Topic: Hardware wallet vs software wallet for daily transaction - page 3. (Read 886 times)

I remember using their Coin Control feature early last year too, so it has been there for a while already.  But to me, not being able to sign a message is a shame and not being able to label addresses makes Coin Control useless.  When you have 30+ different addresses on the Coin Control list, it becomes annoying and very easy to mess up.

Had they added possibility of running a full node or your own server in combination with Ledger Live, next to features such as message signing and address labels, I could confirm and say it has every basic Bitcoin wallets functionalities.  But with these features missing, no thank you.

-
Regards,
PrivacyG

This statement is misleading for a number of reasons.

First, there exist open source hardware wallets. If your argument is that (some) software wallets are better because they are open source, then that argument fails when compared to an open source hardware wallet.

Second, "open source" is not synonymous with "immune to attack". There are plenty of pieces of open source software and open source wallets which have suffered from critical security flaws and vulnerabilities. Even Bitcoin Core has had a number of critical bugs discovered in it, some of which were exploited, such as the value overflow incident.

Third, malware attacks are exponentially more common than attacks which compromise the RNG of a hardware wallet or similar. Can you point to a single example where a compromised RNG on a reputable hardware wallet such as a Trezor or Ledge resulted in loss of coins? Because I can point to thousands of incidents of malware stealing coins from software wallets.

True. But, malware is not the only attack vector that HW needs to withstand. There are other vectors, like compromised RNG, compromised Firmware etc. exists for HW, which is not there for open source SW. So, one can't really say that a hot wallet on HW is more secure than a hot wallet on SW, just because SW is more susceptible to malware attack.

I don't think Electrum is particular private either. In both cases you are connecting to a server ran by a third party who can then see all the addresses you are querying and all the transactions you are broadcasting and then link them altogether.

Ledger will be worse in some aspects, since they can potentially link your address data to some other personally identifying information about you that they store, and they will be able to link all your altcoin addresses too.

Electrum will be worse in some aspects, since you are connecting to many different servers which increases the risk of connecting to a malicious one who is spying on you.

The upside to Electrum of course is that you can point it at your own server (or a specific server ran by someone you trust).

You can  choose any address or utxo you want.

But you are right about the servers,  you have to use their servers... só you lose privacy compared to electrum

Does it only show UTXOs from the same address, or maybe only from addresses which already fit whichever algorithm you pick? I don't want it to select anything for me, I don't want to have to pick "minimize fees" or "merge coins" - I simply want a list of every UTXO in my wallet with the option to choose the exact ones I want to spend.

Regardless, it's a bit of a theoretical point since I'll never use Ledger Live since it connects to Ledger servers and I don't trust them with my data or privacy one bit.

Yes, you can choose which of UTXO you actually want to use.
I just tested it now in my wallet. You can see all those UTXO from the same address, and you can choose which one you want to spend.



This is just like electrum, but with a more friendly interface.

Can you actually choose which UTXOs to include though? As you've shown in your screenshots, it seems you have to pick one of three options, one of which serves no useful purpose (FIFO). The other two are useful from a fees point of view, choosing to minimize the transaction size when fees are high or consolidate your coins when fees are low, but both are bad from a privacy point of view. Does the list of UTXOs which pops up after you select an option include every UTXO in your wallet and allow you to actually choose which ones to use? If not, then this set up is passable only for fee management, and if privacy is your aim then this is awful and might even be worse than no coin control at all.

---

In terms of OP's question, I think of it like this:

A software wallet (mobile or desktop) is analogous to your physical wallet. The coins stored in such wallets are analogous to cash. How much cash would you carry around with you for daily spending? $100? Put that much bitcoin in those wallets.
A hardware wallet is analogous to your checking account. You can store many thousands of dollars in here if you wish. You withdraw from your checking account at an ATM, and you top up your mobile wallet from your hardware wallet.
Proper cold storage is analogous to your savings account. The bulk of your coins should be stored here. You rarely make withdrawals from this account - only for big purchases.

Even if you are negligent, the probability of hacking the hardware wallet is less than the possibility of hacking your desktop wallet, but the difference will be fundamental if you use altcoins, as hardware wallets represent a better option than downloading closed source wallets.

For Bitcoin, the choice is up to you, but a hardware wallet, with a little caution and stop downloading unknown apps, will increase the protection of your currencies more than desktop wallet.

I will go with HW.

