Most secure way of moving coins from cold storage to hot

TierNolan

legendary

Activity: 1232

Merit: 1094

Quote from: Flanagan on December 30, 2013, 12:33:55 PM

Now, my question concerning the USB malware possibility: Is there any chance that the USB could have carried the paper wallet (that I created within armory in the offline computer) or keys of the original wallet from the offline computer to the online computer?

If you assume an unlimitedly powerful hacker then yes.

However, the security assumption is that your offline computer is safe. In theory, the OS could have been corrupted when you downloaded it.

The advantage of the offline computer is that there is only one moment that it can be compromised (at creation). After that, it is safe.

However, if the offline computer auto-runs usbs, then there is a risk every time you plug in the usb.

Ideally, an "Armory" version of linux would have auto-run guaranteed to be disabled.

There are also suggestions for doing things like using the speakers to transmit data via sound signals.

Flanagan

full member

Activity: 204

Merit: 100

For further assurance regarding this, I want to add this question:

I did create wallet in OFFLINE computer, made a Watch only copy, transferred with a USB pendrive that Watch only copy to ONLINE computer.

Now, my question concerning the USB malware possibility: Is there any chance that the USB could have carried the paper wallet (that I created within armory in the offline computer) or keys of the original wallet from the offline computer to the online computer?

LiteCoinGuy

legendary

Activity: 1148

Merit: 1014

In Satoshi I Trust

and if you hold a large amount of coins you could buy a cheap laptop on which you only handle your coins.

behindtext

full member

Activity: 121

Merit: 103

Quote from: TierNolan on December 29, 2013, 10:54:17 AM

Quote from: xabbix on December 29, 2013, 10:14:17 AM

Let's say I have some coins on an Armory client on an offline computer.

Now I want to keep that computer offline, but would like to spend some of the coins.

What is the most secure way of doing that? I could print a paper wallet of my cold wallet but that will include ALL coins and I would like to use just a fraction of it.

Thanks

Armory supports a watching-only wallet.

Boot up your offline computer and get it to create a watching-only wallet.

You need to get that wallet from your offline computer to your online computer (normally via usb ... don't copy the offline wallet).

If you import that wallet into your online computer, then it can produce transactions for your offline wallet. However, it can't sign them.

Once you have setup the online watching-only wallet, spending the money is (relatively) easy.

Create a transaction and save it to usb.

Load the transaction into your offline computer and sign it. This updates the file on the usb.

Return the usb to your online computer and it will broadcast the transaction.

do keep in mind that usb does have firmware and that firmware can propagate malware.

bitpop

legendary

Activity: 2912

Merit: 1060

I would also sweep to new key just in case
Android rng exploit exposed private key just signing. Better safe than sorry.

xabbix

newbie

Activity: 49

Merit: 0

Great! Thanks!

TierNolan

legendary

Activity: 1232

Merit: 1094

Quote from: xabbix on December 29, 2013, 10:14:17 AM

Let's say I have some coins on an Armory client on an offline computer.

Now I want to keep that computer offline, but would like to spend some of the coins.

What is the most secure way of doing that? I could print a paper wallet of my cold wallet but that will include ALL coins and I would like to use just a fraction of it.

Thanks

Armory supports a watching-only wallet.

Boot up your offline computer and get it to create a watching-only wallet.

You need to get that wallet from your offline computer to your online computer (normally via usb ... don't copy the offline wallet).

If you import that wallet into your online computer, then it can produce transactions for your offline wallet. However, it can't sign them.

Once you have setup the online watching-only wallet, spending the money is (relatively) easy.

Create a transaction and save it to usb.

Load the transaction into your offline computer and sign it. This updates the file on the usb.

Return the usb to your online computer and it will broadcast the transaction.

xabbix

newbie

Activity: 49

Merit: 0

Let's say I have some coins on an Armory client on an offline computer.

Now I want to keep that computer offline, but would like to spend some of the coins.

What is the most secure way of doing that? I could print a paper wallet of my cold wallet but that will include ALL coins and I would like to use just a fraction of it.

Thanks

Topic: Most secure way of moving coins from cold storage to hot (Read 821 times)