Signing transactions in Electrum hot wallet while temporarily offline

[bhodler]

Is it possible to sign a transaction from an online Electrum wallet whilst temporarily disconnected from the internet?
I turn off wifi before opening an electrum wallet but then need to connect again to get up-to-date fees. I try to disconnect from wifi again to sign the transaction but it doesn't seem to work, so end up having to enter password for signing when online.

I've found lots of answers about how to sign using a wallet on a permanently offline computer but I don't have spare computer for this and besides, if it can be done on a permanently offline computer, it should be possible to sign on a temporarily offline computer.
 

[1715109835]

1715109835

[1715109835]

1715109835

[1715109835]

1715109835

[hugeblack]

Is it possible to sign a transaction from an online Electrum wallet whilst temporarily disconnected from the internet?

The transaction is signed by the private key, so you can sign it without the need to connect to the Internet.
After you sign it, you can broadcast it through any computer connected to the Internet.

I turn off wifi before opening an electrum wallet but then need to connect again to get up-to-date fees. I try to disconnect from wifi again to sign the transaction but it doesn't seem to work, so end up having to enter password for signing when online.

What you do will not add security advantages to you as hackers can steal your coins, because the private key/seeds are present when you connect to the internet.

The idea of ​​cold storage^[1] is that the seeds are created in an environment that has not and will not be connected to the Internet.
If you do not have technical experience, it is better to buy a hardware wallet.
If you can't afford to buy it, it's best to buy a USB, burn Tails^[2] OS on it, generate seeds, and connect through it whenever you need to send your coins.
You can check this video about how to make Bitcoin cold storage and DYOR ---> https://www.youtube.com/watch?v=yzJ9bRFkwmo


[1] https://en.bitcoin.it/wiki/Cold_storage
[2] https://tails.boum.org/

[NeuroticFish]

Is it possible to sign a transaction from an online Electrum wallet whilst temporarily disconnected from the internet?
I turn off wifi before opening an electrum wallet but then need to connect again to get up-to-date fees. I try to disconnect from wifi again to sign the transaction but it doesn't seem to work, so end up having to enter password for signing when online.

I've found lots of answers about how to sign using a wallet on a permanently offline computer but I don't have spare computer for this and besides, if it can be done on a permanently offline computer, it should be possible to sign on a temporarily offline computer.
 

As said, it is possible; cold storage is never connected and still can sign.
You seem to have misunderstood some things. Also as said, the fact you just temporarily start the internet connection doesn't help at all to your funds' security. I've even read (here, on bitcointalk) about somebody doing this same approach thinking he has cold storage; sadly, he got his funds stolen.

So your wallet is hot wallet, no matter you open internet connection only now and then.
If you want added security, consider one of the following:
* learn to use cold storage properly; it's cheap and easy to set up with Tails OS and a lot of reboots.
* buy hardware wallet
* generate safely (but not this kind of bad half-safety, please) a new seed, write it down, write down one of the related addresses, keep the significant funds on this like a paper wallet; the (smaller) rest of the funds can remain on the hot wallet (i.e. at risk).

[bhodler]

* learn to use cold storage properly; it's cheap and easy to set up with Tails OS and a lot of reboots.
* buy hardware wallet
* generate safely (but not this kind of bad half-safety, please) a new seed, write it down, write down one of the related addresses, keep the significant funds on this like a paper wallet; the (smaller) rest of the funds can remain on the hot wallet (i.e. at risk).

I do actually have a hardware wallet but I wanted to transfer my electrum wallets off one laptop so I can take it for repair, but keeping the wallets intact and not have to pay fees for sending to another wallet. My understanding of the signing process is that the private key needs to be revealed momentarily in order to create a signature to append to the transaction, which is why air-gapping is recommended, and also why I thought that this was a serious vulnerability if signature generation is done whilst online. Hence why I was disconnecting to do this. How is it that signing whilst offline is no less vulnerable than signing whilst online?

The securitisation of private keys through encryption is so in-depth and multi-tiered that it seems like there should be no chance of a private key being revealed even in a hot wallet, but that's clearly not the case for any wallet that's not air-gapped. There's a lot of emphasis in the community about "not your keys, not your coins", and whilst people are being urged to use hardware wallets more and more, the fact that private keys actually get exposed in hot wallets, even if it's only momentary, doesn't seem to be emphasised much at all. In reality hot wallets are only good for pocket change it seems.  

