NeuroticFish (OP)
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
December 21, 2021, 09:20:01 AM Last edit: December 21, 2021, 02:12:36 PM by NeuroticFish |
|
After reading, discussing and thinking on the topics discussed about Ledger's hardware wallets', especially Why I wouldn't buy Ledger Nano S ever again? and Ledger Nano S Plus I came to the conclusion that the better option may be a DYI and a pretty cheap and safe solution could be using an old smartphone for the job, completely airgapped. Please correct me if I'm wrong. The point would be that, with the right software installed on the phone, one can use its camera for reading QR from other smartphone or laptop, can display QR that can be read by other smartphone or laptops' camera... I wanted to try out yesterday, shortly, AirGap vault with an Lectrum on laptop. On testnet. It didn't work out and I don't know yet if the reason was that testnet is not supported by AirGap, or it's that AirGap vault works only with AirGap wallet. Question 1:Do you know what I am missing? Did you use this kind of setup and you know that it would actually work on mainnet with AirGap vault and Electrum? Question 2:Do you know of different cold storage app for Android? Can you please share? Question 3:Is there any similar solution I've missed? Some emulator under Android and installing the cold storage under that emulator? Then how I handle the camera/QR reader? Question 4:It's all wrong and I should abandon the idea? Thank you.
Update: the setup works with Electrum on both sides - laptop and old phone.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
December 21, 2021, 11:01:25 AM |
|
Question 1: In what way did it not work out? You couldn't install the vault app? You couldn't create a new wallet? You couldn't move transactions between the vault and Electrum?
Question 2 & 3: If you are only interested in bitcoin, and are going to be using Electrum on your laptop, then why not just use Electrum on your airgapped phone as well?
Question 4: My issue which such a set up has always been that I don't trust the phone, because there is too much hardware and software in there (mostly closed source) and I don't know what it is all doing. Is it properly encrypted at rest? Does turning on flight mode really airgap the phone? Can it still send or receive data via WiFi, 3G/4G/5G, radio waves, Bluetooth, NFC, etc? Is there something on there which might affect the random number generation?
|
|
|
|
nc50lc
Legendary
Online
Activity: 2590
Merit: 6329
Self-proclaimed Genius
|
|
December 21, 2021, 11:09:54 AM |
|
I wanted to try out yesterday, shortly, AirGap vault with an Lectrum on laptop. On testnet. It didn't work out and I don't know yet if the reason was that testnet is not supported by AirGap, or it's that AirGap vault works only with AirGap wallet. I don't know if Airgap Vault supports PSBT ( Partially Signed Bitcoin Transaction) which Electrum generate when exporting unsigned transactions; if it doesn't, the whole setup wont work.
|
|
|
|
NeuroticFish (OP)
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
December 21, 2021, 11:21:34 AM Last edit: December 21, 2021, 02:16:11 PM by NeuroticFish Merited by JayJuanGee (1) |
|
Question 1: In what way did it not work out? You couldn't install the vault app? You couldn't create a new wallet? You couldn't move transactions between the vault and Electrum?
Indeed, I should have been explaining better, but the test was a bit odd... But it was meant to be a test Here it is, as I remember it now: I've generated a 12-word seed with IanColeman's to make it sure it's not an "electrum" seed. I've imported it to Electrum, used it for testnet. I've made one more watch only wallet (also on testnet) with the public key from previous step. This is meant to be the live wallet in my tests. I've sent some testnet coins there. I've imported the 12 words seed into AirGap Vault. In the live wallet made a transaction, shown the QR code and tried to get it with AirGap Vault to sign it. It has read the QR, but it said it's unrecognized data, hence I couldn't sign the tx. Question 2 & 3: If you are only interested in bitcoin, and are going to be using Electrum on your laptop, then why not just use Electrum on your airgapped phone as well?
Believe it or not, I didn't use Electrum on Android at all since (from what I've read) it doesn't support hardware wallet. So (stupid me!) I didn't think at all on Electrum as solution. I'll give it a try later today. Thank you for the idea!Question 4: My issue which such a set up has always been that I don't trust the phone, because there is too much hardware and software in there (mostly closed source) and I don't know what it is all doing. Is it properly encrypted at rest? Does turning on flight mode really airgap the phone? Can it still send or receive data via WiFi, 3G/4G/5G, radio waves, Bluetooth, NFC, etc? Is there something on there which might affect the random number generation?
