Author

Topic: How to OFFLINE test a cold storage private key (Read 1538 times)

full member
Activity: 157
Merit: 103
Salí para ver
Great!  Smiley

I was a little bit worried because of some cases of invalid generated Bitcoin addresses with malfunctioning private keys, in particular:
* This reddit post: http://www.reddit.com/r/Bitcoin/comments/2t3vn0/i_cant_send_my_btc_a_triangle_apear_i_use_multibit/
* "Unspendable Bitcoins" chapter of this Microsoft document: http://research.microsoft.com/pubs/204914/734.pdf
legendary
Activity: 1260
Merit: 1019
Ok so I used brainwallet.github.io offline and called SIGN and VERIFY functions with my private key (signed the message "Hola!"); the verify process was correct. Is this enough to consider the cold storage private key and public address valid?
Yes, imho
legendary
Activity: 1694
Merit: 1024
Ok so I used brainwallet.github.io offline and called SIGN and VERIFY functions with my private key (signed the message "Hola!"); the verify process was correct. Is this enough to consider the cold storage private key and public address valid?
Yes, if you were able to verify that the signed message came from your offline, generated bitcoin address, then you'll be able to access the private key and all funds associated with that address.
full member
Activity: 157
Merit: 103
Salí para ver
Ok so I used brainwallet.github.io offline and called SIGN and VERIFY functions with my private key (signed the message "Hola!"); the verify process was correct. Is this enough to consider the cold storage private key and public address valid?
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
Where does the private key gets involved on Bitcoin transactions then?,

When signing transaction. Anybody can create an unsigned transaction but without signing it, it can't be spend.

signing an arbitraty message is not what bitcoin does while spending coins. I need to replicate what a miner/client will check but OFFLINE.
https://en.bitcoin.it/wiki/OP_CHECKSIG

You want to use OP code to verify a transaction?

=snip=
The script is actually a predicate.  It's just an equation that evaluates to true or false.  Predicate is a long and unfamiliar word so I called it script.

The receiver of a payment does a template match on the script.  Currently, receivers only accept two templates: direct payment and bitcoin address.  Future versions can add templates for more transaction types and nodes running that version or higher will be able to receive them.  All versions of nodes in the network can verify and process any new transactions into blocks, even though they may not know how to read them.
 =snip=
full member
Activity: 157
Merit: 103
Salí para ver
Where does the private key gets involved on Bitcoin transactions then?, signing an arbitraty message is not what bitcoin does while spending coins. I need to replicate what a miner/client will check but OFFLINE.
https://en.bitcoin.it/wiki/OP_CHECKSIG
legendary
Activity: 3682
Merit: 1580
But what I'm actually requesting is to CREATE AN OUTPUT, check the full script to get the OK without doing the broadcast. There's no tool to make this task?

Creating a transaction does not involve the private key so what do you intend to test with that? Signing a transaction is where the private key comes into play. It is easier to sign an arbitrary message and verify the signature.
full member
Activity: 157
Merit: 103
Salí para ver
But what I'm actually requesting is to CREATE AN OUTPUT, check the full script to get the OK without doing the broadcast. There's no tool to make this task?
legendary
Activity: 3682
Merit: 1580
You can install a wallet such as electrum 1.9.8 (not 2.0.x coz that won't work for this) or bitcoin core on your offline system. Then import the private key and sign a message with it. Then verify the signature. This should tell you whether the private key "works" or not.

Relevant:

Attempt signing with all the keys and verify the results. (Bitcoin core does this internally. And I strongly recommend it, it's a little terrifying that nothing else does. It's too easy to have a bitflip cause the creation of an invalid key, and too easy to defend against)

You don't need to download the blockchain for this purpose.
legendary
Activity: 1260
Merit: 1019
Isn't "decoderawtransaction " simpler/easier than this?
Decoding transaction does not perform checking that private key is suitable for spending funds
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
I don't want to broadcast the output, only run OP_DUP OP_HASH160 SIGNATURE OP_EQUALVERIFY OP_CHECKSIG on it locally to see if it returns transaction OK. Without touching internet.

