Topic: Encrypt the PSBT file (Read 394 times)

You can convert any data at all in to words. If you want to follow a BIP39 schematic, then simply convert that string in to binary, split the binary in to 11 digit groupings, and then match each grouping against a word from the word list. (You can use the same process BIP39 does to add in a checksum if you really wanted.) Without a checksum, that string converts to 264 binary digits which then converts to 24 words. Reliably memorizing 24 random words over a long period of time is difficult and will likely to lead to loss of your coins, and you will need the exact same wordlist to be able to convert your words back in to your original string.

Makes little difference. In both cases you are trusting a third party to store your data on their servers. You don't know how many servers it is stored on, where those servers are located, who has access to those servers, what their physical and their digital security is like, how securely they transfer your data, etc.

It wasn't simply deleting the file but overwritting it with shred on the linux console, shred -zvun 16 specifically will make sure no one can recover it.


I would like to avoid Electrum because im only familiar with Bitcoin Core's coin control and I have no idea what im doing outside of that. As a way to get an alternative to the lack of being able to store 12 or 24 words (memorizing them because if you have to store them, it's the same problem as storing a wallet file) I was thinking about ways to get the HD seed of Bitcoin Core human-readable. For instance, this hd seed is 33 characters, would it be possible to convert this to words?

tb1qzqtu25qsue0a5pp3hg8lkftclf8ds

If you could memorize this, then you could use Bitcoin Core as electrum, since if you can memorize that, you can create a new wallet and enter "sethdseed tb1qzqtu25qsue0a5pp3hg8lkftclf8ds" and you would get the wallet.


How do you rate storing encrypted files on email providers instead of dropbox type sites?

Then once you cross the border, you delete the file, but probably there would be traces of the file for them if they wanted to recover it since it would be a simple file deletion and not a shred type overwrite, but it's unlikely anyone would bother to go throught that. It would need to be employees of the email provider to get into your account, look for deleted files, and then crack the SHA256 encrypted file (and probably 3 cascaded algorithms if you use Veracrypt). So yeah good luck with that. The real risk would probably be that there is a user+password database leak and it would need to happen during the time you are hosting the file which is temporary, and then they would need to be able to crack the file. So probably hosting an encrypted file temporary on a private place that requires a login+password access is reasonable.

That sounds great! The techniques you described all make sense to me and should be pretty secure, as you say. Of course, critiques such as deleted files being recoverable, are valid as well, but I am not sure if there has been malware already that recovers deleted files. I think because this case is quite the edge-case.
Regarding 'cold storage support', since v22.0 Hardware Wallets should now be supported. Everyone's definition of 'cold storage' varies a bit, but I thought it may be interesting for you.

Bitcoin is not anonymous. It is fully viewable public ledger. Anonymous money is a fallacy. If you want privacy, may be to use privacy coin or fiat?

What was described is not cold storage.

I once used just Bitcoin Core for the same purposes in two different machines. It was harder back then. I know dooglus used to use this same method as well, he had good reason to do it too as he was holding about 60k BTC of other people's coins, up until he stopped accepting BTC for his site and restarted to a shitcoin.

Electrum is pretty much peer reviewed and open source for both desktop / laptop / linux / windows and android and is a very good combination to use as cold storage that you can easily do transactions with an air-gapped device using just QR codes. So the 12 words (or even 24 words if you know how to make it do that) is a nice alternative, that you can engrave..

If you run your own Electrum server, then you are also running a full node. If not, the other Electrum servers on the network, most of them you can probably "trust" enough to work for your purposes, you just do not have a guarantee of privacy. You don't need to run an Electrum server to use the app.

If you are going across different international borders, unless they strip search you, you can easily hide a small piece of paper, or stitch / embroider the words on the clothes that you are wearing.

microSD cards are easily smuggled inside toys, other electronic devices, taped to your belt or shoe or something. You probably have and will continue to have access to a passport or other papers, a wallet in your pocket? ...

