Topic: Is this how I should setup my offline electrum wallet? (Read 3759 times)

Wow that's some bug! It *should* have been mentioned in the release notes so that we can make informed decisions about when to upgrade or not.

thank you for everything! i sent you a small tip !

The way the bug worked was in 1.9.7 when you create a new wallet and choose "Restore from seed" then you try to insert a 12 word seed from a previous wallet to restore it. "Create New Wallet" and "Watch-only wallet" are NOT AFFECTED.

That is the ONLY TIME the bug happens.

However, it happens ONLY if you mistype your seed.

If you type your seed correctly, restore is successful.

If you type incorrectly, Electrum makes the exact same wallet from issue #613. It is a watch-only wallet. Some person calculated the seed for that 1 wallet, and takes out any bitcoins that are sent into it.

So if you restore from seed, and it does not ask you to set a password. That tells you that you have mistyped your seed and created the issue #613 watch-only wallet.

Because watch-only wallets don't ask to set a password, but seeded wallets do.

You typed in a seed, so you should NOT be making a watch-only wallet. The ONLY way to make a watch-only wallet after putting in the seed is the bug #613. So if you see watch-only on the wallet even though you typed the seed, that is the blackhole.

what do you mean a critical bug ? i've seen no seen in the release notes! also why ubuntu package software put 1.9.7 forward as the trust version ? do you have any sources?

edit you are right : https://github.com/spesmilo/electrum/issues/613

what shall i do ? why is this bug not more well known? i checked the release notes of 1.9.8 and no mention of this!!

Install 1.9.8.... 1.9.7 has a critical bug in the seed restore function.

If you only "Create new wallet" then you're fine...

But if you "Restore wallet from seed" and then you misspell one of the words, the wallet will create a watch-only wallet instead of a REAL wallet, and it will always be the same watch-only wallet.

Many people have sent bitcoins to this wallet, but it is a black hole that you won't have the private keys for. (someone figured out the seed and now steals any bitcoins that are sent into this "black hole" wallet)

Stick with the mint Linux that you installed before......... or did you delete it?

Thanks guys, just to be sure I've done it again with ubuntu but the command lines thingy wasnt functionning so i used the ubuntu software installer. I typed electrum and downloaded it from there. it is the 1.9.7 though

Is it normal ? am i OK ?

Sorry for dumb uestions I only have 1.4 btc but its a lot to me...

#2 there is no way to check. But to be honest. You should be fine, don't worry about it.

thanks again for your help dabura and abdussamad! i've just did my first spent from the offline wallet using the signed transaction:) it was very fun to do and a very smart way to design electrum!

now i have one last question : if i've fucked up at one point, is my offline wallet riskier than an online multibit/electrum(non watching) wallet ?

for instance, there could have been a few problems

1) linux livecd OS gets malware because it was connected to the internet to download electrum (not probable apparently)
2) stupid me created the wallet while being online - what happens in that case ? is it at risk ? and how do i make sure i didnt made that mistake ?
3) malware on usbkey from the getgo (not really probable apparently)

what else have i forget ? is it possible ive fucked up somewhere and my new protocole is worse than mutlibit/electrum that i was using before?

Perhaps linux mint supports persistent storage? Meaning it is storing something on your hard drive or USB drive so you can carry on from where you left off. Obviously this means that you no longer have a truly offline wallet.


When somebody (perhaps yourself) sends bitcoin to an address you own the blockchain simply records that such and such an amount has been sent to such and such an address. When it is time to spend the bitcoins you prove ownership of the address by signing the spend transaction using your private key. This can be independently verified by the world at large using your public key. Here is a more detailed explanation:

https://bitcoinspakistan.com/blog/private-key-public-key-bitcoin-address-and-the-blockchain/

Thanks again for the answear, i really appreciate it! one other thing i had trouble is installing electrum on linux... For instance, I had to connect my livecd to internet to download electrum and install it. But then it means my livecd, thus my usbkey has been exposed to the internet... I thought it would defeat the purpose of the offline wallet.  This is what troubled me so much. I couldnt manage to install electrum without the internet but is it that important ?

also, when i've installed electrum on my livecd, it saved everything ! what I mean is that whenever I install something on the livecd it stays even after a reboot! so when I installed electrum it still there!

is that a problem? its a difficulty for me to comprehend the purpose of the offline wallet as the machine and the OS where its stored was exposed to the internet... for instance if by inadvertance i boot into my live cd and i have the internet connected well i am fucked and my offline wallet isnt an offline wallet anymore right ?

also, are the addresses of my offline wallet known to the blockchain ? it must be adverted everywhere? right ? is that a risk?

The idea is that if your computer is infected with malware your offline wallet is not affected and bitcoins sent there cannot be stolen.


Yes.

BTW you don't have to store the wallet on your usb key. Just noting down the seed on a piece of paper is sufficient. You can restore from seed whenever you need to spend bitcoins. You will still need a USB drive for the transaction files though.


If the usb key gets infected then your bitcoins could be stolen. It would have to be pretty sophisticated malware, though. Malware that a) supports both windows and linux b) targets bitcoin users with offline wallets. I don't know of any such malware in the wild.

First thank you for the answear. Second, I wish you had told me what is the purpose of the offline wallet. I think I know it but I am not sure! Also english isnt my first language so as soon as it gets technical I cant express myself anymore! Also I am a scared noobie and fear prevents me to thinking straight! Also its too technical for me!