[NeuroticFish]

I do actually have a hardware wallet but I wanted to transfer my electrum wallets off one laptop

Here you already lost me. Do you use Electrum with the hardware wallet? If so the seed and keys should be safely on the hardware wallet and you can just fire up Electrum on the new computer (after you made sure you've downloaded it from electrum. org and verified it), plug the hardware wallet (depending on the make) and select in Electrum that you have hardware device; Electrum will handle the rest.

So please clear up if your Electrum actually contains the wallet seed or you use it with HW. It's important.

I wanted to transfer my electrum wallets off one laptop so I can take it for repair, but keeping the wallets intact and not have to pay fees for sending to another wallet.

I hope that you know that you'll have to wipe the wallet files (and maybe the free space too) in order make sure others won't recover your wallet, right?
Of course, if your computer does/did contain private key/seed.

My understanding of the signing process is that the private key needs to be revealed momentarily in order to create a signature to append to the transaction, which is why air-gapping is recommended, and also why I thought that this was a serious vulnerability if signature generation is done whilst online. Hence why I was disconnecting to do this. How is it that signing whilst offline is no less vulnerable than signing whilst online?

First of all, the wallet handles this for you. Second, it depends on the wallet; I do use Electrum with Nano S and there's no private key not seed touching my computer.
Third, your setup doesn't make sense because if you have malware it can record your Electrum password and send it together with the wallet file next time you go online, whenever that happens. What would stop it from doing that?!

The securitisation of private keys through encryption is so in-depth and multi-tiered that it seems like there should be no chance of a private key being revealed even in a hot wallet, but that's clearly not the case for any wallet that's not air-gapped. There's a lot of emphasis in the community about "not your keys, not your coins", and whilst people are being urged to use hardware wallets more and more, the fact that private keys actually get exposed in hot wallets, even if it's only momentary, doesn't seem to be emphasised much at all. In reality hot wallets are only good for pocket change it seems.  

I have a feeling you've misunderstood and mixed up some things big time.
A hardware wallet is not a dumb USB stick. The signing doesn't happen in a process in your laptop's memory and most probably it just gets the unsigned transaction and sends it back signed.


However, maybe it's better if you tell if you use the hardware wallet with Electrum (so we don't have to guess where the keys are to give you better advises) and maybe what make/model is that HW (at least to know it's indeed a hardware wallet).

[o_e_l_e_o]

I do actually have a hardware wallet but I wanted to transfer my electrum wallets off one laptop so I can take it for repair, but keeping the wallets intact and not have to pay fees for sending to another wallet.

If you use Electrum only to interact with your hardware wallet, then you can just delete the Electrum files from your computer - your wallets will be easily restored from your hardware wallet. I would double check you have your seed phrase backed up before doing this though.
If you use Electrum as its own wallet, then just enter the seed phrase from your wallet in to Electrum on another computer to restore your wallet there and then delete your wallet files from your first computer. You'll need to use some dedicated software to write over the sectors of your hard drive which contained your deleted wallets to be certain the data is gone, though.
In both cases you could also just transfer the wallet file from one computer to the other.

My understanding of the signing process is that the private key needs to be revealed momentarily in order to create a signature to append to the transaction, which is why air-gapping is recommended, and also why I thought that this was a serious vulnerability if signature generation is done whilst online.

Whenever you unlock your wallet, whether or not you are signing anything, your private keys are exposed to the internet. If you can't have your wallet permanently offline, then going offline temporarily and then online again achieves very little.

The securitisation of private keys through encryption is so in-depth and multi-tiered that it seems like there should be no chance of a private key being revealed even in a hot wallet, but that's clearly not the case for any wallet that's not air-gapped.

As NeuroticFish has said, if you are infected with malware which can steal your private key when you sign something, then it can equally easily just steal your wallet file and the password you use to unlock it, meaning your private keys are at risk at any time with a hot wallet.

In reality hot wallets are only good for pocket change it seems.

Correct. Lots of people use them for lots more funds than that, but there is a significant risk in doing so.

[NotATether]

I turn off wifi before opening an electrum wallet but then need to connect again to get up-to-date fees. I try to disconnect from wifi again to sign the transaction but it doesn't seem to work, so end up having to enter password for signing when online.

At the bottom left corner of the transactions window, you can manually enter a fee after you click on the "Advanced" button (this only works before you finalize the transaction), and that does not require internet access.

Most malware won't wait for you to create a transaction before attempting to steal your password. The damage would usually be done when the wallet is first opened. Therefore, I recommend disconnecting from the internet for the entire duration Electrum wallet is open as a light alternative to airgapped setup if you can't afford one.

