Nice ... good vid also.
So what are memory protections like on that private key once it has been imported? It seems like you can load any amount, up to total held in that address, so is it recommended to send remainder to new cold storage key or ... ?
The private key is only in memory while the transaction is created. As soon as the spend workflow is done the private key is gone. So what are memory protections like on that private key once it has been imported? It seems like you can load any amount, up to total held in that address, so is it recommended to send remainder to new cold storage key or ... ?
If the amount is not maxed out the remainder is sent back to the cold storage address. There is no option to specify/scan an alternate change address. If an attacker can get to the private key in memory in the short time where it is present there is not much gained by sending the change to another address. If the private key is obtained it is already too late.
To make this really secure you should use a dedicated device with the single purpose of doing cold storage spending, with nothing else installed.
