First, sorry for the late answer, didnt have the time for a length reply earlier. I see you got the partial quotes now
-snip-
Did you install armory on a second computer? Whats the difference between this and having it on your daily use computer if the security is so good?
Yes, I used a different machine for that because I wanted to test how it would perform on old mobile hardware. Not as cold storrage but as a form of semi cold storrage but with a dedicated machine. I still think its as secure as it gets on a daily use computer, but as daily use computers go there is a higher risk for infections. That might not even be my fault. My main machine is also used by guests or family members, it takes USB devices from different people and not all of them know what they are doing when it comes to virusprotection. It is something I want to prepare for, but since I dont have that much to worry about cold storrage yet, I though about a dedicated machine. Another reason for testing armory was that it allows multisig and AFAIK its the only wallet thats currently supporting this. Would be nice to set up an address for the family that would require multiple passwords/keys to spend the funds.
In my electrum wallet, I am using a few different addresses, so if I am going to check that my coins are in my wallet and not wanting to plug in my external hardware to my computer, I would need to check upon a few different addresses. Is there any good and simple way to do this on with a when having a few addresses?
Well the more addresses the more painfull it is to check the pages manually. I wrote a little Javaprogramm [1] a while back that is looking up a list of addresses via the blockchain.info API. Its basically just checking the site for you for each of the addresses and creates a file where it lists all balances
per address. Not sure if this is usefull for you, but it should be still downloadable via mega and the source is included.
Also, do you recomend to use one address only once? And does electrum generate new addresses or how does it work? I can't notice that one my self because I don't really keep a track of the address strings.
I use a new address for every source of bitcoin. E.g. each signature campaign that paid me got its own address, the address in my profile changes from time to time. That way I know where the coins came from when I check in bitcoin core. IIRC electrum has something like this as well. Its just a little label because I wouldnt be able to remember the address string either. This also helps a bit with privacy, because if I gave everyone the same address theyd know how much I received and spend etc.
Not necessary the way you described it would be semi-cold. You have a wallet that has the private keys and when you want to spend bitcoin it is online (hot), but most of the time you keep your wallet offline (cold) and check in from time to time, but you do so without using your wallet. Its not proper cold storrage as that usually implys that the machine storring your private keys is never online. It could be a old machine sitting in a corner, turned off. When you want to spend coins you create a transaction with your regular wallet (hot) on your main machine thats online and daily used. This machine however can only create an unsigned transaction as it has no access to the private keys. It only knows which addresses you have private keys for somewhere else and monitors them for you. You would then copy that unsigned transaction to the offline machine, get it signed and copy it back to the online machine to broadcast it to the network.
Your semi cold version offers a little less security, but you also only need a single machine, with an external storrage for the wallet file. The external storrage could e.g. be an USB stick that you use for your wallet file only and keep it in a safe place.
I do understand the first few lines but when it comes to the part where you mention When you want to spend coins you create.. can you please explain this a bit more? And the trezor wallet, it does all this work right?
Yes, trezor would do this for you. The idea of hot and cold wallet is that you have two machines. One called cold because it is offline, where you have the private keys and one call hot because it is online, but it only knows the addresses not the private keys. Thus you have one wallet - the hot one - that knows how much bitcoin you can spend and one wallet that is actually able to confirm the spending of the coins. The way bitcoin works is that if you want to spend bitcoin you need to sign the transaction with your private key in order to make it legit. Otherwise anyone could spend your coins. Now in order to spend both machines have to work together. The cold wallet can not just create a transaction because it does not know how much bitcoin you have etc.; the hot wallet can create a transaction, but cant sign it because it has no access to the private keys. So in order to actually spend coins you have to create a new transaction with the hot wallet, transfer that unsigned transaction to the cold wallet, get it signed and transfer it back to let the network know about it. Trezor would be the cold wallet in this case, connected via USB to the hot wallet. The private keys never leave the device, it gets an unsigned transaction from the computer, signs and returns it. A virus would have to infect the Trezor in order to access your private keys and be able to spend your coins.
Do you have paperwallets?
I had several they are all empty now, but I might create more once my coin arrives.
It seems like a bit of more work, but do they expire? Because I don't understand what you meant by that 60 day thing. Are the private keys just on a paper?
No they dont expire. Sorry for the confusion. I rented my signature for 60 days to silverwallets.com . My reward is that I got one for their coins that can hold a paperwallet behind a sticker. A paperwallet is just a private key printed on paper, yes.
But what is the actual wallet, because the coins must be on a wallet, but without the private keys, right? And when you want to use the wallet, you need to type in the private keys you have on your printed paper right? I think I am wrong on this one, not sure.
There is no actual wallet, as in software. Most - if not all - wallets can however import the private key that is on paper. Its similar to the cold wallet idea. You have a private key on paper, so its offline and can not be attacked by a virus. You could lose it, it could burn in a fire, etc. Its not 100% either but it protects against all digital attacks. You can use the address to send coins there as much as you want without the need for the private key, only when you want to spend the coin you will type the private key into a secure and clean machine and create a transaction. It is very important that this transaction has to spend all the coins on the paperwallet, because the way bitcoin works there is something called change and not all wallets handle it the same, which could result in a loss. Let me try to explain change with an analogy. Bitcoin you receive is like a lump of gold. This lump can only be used entirely, if its worth 1 BTC and you want to spend 0.5 you need to melt it down and create two entirely new lumps of gold. One for the person you want to pay and one for you. Now some wallets just return your lump to the address it "came" from. The problem with this is that bitcoin does not use addresses on a protocoll level, its just an abstraction to help us humans understand what is happening. So back to the paperwallet. You have 1 BTC on it, want to spend 0.5 and the change either goes "back" or to a new address depending on the wallet software you use to do this. In any case your paperwallet should not be used again, but its better to create a new one and send the change there.
[1]
https://bitcointalksearch.org/topic/m.8355029