1. copy the database (all files in folder C:\Users\\AppData\Roaming\bitcoin ) from your "hot" computer to "cold" computer
2. run bitcoin-qt on your "cold" computer
3. open debug console and execute command "sendrawtransaction ..."

in any problems there will be an error message.
in the case if everything is ok you will receive txid

4. remove wallet.dat with the test transaction from the cold computer because you do not want to send it

---------------------------------------------
and one another way (everything on hot PC):

1. backup hot computer wallet.dat
2. remove (yes, remove!) hot computer wallet.dat
3. disconnect from internet
4. start bitcoin-qt (this will create new temporary wallet.dat)
5. open debug console and execute command "sendrawtransaction ..."

6. close bitcoin-qt
7. remove temporary wallet.dat and restore wallet from backup

Isn't "decoderawtransaction " simpler/easier than this?
legendary
Activity: 1260
Merit: 1019
I don't want to broadcast the output, only run OP_DUP OP_HASH160 SIGNATURE OP_EQUALVERIFY OP_CHECKSIG on it locally to see if it returns transaction OK. Without touching internet.

1. copy the database (all files in folder C:\Users\\AppData\Roaming\bitcoin ) from your "hot" computer to "cold" computer
2. run bitcoin-qt on your "cold" computer
3. open debug console and execute command "sendrawtransaction ..."

in any problems there will be an error message.
in the case if everything is ok you will receive txid

4. remove wallet.dat with the test transaction from the cold computer because you do not want to send it

---------------------------------------------
and one another way (everything on hot PC):

1. backup hot computer wallet.dat
2. remove (yes, remove!) hot computer wallet.dat
3. disconnect from internet
4. start bitcoin-qt (this will create new temporary wallet.dat)
5. open debug console and execute command "sendrawtransaction ..."

6. close bitcoin-qt
7. remove temporary wallet.dat and restore wallet from backup
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
Should I stop worrying about this o it is reasonable doing an output test?

As long as you don't connect the computer which you stored Bitcoins and don't use an infected USB or disks, you don't have to worry.

doing this test will be like don't taking in mind the address reuse prohibition?

There is no prohibition. It is mainly a matter of privacy and also reusing addresses especially in a buggy client may result in exposing your private key.

There's a way to test OFFLINE and a secure way to make a transaction output, sign it, run an OP_CHECKSIG and reach "1 confirmation" only by myself?

If you are afraid to test in main chain, you should use testnet or regtest. The easiest wa is to create a raw transaction, sign it and broadcast it from an online PC.

Edit:

I don't want to broadcast the output, only run OP_DUP OP_HASH160 SIGNATURE OP_EQUALVERIFY OP_CHECKSIG on it locally to see if it returns transaction OK. Without touching internet.

Use "decoderawtransaction " in Bitcoin core to decode a transaction.
full member
Activity: 157
Merit: 103
Salí para ver
I don't want to broadcast the output, only run OP_DUP OP_HASH160 SIGNATURE OP_EQUALVERIFY OP_CHECKSIG on it locally to see if it returns transaction OK. Without touching internet.
legendary
Activity: 1143
Merit: 1000
I don't really know what you mean by 1 confirmation only by my self.

You could try to sign a transaction offline, and then on a watch-only version of your wallet, you would broadcast the transaction and you'll see it live in the blockchain.
full member
Activity: 157
Merit: 103
Salí para ver
Hi there bitcoin community!

I just created a cold storage address (offline, ubuntu live cd, paper wallet, BIP38) to have some amount in a more secure place than simply blockchain.info
I correctly restored the actual private key from the BIP38 encrypted one with my password and everything appears to be fine. I already sent some coins and I have 4 confirmations.

However, I feel that the unique way to be SURE that I can move the bitcoins in a future is to make a transaction test!
I have my private key and it generates my public address, but I have some strange feeling only doing that, I NEED to see that I will be able to move the coins!

Should I stop worrying about this o it is reasonable doing an output test?, doing this test will be like don't taking in mind the address reuse prohibition?
There's a way to make OFFLINE a transaction output, sign it, run an OP_CHECKSIG and reach "1 confirmation" only by myself?
Jump to: