Topic: Electrum Multi-Sig with Hardware Wallets - Problem (Read 643 times)

Huobi, Binance, and OKEx do not support L-USDT. I cannot trade it on these platforms. Thank you. I will seek advice elsewhere regarding this issue.

This is to complicated and it has nothing to do with Electrum wallet.
One alternative for using USDT is with layer-2 Liquid Network and L-USDT token that is backed by Bitcoin and it has much lower transaction fees.
I think that supported hardware wallets are Jade (airgapped) and Ledger, and Green software wallet that should have multisig support.

I have already discussed how to securely store Bitcoin. For me, it is impossible to never use USDT.
Now, let's talk about how to securely store the Ethereum token USDT and share my thoughts with everyone here!
One feasible solution is to generate disposable Ethereum wallets. Since Bitcoin operates on a four-year cycle, using two disposable Ethereum wallets per cycle is sufficient. Here is the plan:
Utilize the Passphrase feature of Trezor, which combines a mnemonic phrase and passphrase to generate a disposable Ethereum wallet. This way, you only need to change the passphrase without altering the mnemonic phrase, which is very convenient. Yesterday, I tried two software programs, Metamask and Exodus Wallet, which support the Passphrase feature of Trezor hardware wallets and allow the generation of Ethereum addresses in an offline environment.
The passphrase should be at least 15 characters long. I have tried using an RTX 3090 graphics card to crack WinRAR passwords consisting of numbers and lowercase letters, with an 8-character password taking approximately 1 hour to crack. Considering the hardware and electricity costs, let's assume the expense is 0.1 dollar. The cost of cracking a 15-character password would be significantly higher. To be even more secure, it is recommended to use a completely random password consisting of 20 characters of numbers and letters.

This section is generally about BTC and you may not get the best information about Ethereum here as users who are active here probably don't use Ethereum, maybe you can seek solution or help in the altcoin section: https://bitcointalk.org/index.php?board=67.0

How to securely protect Bitcoin, I feel like I've figured it out. But when it comes to securing Ethereum assets, there isn't a particularly good solution. For Ethereum, there are physical isolation solutions like the MEW Offline wallet and AirGAP Vault wallet, but they don't support hardware wallets. I also tried the multi-signature feature of the Gnosis Safe wallet, but there are two serious issues. 1) Transaction information cannot be displayed well on hardware wallets. 2) If a single private key is leaked, although funds cannot be stolen, if a hacker sends an infinite number of invalid transaction requests, it will still result in the funds being stuck and unable to be withdrawn.   Other issue is that transaction fees are too expensive.

If any of you have better suggestions, I hope you can let me know. Thank you very much, everyone.

Airgapped wallets offer the highest level of protection from any online threat, when you combine that with a hardware wallet, either directly using a device like Passport or manually, you have a fairly high level of protection which cannot be breached.

- Jay -

After practicing for about one month, maybe some useful opinions are:
     A multisig wallets with a Ledger and a Trezor, and working at airgapped environment.
     Reasons:       
            1. Messages showed by Ledger can be checked (>95%). Some are public key (xpub of two hardware wallets, you can get them by sparrow wallet software), and others are transaction addresses and fees . I have checked.
            2. Ledger nano s plus is more cheap.
            3. Airgapped method can give the triple defense.

Thanks, I have tried myetherwallet, again and again. I found that MEW Offline version was like a cold wallet, but could not connect to Trezor or other kinds of hardware wallets. Its online version could connect hardware wallets. Ethereum offline version is also a cold, and could be connected to trezor. So, there are two defense lines, and it is quite safe. MEW wallet can not do it. Am I right?

Yes, that was what I did. I do not find a similar method for USDT or USDC. Maybe I have to use online versions for them. Two hardware trezors are used only for BTC with airgapped method, and two hardware wallets (Ledger and Trezor) are used only for USDT and USDC through a third-party software, like MetaMask.

Yes, I must prepare one for her, immediately.  The airgapped method with electrum software and trezor are quite safe for BTC. I do not have other asset, for the moment
. Maybe I will consider multisig wallets for USDT and USDC two years later.

Well yeah, you could also die without multisig and it would be the same IF you don't write recovery instruction letter for your wife.
Making more complications means it's going to be harder for anyone to recover your coins.

PS
Try to use correct quotes in forum...

Ethereum is an account based system (not like Bitcoin UTXO), so cold storage is similar to paper wallets in Bitcoin. All the steps are almost the same, the best wallet for this is https://www.myetherwallet.com and you can connect it to the Trezor device.

https://trezor.io/learn/a/myetherwallet-and-trezor
https://help.myetherwallet.com/en/articles/6167899-how-to-create-a-cold-wallet-a-k-a-paper-wallet

The only difference is that you do not need the master public key, but rather copy the address and search for it in any block explorer such as Etherscan.io.

Your steps aren't completely clear to me. Just to clarify - you are connecting your Trezor only to your airgapped computer and interacting with it via Electrum, signing transactions on your Trezor, and then moving those transactions from your airgapped Electrum to your live Electrum to be broadcast?

