I learned about airgapped wallets | Bitcointalksearch.org

virasog

legendary

Activity: 3136

Merit: 1172

Leading Crypto Sports Betting & Casino Platform

Quote from: bitmover on October 25, 2023, 01:53:20 AM

For example, what is an "offline computer "? It is a computer that was never and will never connect to the internet. It is theoretically beautiful, but practically it is not so simple and one little mistake is fatal.

How will you transfer the signed transaction? Pen drive? What if it is infected?

Well, you are right to the extent that the pen drive may contain viruses but then we are connecting Pen drive to the air gapped computer where the interent will never touch that device. So now, let suppose, a malware comes in the air gapped device through usb drive, but that malware cannot transfer data out to the internet because that device does not have access to the Internet.

Quote from: bitmover on October 25, 2023, 01:53:20 AM

just buy a hardware wallet. This is way safer for 99% of the people.

Still it depends as many people may buy it from offline and online stores and not from the official store and sometimes it has issues with tempered firmware etc if bought from third party.
Open source hardware wallet like Trezor is good alternative but i think using an air gapped device on a Tails OS is much better than using a Ledger hardware wallet which is closed source. (You need to be a bit technical in order to create an air gapped tails OS USB).

apogio

hero member

Activity: 560

Merit: 1060

Quote from: hugeblack on October 26, 2023, 06:13:27 AM

Make one of these backups out of metal, such as steel backup, because with all the geopolitical variables, fires, floods, disturbances, earthquakes, or wars may occur, and therefore it is better to keep one of the options from steel backup, as paper will not help you in such things.

Well, the reason I don't suggest metal is:

1. Too much hassle and more expensive.
2. The possibility of 2 out of 4 backups being destroyed at the same time is extremely low.
3. In case of fire or flood, I prefer my backup to be totally destroyed, rather than not. If it survives, who know who will capture it.

hugeblack

legendary

Activity: 2688

Merit: 3983

Quote from: apogio on October 26, 2023, 03:33:21 AM

Quote from: bitnote on October 24, 2023, 11:25:13 PM

2. Generate a wallet on the offline computer and write down the provided seed phrase.

Write it down twice.

Add a passphrase on top of the wallet. A strong passphrase, not something like "passphrase123".

Write down the passphrase twice.

This will leave you with 4 different backups (Seed backup 1, Seed backup 2, Passphrase backup 1, Passphrase backup 2).

Make one of these backups out of metal, such as steel backup, because with all the geopolitical variables, fires, floods, disturbances, earthquakes, or wars may occur, and therefore it is better to keep one of the options from steel backup, as paper will not help you in such things.

Adding a multi-signature wallet will enhance your security if you know how to set it up correctly.

apogio

hero member

Activity: 560

Merit: 1060

Quote from: bitnote on October 24, 2023, 11:25:13 PM

2. Generate a wallet on the offline computer and write down the provided seed phrase.

Write it down twice.

Add a passphrase on top of the wallet. A strong passphrase, not something like "passphrase123".

Write down the passphrase twice.

This will leave you with 4 different backups (Seed backup 1, Seed backup 2, Passphrase backup 1, Passphrase backup 2).

Store all those 4 backups in separate locations.

Why do I say all that? Because using airgapped devices is absolutely essential for safety, but they don't guarrantee money-loss due to human error. So, do as I say to make sure you eliminate single points of failure.

blue Snow

legendary

Activity: 1526

Merit: 1032

Up to 300% + 200 FS deposit bonuses

Quote from: bitnote on October 24, 2023, 11:25:13 PM

5. Transfer transaction details to an online computer for broadcasting.

This is a crucial phase you have to be careful because you move from offline to online. I don't know what exact method you use on Electrum, but if you were careless, the step from step 1 is not that useful.

