Topic: As a Bitcoin Core only user, how im supposed to pay someone in person? (Read 596 times)

It reminds me of few people who use old laptop (usually Thinkpad) with Linux OS to avoid proprietary hardware (e.g. closed source BIOS). Anyway, Google Play state Electrum require Android version 5.0[1] which means you can run Electrum on Replicant OS. But aside from security issue, you need to find ancient device in good condition which isn't trivial task.

[1] https://play.google.com/store/apps/details?id=org.electrum.electrum

Did further research on this and turns out there's another option, Replicant OS:
https://www.replicant.us/freedom-privacy-security-issues.php


I don't think it gets as anymore free as in freedom than Replicant for the mobile phone, the problem is, just like how it happens with computers, you are limited to a tiny amount of devices that meet the requirements. So you would need to find some ancient S3 phone. Would Electrum run there?

Note that even if you get the higher open source levels here, the last security update for Android 6 is was from October 2017, so that's another compromise, so at some point you have to wonder where is the balance there.

If you've used to Samsung phones, then maybe your best course would be to install LineageOS on this 10-year-old Galaxy. It'd be my first attempt. It's easy to install, does provide decent security and is specifically designed to work on old devices (thus, is more lightweight).

If that doesn't work for you, and you attempt to buy a new smartphone, my recommendation would be a Pixel without doubt. It'll cost you around 300 EUR and you'll get yourself GrapheneOS with the newest Android version, which from my experience, is the best there is. Check out this website, it contains a lot of tutorials around Graphene: https://sideofburritos.com/.

You can always wipe the outdated OS and use a FOSS one instead. In addition to the distros ETFbitcoin has already mentioned, there is also Ubuntu Touch. Your best bet will probably be LineageOS or DivestOS though, which both support a wide range of old Samsung models:

https://wiki.lineageos.org/devices/#samsung
https://divestos.org/pages/devices

If you are only using the wallet to store a single UTXO received from elsewhere and then to later send that UTXO to your trading partner, then there will be minimal privacy loss from using a third party Electrum server via Tor. The server would be able to see all the other addresses in your wallet, but provided you are never going to use them for anything then that is irrelevant. It does mean using a new wallet for each trade you make, though, otherwise the server would be able to link all your trades to the same person.

I'm more surprised that Galaxy phone still running after 10 years, Anyway, i don't recall any Android custom ROM which as secure/private as Graphene. But i've seen some people mention Lineage, Calyx and DivestOS as Graphene's alternative. Although i've only tried Lineage to make old Android phone last longer where you can avoid installing Google Apps or install Google Apps you wish to use.

The thing with these devices is, they stand out. It looks like some sort of odd thing you are doing, you don't blend in with the average Joe. This to me is a thing to avoid. The way I see it is that when it comes to mobile transactions, you want to use a device that is not flashy, like a very common looking phone, and do not carry more than you could afford to lose carrying on your physical wallet, in terms of cash. This way, you don't make yourself a target, and if you lose the phone, you wouldn't lose some crazy amount, and you would still have a backup at home anyway. By the time they cracked access to the phone, you just would transact these funds into another address you own.

What I want to do now is to find a new phone, because I have some Galaxy phone from 10 years ago, so im assuming this Android version it's using is not updated and thus dangerous to use. And also look at what to do in terms of configuring it to find some reasonable amount of privacy. I've read on Orbot to use Tor on Android phones. I've seen Graphene but that is limited to Google phones. There are no other alternatives?

I would then basically use Electrum, and transact through Tor. I would need to consider if I would even need to transact through my node or just use some of the reasonable to use servers through Tor. Since the amounts aren't even big, it should be enough. And I don't want to connect my phone back to my node which is sitting at home physically anyway, I would rather compromise using someone else's server and send through there.

I'm also going to put this out there. While the question that the OP asked is a legitimate question. It does bring up another issue of how many one off situations are there that can happen.
Most people are fine with an insecure hot wallet on their phone and the bit of loss of privacy that comes with it.