If you're running away from a country that will kill you for bitcoin, I'm sure you'll find a way to smuggle with you, on your person, what you need. And if you need to resort to storing it as a draft on some public gmail account (as a backup) then do that. If you don't make it to the other side alive, most likely no one else will get your bitcoins.

If you are renting a server, you don't need to trust the owners of that server, you just need to trust that it will be operational and online when you need it. Encrypting files with a password only you know (and tested that it decrypts) is all you need. You just need to make it across the border.

In fact, you can probably just use an expiring file upload site or even expiring paste bin type of site. Make it a few days before you travel, expiring in 3 months, should be enough time. You probably can access it on the other side within a couple of days or a week at worst? Maybe? ... Hopefully.

I don't know how bad you think your own situation can be, but right now you seem to have internet access. Paper backups are good. Seal them in an envelope. Stainless steel or other materials are better. Most people can take a little cash or credit card or something with them as they cross borders, you can find a way to write down whatever words you need on them.

He still has his unencrypted wallet on an machine which is connected to the internet, regardless for how brief a time that is the case. That is a security risk.

Also, deleting the unencrypted wallet file does not delete the data from the hard drive - you are only deleting the pointers telling the OS where the file is, essentially telling the OS that this is now free space which can be written over. But unless you actually write over it, the previous data (his unencrypted wallet) still exists and can be recovered and accessed.

Well, if he's happy accepting those risks then that's his decision, but if he already has this second computer which he only uses for bitcoin, then I don't understand why he wouldn't just keep it permanently airgapped.

Bitcoin core is generally something that is safe to run, although all software potentially has bugs and vulnerabilities. Security vulnerabilities have been found in bitcoin core before, although they have generally been quietly reported so they could be fixed before the bugs become public.

You can look at tests that are performed on the code, (and run them yourself if you like), and can see which parts of the code doesn’t have any tests performed on. It is very rare for software to have 100% test coverage, and even when it does, chances are that there are edge cases in which tests are not run.

This obviously doesn’t mean the code is deficient or that it contains vulnerabilities, it just means that it hasn’t been tested. To “test” code, you check to make sure it performs the task it is intended to run, and produces the output it is intended to produce.

I use Bitcoin Core for cold wallet too. Bitcoin Core on laptop 1, fully synced with watch only addresses. Bitcoin Core on laptop 2, airgapped with no wifi card and pkeys for signing. And now with PSBT you just have to save the PSBT in an sdcard and put it on the online laptop to broadcast. Back then it was a pain in the ass with getrawtransaction etc. But still, Bitcoin Core is very primitive when it comes to cold wallet features but I can trust it above other software. Also the more software and different stuff you use the bigger chance that there is a bug somewhere. I assume Bitcoin Core is the most peer reviewed software on the planet at this point, so while I miss features for cold storage by other wallets, I just use the same software for both hot and cold. Hopefully in the future they work on better cold storage support.
I think people like Luke Dash Jr also use either Core or Knots as wallet, or at least back then I think he was recommending it, but now im not sure if they moved to coldcard.

I know someone that has been using Bitcoin Core in a linux laptop that he only uses for this, uses it both for storage and broadcasting but deletes the wallet.dat once he has broadcasted what he wants. Also, what he does is he syncs the blockchain, once fully synced, turns off internet, then decrypts an aes file with wallet.dat on it which he has saved somewhere else, loads the wallet file on Core, clicks send to send a transaction so it becomes pending until you have network, turns on internet, transaction is broadcasted, quickly turns off internet and monitors the transaction on his regular computer on some blockchain explorer, once its all confirmed and well he saves the wallet.dat back on the encrypted file, saves it somewhere else, shreds the file. Considering he only transacts a few times a year I would say it's almost impossible that he gets hacked. He can't be bothered with learning how to use anything else and works for him.

This is a little bit off-topic, but I feel I have to clear up some misconceptions here.