I ever tried it Broadcast the transaction by scanning a QR code from my mobile phone to an airgapped PC. It works fine for me, just make sure the fee is higher than a recommendation, because if stuck, you will do it again from the beginning to bump the fee ( I never tried, but it look complicated to do it offline)

khaled0111

legendary

Activity: 2702

Merit: 3045

Top Crypto Casino

Quote from: Zaguru12 on October 25, 2023, 12:52:56 AM

Quote from: bitnote on October 24, 2023, 11:25:13 PM

4 .Create and sign transactions on the offline wallet.

You can limit the process to be done by the offline device to just signing of the transaction and not necessarily creating the transaction.

This is not an option. As hosseinimr has pointed out, you must use an online wallet to create the transaction otherwise it may be rejected for being invalid because of using already spent outputs.
You need to use a synced watching only wallet to create a valid transaction or you can create it manually if you know how to do it and know the utxo to use as inputs.

Z-tight

hero member

Activity: 994

Merit: 1089

Quote from: kingvirtus09 on October 25, 2023, 12:49:18 AM

In addition, even though I don't have a hardware wallet other than the electrum wallet I use, I haven't had any issues as long as I know the private key and seed of my personal wallet address account. My account is absolutely secure.

Your wallet isn't absolutely secure if it is in an online device, as anything that is online is prone to hacking, Electrum is an online wallet by default, so if you want to use Electrum wallet to store your main funds, you should run Electrum in an airgapped device. It is worth mentioning that just because you have not had any issues yet, you shouldn't feel safe using your wallet online.

Quote from: DubemIfedigbo001 on October 25, 2023, 01:09:20 AM

There is no form of security that is void of attacks, just pray you're not a target.

There is no way to be sure you are 100% secure, but there are surely recommended solutions to ensure better security, and you can't pray not to be attacked, rather you implement recommended solutions to make it almost impossible for an attacker to successfully attack you.

Quote from: bitmover on October 25, 2023, 01:53:20 AM

How will you transfer the signed transaction? Pen drive? What if it is infected?

Using qr codes is a great way to do that.

Quote from: bitmover on October 25, 2023, 01:53:20 AM

just buy a hardware wallet. This is way safer for 99% of the people.

I don't think a hardware wallet is 'safer' than an airgapped wallet, especially with how some hardware wallet manufacturers are turning out to be shady. But anyway, a hardware wallet may be the best offline solution for a newbie, because it may be hard for a newbie to set up an airgapped wallet in a totally safe enviroment, and if they don't know what they are doing, they may lose their coins.

Quote from: bitmover on October 25, 2023, 01:53:20 AM

A hardware wallet is an airgapped device, created by people who understand way more than you or me about cyber security

Not all hardware wallet is airgapped.

Zaguru12

hero member

Activity: 868

Merit: 952

Quote from: bitmover on October 25, 2023, 01:53:20 AM

How will you transfer the signed transaction? Pen drive? What if it is infected?

just buy a hardware wallet. This is way safer for 99% of the people.

A hardware wallet is an airgapped device, created by people who understand way more than you or me about cyber security

This is a thing of preference, some people do not like Hardware wallets just because of reoccurring vulnerabilities and sometimes breech of trust like that of ledger having your seeds and they prefer the offline storage set up by them selves. But as for newbie like OP, i would also second your opinion of him sticking to hardware maybe until he is sufficiently equipped with knowledge to set it up himself (if he still cares).

The major hit back is always how the set up and unsigned transaction of offline wallet is carried out, an experienced person will go all the way to use an open source operating system like Linux, running away from using USBs for transferring and using Webcams as a means for that.

One more thing is the hardware wallet is more portable and easier to move around than an offline device.

Quote from: philipma1957 on October 25, 2023, 09:35:23 AM

You must triple check all electrum updates to be sure it was a valid notification.

Other than that I feel you are doing a good job staying secure.

Luckily as a bitcointalk member you have the advantage of simply coming onto the forum to check their board of truly a new update is available since the developer is rightly with us and also maybe there are some changes you wouldn’t want and would just stick to the older version (which most at times isn’t advised)

philipma1957

legendary

Activity: 4256

Merit: 8551

'The right to privacy matters'

Quote from: kingvirtus09 on October 25, 2023, 12:49:18 AM

What you said is right; it's just that most of the communities in this forum are already aware of what you described, and the novices are already aware of what you said. All that is required for proper implementation is the proper implementation.