That's certainly one of doing it and is very secure. An alternative solution for the future would be to use a hardware wallet which is already airgapped and does not need to connect to a computer at all, such as a Passport.

Absolutely no idea, I'm afraid. I don't use ETH or any other pre-mined shitcoins. Maybe you are able to do it with Trezor Suite itself?

If you still don't fancy using a hardware wallet, then I would suggest an airgapped wallet. An old laptop seems to be what most people use, but if you don't have one, you can buy something for far less than the $1,800 you are considering. You can buy a Raspberry Pi for less than 50 bucks. You could even multisig between a couple of Raspberry Pis, or between a Raspberry Pi and a Trezor.
[/quote]

Dear o_e_l_e_o, Electrum is used only for BTC, could you tell me whether there is a way to make an an airgapped wallet for ETH? I have tried at least 10 different wallet softwares, but failed. I only have some basic knowledge about cryptocurrency, and python.

this work to ensure that solutions are equitable to ensure the crypto currency community information is required to complete and other immersive technologies become more advanced so whynot bani fitness will help you

[/quote]
I think you are making to much complications, but hey it's your choice.
Both bitbox and keepkey are based on trezor source code, and they don't have stupid app installation, so I am sure they don't have that problem.
However, I wouldn't use keepkey for anything serious, Bitbox is much more mature product, they have regular updates and they 100% support multisig without any issues.

dkbit98, thanks for your help. Next time, I will buy trezor and BitBox hardware wallets. The multisig is good, but I am worry that if I suddenly die, my wife could not find back the money. So maybe multisig is not a good choice for me.

I think you are making to much complications, but hey it's your choice.
Both bitbox and keepkey are based on trezor source code, and they don't have stupid app installation, so I am sure they don't have that problem.
However, I wouldn't use keepkey for anything serious, Bitbox is much more mature product, they have regular updates and they 100% support multisig without any issues.

Nobody knows if you done everything correctly or not, but even if hardware wallets are malicious you are not connecting them to internet directly.

As the method presented above, the only channel to hack is the Two-dimensional code. Now, maybe your money is safe, unless both Trezor company and Electrum are malicous, and they collaborate together. Am I right?
 
By the way, I do not need two computers. I have two solid state disks (SSD), and switch two connecting lines to the same mainboard. One SSD cost about 10 dollars.

Thanks for your suggestions.

I have tried another way as suggested by o_e_l_e_o,  an airgapped wallet, details are as follows:

       Using One Trezor wallet, one online computer, one offline computer, one online mobile phone, USB flash disk, Electrum 4.4.6, Trezor suite.

       step 1: Generated 24 words for a legitimate wallet on the offline computer with a python code. I'm not a professional programmer, and it is not very hard.
       step 2: Restore the trezor wallet on the offline computer with trezor suite.
       step 3: A single signature wallet with Electrum and trezor, and get the Master public key.
       step 4: Install electrum on the online computer and mobile phone, and then input the Master public key to get online wallets.
       
       Now, I can made a transaction as these:
       step 1: start a transaction on the online computer, and export the transaction file (.pstb file).
       step 2: copy to  the offline computer with a USB flash disk, and then erase the USB flash disk.
       step 3: Sign the transaction on the offline computer, and show the Two-dimensional code.
       step 4: Scan with mobile phone, and broadcast it.

I have tried Ledger wallet, too. The problem is that its apps will be erased after restore the seeds. So I have to connect ledger wallet to ledger live through the internet, again.
I do not have other hardware wallets (Bitbox, keepkey, Passport, Keystone, Coldcard). Someone can tell me bitbox or keepkey is Ok to avoid this question?
Maybe next time, I will not buy Ledger, and prefer to Bitbox or keepkey, or other mainstream hardware wallets.

                                                           

I'm not sure what having one key on a hot Electrum wallet adds to this set up. Why not just have 2-of-2 with two hardware devices, and don't include a hot wallet cosigner at all?

I agree with dkbit98 and also wouldn't recommend either Ledger or Trezor devices though - the first for their terrible approach to security, and the second for the terrible approach to privacy.

Don't use ledger crap wallet for any multisig setups!
I talked about this and I will repeat again, ledger can't always construct multisig and/or multisig with ledger can't be properly verified.

It's silly to think buying two Trezor wallets in different times... and I really don't understand your gibberish ideas.
Trezor wallet was not much better than ledger in past, maybe they improved something with model T but I am not so sure about it.
Hardware wallets that work correctly in multisig setup are Bitbox, Passport, Keystone, Coldcard.

Now I am also considering the same thing as you. I have generated a multisig wallet with a ledger and a trezor. However, the ledger could not display the details of transaction while sending BTC. I am worried about this.
Maybe a solutions is that. A 3-of-3 multisig wallet, with two trezors and one obtained using electrum. The two trezors must be purchased in different times. The time interval of purchase data must be more than 2 or 3 years.