To be clear: when I setup an offline wallet and I observe it through electrum on computer connected to the internet, i cannot spend the coins without having to save the tx file and load it on the offline wallet which is located on my usb live key?

Its a way to protect yourself against an attack or a rootkit or anything on your computer right? but what if the usbkey get contaminated ? or what if ... I dont know !

It is same as usual. Just copy the address from the watch only wallet (offline, read only wallet installed on your computer) to your multibit send window and go from there.


Write down a few of the addresses in your watch only wallet on a piece of paper. Then follow same procedure as before to recreate your wallet i.e. boot into mint, install electrum, disconnect wifi, create new wallet selecting restore from seed, enter seed. See if the same addresses you wrote down show up.


Why are you creating an offline wallet if you don't know what use it is? Who told you to go create an offline wallet? If you don't have too many bitcoins then an online electrum wallet installed on your computer with a decent password is good enough for most people.

Offline wallets are an advanced feature. They are not for newbies.

I was using the word "online wallet" to describe the wallet where my coin currently are (ie multibit); and the word "offline wallet" to describe the wallet ive created using linux and that i am observing using electrum

I was wondering how do I send bitcoin from my online wallet (multibit) from my offline wallet (observing with electrum), is it the same as usual ? i take an address from the wallet I observe and I send this address using multibit?

But then how do I make sure I really own this wallet ? I need to be able to send coins from it.

So to do that, I do what you describe in your latest message, right?

Also, what happens if my offline wallet goes online ? how is it dangerous ? for instance if I forget to create my offline wallet with wifi disconnected what does it change? is it out in the public meaning that anyone can log in ?

Also when I want to spend money from my offline wallet, the only way to do that is to transfert through a usb key the tx file ? there is no other way ? what about recreating the seed on a pc connected to the internet? then I can do all that. So i need to keep my seeds secure, right ?

The interest of the offline wallet through electrum is to prevent the spending of the bitcoin ? i can only receive coins ? I can not spend them because to spend them I need to have access to the seeds or to the usb key ? so my usb key needs to be secure too right?

I think you are confused.

1) Your "offline" wallet is on Linux, it has your bitcoin addresses and your private keys stored. (you are protecting your private keys from theft by keeping them offline)
2) Your "online" wallet is on Windows/Mac whatever, and it has the SAME EXACT bitcoin addresses as your "offline" wallet. EXCEPT your online computer does NOT have the private keys.

So if you sent bitcoins to your online wallet, they are on your offline wallet too. It's the same wallet, just the online one has no private keys, so no one can steal your bitcoins from your online PC.

So in order to send bitcoins, you must use your online pc and send bitcoins with electrum (you can send to another address in the same wallet, it doesn't matter) and because your online wallet has no private keys, electrum will automatically see this, and it will show you a transaction confirmation screen. On this screen, you will see a button that says "save".

Save this file (.txn file) to your USB drive.

Then you load your OFFLINE wallet. (So boot to your Linux offline)

Then you plug in the USB with your .txn file, and you click "Load Transaction" "from file" in the OFFLINE electrum. Then select the .txn file.

The same transaction window will show up, but because it is offline, the balance will be 0 or maybe negative or something, just ignore it. Click "sign"

Then click "save" after you are done signing. This time you save the signed .txn file back to the USB.

Then you go back to your online computer. Click "Load transaction" "from file" and pick the SIGNED txn file.

Then the window will pop up, check to make sure all the info is ok, then click "broadcast". Within a few seconds you will see the bitcoin move from one address to the one you sent it to.

This is how you use offline transaction signing with Electrum.

It is this part that I dont understand. When you mean "all I need to do to send bitcoin...." is from the "observing perspective" Am I right ? But what about :

1) How do I send bitcoin to the wallet i am observing (my offline wallet) from my online wallet ? is it like usual ?
2) If I want to spend bitcoins from the wallet i am observing i have to follow what I quoted? right ?

thanks again for your help! i made so newbie mistakes (lost password and more) that now i quadruple check everything, i just thank god that im not this guy who sent 800 btc to an old mtgox address !

edit: yes i waited to have my pc disconnected to create the wallet! what happens if I didnt ? im doubting myself now

I already sent a small amount to the wallet i am observing! thanks for offering! i'm gonna read what u wrote now! I must be crazy but i am not 100% sure its the wallet I have created that I am observing !

tell me one of the addresses and I'll send you 0.001 BTC.

only tell me AFTER you have installed your watch-only wallet on your online PC.

try it out with small amounts first.

now that you have it set up, and you install a watch only wallet on the online computer, try sending like 0.002 BTC to an address... then try sending that to another address... after 2 or so times, you should be comfortable with sending and receiving with your offline wallet. THEN you can send all your bitcoins to one of the new addresses.

Just never connect to the internet AFTER that. So I hope you created your first wallet AFTER disconnecting.

Even if there was spyware that infected your livecd in the 5 minutes you were online. It will never be able to talk to the internet again, so you should be good.

If you want to be super sure, you can find the source code for pyqt4 and pip and copy them over via USB then install them manually... kinda technical, but yeah.

Also, you should take your master public key and move it to an online computer. Then you just install electrum on your online computer, and when you first start up choose "Create watch only wallet" and then paste in your master public key to get all your bitcoin addresses with no private keys.

Then all you need to do to send bitcoin is create unsigned transaction with your online computer, transfer unsigned tx to offline wallet via usb, then sign it, transfer signed tx to online pc via usb and then load it into your watch only wallet and click "broadcast".