It's meant to be an old phone with no SIM,. So the only network may be the WiFi. I can make a temporary WiFi by Tethering from the in-use phone and never again use that SSID (it can be GUID). Bluetooth is turned off. NFC.. hm.. iirc it can be turned off. Still, I understand your logic, and I will give it one more thought. The point was for a replacement for a Nano S at the moment it will no longer work, maybe until a new one is bought. Of course it depends on how much funds one handles vs the expected risks. I don't know if Airgap Vault supports PSBT (Partially Signed Bitcoin Transaction) which Electrum generate when exporting unsigned transactions; if it doesn't, the whole setup wont work.
Yep, this may be the actual technical description of my problem. Thanks for that.
I'll try with Electrum for Android, maybe the solution was easier than first expected.
|
|
|
|
nc50lc
Legendary
Online
Activity: 2590
Merit: 6329
Self-proclaimed Genius
|
|
December 21, 2021, 11:46:59 AM |
|
I don't know if Airgap Vault supports PSBT (Partially Signed Bitcoin Transaction) which Electrum generate when exporting unsigned transactions; if it doesn't, the whole setup wont work.
Yep, this may be the actual technical description of my problem. Thanks for that. If that's the case, you can try Electrum versions lower than 4.x for the watch-only wallet on your Laptop. But you'll be stuck with those old versions so I'd also recommend you to use Electrum on your Cold-storage Android to be able to use the latest version. Electrum supports camera and QR codes in both desktop and Android so transferring the transactions for signing will be easy.
|
|
|
|
dkbit98
Legendary
Offline
Activity: 2408
Merit: 7548
|
|
December 21, 2021, 01:23:11 PM |
|
Do you know of different cold storage app for Android? Can you please share? You can use any wallet that is supported by your android phone, if you remove sim card and disable any wi-fi, bluetooth and internet connection. Problem I have is that older phones stops supporting most of the apps, so you can't really install anything on them if they are few years old. In my case I could only install Mycelium wallet on Android v4 or v5 for testing purposes. Is there any similar solution I've missed? Some emulator under Android and installing the cold storage under that emulator? Then how I handle the camera/QR reader? Emulator would probably work installed on offline computer, camera QR would work just fine if you have it on your computer/laptop (tested and works). Problem is that most of this android emulators are closed source and full of junk, but more wallets will probably be supported than with ancient Android phones. It's all wrong and I should abandon the idea? I wouldn't use smartphones as cold storage for various reasons, having regular offline computer/laptop with software wallet installed on Linux OS is much better option.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
Sounds like nc50lc has identified the issue. Looks like you'll either need to use an Electrum/Electrum pairing or an Airgap/Airgap pairing. Electrum's mobile app does have a few key features missing, notably coin control, but since you will only be using it for signing and will be creating the transaction on your laptop (which does have these features), then that won't be an issue for you. I can make a temporary WiFi by Tethering from the in-use phone and never again use that SSID (it can be GUID). Probably better not to. I would factory reset the phone and keep it permanently airgapped. Download and verify the Electrum mobile app on your laptop, and then transfer the .apk file to your phone via SD card or similar to install it. You'll need to enable installing from unknown sources in your phone's settings.
|
|
|
|
NeuroticFish (OP)
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
December 21, 2021, 02:10:50 PM |
|
Indeed, I was worrying for nothing, it was much easier than I've expected. The AirGap Vault direction was counterproductive for me. Indeed, it works with Electrum. (And indeed, installing from SD sounds even better than setting up any WiFi.)
I had some small problem - I didn't find a way to made the Android Electrum on testnet -, but after finding out the right derivation path (m/44'/1'/0'), the Android didn't care it shows mainnet addresses, it signed the testnet tx gracefully.
Thank you all.
|
|
|
|
NotATether
Legendary
Offline
Activity: 1778
Merit: 7362
Top Crypto Casino
|
Old phones can get bricked by deteriorating hardware or a battery wearing out, and this often happens without warning.
Plus there is no good wallet app out there that won't try to connect to the internet - since this is on a mobile OS, you have effectively no way to stop it from attempting to do that, even if you turn off WiFi and cellular (thus shutting off all network connectivity).
