How to send from "cold" electrum wallet? - page 2.

Abdussamad

legendary

Activity: 3710

Merit: 1586

Quote from: btcbot on March 13, 2014, 01:22:03 PM

Quote from: jonald_fyookball on March 13, 2014, 12:46:06 PM

Is there any slight possibly that a wallet would FAIL to regenerate from a correctly stored/typed seed?
If not, is there any reason to keep the wallet file on the offline computer at all? (It seems safest
to delete electrum entirely if the coins are going into deep cold storage, and just have a watch-only
wallet from online computer along with the seed memorized/stored safely.

Not to be rude to the great dev team here, but this happened to me TODAY. It turned out to be a bug in 1.9.6, when I loaded the unsigned transaction on my offline Tails Electrum - it couldn't find the address and failed silently.

Shocked

Fixed by an update - but it was a little scary! Grin

In older versions you had to nudge electrum to generate addresses beyond the gap limit. I can understand how it might be scary, though.

Abdussamad

legendary

Activity: 3710

Merit: 1586

Quote from: jonald_fyookball on March 13, 2014, 12:46:06 PM

Is there any slight possibly that a wallet would FAIL to regenerate from a correctly stored/typed seed?
If not, is there any reason to keep the wallet file on the offline computer at all? (It seems safest
to delete electrum entirely if the coins are going into deep cold storage, and just have a watch-only
wallet from online computer along with the seed memorized/stored safely.

Yes you can do that. Write down the seed on a piece of paper. Delete the wallet. Practice restoring it. Once you are confident you have it down pat you can delete the wallet permanently.

jonald_fyookball

legendary

Activity: 1302

Merit: 1008

Core dev leaves me neg feedback #abuse #political

Quote from: btcbot on March 13, 2014, 01:22:03 PM

Quote from: jonald_fyookball on March 13, 2014, 12:46:06 PM

Is there any slight possibly that a wallet would FAIL to regenerate from a correctly stored/typed seed?
If not, is there any reason to keep the wallet file on the offline computer at all? (It seems safest
to delete electrum entirely if the coins are going into deep cold storage, and just have a watch-only
wallet from online computer along with the seed memorized/stored safely.

Not to be rude to the great dev team here, but this happened to me TODAY. It turned out to be a bug in 1.9.6, when I loaded the unsigned transaction on my offline Tails Electrum - it couldn't find the address and failed silently.

Shocked

Fixed by an update - but it was a little scary! Grin

hmmmm well thats good it was fixed..i wasnt talking about loading transactions, just restoring the wallet itself from a seed.

btcbot

full member

Activity: 151

Merit: 105

Quote from: jonald_fyookball on March 13, 2014, 12:46:06 PM

Is there any slight possibly that a wallet would FAIL to regenerate from a correctly stored/typed seed?
If not, is there any reason to keep the wallet file on the offline computer at all? (It seems safest
to delete electrum entirely if the coins are going into deep cold storage, and just have a watch-only
wallet from online computer along with the seed memorized/stored safely.

Not to be rude to the great dev team here, but this happened to me TODAY. It turned out to be a bug in 1.9.6, when I loaded the unsigned transaction on my offline Tails Electrum - it couldn't find the address and failed silently.

Shocked

Fixed by an update - but it was a little scary! Grin

jonald_fyookball

legendary

Activity: 1302

Merit: 1008

Core dev leaves me neg feedback #abuse #political

Is there any slight possibly that a wallet would FAIL to regenerate from a correctly stored/typed seed?
If not, is there any reason to keep the wallet file on the offline computer at all? (It seems safest
to delete electrum entirely if the coins are going into deep cold storage, and just have a watch-only
wallet from online computer along with the seed memorized/stored safely.

Abdussamad

legendary

Activity: 3710

Merit: 1586

Quote from: jonald_fyookball on March 05, 2014, 09:23:54 PM

LOL don't worry! It's highly unlikely we will see such sophisticated malware in the wild anytime soon. You asked the question so I thought I'd show you one extreme scenario.

jonald_fyookball

legendary

Activity: 1302

Merit: 1008

Core dev leaves me neg feedback #abuse #political

Abdussamad

legendary

Activity: 3710

Merit: 1586

Quote from: jonald_fyookball on March 04, 2014, 10:30:37 PM

Are you saying malware on the offline PC could cause it to change the recipient while you are signing it? Cause I don't see how any other way malware would be a prob on the offline PC here....and if so, Wouldn't that be able to be detected visually?

Malware could encrypt (with the malware author's password) and embed the offline wallet's seed within the transaction so that when you broadcast the transaction you would also be broadcasting the encrypted seed. The malware author could then read the seed from the blockchain, decrypt it and steal your bitcoins.

btcbot

full member

Activity: 151

Merit: 105

You really can't be sure - that's why I only access my cold storage Electrum from a Tails USB drive. I've installed Electrum on a persistent drive within the Tails system.

https://tails.boum.org

I use my usual computer. Unplug the ethernet cable. Reboot into Tails and voila...

jonald_fyookball

legendary

Activity: 1302

Merit: 1008

Core dev leaves me neg feedback #abuse #political

Are you saying malware on the offline PC could cause it to change the recipient while you are signing it? Cause I don't see how any other way malware would be a prob on the offline PC here....and if so, Wouldn't that be able to be detected visually?

Abdussamad

legendary

Activity: 3710

Merit: 1586

Quote from: jonald_fyookball on March 04, 2014, 12:35:05 AM

Thanks! Wow this looks pretty darn secure. Is there any way coins could be stolen if this approach was used?

Malware could get to the offline PC via the USB stick. It would have to be malware that runs when you put the USB stick into the computer i.e. malware that exploits an OS vulnerability. Otherwise you are not really running any executable files off the USB stick. All you'll be doing is opening, closing and saving text files.

jonald_fyookball

legendary

Activity: 1302

Merit: 1008

Core dev leaves me neg feedback #abuse #political

Thanks! Wow this looks pretty darn secure. Is there any way coins could be stolen if this approach was used?

Abdussamad

legendary

Activity: 3710

Merit: 1586

https://electrum.org/tutorials.html#offline-mpk

jonald_fyookball

legendary

Activity: 1302

Merit: 1008

Core dev leaves me neg feedback #abuse #political

Hi, I have electrum and seems easy enough to send/receive.

Electrum website says: Cold Storage: You can have secure offline wallets and still safely spend from an online computer.

What are the steps to do this?

thanks!

Jonald

Topic: How to send from "cold" electrum wallet? - page 2. (Read 2955 times)