There are ways to get around the privacy issue by running your own node and electrum server and connecting to that.

There are ways of using https://tapsigner.com/ or some similar product for more security. You can even have a large amount of funds in an encrypted paper wallet that you import & sweep & then pay the person.

There are 100s of different scenarios / options and each person will have to figure out what will work for them.

We can go down the rabbit hole of what works for the OP, but for the next person it may not be a good answer. There is not a one size fits all for things like this.

So....how do we as a group come up with a general framework that can be more tailored to people, or is it not worth it and we treat every one as an individual thing.

-Dave

Ahh ok, that makes sense. Still, I would prefer really sensitive data (like a bitcoin wallet) to be encrypted at all times except for the few minutes I am actively using it.

There are much easier ways to do it. On GrapheneOS for example, you can create multiple user profiles which are encrypted when not in use. Simply create a profile simply for bitcoin related things and install your wallets there. When you are in your main profile for calls, messaging, etc., the other profile is shut down and completely encrypted, and so an attacker wouldn't even be able to see you had a bitcoin wallet app installed. Just log in to that profile for the few minutes you need to use it, and then log out of that profile when done to re-encrypt it.

Phones are also easier to get stolen from the same pocket. Nobody can steal my laptop from the laptop backpack on my back without me noticing.

I'm assuming you don't run your Bitcoin Core on Windows, and don't install malware on your laptop.

I did a quick Google search right now after your comment and I have to admit that you are right, some .gov and .edu websites say that 1 in 10 individuals will have their laptop or smartphone stolen at some point. Okay, I am not going to argue with you over this but I think this person has to make his choice by considering his location. I can say this from personal experience that laptops are stolen more often than smartphones because almost everyone moves with iPhones or with expensive smartphones but you'll rarely see someone with laptop. By the way, it's easier to hide smartphone or put it in a safe pocket quickly if you notice any threat. Okay, I am not arguing here, it's very individual but aren't laptops more likely to get victim of cyber attacks?

Android itself is a dumbed-down version of Linux but it's even more dumbed-down when companies like Samsung, Xiaomi, Oppo and Sony make plenty of modifications to Android.

I initially mention encryption since OP said about phone getting stolen or other scenario. If the delay between attempt to crack the device and next reboot is very short, the attacker would have much hard time to crack the device.


Before first unlock, basic functionality already enabled. IIRC that include WiFi/internet connection and receive SMS/call.

Am I the only one who doesn't find any of this easy to do on a phone?

My approach is much simpler: my phone itself is worth more than any crypto in my mobile wallet. I'm careful with it anyway.

Very easy to do with GPG, you don't need any system software to do this except for a PGP client.

First, zip the folder into a .tar.gz or a .zip or something, Then encrypt and delete the folder.

When you want to decrypt, then you can unzip the decrypted contents.

Of course, this does have one flaw in that somebody can just extract your hard disk and look for unencrypted sectors, since deletion does not overwrite file data in-place[1] (this is the case for journaled filesystems like ext4 used in Android).

---

[1]: https://www.gnu.org/software/coreutils/manual/html_node/shred-invocation.html

Forgive me if I'm missing something, but what does this actually achieve?

When the phone is off, all data is encrypted. Great. When you turn it on, it remains encrypted until you unlock it for the first time. But you need to unlock it for the first time before you can actually use it as a phone. It will not receive calls, notifications, etc., until you have done so, at which point it isn't encrypted anymore. It is only protected by your lock screen, of which I have serious doubts about the security.

So if you reboot your phone every few hours or every day but are going to unlock it immediately after reboot so you can actually use it as a phone again, then what difference does that make to just having it turned on all the time?

This is why my suggestion was to have a dedicated folder on your phone which is separately encrypted and contains your bitcoin wallets, which you would only unlock when interacting with those wallets. Then at least you can still use the rest of the phone as a phone without having your bitcoin wallets unencrypted all the time. I do this on computers as well - I use full disk encryption on all my devices, but still have further separately encrypted files and folders which I will only decrypt when in use.

That's because it is a dumbed-down version of Linux with an extremely old kernel, no daemons, no way to compile stuff from scratch and overall, is more designed to be a Google product than anything that has anything to do with Linux

That is not to say that Linux ports to mobile phones have been particularly successful yet (Ubuntu Touch I think and there are some others who have also failed).

That's like: "you've replaced my bicycle lock, now you can take my car".
Android always feels like a dumbed-down version of Linux. On a slow old tablet, after switching users, the lock screen takes many seconds to load. During that time you can view the entire screen, and even starts apps (including Authenticator).

That removes basic functionality from your phone: you'll need to unlock it every few hours to be able to receive phone calls again.

But how good is it? If the phone is off then maybe, but if the phone is on and simply locked? There have been various methods to bypass the lock screen, such as this one: https://www.androidpolice.com/one-minute-hack-allowed-lock-screen-bypass-on-android-current-pixels-are-safe/. And once the lock screen is bypassed, everything can be accessed.

I'd rather have an entirely separate encrypted container which I know cannot be accessed without my decryption key.

But it sucks
My phone for instance gives me the option to encrypt my MicroSD card. But if I do, I can no longer read the card in another phone, and if I reset my phone to factory settings, I also lose the data on my MicroSD card. On a (Linux) laptop, at least I'm allowed to keep my decryption key. I don't want to tie decryption to one specific device.

An added bonus of using a laptop rather than a phone is you can install and run Bisq on it. Before arranging your face to face trade you can place any bitcoin you are selling in Bisq's multi-sig escrow, and then release them from escrow after the buyer hands you the cash. If someone steals your laptop, they can't steal the bitcoin out of the escrow.

A quick Google search shows that both laptops and cell phones have a 1-in-10 chance of being stolen. I trust laptops a lot more though, since I can install my own software and easily encrypt a user directory. Pick one up from Craigslist (for $50) and you don't have to worry about losing your expensive laptop.

Then you have to change your mind. I use Electrum in my smartphone for years, have stored up to 1 bitcoin and never ever got it stolen. I don't suggest you to use your smartphone as a cold wallet but it can be a good hot wallet for hundreds of dollars or some thousands for a quick pay.

Oh, so you changed your mind and don't stick with Linux distro.
If I were you, I would buy The Passport Foundation wallet and would watch this tutorial - https://www.youtube.com/watch?v=Ri1ZBZZdQb0
By using The Passport wallet and your smartphone, you will feel secure.

Laptop may attract attention, someone accidentally may hit you with shoulder and you may drop your laptop, everything can happen, I wouldn't use laptop either. I think that chances of damagin laptop or getting it stolen is way higher compared to smartphone because everyone has smartphone today in the street and outside, just my two cents.

If not connecting to your node, then I would also use Orbot as ETFbitcoin has suggested.

Install the wallet app inside some kind of encrypted folder or partition on your phone. If a thief manages to steal your phone, even if they bypass your lock screen they won't even be able to see you have wallet app installed without breaking the encryption first.

I strongly dislike phones: they're annoyingly small to type, the screen is 5% of what I'm used to, they need daily recharging, and they're fragile. But: it's a necessary evil nowadays.

First: I've never lost my phone, but I always assume that can happen at any moment. That means I don't do banking on my phone, I use a separate email account, I backup my data, and for Bitcointalk I use my not-to-be-trusted Mobile account.
For small, "daily" transactions, I keep some crypto on Unstoppable wallet on my phone. I set it up to use "From Blockchain" instead of "API" for privacy, and to use Tor. That makes it slower, but more private. If I lose my phone, I'll sweep my wallet. The wallet has a PIN, the phone has it's own security. And the amount on there is low.

Yeah, those will work, but here's the thing: We are moving into a world where everyone has a mobile phone. The same cannot be said about computers. Therefore, it in the future when Bitcoin becomes more adopted, it is more likely that you will encounter a bitcoin-dealing merchant who utilizes a smartphone than someone who has a computer with them, and the technology has to be ready by then to accommodate both usages.

