Topic: How do you manage your private keys to make transactions? (offline storage) (Read 516 times)

Actually nothing to add.
Those three are the most suitable.

Owning cryptocurrencies means being your own bank and taking complete responsibility for your funds.

Private keys are used for making irreversible transactions - Transactions in the crypto world, where we trade in Bitcoin and other altcoins, are irreversible. Hence, one needs to take extra caution of their private keys or seed keys so as to make sure their funds are secure.

Best tips for managing your private keys

Hardware wallets to keep your private keys safe. A hardware wallet is a small device, designed specifically for storing your bitcoins.  This wallet occasionally connects to the web to enact bitcoin transactions.

Never keep private keys online, or in a mall or in the cloud because they are most likely to get hacked there.

If you don't have a hardware wallet, you can temporarily keep your private keys or seed in an offline flash drive or HDD.

You can also store your private keys over a Cryptosteel. Cryptosteel is a stainless steel tool that allows you to store up to 96 characters worth of confidential information.

I had spent some time with Bitcoin Core 0.16 in offline mode, and didn't get to succeed for different reasons. When looking into cold storage and Bitcoin Core, majority seems to talk about keys being offline. So far so good. When it comes to signing a transaction, that seems to be another issue. I stepped over this thread with a remarkable comment from Pieter:

https://bitcoin.stackexchange.com/questions/50924/new-bitcoin-core-0-13-2-as-cold-storage-wallet

I have meanwhile tried to creat a tx on an online system, transfer it to the cold storage system, and get it signed. I started easy, with a simple P2PKH transaction. When I brought this to the cold storage to sign with bitcoin 0.16.1, the bitcoin-cli signrawtransaction command would reply with missing link to previous transaction:


when I tried to provide it additional info, I had the same result:


I was wondering, how the system would check the details. As I am no C/C++ dev, I am not too eager to look into the code... But obviously the client verifies contents, to make sure only "valid" transactions go to the network. This is good user protection, and probably very positive.

I also did some tests with (non-multisig) P2SH and redeemscripts. I created a funding transaction on the live system, and wanted to spend the P2SH. So I had to sign on the cold storage system. Results are also unsuccessful. I tried:


This INVALID OP_IF error happened to several versions of the created raw transactions and redeemscripts. It seems that bitcoind doesn't have enough info to add the signatures. This doesn't necessarily mean, the tx is invalid (one could manually add the sigs from a different program  ). As shown here, I can make a P2SH successful going through (just a hash comparison, without signatures):

https://bitcoin.stackexchange.com/questions/74753/htlc-hash-time-lock-contract-using-bitcoin-qt/74953#74953

From my experience, signing transactions offline with Bitcoin Core is not best way to go. And by this I don't mean to blame the core dev - au contraire! The design seems to go into user protection, and not fulfill dev's ("my") requirements.

You can add a custom password aka seed extension. If its entropy source is something like dice rolls and it's 128-bits of entropy strong or stronger, even with a bad RNG on the Trezor, your funds are secure.

Another Idea to further protect your online wallet would be using P2HS addresses and store your funds on those. This way your funds won't be protected just with your private key but also by some logic that is executed on the blockchain. Simplest thing that came's to mind is to use some not-so obvious function of transaction inputs as a password that have to be added to spend funds. This way even if your key is leaked - your funds will most likely to be safe if you only leak private keys somehow.

- I have seen Veracrypt being unable to restore encrypted files several times (of course using the correct password). I wouldn't trust it with my money. I never had problems with GPG, so its my first choice.
- I use email as an additional backup for my double encrypted wallet.dat files. Crossing borders without a hassle is a nice side effect.

True, but if you are a Bitcoin Core user and you have all of your private keys on a wallet.dat file, you can't do that. You are going to need a device to store your wallet.dat file, so an USB seems like the best way to go. You could also encrypt your entire laptop, but beware, if you lose the password, it's game over. I lost a password for some encrypted drives with veracrypt, and I can't no longer access them.

You could just send your wallet.dat file to yourself in an email temporarily while you cross borders, just encrypt it and hide it well, it should be ok as a temporary measure.

I just don't trust BIP38 enough to have all of my BTC on there, so I need ways to keep wallet.dat safe.

Remember also that private keys can be encoded in many creative ways. For example, you can write some notes on the side of a page in a textbook, and then use that text as a private key. Chinese customs looks at the notes, and sees scholarly etchings, not a bitcoin key. When in reality you could have your savings stored in those notes.

Good point. You could just put your paper wallet in the middle of a big fat book and it would be hidden pretty well. Im not sure about anything else tho. Any hardware wallets are still a problem and could be recognized during scans on airports.

If eventually the governments become extremely paranoid about Bitcoin, they may start looking for these on every border, so have that in mind. A generic USB or any other generic storage device is always better than a HW in this sense. The paper wallet hidden inside a book idea is also good (unless they start checking books too...)