[bhodler]

I turn off wifi before opening an electrum wallet but then need to connect again to get up-to-date fees. I try to disconnect from wifi again to sign the transaction but it doesn't seem to work, so end up having to enter password for signing when online.

At the bottom left corner of the transactions window, you can manually enter a fee after you click on the "Advanced" button (this only works before you finalize the transaction), and that does not require internet access.

Most malware won't wait for you to create a transaction before attempting to steal your password. The damage would usually be done when the wallet is first opened. Therefore, I recommend disconnecting from the internet for the entire duration Electrum wallet is open as a light alternative to airgapped setup if you can't afford one.

Thanks this is the sort of answer I was looking for (not that the other answers weren't helpful ). Is it possible to simply select 'lowest fee' rather than a specific fee though, coz without online estimates of the fee we don't know what the lower bound is? Also, if the wallet is offline the entire time how can you broadcast the transaction, and how does the wallet ever get updated?

Whenever you unlock your wallet, whether or not you are signing anything, your private keys are exposed to the internet. If you can't have your wallet permanently offline, then going offline temporarily and then online again achieves very little.

I can't get my head around this. Electrum wallet is stored on the computer so why is it necessary for the private keys to be exposed to the internet at all, let alone when simply opening the wallet? If a cold wallet can function perfectly well without exposing keys, why can't a wallet on a computer also do this - is it some sort of bug in the software? Seems crazy to me that so much effort is made to conceal private keys and yet they are revealed to the internet in this way with apparently no legitimate reason.

[NotATether]

Whenever you unlock your wallet, whether or not you are signing anything, your private keys are exposed to the internet. If you can't have your wallet permanently offline, then going offline temporarily and then online again achieves very little.

I can't get my head around this. Electrum wallet is stored on the computer so why is it necessary for the private keys to be exposed to the internet at all, let alone when simply opening the wallet? If a cold wallet can function perfectly well without exposing keys, why can't a wallet on a computer also do this - is it some sort of bug in the software? Seems crazy to me that so much effort is made to conceal private keys and yet they are revealed to the internet in this way with apparently no legitimate reason.

I think o_e_l_e_o is trying to say that there is a small window of time between when you open the wallet (with the correct password) and when the password is discared from the memory of the Electrum program that a malicious copy of it can seize it.

Also there is a similar window when you enter your password to sign a transaction.

Basically, the wallet password can be used on a later date by malware to gain access to private keys (if it was a keylogger it would merely record the password inside itself), it waits for internet connectivity to come back, and then relays it back to their own servers.

The only possible defence in such a case (entering the password while there is internet connection) is to block all possible domains (WWW domains) of malware in the /etc/hosts file (Windows has it inside the System32 folder I believe).

[bhodler]

I do actually have a hardware wallet but I wanted to transfer my electrum wallets off one laptop

Here you already lost me. Do you use Electrum with the hardware wallet? If so the seed and keys should be safely on the hardware wallet and you can just fire up Electrum on the new computer (after you made sure you've downloaded it from electrum. org and verified it), plug the hardware wallet (depending on the make) and select in Electrum that you have hardware device; Electrum will handle the rest.

So please clear up if your Electrum actually contains the wallet seed or you use it with HW. It's important.

Sorry to confuse... my first wallet was Electrum and then I recently got a Ledger Nano S, on which I created a new wallet and have so far only used this with Ledger Live. Reading the docs for using hardware wallets with Electrum it sounded like it was going to need some other software (Tails?) to be installed and I didn't want to get distracted with that at the moment. However if Electrum will recognise the Nano and 'handle the rest' that's good. Are you saying that I should be able to re-generate my Electrum wallets on the Nano without having to generate them on the computer at all, and thereafter I can interact with them on Electrum installed on the new computer?

I wanted to transfer my electrum wallets off one laptop so I can take it for repair, but keeping the wallets intact and not have to pay fees for sending to another wallet.

I hope that you know that you'll have to wipe the wallet files (and maybe the free space too) in order make sure others won't recover your wallet, right?
Of course, if your computer does/did contain private key/seed.

Wallet files yes, but free space, will have to look up how to do that!

My understanding of the signing process is that the private key needs to be revealed momentarily in order to create a signature to append to the transaction, which is why air-gapping is recommended, and also why I thought that this was a serious vulnerability if signature generation is done whilst online. Hence why I was disconnecting to do this. How is it that signing whilst offline is no less vulnerable than signing whilst online?