This to me implies you use Bitcoin Core only to store all your BTC funds? Be aware, that while this is excellent software and running a node is an integral part of Bitcoin, which also helps your privacy, it's not the best for security. Bitcoin Core is a hot wallet. I would highly suggest instead using that node via Tor from one or multiple SPV wallets, which e.g. support mnemonics and HSMs / hardware wallets.

Here is how to install and access electrs remotely via Tor from any wallet. It can run on a mobile phone for example, which is great security wise due to sandboxing and secure boot (compared to traditional desktop OS). Especially if that phone application you use is open source, possibly compiled by you yourself and accesses keys that are stored on a Bluetooth-enabled HW wallet or (imo much better) an airgapped wallet that supports QR code communication.

You must understand, that while using Core is great for privacy, you're at risk due to using a hot wallet. Any airgapped / cold wallet or even HW wallet setup would be safer security wise. By configuring the 'light client' software to use your own BTC node to query balances and transactions, you retain the same privacy as if using Core directly.

You always have the option of hidden offsite back up. A stainless steel plate with your 12 word seed engraved in it and buried somewhere secret or bolted the the concrete foundations of a building or something similar. Not very practical to access in the future when you need it, though.

I always caution against using your memory for anything important, given how fickle memory is and how some very common and completely unpredictable illnesses and injuries can lead to memory impairment and therefore loss of all your coins. However, if you were dead set on doing this, then you could use some open source BIP39 software such as Ian Coleman to turn your memorized seed phrase in to raw private keys which can then be imported in to Core.

Well, which company would you trust when it comes to renting a server? And aren't you in the same dilemma? you are trusting someone else to store the data for you.

As far as accessing your own server at home, suppose that the country you left (where you have your running machines) becomes very anti-Bitcoin, and finds out you are dealing with cryptocurrencies, they could raid your house and steal your machines where everything is hosted.

I think 5 to 10 years (or sooner) from now, all these scenarios are very possible. Look at the covid insanity where you no longer have autonomy over your own body when it comes to vaccines, why is it so hard to imagine a world in which they raid you if you are dealing with "unregulated money"? This is where you have to ask yourself: Where can I host my bitcoins where I could recover them in case they took everything from me?

In this case, I only see a solution, and that is a sort of a pnemonic seed similar to the 12 word seed with Electrum which you can memorize, but Bitcoin Core does not support this (and I don't trust non-full node software). You could convert the hd wallet string of characters into something readable and memorize this perhaps?

I once prepared my laptop and phone similarly when crossing an international border. The laptop actual had dual boot and the hidden partition was encrypted. The initial boot in 1 or 2 seconds or the default is some benign looking fresh clean install of Windows 10 / Linux Mint or something that has no other files on it, save some predownloaded youtube videos about generic information.

After crossing the same border several times, I've noticed the border officials look at other indicators before they even try to search or look at your electronics. So I've gotten lazy and just don't bother since they never search me, or my phone or my laptop or my camera. I just put them through the x-ray like everyone else. They're not turned on. They are still encrypted at rest and I simply don't put anything on there anymore.

I guess it depends on where you came from, where you are going to, and the most important thing is how you look like (do you fit a certain profile? Yes, border security officials are discriminatory, so try to look like everyone else, as much as possible.) Random checks are not random.

Unfortunately, if you've ever been flagged before (like many journalists) you will forever be on some "watch this person" list everywhere you go.

These days, if I really need anything with me that I can't download fast enough on the other side, a microSD card can store 1TB of encrypted stuff.

Indeed, since most people would have to have some original file to modify also.
That leads to the typical 'grab something "random" online' and leaves an easy path to detecting the data.
(use a google image search )

You'd have to generate the original picture offline, modify it, then ensure to destroy all copies of the original.
(and of course understand that what most people would call 'destroy' doesn't actually destroy data)
Then also have the software you could used to decode the file with parameters you'd supply, elsewhere, since having that on the same storage would also be a dead giveaway that you've used that method (since most people don't have such software lying around ...)

