of the file for them if they wanted to recover it since it would be a simple file deletion and not a shred type overwrite, but it's unlikely anyone would bother to go throught that. It would need to be employees of the email provider to get into your account, look for deleted files, and then crack the SHA256 encrypted file (and probably 3 cascaded algorithms if you use Veracrypt). So yeah good luck with that. The real risk would probably be that there is a user+password database leak and it would need to happen during the time you are hosting the file which is temporary, and then they would need to be able to crack the file. So probably hosting an encrypted file temporary on a private place that requires a login+password access is reasonable.

[o_e_l_e_o]

For instance, this hd seed is 33 characters, would it be possible to convert this to words?

You can convert any data at all in to words. If you want to follow a BIP39 schematic, then simply convert that string in to binary, split the binary in to 11 digit groupings, and then match each grouping against a word from the word list. (You can use the same process BIP39 does to add in a checksum if you really wanted.) Without a checksum, that string converts to 264 binary digits which then converts to 24 words. Reliably memorizing 24 random words over a long period of time is difficult and will likely to lead to loss of your coins, and you will need the exact same wordlist to be able to convert your words back in to your original string.

How do you rate storing encrypted files on email providers instead of dropbox type sites?

Makes little difference. In both cases you are trusting a third party to store your data on their servers. You don't know how many servers it is stored on, where those servers are located, who has access to those servers, what their physical and their digital security is like, how securely they transfer your data, etc.