How to send wallet to wallet while protecting your private key

[miccheck321]

Question: In order to send bitcoin to another wallet via the blockchain (not an exchange) one must enter their private key. How can one be sure that their private key will not be stolen when it is entered for the transaction?

[Charles-Tim]

Question: In order to send bitcoin to another wallet via the blockchain (not an exchange) one must enter their private key.

No.

You do not need to enter your private key anywhere while making transaction. Your wallet will handle this automatically in a way the private key is needed for signing the transaction.

Protect your wallet and wallet device from malware, this will help in preventing online attack. Also, you can get yourself a reputed hardware wallet while not taking the security of your wallet lightly.

Only what is needed to enter is the address and nothing more. Bitcoin address start from 1, 3 or bc1. The address can be given to anyone for payment purpose. But the seed phrase (+passphrase) or the private key must completely be protected and not given or shown to anyone but remain to you alone.

[hosseinimr93]

How can one be sure that their private key will not be stolen when it is entered for the transaction?

What do you mean by being stolen?

Do you mean your private key may be compromised by hackers?
If you want to be 100% secure, you can sign the transaction on an airgapped device. In this way, your private key doesn't touch the internet at all.

Or maybe you think your private key may be stolen because it is broadcast along with your transaction to the network?
If so, there is no need to worry about that. Your private key doesn't broadcast to the network.
Note that nodes don't need your private key for verifying your transaction.

[LoyceV]

one must enter their private key.

Can you give some background information to help you find the right solution? It sounds like you have been given a paper wallet with private key, without knowing how Bitcoin works. Or is it something else?

Obvious warning: Don't ever share your private key!

[Upgrade00]

In order to send bitcoin to another wallet via the blockchain (not an exchange) one must enter their private key.

You do not need to reveal your private keys when sending bitcoin. However, your public key is revealed when you sign a transaction, this is one of the reasons you should not reuse an address after sending bitcoin out of it.

[hosseinimr93]

1. Download a local copy of [I removed the link] onto a thumb drive.

The website you referred to is a scam.

How am I supposed to -send- bitcoin from that wallet without entering the private key into some other internet device and potentially having it compromised?

If you have created your paper wallet using the website you shared above, your private key is already compromised.

Anyway, as I already said, you can sign the transaction on an offline device.
A good wallet allowing you to do so is Electrum.

Read the following guide to learn how to sign a transaction on an offline device using electrum.

How to spend from an offline paper wallet using Electrum.

[Charles-Tim]

You do not need to reveal your private keys when sending bitcoin. However, your public key is revealed when you sign a transaction, this is one of the reasons you should not reuse an address after sending bitcoin out of it.

The address is derived from the public key through a one way function of cryptographic hashing, this makes it impossible to know the public key by knowing the address.

I know you know this, address reuse is not advisable for privacy reasons, because all funds sent to a particular address can easily be tracked on blockchain.

---snipped---

Why not use an open source wallet like Electrum on an airgapped device for this. Let the wallet generate the seed phrase, keys and addresses for you. Backup the seed phrase offline like on paper and also one, two or few addresses and delete the wallet. That is also a paper wallet.

Or, making use Iancoleman html file which is also open source to generate seed phrase, keys and addresses on an airgapped device and do the seed phrase backup and have some addresses with you.

It will be easy to backup 12 to 24 word seed phrase than private key.


If you are still on your plan, you can read these:

Re: Safest wallet and method to sweep a paper wallet
Re: Most Secure Method To Sweep Paper Wallet

[DannyHamilton]

1. Download a local copy of [I removed the link] onto a thumb drive.

The website you referred to is a scam.

How am I supposed to -send- bitcoin from that wallet without entering the private key into some other internet device and potentially having it compromised?

If you have created your paper wallet using the website you shared above, your private key is already compromised.

And this is one of the many reasons why it is not recommended to try to generate and store individual private keys in this manner.

[hosseinimr93]

You do not need to reveal your private keys when sending bitcoin. However, your public key is revealed when you sign a transaction, this is one of the reasons you should not reuse an address after sending bitcoin out of it.

The address is derived from the public key through a one way function of cryptographic hashing, this makes it impossible to know the public key by knowing the address.

It's true that the public key can't be derived from the address, but once you broadcast a transaction to the network, your public key is revealed and anyone can know that.
The public key (as the name suggests) should be public. Without the public key, nodes can't verify the transaction and the sender has to disclose it.  

[Pmalek]

OP could have a paper wallet. He might have been told or read that to spend the coins from the printed address, he needs to import the private key into a wallet. Well, that is true. If your address and private key are printed on a paper wallet, the only way to spend those coins is by importing the data into a wallet or scanning the corresponding QR codes.

But if you are dealing with a software, you don't need to worry about copy-pasting or importing private keys during the transaction broadcasting process. The software signs the transaction with the needed private key. What you should be worried about is not storing sensitive data like private keys or seed phrases in a digital form or on online services.

[BlackHatCoiner]

via the blockchain (not an exchange)

Just a correction: We all go “via the blockchain”, the whole system relies on it. You can distinguish wallets to those that give you full custody over your funds and to those that there's trust among you and a third party. In both cases, the transactions are broadcasted to the network.

How can one be sure that their private key will not be stolen when it is entered for the transaction?

If the wallet software you've installed, your operating system, your machine's firmware are all open-source and you've checked and approved every single line (assuming you can read those easily with no mistakes) from each, then it's 100% safe, technically.

Otherwise, you can trust those thousands contributors who have reviewed (and worked) into the code. But, to be honest and realist, you can never be that sure, just like you can't be 100% sure no one will rip your cash off while you're asleep.

[DannyHamilton]

via the blockchain (not an exchange)

Just a correction: We all go “via the blockchain”, the whole system relies on it. You can distinguish wallets to those that give you full custody over your funds and to those that there's trust among you and a third party. In both cases, the transactions are broadcasted to the network.

This is not entirely true.

With custodial wallets (such as the type provided by an exchange like Coinbase), the wallet provider can (and generally does) allow users of their system to transfer value between each other without ever sending any transaction out on to the network (and therefore without any transaction being added to the blockchain at all). The service provider can simply update their own database to indicate that one customer has access to slightly less and another customer has access to slightly more.

In my opinion, what's being provided in that situation is an "account" and not a "wallet". The custodial service has their own "wallet" or "wallets" that they use to store all of their customer's funds, and that they use to send transactions out onto the network on behalf of their customers, but the customers themselves just have an account with an entry in the service provider's database indicating how much value the provider is holding for them. I gave up on that battle a long time ago. Custodial service providers decided that they could call their accounts "wallets", and the community let them get away with it. That ship has sailed, and there's no getting it back. So, now we're stuck distinguishing between "custodial wallets" and "non-custodial wallets".

[BlackHatCoiner]

[...]

Correct, the exchange doesn't have to broadcast a transaction made by two of their customers. However, in that case, it stops being a bitcoin transaction. Since there are no keys involved and no transaction published for everyone to confirm it happened, the exchange simply owes bitcoins. It's wrong to assume it transacted bitcoins.

The only thing it transacted is debt.

[Pmalek]

Custodial service providers decided that they could call their accounts "wallets", and the community let them get away with it. That ship has sailed, and there's no getting it back. So, now we're stuck distinguishing between "custodial wallets" and "non-custodial wallets".

That's because the majority of users don't care where those coins are as long as they can see the correct balance and have the ability to trade or withdraw "their" Bitcoin when they want to. Most people aren't even concerned that they don't own the private keys of "their" coins, let alone that a P2P account balance update between two customers of exchange X was involved in a Bitcoin transaction or not.