And one of them is already supported: Typing in the address and amount and click Pay/Broadcast/whatever. But we are not there yet in terms of QR Code and/or NFC methods of payment.

I mean in theory, there should already be a strong support for QR codes in particular, on mobile wallets, but for whatever reason, nobody can agree on a number one wallet app to use, which would make this process significantly easier for average bitcoin users to give instructions about to customers (because it is easier to remember how 1 wallet works than 10). Unstoppable Wallet for example looks very good for this sort of thing and has a good reputation, but most people are using crappy exchanges or closed-source wallets instead.

That's exactly why I'm not buying any of those phones. They're overcharging; probably their targeted audience is privacy concerned users who aren't competent with phones. If you dig it up a little bit, you can buy yourself a 300 EUR worth of Pixel, with Graphene installed, and it'll be both more secure and private than any of those.

• Or just a small laptop.
• You can use mobile data.
• I guess they can send you the address over some communication channel if QR is not a practical option. In the worst, type the address.

Average people don't use CLI. And i just remember most OS have option to increase display scaling, which usually problem about small screen with big resolution.


Install Orbot on your Android phone. The default setting use "full device VPN" mode which means all application use Tor network.

It is quite difficult to lug around everywhere (unless it's a macbook air or something else that's light), requires a WiFi access point, is inconvenient for scanning QR codes and is overall quite cumbersome to use for making payments when you're on the street.

That's why your other suggestion about getting a GrapheneOS phone is a much better idea.

For those that ask why I don't want a laptop, beside it just not being convenient to carry around, I don't want to look like an high level nerd. You see, the problem is, you never know who you are dealing with, a laptop is typically a place you would store more BTC than a mobile device, where one would expect to carry pocket change, so you want to minimize this risk. Let alone those Coldcard type devices. Those make stand out like someone that is invested into this way too much. If you are a regular fella with a fashionable android phone, it's a much better look than showing up with some fancy, strange device that looks like some sort of Bitcoin-only device.

Im going to look at the Fairphone thing. Im familiar with Purism, their prices are a scam, they get massive cuts for what it is. Im going to also need to know what OS to install in there. Someone mentioned Graphene but this is only for the Google Pixel for some reason, im not buying a Google phone. I have a dated Samsung Galaxy for a phone, does the trick. I don't even know what Android version this uses. Im not familiar with phones.

Btw, what I meant with this thread, wasn't to say, I want to use Bitcoin Core on a phone, I can reasonably compromise, I just want to do it properly. I will mix at home, get the amount to use ready, and put it into mobile Electrum or whatever. Im not going to know the address until I arrive, so I cannot sign it at home. Then I also need to sort out how to transfer this through Tor from the phone. What I don't like is the traces that this would leave in terms of, imagine you lose your phone somewhere or something. Since im not familiar with phones, I don't know what to expect if that happens. Could some experienced phone users comment on this whole process?

Over a dozen billion, called smartphones. 

No, seriously. Look. If you sell small amounts of bitcoin, then getting yourself a Pixel with GrapheneOS installed wouldn't be a bad idea. It comes a lot cheaper than Fairphone. The TL;DR of Graphene is that it focuses on security and privacy. That can work, and it doesn't make you look like a socially awkward fella with Arch Linux, having an NSFW anime-girl wallpaper. (No offense to those who do!  )

But seriously, why not a laptop? Having an Electrum wallet, running Ubuntu doesn't tell me anything. We are not living in the 00s anymore.

CLI


If it's not for regular use for a few minutes of dealing with a very difficult screen setup is probably not the worst.
And if you know where you are sending the BTC and the amount you can pre-populate it at home and just hit send once you get a wi-fi signal wherever you are doing the exchange.

-Dave

It has a 6" screen and weighs 1.03 pounds. This is designed for specific industrial applications. For me, 10" is the minimum to be able to type "normally". That brings me into the netbook category, but most of them lack RAM capacity.