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
December 21, 2021, 02:56:48 PM |
|
Old phones can get bricked by deteriorating hardware or a battery wearing out, and this often happens without warning. This is true, but it is also true of any hardware wallet or any airgapped cold storage device, which could one day just refuse to turn on. As long as you have your seed phrase backed up then it's a minor inconvenience at most. since this is on a mobile OS, you have effectively no way to stop it from attempting to do that Electrum for Android does not have the permissions to either turn on or off your WiFi or to turn on or off flight mode. If you are happy that flight mode is sufficient for your needs, then the biggest risk is going to be from you accidentally turning it off. The next steps would be to operate the phone inside a Faraday cage or open it up and physically identify and remove the connectivity modules.
|
|
|
|
NotATether
Legendary
Offline
Activity: 1778
Merit: 7362
Top Crypto Casino
|
|
December 21, 2021, 03:06:03 PM Merited by JayJuanGee (1) |
|
Electrum for Android does not have the permissions to either turn on or off your WiFi or to turn on or off flight mode.
I know that, but the risk is: What if you accidentally switch on the network connection, and simultaneously, a vulnerability is exploited in the app by a malicious payload as soon as the app attempts to communicate with a server? It's rare, but it can happen. The fake update warning a few years ago is a good example of this.
|
|
|
|
NeuroticFish (OP)
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
December 21, 2021, 03:24:12 PM |
|
I know that, but the risk is: What if you accidentally switch on the network connection, and simultaneously, a vulnerability is exploited in the app by a malicious payload as soon as the app attempts to communicate with a server? It's rare, but it can happen. The fake update warning a few years ago is a good example of this.
Well, this use case is meant for those who do know what they're doing and it's certainly not the best approach for safeguarding big funds. There's proper cold storage for that. This was meant as an use case for some who really know what they're doing and it's meant as something relatively safe and much more convenient than a cold storage, probably for a short time, until a hardware wallet replacement is bought/delivered. I expect such an user acknowledge that some risks may be involved. But let's not exaggerate them. For example, after discussing that best is to never add an WiFi SSID at all, after implying that the device will never again have a SIM inserted and will also stay in Flight Mode, (also Bluetooth and NFC stopped), I think that your use case has very low chance to happen. Of course that the fact the device is probably not encrypted is a risk. Of course that the data transfer (meaning tx) should not be done via USB or SD. And of course that if one decides to do other tests that involve SIM or network/connectivity changes, he should first move away all his funds to a new wallet with a new seed.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
December 21, 2021, 03:38:33 PM |
|
What if you accidentally switch on the network connection, and simultaneously, a vulnerability is exploited in the app by a malicious payload as soon as the app attempts to communicate with a server? Yes, that's a possibility, and as I said above I think the biggest risk in this set up is that it is very easy to turn off flight mode or turn on WiFi by mistake. If you have root access to your phone then you can permanently disable the WiFi module to prevent this from happening, or you could physically remove the WiFi module, but otherwise I think you just have to be very careful not to. You should make sure to delete shortcuts or rearrange/hide any menu buttons so you at least have to go looking for the option to turn on WiFi and you can't just do it with a fat finger.
|
|
|
|
Pmalek
Legendary
Offline
Activity: 2940
Merit: 7539
Playgram - The Telegram Casino
|
|
December 22, 2021, 09:35:19 AM |
|
I understand that you are just testing this, but I still don't think it can be called an airgapped cold storage solution. There must be a distinction between a setup that doesn't have the required hardware to establish a network connection and a device that has but only has it turned off by enabling flight mode. Your airgapped system becomes a hot wallet by sliding your finger down the screen, disabling flight mode, or enabling WIFI. It's not enough for an attack, but the prerequisites for one are there. Nevertheless, it's an interesting concept to think about.
|
|
|
|
▄▄███████▄▄███████ ▄███████████████▄▄▄▄▄ ▄████████████████████▀░ ▄█████████████████████▄░ ▄█████████▀▀████████████▄ ██████████████▀▀█████████ █████████████████████████ ██████████████▄▄█████████ ▀█████████▄▄████████████▀ ▀█████████████████████▀░ ▀████████████████████▄░ ▀███████████████▀▀▀▀▀ ▀▀███████▀▀███████ | ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ Playgram.io ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | ▄▄▄░░ ▀▄ █ █ █ █ █ █ █ ▄▀ ▀▀▀░░
| │ | ▄▄▄███████▄▄▄ ▄▄███████████████▄▄ ▄███████████████████▄ ▄██████████████▀▀█████▄ ▄██████████▀▀███▄██▐████▄ ██████▀▀████▄▄▀▀█████████ ████▄▄███▄██▀█████▐██████ ██████████▀██████████████ ▀███████▌▐██▄████▐██████▀ ▀███████▄▄███▄████████▀ ▀███████████████████▀ ▀▀███████████████▀▀ ▀▀▀███████▀▀▀ | | │ | ██████▄▄███████▄▄████████ ███▄███████████████▄░░▀█▀ ███████████░█████████░░█ ░█████▀██▄▄░▄▄██▀█████░█ █████▄░▄███▄███▄░▄██████ ████████████████████████ ████████████████████████ ██░▄▄▄░██░▄▄▄░██░▄▄▄░███ ██░░░█░██░░░█░██░░░█░████ ██░░█░░██░░█░░██░░█░░████ ██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████ ███████████████████████ ███████████████████████ | | │ | ► | |
[/
|
|
|
bakasabo
Legendary
Offline
Activity: 2492
Merit: 1213
|
|
December 22, 2021, 09:45:24 AM |
|
The main problem with old phones using as a storage I see is the fact that an old phone is old. I am not much of a tech guy, but I am pretty much sure that the software/app, that is planned to used as a cold storage will get updates, while old phones one day will lose support from devs and their firmware will be in-upgradable. One day wallet will ask for an update, but it wont be updated because the new version will not be supported with your current firmware.
This is common to iOS/MacOs devices (dont know about Android). I cant use YouTube on my old ipad mini, because an app requires an update, but firmware can no longer be upgraded. I cant use finance app and import data to new phone, because it needs an update and crashes after any tap in it.
|
| █▄ | R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | ▀█ | THE #1 SOLANA CASINO | ████████████▄ ▀▀██████▀▀███ ██▄▄▀▀▄▄█████ █████████████ █████████████ ███▀█████████ ▀▄▄██████████ █████████████ █████████████ █████████████ █████████████ █████████████ ████████████▀ | ████████████▄ ▀▀▀▀▀▀▀██████ █████████████ ▄████████████ ██▄██████████ ████▄████████ █████████████ █░▀▀█████████ ▀▀███████████ █████▄███████ ████▀▄▀██████ ▄▄▄▄▄▄▄██████ ████████████▀ | ........5,000+........ GAMES ......INSTANT...... WITHDRAWALS | ..........HUGE.......... REWARDS ............VIP............ PROGRAM | . PLAY NOW |
|
|
|
NeuroticFish (OP)
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
December 22, 2021, 09:54:34 AM |
|
The main problem with old phones using as a storage I see is the fact that an old phone is old.
You're partly right. The only phone I would have for this (if my HW would break today) would have (drums) Android 4.4.4. And I would have to see if I can flash an Android 5+ on it (which may or may not work). But I expect many have older phones with Android 5+ on them gathering dust (while I keep my phones for 3+ years and then I give them to relatives for further use, I expect most keep them for 2 years then keep them in a drawer). And Google Play store shows that Electrum needs Android 5+. And that's old. And you just don't need anything else on that phone, Electrum has its own scanner too. I understand that you are just testing this, but I still don't think it can be called an airgapped cold storage solution. There must be a distinction between a setup that doesn't have the required hardware to establish a network connection and a device that has but only has it turned off by enabling flight mode. Your airgapped system becomes a hot wallet by sliding your finger down the screen, disabling flight mode, or enabling WIFI. It's not enough for an attack, but the prerequisites for one are there. Nevertheless, it's an interesting concept to think about.
Tails OS or similar USB sticks is seen as a good option for simple and effective cold storage. Still, if one forgets the network cable plugged in to the laptop, he may have surprises. Or if you have a properly airgapped Windows laptop with cold storage and somebody else from your family plugs the network cable in,... same story. I mean that there are always this kind of risks. In most cases for home brew cold storage the prerequisites are there. If one cannot manage them I clearly recommend a proper hardware wallet. As about the concept, I've been checking one of the topics with many "hardware wallets" (and similar devices). And I stumbled over this AirGap software and I thought "why not?". Just while for the cold wallet (or call it as you want) I know I have to be somewhat flexible, I do want to be able to pick the "client side", whether it's Electrum, Sparrow or something else. And my conclusion is that (for Bitcoin) Electrum+Electrum is better than AirGap solution, although it's not presented in that list.But you're right, this was only a test. A proof of concept. For daily use - although this concept is fairly easy - I still recommend a proper hardware wallet, especially for newbies.
|
|
|
|
PrimeNumber7
Copper Member
Legendary
Offline
Activity: 1652
Merit: 1901
Amazon Prime Member #7
|
|
December 22, 2021, 10:10:42 AM |
|
Question 4: My issue which such a set up has always been that I don't trust the phone, because there is too much hardware and software in there (mostly closed source) and I don't know what it is all doing. Is it properly encrypted at rest? Does turning on flight mode really airgap the phone? Can it still send or receive data via WiFi, 3G/4G/5G, radio waves, Bluetooth, NFC, etc? Is there something on there which might affect the random number generation?
My understanding is that with iOS, Bluetooth (and possibly WiFi) will be turned on by default when you turn on airplane mode. You can turn off these features after you turn on airplane mode.
My biggest concern with the setup as described in the OP is that "cold storage" is something I will typically define as private keys being generated and stored on a "computer that has never, and will never be connected to the internet". An old phone will very clearly have been connected to the internet in the past. I am not sure about new iPhones, but I suspect there is the potential for an iPhone being previously connected to the internet right out of the box.
|
|
|
|
ABCbits
Legendary
Offline
Activity: 3052
Merit: 8059
Crypto Swap Exchange
|
|
December 22, 2021, 11:22:01 AM |
|
I understand that you are just testing this, but I still don't think it can be called an airgapped cold storage solution. There must be a distinction between a setup that doesn't have the required hardware to establish a network connection and a device that has but only has it turned off by enabling flight mode. Your airgapped system becomes a hot wallet by sliding your finger down the screen, disabling flight mode, or enabling WIFI. It's not enough for an attack, but the prerequisites for one are there. Nevertheless, it's an interesting concept to think about.
Tails OS or similar USB sticks is seen as a good option for simple and effective cold storage. Still, if one forgets the network cable plugged in to the laptop, he may have surprises. Or if you have a properly airgapped Windows laptop with cold storage and somebody else from your family plugs the network cable in,... same story. I mean that there are always this kind of risks. In most cases for home brew cold storage the prerequisites are there. It's definitely big concern if you use Windows as airgapped storage. But with Tails, there are less concerns since, 1. You usually need to manually choose boot to Tails. 2. Tails doesn't connect to Tor network automatically. 3. Tails is designed with security and privacy in mind, so it's unlikely your Tails compromised when you connect it to network/LAN cable.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
December 22, 2021, 12:24:27 PM |
|
I am not much of a tech guy, but I am pretty much sure that the software/app, that is planned to used as a cold storage will get updates, while old phones one day will lose support from devs and their firmware will be in-upgradable. One day wallet will ask for an update, but it wont be updated because the new version will not be supported with your current firmware. This is not a concern with this set up. The airgapped phone will never go online, so neither the firmware nor the wallet app will ever ask for an update or even know there is a new version to update to. If the combination of firmware + wallet app works now, then it will work exactly the same in 10, 20, 50 years' time. The only concern is that if the online version of Electrum moves to some new standard which means older version of Electrum installed on the airgapped wallet can no longer sign transactions, but if that happens, then you can either install the new app if supported, or create a new airgapped wallet with a more modern model with updated firmware. There is another hidden advantage to this set up, and that is the ubiquitousness of old phones. If someone sees you using a hardware wallet in public, or breaks in to your house and finds a hardware wallet, then they know immediately you are using bitcoin. If someone sees you using an old phone in public, or breaks in to your house and finds an old phone in a drawer, they don't look twice. If the phone is old enough, a thief might not even bother to steal it since it would be impossible to sell for any meaningful amount.
|
|
|
|
suchmoon
Legendary
Offline
Activity: 3850
Merit: 9072
https://bpip.org
|
|
December 22, 2021, 12:52:41 PM |
|
On the scale of things to be paranoid about, I think I'd be more worried about e.g. a compromised GPU BIOS on my computer running with full privileges than an old reformatted Android phone. For all their faults, there is a decent security model on those phones as opposed to the 40-year-old dumpster fire that is a PC.
|
|
|
|
|