Topic: Best Way to Save A BTC Receiving Address For Future Use? (Read 139 times)

How would a new or old vulnerability or malware get onto your airgapped and encrypted system where there is no internet access? You have it isolated from the outside world. I am not talking about becoming a target of a serious government agency with enough funding. That's a different ball game.

Properly airgapped would protect you from "normal" types of attack vectors. Maybe in the future we will see malware capable of doing damage on airgapped systems through a USB remotely and stealing data over a wireless network the victim wouldn't know about. But that doesn't fit the definition of standard vulnerabilities and is something out of spy movies.     

And yet, compare that with all the suggestions you just made in your previous post. I want to have an address on hand at all times that I can be 100% certain is from my hardware wallet, so I can receive coins on the go without having to carry my hardware wallet with me. Which is easier to do? Carry a clean and airgapped device which is isolated from external networks for this purpose only, with an encrypted file on it which I have to decrypt, and then check all the logs of my decryption process to be sure nothing has been edited or gone wrong, or simply take a slip of paper from my fiat wallet to double check the address against?

Of course, your computer should be isolated from external networks to prevent remote access from malicious actors. But isolating yourself comes with certain trade-offs, particularly you stop receiving security updates that ensure your system is more resistant to newly-found vulnerabilities. You can encrypt important files, and I believe you can somehow test those encryption and decryption processes to verify that there is no malicious intervention. For example, you can keep logs of this process and inspect them after encryption is done, or better, you can try to encrypt the same file on different devices and compare results. If some of them end up being different from the others, that will mean part of your network is infected.

Writing down bitcoin addresses on physical media seems like an overkill to me.

Sure, but it is still not foolproof. The other option I considered would be storing the text file of addresses encrypted, so you can be sure it isn't being edited in between the times you decrypt it. But can you be 100% sure there is no malware which will change the address in the few seconds between you decrypting the file and opening it? Or in the few seconds between you closing the file and encrypting it again?

There are various things you can do to make your electronic file safer, but much like backing up a seed phrase, if you want the ultimate in security then you should have a non-electronic physical copy.

That is a very reasonable concern: keeping the information in raw text files doesn't guarantee protection against malicious intervention. But I think that it all comes down to the operating system you are choosing when deciding to interact with sensitive files like that. For example, in Windows, you don't really have admin rights to properly protect your system. Even Microsoft, if they wish, can change your saved file or replace it with something that will steal all your valuable information. In systems like Mac OS or GNU/Linux, you will have more control over your system, and you can control who can modify, write or even read the file you have created. As long as you are the only person who has root access to your system, you're fine, and no one can steal from you easily. Of course, no system is perfect, but sometimes trade-offs that a certain system has cannot outweigh the mere storing of text files with no private keys.

The issue with this is that you have no way of verifying the address at a later date. If I copied an address from a hardware wallet in to a text file, and then came back to that text file a few weeks or even months later, then I would almost certainly not notice if the address had been changed to a different address. If you store the list locally then you are at risk from malware, and if you store it online then you are at risk from attackers or hacks. If you are planning to do this, then I would also keep a way of verifying the addresses had not been tampered with - the simplest way to do this would be to have a hand written list you carry in your physical wallet, phone case, etc.

Need an address -> open your digital file of addresses -> copy and paste the next one to the site in question -> confirm what you have pasted against your hand written back up -> proceed.

Although the article you shared seems to have been updated 10 days ago, there is a warning at the end of it that isn't correct.

It says:
https://support.ledger.com/hc/en-us/articles/360011069619-Extended-public-key-xPub-?docs=true

Ledger Live's default setup is to only check the first 20 addresses per Bitcoin account in Ledger Live. So if for some reason you used the 50th address in line for a certain derivation path, and you received coins to it, Ledger Live wouldn't display this transaction in your portfolio. But by going into your LL settings, you can adjust that gap limit to a higher count. Your balance should then be displayed and become spendable. Or avoid the hassle and stay with Electrum. 

1. You can make a setup with Mycelium and your Ledger Nano, if you have Android phone and you have the adaptor to do the job. After the initial setup, Mycelium can work even without your Ledger being connected and will show balance, transactions and even a proper receive address (just you have to pay attention to the address type you pick). Of course, if you want to send a transaction (i.e. sign it) you will need the actual Ledger connected there.

2. As said, export xPub into another (better) wallet.

3. This may be considered somewhat stupid or very basic, but it can be the easiest option at hand:
When you're at home, use your Ledger with Electrum (too). Electrum has an Addresses tab. You can copy/paste into a text file a list of addresses you'll keep for such occasions, you can transfer that file into cloud/phone (it's just addresses, so it's not a big issue). Of course, you will have to maintain that list (now and then add new addresses and remove those used) if you don't want to end up giving multiple persons the same address or give addresses already used (not a problem, it's still your addresses, they don't expire, but it can be a privacy concern).

You could get your extended public key (xpub) and import it into electrum or another compatible software on your phone and computer for when you next need to pay into it: https://support.ledger.com/hc/en-us/articles/360011069619-Extended-public-key-xPub-?docs=true

You could try out mycelium otherwise too with just your phone for paying in, I use that with my trezor and it works (it just generates the 3 different types of addresses - not sure how ledger would manage that).

Let say with your nano ledger s device, you are going to receive btc from a site but do not know when.  Also and when you do, you might not even have your nano ledger s with you at the time but you need to generate the btc address to the site.



Normally, I would connect nano ledger to laptop with ledger live on and generate a btc address and then copy and paste it to the site.  But if say I do not have my nano ledger s with me, is there a way to do this until you have access to your nano ledger? 



One way seem to be open ledger live and log in and then just copy and paste them your last btc receiving address?  But doing this is bad since now if the site send you btc to that address, you now have used that btc address more than once and thus twice?  But that isn't that bad right?



The other option that seem to be best would be just connect the nano ledger to the laptop with ledger live on.  Then click on btc receive address and generate the btc receiving address and confirm it.  Then copy and paste it to a document and save it?  Thus save that btc address for future use?  So say the next time you want to withdraw btc, you go to that document and just copy and paste the btc address to that site and then you can withdraw the btc to your wallet... along with only using that btc address just once?



The one big negative of this would seem to be if you have malware on your pc,. then copy and paste that btc address to a site, the btc address could change and you might not notice right?  Compare that to say if you have ledger live opened and then copy and paste the btc address from ledger live to the website you are withdrawing from and then you would notice more easier... hey this isn't the same



Now what if you have to submit a btc address to a site but only have your phone and do not have access to your nano ledger or even ledger live?  I can't imagine saving that btc received address you generated earlier and just copy and pasting it somehow to your phone is a good idea right?