n0nce
|
|
December 30, 2022, 11:27:51 PM |
|
You can run your Electrum server without any funds on it; therefore not making it a 'web wallet', and dramatically reducing its risk profile. That's what I'd recommend: run your Bitcoin node with Electrum server software on it somewhere and connect your SPV wallet to it through Tor.
Keep your keys on the machine running the SPV wallet, which by the mere fact of not being a server, not being online all the time and having fewer open ports and a more restrictive firewall, will be more secure. Since this is not a server, it will also be easy to actually keep keys off that device, too and using a hardware wallet with the keys on it instead.
In that setup, the secure computer will construct a PSBT, get it signed fully offline by the hardware wallet, then send the PSBT to the semi-secure Electrum server which finally broadcasts it to the Bitcoin network.
|