All things considered, hardware wallets suck unless you are sure that nobody is going to find it, and nothing can guarantee that, which is why I advise against them, among other things such as having to trust that they are legit.

Not necessarily. Look at how small they can be, such as the paper discs inside casascius coins. If it fits on that, can't you write it on the page of a book on your shelf? Books aren't immediately recognizable as money. What about a curtain rod? There's nothing stopping me from turning that into a wallet. Just stick some numbers in there where they can't be seen.

A lot of people make their paper wallets look like money because that's fun to do. It doesn't have to be that way.

I'm actually quite interested to learn more about the rationale behind making a particular choice in terms of offline storage, as far as I see in the end it boils down to what your comfortable with if anyone could correct this view if I'm wrong I'm open to hearing more?

But paper wallets, similarly to hardware wallets, are very recognizable objects (and it will be increasingly recognizable overtime), so a thieft will save it just in case, because he knows there's bitcoins in there, he can also force you reveal a password.

With a wallet.dat file you can put it in a generic usb, hide it well, and nobody would know you own BTC. You don't want some thieft to break into your house at night and then he finds out you have a ledger of a paperwallet, because he will beat you up until you say your password. If all they find is some USB it's harder for them to know it's bitcoin related.

I have a paper wallet for my savings in Ethereum and some ERC20 tokens I've in there. Then I have an address that I use with Metamask for some transactions I do weekly, not the best but it's ok for me.

All my Bitcoins are in a paper wallet with two copies carefully stored in secret and safe places. I won't sell or use them in any way for a long time, so that way is ok for me. Maybe in a while I create some new wallets and send all the Bitcoin there, in order to avoid problems with the paper. As I don't send bitcoins don't need hardware wallets or any kind of way to manage private keys to send transactions offline.

Im just not sure about the whole deterministic approach thing. I remember reading that it reduced overall entropy. Your seed could also be derived from a number of signatures.. I don't see how it's a good idea to have all these relationships between things and not just have private keys separated from each other like the old wallet.dat format?? at least for cold storage. Achow I think said that the HD format for Core is not bip32 and it's safer than Electrum but im not sure.

I don't know about Armory details but you can see a video in action here (offline transactions in Armory):

https://www.youtube.com/watch?v=ZGjL4BllFtM

And here how to do offline transactions in Electrum:

https://www.youtube.com/watch?v=DQumISxkJsQ

And here how to do offline transactions in Bitcoin Core:

https://www.youtube.com/watch?v=jWKuqP-zTFk


As you see it's harder with Core, but, if you can do it in the online node with the GUI, then pass the transaction into the offline node, sign it, then pass it back to the node, it could be done easier (with that extra step but it's worth the peace of mind of getting an ideal fee and getting things done in the GUI where it's harder to fuck it up than with crafting raw transactions)

I don't think, that a 'day-to-day-wallet' needs to be secured in an offline wallet in most of the cases.

Paper wallets are not that big a deal for me. I use a air-gapped computer & printer to print multiple paper wallets and I store duplicates in 3 different locations. I also split my stash into small chuncks, to reduce the risk of having to restore everything, every time I want to claim fork coins or when I want to use some.

The hardware wallets are used for small amounts on a daily basis. ^smile^

I keep most of my coins on encrypted wallet.dat, but it's not possible to do day-to-day spending this way. I just use them for coins I don't expect to move for months or years.


I wasn't aware that Armory had a GUI for offline signing. Any opinions here on Armory vs. Electrum? I use the latter, but I'd feel a lot more secure if I could do this with Core. Also, is it true that Electrum's seed might be easier to derive? What's the difference among the different HD wallets regarding seed security?

Yeah this would be it. I remember reading someone claiming this was possible in the past but I don't know how the steps would look like.

So let's say I have a node online and synced with all my addresses added as watch-only, then the offline wallet in the airgapped computer (both are Bitcoin Core).

How do I make the transaction in the online node's wallet on the GUI as usual then pass it read on the offline machine to sign it with the offline private keys then back to the online node?

If I do the transaction as usual with the watch-only addresses with the ideal fee and all the inputs I want selected in "Coin Control", I can then do "dumprawtransaction" and then make a QR code of this, read it in the offline wallet, then what do I do with this?

I just want to know step by step to not fuck it up in the process.

On Core vs Electrum for airgap machine - IMO there's more risk that you screw up while dealing with raw transaction and accidently set the wrong amount/wrong fee/ wrong address then that Electrum has some serious vulnerability in its seed. But you can also have two cold wallets - one big Core wallet where you store your long-term savings that you are not going to touch for years, and a smaller Electrum cold wallet that you use to sign transactions more frequently, like every few months.

It is really simple:
-Create an offline wallet with Bitcoin Core and encrypt it (I recommend using PGP on top of the original encryption for privacy reasons)
-Backup this encrypted wallet.dat file anywhere you want. You can put it on several harddisks, usb sticks. You can send it attached to several email addresses.