---

---

How about a good old paper wallet? Bitaddress.org is the easiest, but doesn't support Segwit. You can encrypt it with BIP38, and fund it with approximately the amount of Bitcoin you're going to need. When completing the trade, your trade partner can just sweep your private key from his own mobile device.

There are a lot of devices like this out there:

https://www.amazon.com/Industry-Portable-Computer-Notebook-Graphics/dp/B07QYZHM8F

I know running core on that would not work it's just the 1st one I found with a quick search.

Small enough to fit in a jacket pocket and you just look like a nerd / geek with an oddball computer.

There are a ton of other 'pocket computers' out there. Just how much do you want to spend.

If you are worried about your phone now being secure but you only do a couple of $200 transactions a year the payback time is long.
If you are doing a couple of $1000 transactions a week it's a different story.

-Dave

Yes, that's really crazy, especially when you look at the specs of the phone.
To compare this with the Fairphone 5 just from a memory perspective: The Fairphone has twice as much RAM (8GB vs 4GB) and also twice the memory (256GB vs 128GB).

They probably justify the price with their advertising where they proudly claim that a smartphone is "built outside China".

Install a privacy filter on your screen. Or does that make you stand out too?

There are many online tools that can be used for that. All you need to do is copy the raw (signed) transaction to your mobile and broadcast it using any of the avaliable tools.
In this way, you don't need to have your private keys in your mobile phone and that's what OP is trying to achieve.

Yes, of course. I know what you're getting at.
But the OP will have to use something to be able to transfer his transaction, won't he? Of course there are other wallets that support RBF, but he explicitly said that he only trusts Bitcoin Core on Linux.



This is correct if you did not allow the RBF feature when signing the transaction. Just as it is set by default.
However, if it is activated and the transaction is signed, there is a possibility that the transaction can later be replaced with a newer version with a higher fee.

At least that was my understanding, but I haven't had any practical experience with it yet. Please correct me if I misunderstood the feature and how it works irl.

---

EDIT: Ok, I must have had a long brain lag.  Of course you're right @hosseinimr93. Because it acts like a new transaction with a different hash, it must be re-signed.

When you increase the fee, the transaction data changes, the signature becomes invalid and it's like that you are making a new transaction. If OP wants to sign the transaction again, he/she would have to get back home as he wouldn't have access to his/her laptop out of the home.

That doesn't help you if you brought a signed transaction to a meeting, and left your Bitcoin Core at home.

Sorry to step in but I would like to address your problems:

This could be fixed by using the RBF-feature(Replace-by-fee) in Bitcoin Core.
The requirement for this is that you activate the option when signing the transaction. By default, RBF is not activated. This is no longer possible afterwards!
The Full-RBF feature should be implemented by version 24.0

Yeah.. not the best condition to sign the transaction offline. I think in this case you have to use a mobile wallet.

In that case, I would still suggest that he perhaps encrypt the emails using PGP so that the seller feels more secure.
Another alternative would be other encrypted messengers.

Even if that wasn't an option for him, as in question/problem 2, I see no other option than to carry out the transaction face-to-face while using a mobile wallet.
However, as a buyer I would be suspicious in that case aswell as PGP encryption has proven itself over the years. So it makes no sense to me to reject the suggestion.

Why not?

I can think of many potential problems. What if:

• Transaction fees went up between creating the transaction and meeting in person?
• You buy something at a shop and their automated payment system won't be able to give you an address and exact amount before making the payment?
• The seller doesn't want to email you a Bitcoin address for various reasons?

---

---

@OP: I use different wallets for different purposes. The purpose of mobile wallets is convenience for small amounts. You simply can't have it all with Bitcoin Core.
I often bring a laptop, not for making Bitcoin transactions but for other purposes. Nobody bats an eye if you pull out a laptop somewhere. Tether a hotspot on your phone and you have your own internet connection with you.

According to the red text above, you are reluctant to use an android phone, because of privacy.