I really dislike the process of using a hardware wallet at home too: get the device, plug in the cable, use 2 tiny buttons to enter a PIN, go through the menu structure to confirm the transaction.... It's all a lot of work and totally not worth it for small transactions.
I have several wallets with small amounts (say $10 worth of crypto) that I use without password. It's great to pay a few cents for a VPN or a few dollars for hosting. I even found out Coinpayments doesn't accept €0.25 in Bitcoin LN, it was below the minimum, so I had to switch to LTC.
I love the convenience of scanning a QR-code or copying an address, punching in the amount, and clicking Send without any further authentication! Of course, you shouldn't do this for large amounts, but it would be perfect to buy a coffee.

I would love to be in a position where I can consider $10.000 to be my daily spending limit. I am not quite there yet.

I guess it depends on how and where you are spending those coins. If I am sitting in my home doing some online shopping for the day, a hardware wallet would by my choice. I wouldn't be in that much of a hurry to create, verify, and sign those transactions.

It's totally different if you are outside. Using a hardware wallet isn't the most convenient option. Plugging it in, double-checking everything both in the software client and on your hardware wallet's screen takes time. I always try to get out of shops as soon as possible because it's usually crowded and loud, people are in a hurry... For that purpose, I would use a mobile wallet because simplicity and convenience is higher on the priority list than the safety of funds when it comes to coins intended for daily use.

There's no doubt a hardware wallet is the most secure option, but when you flash/display it in public, you might become a target of those that are around you ^{[usually, the ones who have it, use it for significant amounts (I do know using passphrases counts as a solution, but still...)]}!

You have a point, but depending on the type of features you actually use and how buggy they might be, sometimes that doesn't apply to certain brands and models ^{[e.g. Ledger Nano X vs Trezor Model One]}.

I'd say it's even more important to have a secure system when handling someone else's money.

With enough receiving addresses, creating an unsigned transaction online and signing it from an offline PC might be faster than using a hardware wallet.

It may not make sense for normal user, but it may make sense for OP.
If/when he has campaigns to be managed, especially (but not necessarily) if they're more than one and the payments are not in the same day of the week, he may have to handle bigger/big amounts of money/bitcoin on a weekly basis.

I don't know though what does a HW show when one makes a transaction with 20-40 outputs... 

This is not true. A hardware wallet is meant to protect your funds against software attacks. It's much, much more difficult to create malware that steals funds from a hardware wallet than it is to steal funds from a hot Electrum client.

---

---

I just realized the entire use case doesn't make sense: most people won't consider $10,000 a normal amount for "daily expenses". Something around $100 would make much more sense.

Given your use case, i.e. daily expenses, both Electrum wallet & Hardware wallet will provide same level of security.

Why?

Because, your Hardware wallet is not airgapped. Every now & then you'll have to connect it to the internet.

Why?

Because, first your Hardware wallet needs to update its UTXO set to create a transaction. This requires connection to the internet. Signing can be done offline. Broadcasting can also be done by copying the signed transaction to mobile/laptop. Though, it would often expose it to an internet connected device.

So, unless you are storing your fund on an airgapped Hardware wallet, your are as secured as an Electrum wallet user.

LL has a history of bugs, of adding more advertising before fixing the bugs and that's not good. I also expect Ledger as company keep an eye on what funds everybody has, where possible (exactly in the same way some Electrum servers do). But I've got used with Electrum, it does everything I need almost in the way I want it, so that's what I use.
And Electrum server can be installed locally too, so if one doesn't travel, he can have a good mix of protection (HW) and privacy too (local server) with this setup.

I just found out that they are supporting Coin Control!!
https://support.ledger.com/hc/en-us/articles/360015996580-Using-Coin-control?docs=true




This is amazing and now Ledger Live has every basic bitcoin wallets functionalities. I will try it later.

---

 when transfering ETH/ERC-20 it lacks customization and it always charge more fees than necessary.
You can see in the image below that there is a range input to choose the fee (the minimum is not zero)

This is the way to go It doesn't even have to be a hardware wallet, it could also be an offline Electrum installation.

For the record: using a hardware wallet doens't mean it's offline. You could connect it to an offline Electrum installation, and sign the transaction on the hardware wallet, but that seems a bit excessive.

Isn't it the same with fiat? I assume you don't keep all your money at the same place: some in cash in your wallet, some in your old sock or piggy bank at home, and some in the bank. You divide your money based on it's purpose.

I would go with Bitmover's suggestion. Splitting funds is probably the ideal solution here. You should keep the majority of your funds on a hardware wallet because it's more secure, but since you're planning to spend on a regular basis, a mobile wallet is may be more convenient for that, especially if you're going to do that when you're outside.


Apparently, it's available: https://support.ledger.com/hc/en-us/articles/360021039173-Choose-network-fees?docs=true