In addition, even though I don't have a hardware wallet other than the electrum wallet I use, I haven't had any issues as long as I know the private key and seed of my personal wallet address account. My account is absolutely secure. Furthermore, it is vital to always update when the electrum notifies.

You must triple check all electrum updates to be sure it was a valid notification.

Other than that I feel you are doing a good job staying secure.

BitMaxz

legendary

Activity: 3374

Merit: 3095

Playbet.io - Crypto Casino and Sportsbook

I agree with the above post offline device is not always safe if you just transfer a .psbt file or raw/hex through USB there is still a possibility that your offline PC can be infected and copy your data from your offline wallet to your online device.

To get rid of this for me much better use a QR code and scanner Electrum does have this feature in my own setup my phone is my watch-only wallet and for my laptop, I totally remove the Wi-Fi adapter to make sure it won't connect online since my laptop have built-it camera I use it to scan QR code that I generated from my watch-only wallet to sign the transaction offline after the transaction is signed you can export the transaction and show as QR code again and scan it with your phone.
That is way easier than transferring the raw transaction through a USB flash drive that's not safe anymore.

Husires

legendary

Activity: 1596

Merit: 1288

Quote from: bitnote on October 24, 2023, 11:25:13 PM

1. Your private keys are kept safe offline, so hackers can't get them online.
1. Download Electrum onto an offline computer.

Being offline does not mean that you will always be safe. If you connect to the Internet and there are viruses, your private keys may send to third-party devices. you need to be offline, will not connected to the Internet, and that your operating system is open source and clean, free of any viruses, is what makes you safe. if your device is isolated from any connection to any other device, it is airgapped.

Electrum is not the only wallet that allows you to create an offline wallet, but it is the easiest. If you want to add airgapped multi-signatures, choose Sparrow.

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Quote from: KiaKia on October 25, 2023, 04:30:10 AM

Since you can generate wallets offline on most crypto wallets out there, they can be treated as an offline wallet, just generate them offline and back up your recovery seed offline, then uninstall the wallet from your PC and get your address for instant deposits, from crypto exchanges or from others.

This doesn't make your wallet a cold wallet.
With just disconnecting your computer from internet when generating the wallet and uninstalling the wallet, you don't really increase your security. If you want to have a cold storage, you should create your wallet on a computer which has been always offline and will be never online.

KiaKia

sr. member

Activity: 728

Merit: 388

Vave.com - Crypto Casino

Since you can generate wallets offline on most crypto wallets out there, they can be treated as an offline wallet, just generate them offline and back up your recovery seed offline, then uninstall the wallet from your PC and get your address for instant deposits, from crypto exchanges or from others.

I am using a crypto tracker to track my transactions into the wallet, if your wallet can stay offline you are better secured than those running and leaving their crypto wallets online, one of the ways that hackers get the best of people is because they are using their wallets online.

This is the way that bad links and fake tokens are used to steal your asset, nowhere is safe online today, not twitter or telegram, they will send you bad links and they will pray you visit and do some thing stupid.

OcTradism

hero member

Activity: 1722

Merit: 801

AirGap Setup Guide, step by step.
[Guide] Secure air-gapped crypto wallet storage method.

You can set up your airgap wallet or cold storage wallet, multisig wallet with Electrum wallet software. They are all better than a hot wallet, single signature.
Creating a cold storage wallet in Electrum.
Creating a multisig wallet in Electrum.

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Quote from: bitnote on October 24, 2023, 11:25:13 PM

3. Use this wallet to create receiving addresses.

For generating a new address, you can use each of offline and online wallets.

Quote from: bitnote on October 24, 2023, 11:25:13 PM

4 .Create and sign transactions on the offline wallet.

The unsigned transaction must be created using the online wallet.
Take note that for creating the unsigned transaction, your wallet needs to know what UTXOs you own. The offline wallet has no information about your UTXOs.