First of all, the wallet handles this for you. Second, it depends on the wallet; I do use Electrum with Nano S and there's no private key not seed touching my computer.
Third, your setup doesn't make sense because if you have malware it can record your Electrum password and send it together with the wallet file next time you go online, whenever that happens. What would stop it from doing that?!

I'm not saying I have malware. What I mean is that the signing process requires private key to be exposed momentarily, whether that is on hardware wallet or 'hot' wallet. Obviously in the case of hardware wallet, this exposure is contained within the hardware device so there's no risk of leakage. In the case of a hot wallet like Electrum, the signing process takes place on the computer so the momentary exposure of the key should be contained within the computer as long as the computer's offline, but if the computer's online there's a risk of the momentary exposure of the key being exposed to hackers. Of course, if there's malware on the computer then it's a different story

The securitisation of private keys through encryption is so in-depth and multi-tiered that it seems like there should be no chance of a private key being revealed even in a hot wallet, but that's clearly not the case for any wallet that's not air-gapped. There's a lot of emphasis in the community about "not your keys, not your coins", and whilst people are being urged to use hardware wallets more and more, the fact that private keys actually get exposed in hot wallets, even if it's only momentary, doesn't seem to be emphasised much at all. In reality hot wallets are only good for pocket change it seems.  

I have a feeling you've misunderstood and mixed up some things big time.
A hardware wallet is not a dumb USB stick. The signing doesn't happen in a process in your laptop's memory and most probably it just gets the unsigned transaction and sends it back signed.


However, maybe it's better if you tell if you use the hardware wallet with Electrum (so we don't have to guess where the keys are to give you better advises) and maybe what make/model is that HW (at least to know it's indeed a hardware wallet).

It's certainly tricky understanding how all this stuff works and no doubt I've misunderstood some things, but I'm pretty clear about what a hardware wallet is. My trouble, as you've probably gathered by now, is understanding why private keys in desktop hot wallets are being exposed to the internet unnecessarily, when the signing for these transactions is done on the computer not on the internet  

[Abdussamad]

private keys are only exposed if the pc has key stealing malware on it. because the malware is on an internet connected device it can communicate your private keys to the thieves while if it was on a permanently offline device it couldn't communicate the keys to anyone.

[NeuroticFish]

It's certainly tricky understanding how all this stuff works and no doubt I've misunderstood some things, but I'm pretty clear about what a hardware wallet is.

I tried to help, not to preach. If I was wrong in my assumptions on your knowledge, even better for you.

My trouble, as you've probably gathered by now, is understanding why private keys in desktop hot wallets are being exposed to the internet unnecessarily, when the signing for these transactions is done on the computer not on the internet  

If your computer is infected, that software can easily use any change it gets to "send home" everything is was programmed to, from keystrokes to files or screen captures.
So if you use a hot wallet, no matter it goes online 5 seconds or 24/7, it's a hot wallet and it brings risks. It's not only the signing itself that exposes you; usually it's already the fact you've entered the password of your wallet into a potentially infected computer that will ever get online. I've said "usually" for the password, since some use Electrum 2FA which can be a bit safer in this use case.
If you are strictly speaking about what inside you computer's memory, iirc Electrum even had in the past some vulnerability for keeping some things unnecessarily in memory and something that could allow attacker read that in a way or another, but I don't know the exact details.

What is "internet" after all? Browser runs in your computer memory, not "on the internet". Malware runs on your computer, not on the internet and once you've got online, the malware can start "talking" with its "master" and before you know it, all the private data is gone. Sorry if I tell you things you already know.

Of course, if you are indeed capable of keeping your computer clean, then all this doesn't matter. But most people tend to overestimate their capabilities on the matter.

[o_e_l_e_o]

Is it possible to simply select 'lowest fee' rather than a specific fee though, coz without online estimates of the fee we don't know what the lower bound is?

If you want the lowest fee, then simply enter 1 sat/vbyte in the box. Whether or not that will confirm at a reasonable speed will vary, though. Better to check the mempool from an online device and see what an appropriate fee would be at the time.

Also, if the wallet is offline the entire time how can you broadcast the transaction, and how does the wallet ever get updated?

You export the signed transaction as either a file or a QR code, and transfer it to a computer with internet access such either via a USB drive or a webcam scanning the QR code. The online computer then broadcasts it, while the private keys never leave the offline computer. The offline wallet will never be updated with accurate balances, but it doesn't need to be - you use an online watch only wallet without the private keys to monitor your addresses and create unsigned transactions, then use the offline wallet with the private keys to sign these transactions.