As oeleo stated above, connecting to your own node will fix this issue.

However, the best answer in my opinion is the one by BitMaxz.
Sign the tx beforehand from your home. Take the tx id with you in any form you wish (android, paper, usb, sd card). There, you can broadcast the tx, or you can even give it to them to broadcast it. The broadcasting of a signed tx is a feature available in almost every wallet software.

You have various options to do this privately.

You can run a hot wallet, which is pointed at your node running back home, such as Electrum. Transfer the coins you want to trade from Bitcoin Core to your mobile Electrum wallet before you go, and then make the transaction from Electrum to your trading partner while you are out. Everything goes via your own node.

For extra security, you can do the above with a watch only wallet and a separate airgapped wallet. Run a watch only wallet on your phone pointed at your own node running back home. Also take with you either a hardware wallet containing the funds you want to trade, or a second phone in airplane mode with your coins stored on it. You could do this with Electrum on two phones, or with a hardware wallet such as Passport and their accompanying Envoy app.

As BitMaxz has said, you can sign the transaction in advance if you know the address and amount, and take the signed transaction with you on your phone. Either broadcast via your own node, or via Tor using mempoolhqx4isw62xs7abwphsq7ldayuidyx2v2oethdhhj6mlo2r6ad.onion

I don't get your point. laptop can be brought anywhere you want so why not bring it and only deal with someone in a safe place like a mall?

Or if you don't want to bring your Laptop then the only solution for your problem is to make a signed transaction(offline transaction) first in your house(don't forget to ask him about the price and BTC address)and don't broadcast it yet get the raw/hex code and paste it to your phone or any device that you can bring.
Now you can meet someone in person and only broadcast the transaction when you deal successfully with him but if not don't broadcast the transaction.

Here's the list of broadcasting sites below.

- https://en.bitcoin.it/wiki/Transaction_broadcasting

If you want it private don't forget to mix your coins at home before you make a raw transaction with Bitcoin Core.

Alternatively, you can make a portable Raspberry Pi with Linux installed you can bring it anywhere you want.
Here's what it looks like https://youtu.be/MorJLzybb3I?si=Nw-1QH7RsqFdVp3y

There are a few options for that. An option for example would be the Coldcard Q1 from Coinkite which should be released soon.

---

If you're considering a more phone-like device that runs Linux, there are several Linux-based smartphones that might meet your privacy and security needs while providing a conventional smartphone appearance.
The Fairphone comes as a complete degoogled device and runs a Androind system by default. These smartphones are really designed for privacy and the protection of your own data.
Certain Linux based OS, such as Ubuntu Touch or PostmarketOS, can be easily flashed onto these devices. There are other OS being advertised but I can't comment on them due to lack of experience.

In addition to the Fairphone, there are also other providers: the Liberty Phone which comes from the American manufacturer Purism but costs more than three times as much as the Fairphone.

Suppose you only use Bitcoin Core on a Linux distro because you don't trust anything else, and you want to meet with someone in person, and don't do the transaction until you meet, to exchange it for cash at the rate of the physical exchange, or for a product or service. The point is, you want to make the transaction there and can't do it from home. You cannot also carry your laptop.

Is there any handheld device that would make sense to use to do this transaction that doesn't stand out? Like one of these hardware wallets, that screams "punch this guy to get free BTC".

Is there any safe device that looks like a phone that runs Linux or something? I just don't know how one would do this, unless you resort to a regular Android phone. In this case, you are already trusting some flawed hardware and software. I don't need to make a big transaction, so I guess that would be ok, however im concerned from a privacy pov. I would mix the coins at home before transacting with the person using the Android wallet. In this case, what would you do? You need to stream the transaction somehow, so you are going to need internet, and let's say there's no public wifi.. so you are going to need a phone nonetheless.

Maybe having the phone as a router to connect wireless to this handheld device to make the transaction, and broadcast it through the internet data phone connection.. but how do you do this privately?

I don't see how I would do this. I would like how people do this.