Broadcast Raw Transaction from Android

[Razick]

I'm working on making a cold-storage wallet on a Rasperry Pi (it hasn't been delivered but I'm planning it now). The idea is that I will have a completely offline wallet on my Pi, with a paper backup of course. When I need to send transactions, I'll sign them offline and broadcast them from my online computer.

Now here's my dilemma. Chances are I won't always be at home when I need to send a transaction, so I plan to create and sign some preset transactions on my Pi and print them out as QR codes. The transactions will direct my Bitcoins to my phone wallet so that if I need to send a transaction from my phone, I can just broadcast the transaction and receive the coins without my private keys being exposed to the internet.

I can store the transactions on paper in my wallet (the kind you carry cash in  ) and scan them when I want coins on my phone. The only problem I see (tell me if you see any others) is that I don't know a good way to broadcast transactions from my phone. As far as I know the Android client doesn't support sending external transactions, and blockchain.info/pushtx seems to be broken.

Does anyone know of an app or reliable online (and easy to use on a mobile device) transaction broadcast utility? Ideally, I'd be able to include the transaction in the URL of the website so I could just scan the QR code and click the link, but I won't be too picky.

[shorena]

Why so complicated? Maybe I understood you wrong, so Ill sumarize what I think you said:

#0 have awesome offline RasPi wallet
#1 print signed TX to paper
#2 carry around signed TX on paper with you until you want to spend coins
#3 broadcast presigned  TX to phone
#4 wait for conformation
#5 spend coins from phone (with another TX)

why not just:

#1 print a signed TX to paper
#2 broadcast from home to address on phone
#3 carry around in phone wallet until you want to spend coins

Am I missing something or is the "carry around signed TX on paper" part just a way to make this more complicated without gaining anything?

[TimS]

Am I missing something or is the "carry around signed TX on paper" part just a way to make this more complicated without gaining anything?

Not quite. With his plan, someone has to steal both his (physical) wallet and his phone (and then spend/transfer it before the rightful owner realizes the theft and transfers the coins elsewhere) in order to steal his coins. This is of limited use since the wallet and phone are typically carried on your person, but at least it protects against digital-only attacks, and some in-person theft scenarios.

I'd add that you should encrypt the transaction with a passphrase/password before writing it to the paper. Unfortunately, this further complicates the retrieval process: you need a decryption app on the phone. But it does mean that the paper is useless without something that only exists in your head. In this case, you could even store the TXs digitally on your phone and/or the Internet, since there is no longer a security concern.

[shorena]

Am I missing something or is the "carry around signed TX on paper" part just a way to make this more complicated without gaining anything?

Not quite. With his plan, someone has to steal both his (physical) wallet and his phone (and then spend/transfer it before the rightful owner realizes the theft and transfers the coins elsewhere) in order to steal his coins. This is of limited use since the wallet and phone are typically carried on your person, but at least it protects against digital-only attacks, and some in-person theft scenarios.

While it might* reduces the risk to some form of attacks, I would argue that they are so uncommon that the missing comfort is worse. Esp. since youd only carry around what you would otherwise carry around in a regular wallet anyway. Id also think that a regular thief would turn the phone off ASAP to avoid any sort remotly controled tracking software. Its not like a thief would specifically target someone using bitcoin.

I'd add that you should encrypt the transaction with a passphrase/password before writing it to the paper. Unfortunately, this further complicates the retrieval process: you need a decryption app on the phone. But it does mean that the paper is useless without something that only exists in your head. In this case, you could even store the TXs digitally on your phone and/or the Internet, since there is no longer a security concern.

The app should offer some form of encryption anyway. A simple 6 digit PIN like mycelium uses would be enough to go home and recover the coins.

PS: * I just realized that with a presigned TX the coins have to go to a known address anyway (e.g. your own phone) thus you do not even gain anything in case of an infected phone. There might be certain circumstances where you discover that your phone can no longer be trusted but do not have broadcasted the paper TX yet. I think we are officially in tin foil hat land now.

Just send the coins you want to spend that day/night to your phone and send back what you have left when you are back home.

[Razick]

The problem I have is that the Bitcoin Android app seems so insecure. There's no password, pin or wallet encryption. For this reason, I don't want to keep much in it long term.

Also, I planned to send before the transaction was confirmed as many wallets allow (since the inputs would be from a green address for my purposes), but I just realized that annoyingly the app doesn't allow that.

[TimS]

PS: * I just realized that with a presigned TX the coins have to go to a known address anyway (e.g. your own phone) thus you do not even gain anything in case of an infected phone. There might be certain circumstances where you discover that your phone can no longer be trusted but do not have broadcasted the paper TX yet. I think we are officially in tin foil hat land now.

We're not entirely in tin foil hat land, because the whole point is that you have multiple papers, and only load one at a time. Let's say each paper is worth 0.1 BTC, and you carry 10 papers at any one time. Typically, you'll only load one paper at a time, so the most that can be stolen is about 0.2 BTC. I think it's fair to assume that if your coins do get stolen (because your phone can no longer be trusted), the losses are limited to 0.2 BTC, and you can simply not scan any more papers in.

[shorena]

@TimS you have a point there. I personally would not take 1 btc for a night out with me, but that depends on your budget and you probably picked an easy number for the example.

@Razick Yes, big amounts should not be storred on a phone. Even with password. I am not suggesting long term either. Just load your phone with what you need for the occasian and send it back when you return.

Not sure what your scenario is. Do you want to keep all your coins as paperwallets with you?

[Razick]

@TimS you have a point there. I personally would not take 1 btc for a night out with me, but that depends on your budget and you probably picked an easy number for the example.

@Razick Yes, big amounts should not be storred on a phone. Even with password. I am not suggesting long term either. Just load your phone with what you need for the occasian and send it back when you return.

Not sure what your scenario is. Do you want to keep all your coins as paperwallets with you?

The idea is that I might not always know in advance when I will need Bitcoins. I don't want to keep all my coins with me, which is exactly the point. Just having a few predesignated transactions allows me to restrict my coins more and leave them at home.

Ideally, I'd do what you suggest. I only want my method as a backup.

[Peter R]

I'm working on a slightly different solution to the same problem.  Instead of printing the signed transaction to a QR code, I created a small token that can sign transactions over NFC.  Your Android wallet would make a signature request to the device, and, if authorized, the device would sign it and relay the signed TX back to your phone.  Your phone then automatically pushes the TX to the network.  Similar to your solution, your private key never touches an internet-connected phone/computer.  These Sigsafe tags aren't yet available for purchase, but the first spin of circuit boards is now complete.  

You can configure these devices to only sign transactions that spend to a pre-defined hot wallet address, require a user password or cryptographic authentication from your phone, or even implement daily transfer limits.  Even if a thief took your tag, it would be very difficult for him to steal your funds .  



Here's the project thread: https://bitcointalk.org/index.php?topic=610453.0

[Razick]

Thank you for posting that, you definitely have my interest.