Ruttoshi

sr. member

Activity: 476

Merit: 385

Baba God Noni

Electrum cold storage wallet is very safe to keep your bitcoin as long as you don't connect it to the internet, but it can be somehow complicated for newbies to understand how it works. If one don't have money to buy a hardware wallet, electrum cold storage can serve the same purpose.

I don't know among the electrum cold wallet and hardware wallet which is the safest but they all have their own disadvantage, the major thing is that you should follow all safety measures when using any of them to avoid any mistake that will lead to loss of funds.
For proper understanding on how to set up an electrum cold storage wallet https://bitcoinelectrum.com/creating-a-cold-storage-wallet-in-electrum/

Mia Chloe

sr. member

Activity: 448

Merit: 560

Crypto Casino and Sportsbook

Nice of you wanting to understand crypto security and privacy better Op. However I will suggest you consider actually setting up an air gapped device by yourself as it will help you understand the concept of air gapping better.
You can check this post
https://bitcointalksearch.org/topic/m.62863678 as members of the forum were of much help to me while I was still very new to the Bitcoin ecosystem and wanting to set up my first air gapped device

You should also check out these articles https://electrum.readthedocs.io/en/latest/coldstorage.html
https://bitcoinelectrum.com/creating-a-cold-storage-wallet-in-electrum/
it will guide you through your journey of setting up an electrum wallet

bitmover

legendary

Activity: 2352

Merit: 6089

bitcoindata.science

Quote from: bitnote on October 24, 2023, 11:25:13 PM

steps:
1. Download Electrum onto an offline computer.
2. Generate a wallet on the offline computer and write down the provided seed phrase.
3. Use this wallet to create receiving addresses.
4 .Create and sign transactions on the offline wallet.
5. Transfer transaction details to an online computer for broadcasting.

This process maintains the security of your private keys by keeping them offline. Feel free to point out any mistakes or uncertainties.

The whole process involves a lot of risks and is way more complicated than that.

For example, what is an "offline computer "? It is a computer that was never and will never connect to the internet. It is theoretically beautiful, but practically it is not so simple and one little mistake is fatal.

How will you transfer the signed transaction? Pen drive? What if it is infected?

just buy a hardware wallet. This is way safer for 99% of the people.

A hardware wallet is an airgapped device, created by people who understand way more than you or me about cyber security

This topic has way too many posts about people losing money inventing new ways to protect their bitcoin.

DubemIfedigbo001

sr. member

Activity: 490

Merit: 346

Let love lead

You only air gapped the device from online attackers, you didn't consider offline attackers. If I have access to the computer offline, its still possible to bypass your
operating system passwords and have access to your private keys possibly stored in the computer. Even if in the process, your wallet is uninstalled, I can still get to your funds with your private keys. There is no form of security that is void of attacks, just pray you're not a target. This topic was discussed in more detail here sometimes ago, I'll advise that when you're creating a topic next time, use the search element to check for the existence of similar topics and just go comment under it with your points to prevent spamming.

Zaguru12

hero member

Activity: 868

Merit: 952

Quote from: bitnote on October 24, 2023, 11:25:13 PM

3. You need to manually do transactions, so no accidental ones.

The risk is reduced in minimal when trying to send from an airgapped device, but that doesn’t Eliminate the risk total because you would still need to verify or cross check the address(es) you are sending your bitcoins to. There is a little possibility of clipboard error especially when creating the unsigned transaction from a watch only wallet on the online device.

Quote from: bitnote on October 24, 2023, 11:25:13 PM

4 .Create and sign transactions on the offline wallet.

You can limit the process to be done by the offline device to just signing of the transaction and not necessarily creating the transaction. The online watch only wallet can be used to create the and the transfer offline to the airgapped device for signing and then later back to the online device for broadcasting.

Overall an airgapped device is the best for wallet storage if you are someone that feel uncomfortable with hardware wallets

Topic: I learned about airgapped wallets (Read 322 times)