Be careful with this. The “art” of Steganography is an arms race between people trying to hide data and people trying to find said data. The later group is much better funded, although they also are facing a more difficult task.

My advice is to try to hide in plain sight. I would assume that any government can decrypt anything that you possess at the border. Governments have broad authority at border crossings and they have great technology that in many cases is not publicly known.

If you are crossing a border, my advice would be as follows:
*create cloud storage prior to leaving your country
*shortly before leaving your country, move your coin to a newly generated address, encrypt the private key via something that is complex but can be memorized.
*upload the encrypted seed to your cloud storage shortly before crossing the border
*destroy copies of files showing your association with bitcoin on your computer.
*cross the border
*create a new seed
*move your coin to the newly generated seed. 

This would be the approach I would take. A little raspberry pi home server (or similar) with TOR etc would be relatively cheap and easy to setup... you'd be able to store whatever you wanted on it... travel across a border with your "clean" devices and then access whatever you needed at your destination.

With the added benefit of not needing to "trust" any cloud based service.

Wouldn't you simply be better to access that encypted data remotely?
On a rented server, or, in you aren't homeless, access your home remotely?

Have nothing that matters stored on any hardware you carry into regions where that could matter ...

I use gmail all the time over tor. The trick is to enable 2FA before going on it through tor. The first ip address is the only thing "real" that they will get, so use any other ip address but yours to create the account, then immediately activate 2FA and save the secret. You can then log in using tor and it will ask for the code which you can enter.

If you're not concerned about google knowing your ip, then use your normal account (the one with your real name and all that)... but if you want an anon one, just create it while sipping your coffee at Starbucks or the mall using their wifi.

Now that's a different question altogether. Storing a PSBT in the cloud, which only contains information which is going to become completely public as soon as you broadcast the transaction, is one thing. Storing a wallet.dat, seed phrase, private key, etc., is quite another thing altogether. I would never store anything which contains sensitive information in the cloud, certainly not information which could be used to steal my bitcoin, regardless of how well I thought it was encrypted or otherwise protected.

I wouldn't use anything Google to store anything of value. In this particular case, using gmail throught Tor the way I see it is a recipe for disaster. Google can lock you out at a random time because the IP that you are trying to connect from doesn't match the last device used, which will be the case because Tor always cycles IP's. In fact you can find people with their accounts locked because they tried to log in from an VPN, so I wouldn't even use any proxy to access anything Google, specially if you have an Adsense account. The only way to unlock it would be via doxing yourself (phone) so in this scenario it wouldn't work.

Protonmail is known for handing info when requested, but I guess it's safer when it comes to accessing it thought Tor, even tho I have had Protonmail accounts locked because the IP of the Tor node was tagged by them as "spam", so not even Protonmail is safe from getting locked but at least is less probable than Google. You could also try to get it unlocked via support and pointing to the fact that they even have an onion site so they should support Tor users. No way to do this with Google. I understand the philosophy of hiding between a lot of other users but I don't think Google and Tor get along.


Github has banned Tor, or at least the last time I tried you couldn't get past the captcha. Not aware of the Archival method. The main problem would be that you don't control the servers, so even after you delete the file, the file is recoverable. With a strong 128 char random password, it should be safe to say it wouldn't be cracked even if they obtained a physical copy, but you never know.

I was thinking about methods to store a wallet.dat in the cloud too since you can't have the "spawn seed" method like on Electrum, and I just don't feel safe uploading it anywhere even with 128 char sha-512 encryption.

Expiring pastebin? https://pastebin.com/vpfUWaaU (this link will expire in 2 weeks and is empty). Used Tor, so even pastebin doesn't know the real ip address.

Here's an alternative site I've used:

https://paste.ee/p/OuwLN


Also used over Tor.