In terms of updating the wallet software, that would only be done if you were to download the new version from your online computer and transfer it across to your offline computer for installation.

Electrum wallet is stored on the computer so why is it necessary for the private keys to be exposed to the internet at all, let alone when simply opening the wallet?

You misunderstand. Electrum isn't deliberately exposing your keys to the internet, but rather, everything on a computer which has an active internet connection is exposed to the internet. If your computer is connect to the internet, then there is always the possibility, regardless of how good your security precautions are, that either an attacker can access your computer and its files, or you get infected with some malware which sends your data to an attacker. If you store your wallet on a device with an internet connection, then it is exposed to the internet, even if you never even open the wallet file.

[bhodler]

It's certainly tricky understanding how all this stuff works and no doubt I've misunderstood some things, but I'm pretty clear about what a hardware wallet is.

I tried to help, not to preach. If I was wrong in my assumptions on your knowledge, even better for you.

My trouble, as you've probably gathered by now, is understanding why private keys in desktop hot wallets are being exposed to the internet unnecessarily, when the signing for these transactions is done on the computer not on the internet  

If your computer is infected, that software can easily use any change it gets to "send home" everything is was programmed to, from keystrokes to files or screen captures.
So if you use a hot wallet, no matter it goes online 5 seconds or 24/7, it's a hot wallet and it brings risks. It's not only the signing itself that exposes you; usually it's already the fact you've entered the password of your wallet into a potentially infected computer that will ever get online. I've said "usually" for the password, since some use Electrum 2FA which can be a bit safer in this use case.
If you are strictly speaking about what inside you computer's memory, iirc Electrum even had in the past some vulnerability for keeping some things unnecessarily in memory and something that could allow attacker read that in a way or another, but I don't know the exact details.

What is "internet" after all? Browser runs in your computer memory, not "on the internet". Malware runs on your computer, not on the internet and once you've got online, the malware can start "talking" with its "master" and before you know it, all the private data is gone. Sorry if I tell you things you already know.

Of course, if you are indeed capable of keeping your computer clean, then all this doesn't matter. But most people tend to overestimate their capabilities on the matter.

Thanks for your help, I appreciate it and I think it's better to risk saying things that someone already knows rather than assuming they know it already and skipping important steps.
Judging by many of the answers I've received, I've probably given ppl the impression that my computer's infected but I'm pretty sure it's ok - -running Mac with anti-malware/antivirus etc... Anyway, I have clearer picture than before and will be more vigilant as a result

[bhodler]

If you want the lowest fee, then simply enter 1 sat/vbyte in the box. Whether or not that will confirm at a reasonable speed will vary, though. Better to check the mempool from an online device and see what an appropriate fee would be at the time.

[/quote]
You export the signed transaction as either a file or a QR code, and transfer it to a computer with internet access such either via a USB drive or a webcam scanning the QR code. The online computer then broadcasts it, while the private keys never leave the offline computer. The offline wallet will never be updated with accurate balances, but it doesn't need to be - you use an online watch only wallet without the private keys to monitor your addresses and create unsigned transactions, then use the offline wallet with the private keys to sign these transactions.

In terms of updating the wallet software, that would only be done if you were to download the new version from your online computer and transfer it across to your offline computer for installation.

[/quote]
You misunderstand. Electrum isn't deliberately exposing your keys to the internet, but rather, everything on a computer which has an active internet connection is exposed to the internet. If your computer is connect to the internet, then there is always the possibility, regardless of how good your security precautions are, that either an attacker can access your computer and its files, or you get infected with some malware which sends your data to an attacker. If you store your wallet on a device with an internet connection, then it is exposed to the internet, even if you never even open the wallet file.
[/quote]

Thanks so much for your help - it's pretty clear now 

[NeuroticFish]

I've probably given ppl the impression that my computer's infected but I'm pretty sure it's ok - -running Mac with anti-malware/antivirus etc...

It's not you giving the wrong impression, we tend to assume most are running Windows systems. And especially there you can too easy have a can of worms without even suspecting it. That's why we recommend extreme caution, which usually means to treat the computer as infected even if it's probably not.

I wrote it in the past, I'll add it again, just in case: if you plan to give your laptop to a 3rd party (for repairs or whatever) and you had hot wallet with private keys there, you should be very careful on cleaning/wiping the data (and free space too) to not risk giving out your wallet or seed.

[bhodler]

private keys are only exposed if the pc has key stealing malware on it. because the malware is on an internet connected device it can communicate your private keys to the thieves while if it was on a permanently offline device it couldn't communicate the keys to anyone.

Thx