Author

Topic: Coldcard - checklist, what should I do before I do the transfer? (Read 91 times)

HCP
legendary
Activity: 2086
Merit: 4363
How can I be 100% this is the real coldcard or that someone on the factory is a thief or something like that?
Did you check the information as outlined in the quickstart guide here: https://coldcardwallet.com/docs/quick Huh

If all that checks out, then it is fairly certain the card has not been tampered with. You'll never be able to work out if someone in the factory is a thief tho... but coldcard's reputation is on the line, so hopefully they have taken precautions to hire only "honest" people.


What are the odds of connect to a bad nod over Electrum and can someone steal the money that way?
That's not possible. All the signing happens on the device itself... and once signed, a transaction cannot be modified in any way and still remain valid. A bad node can't do anything other than try and send your Electrum client false info regarding transaction history or it can simply refuse to relay your transation... both can be solved by simply manually connecting to another Electrum server and checking the data etc.


Would you recomend to send the whole amount directly or piece by piece?
Depends on what you intend to do with the funds... and how much you have to hold. If you're considering spending some in the near future, you might want to create a couple of smaller amounts, so that when you do need to spend, you don't reveal the total holdings all at once...

Ie. if you have 5 BTC total... and only a single 5 BTC UTXO... if you need to send somoene 0.1 BTC, they'll know that you had 5 BTC and 4.9 BTC change... whereas, if you have 5 BTC total, but it is split into 5x 1 BTC UTXOs... when you send them 0.1 BTC, they'll only see 1 BTC input... and 0.9 BTC change

Do note that splitting into multiple UTXOs carries the risk that if you need to spend the bulk of your coins, that the fee could end up being quite large as the number of inputs that need to be used will be increased.
legendary
Activity: 1652
Merit: 1208
Gamble responsibly
This is where I am now. What are the biggest risks? How can I be 100% this is the real coldcard or that someone on the factory is a thief or something like that? What are the odds of connect to a bad nod over Electrum and can someone steal the money that way?

Would you recomend to send the whole amount directly or piece by piece?

Quote
https://coldcardwallet.com/
Each bag is unique and coded with a number. That "bag number" is written into the Coldcard's secure element as it's put into that bag. That value cannot be changed, and we ask your to verify the bag number when the Coldcard is powered-up for the first time at your location.

You can send the whole bitcoin at ones if you like but you can send it to different addresses to increase privacy.
jr. member
Activity: 30
Merit: 5
I got my amount of bitcoin on a usb-stick at the moment. I am using Electrum. Now I am about to transfer the amount to my coldcard (have been making a skelleton file of the wallet and know the adress I should send to). But since I am a little bit paranoid I wants everything to be as safe as it can be so I am thinking of every detail of this and just want to hear if you got any inputs on this. This is what I have been doing so far:

- Got my ColdCard
- There were no holes or anything strange with the package, the bar line on the front said VOID OPEN after I opened it. The code showing up in coldcard was the same as the package.
- Choosed a pin
- Got the two special words
- I know the seed words
- Been making a skelleton file
- Imported it on the electrum on the computer
- Transfered a small amount from another wallet to it
- Recived the money
- I have been sending an even smaller amount of it by the coldcard signing it, worked good!
- I have wiped the seed words on the coldcard and putted it in again, the same wallet is showing after, when I made a new skelleton-wallet

This is where I am now. What are the biggest risks? How can I be 100% this is the real coldcard or that someone on the factory is a thief or something like that? What are the odds of connect to a bad nod over Electrum and can someone steal the money that way?

Would you recomend to send the whole amount directly or piece by piece?
Jump to: