my simple way to store bitcoin - is it any good

xenon131

hero member

Activity: 491

Merit: 1259

Nihil impunitum

Quote from: o_e_l_e_o on November 08, 2020, 03:45:29 AM

Quote from: ?? on ??

There is even more simple way to get your cold address for storing bitcoin. All you need is to toss up the coin 256 times and convert resulting random binary number into bitcoin address. There are plenty WEB sources that may instruct you how to do that. One of them is that video on youtube https://www.youtube.com/watch?v=XQ8Uz0qMtoU Don't forget to memorize the private key (i.e. random number generated from coin flipping) relevant to that address otherwise you will not be able to access it.

As much as I am a fan of generating your own entropy using coin flips, rolling dice, or something similar, there are a few things I disagree with here.

First of all - don't use a web source. As soon as you enter your entropy in to a website, then you have negated the entire point of creating it manually. Whatever you use to convert binary in to hex, make sure it is done offline (you can also do it manually with a simple lookup table such as this one: https://i.imgur.com/BjpomPf.jpg).

Second of all - don't memorize it. Back it up written down on paper. If you try to memorize something as complicated as a random private key, you will almost certainly forget some portion of it and lose access to your coins.

Lastly, I always think it is better to work with seed phrases rather than individual private keys. They are easier to use, harder to make a mistake with, allow you to back up an entire wallet rather than just a single address, and avoid issues with coins being sent to change addresses you cannot access. It is also very easy to use your own entropy to generate a seed phrase by selecting the box "Show entropy details" on the Ian Coleman page.

I agree with everything you’ve said and can add even more to that.He could obtain the SEED phrase from 256-bit-long random number resulted from coin flipping. The procedure is straightforward and can be manually done without reference to any online service. Informative description of such procedure can be found over there or DYOR to look for other source of pertaining info.

traderethereum

hero member

Activity: 2870

Merit: 574

Vave.com - Crypto Casino

Quote from: ?? on ??

Quote from: traderethereum on November 08, 2020, 04:08:00 AM

it is preferred to save that 12 words in separate devices

Saving seed in electronic device is risky. It can be destroyed within no time, can be lost as well. Well, writing in paper carries the same risk but I would prefer writing in paper than saving in electronic devices. Moreover, if you are saving on devices which you need to go online, you are risking the fund as hackers may target you.

It will depend on how you use that device. If you are not going to use it with another software or that device is just to save your 12 words, I don't think it is risky. We have and know what we want and how we will store that 12 words, so maybe that will not fit for you and other people. At least, that can work for me Grin

Quote from: Saint-loup on November 08, 2020, 04:32:24 AM

Quote from: ?? on ??

Quote from: traderethereum on November 08, 2020, 04:08:00 AM

it is preferred to save that 12 words in separate devices

Saving seed in electronic device is risky. It can be destroyed within no time, can be lost as well. Well, writing in paper carries the same risk but I would prefer writing in paper than saving in electronic devices. Moreover, if you are saving on devices which you need to go online, you are risking the fund as hackers may target you.

Don't spam the thread please
The real quote is

Quote from: traderethereum on November 08, 2020, 04:08:00 AM

it is preferred to save that 12 words in separate devices or write it in the paper and save it in a safe place.

Then your post is pointless

Thank you.

pakhitheboss

hero member

Activity: 2156

Merit: 803

Top Crypto Casino

I like your idea but there is only one problem coinbase is an online wallet wherein your details will be with them in their backend after you have deleted your account. Now generally hackers attack the backend plus when ever you access your account in the future using a mobile device or a desktop then if your device is already hacked or has a malware you still can lose your Bitcoin.

Possible option is to download a desktop wallet and never use the desktop or the laptop till you want to move your Bitcoin.

robelneo

legendary

Activity: 3416

Merit: 1225

Quote from: nomad647 on November 07, 2020, 02:13:56 PM

hi, i'm new, no experience, i'm buying bitcoin on exchanges

There's no better place to buy Bitcoin, but on exchanges so your purchase will be added to the data

Quote

i want to cold store without using hardware wallet.
(i've tried keepkey and it is too complicated for me)

As long as you can keep the private key in a much safer place feel free to do so

Quote

then all i need to do is keep my 12 words safe for many years on metal plate

It looks like you are going to save a huge amount of Bitcoin for you to use something like a metal plate

Quote

i tested by opening another different wallet (bitcoin.com),
then, using these words, all my bitcoins appeared
is this safe to do and still work again in say 10 years

Everything depends on how you can keep the private keys away from prying eyes or on a safe place that you or the one you trusted knows

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: o_e_l_e_o on November 08, 2020, 10:25:53 AM

Quote from: Saint-loup on November 08, 2020, 10:13:05 AM

PGP keys are not writable on paper for example, so if you were right it means PGP (and all encryption systems) should be considered as compromised...

If you are storing your PGP key on an internet enabled computer running Windows, then yes, I would consider your key compromised.

Quote from: Saint-loup on November 08, 2020, 10:13:05 AM

LOL could you give us the script then?

Not sure what's funny, but sure.

Go to: https://github.com/iancoleman/bip39/releases
Download the Source Code of the most recent version and extract
Navigate to the folder src\js and open the file jsbip39.js
Navigate to line 116 and change return h == nh; to return true;
Navigate to line 144 and change passphrase = "mnemonic" + passphrase; to passphrase = "electrum" + passphrase;
Save your changes
Navigate to the folder src and open index.html
Paste in your Electrum seed

For a Legacy seed, click the BIP32 tab and make sure the derivation path is m/0
For a Segwit seed, click the BIP141 tab, select P2WPKH, and change the derivation path to m/0'/0

The addresses generated will match those in Electrum.

Thank you, I wasn't aware of that trick from HCP.
I hope it will be clear enough for nomad647

Edit:

It seems HCP has made a tool to use that without having to edit code (but you need to trust it ofc) : https://github.com/HardCorePawn/electrumBIP39

Quote from: HCP on February 21, 2019, 04:06:38 PM

Quote from: nc50lc on February 20, 2019, 10:13:03 PM

Do you have an already modified offline files that can be downloaded? Or just a fork of https://github.com/iancoleman/bip39 with the edited code?
Because newbies and some Electrum users will find it useful at times like this; manually editing the code themselves is much of a hassle or out of their expertise (though HTML can be edited using notepad and pretty much basic, some may find it hard).

You're a trusted member and if it is hosted in Github and a fork of the original, most members will trust it.

Actually I do have an offline version hosted on Github... it has been there for a while: https://github.com/HardCorePawn/electrumBIP39 But it was VERY old (only included BIP44 and BIP32 tabs! Shocked

), So I have just updated it... Wink

Unfortunately, I can't simply fork the Ian Coleman repo and modify it, as Ian removed the standalone.html file from source control (to save space as far as I can tell) Undecided

So, I did a "save as" on the current Ian Coleman page, made the two edits that I listed in the other thread linked above and then uploaded the file to GitHub.

As always, USE AT YOUR OWN RISK!

NOTE: Instructions have been updated to include the subtle differences for SegWit address derivation.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: Saint-loup on November 08, 2020, 10:13:05 AM

PGP keys are not writable on paper for example, so if you were right it means PGP (and all encryption systems) should be considered as compromised...

If you are storing your PGP key on an internet enabled computer running Windows, then yes, I would consider your key compromised.

Quote from: Saint-loup on November 08, 2020, 10:13:05 AM

LOL could you give us the script then?

Not sure what's funny, but sure.

Go to: https://github.com/iancoleman/bip39/releases
Download the Source Code of the most recent version and extract
Navigate to the folder src\js and open the file jsbip39.js
Navigate to line 116 and change return h == nh; to return true;
Navigate to line 144 and change passphrase = "mnemonic" + passphrase; to passphrase = "electrum" + passphrase;
Save your changes
Navigate to the folder src and open index.html
Paste in your Electrum seed

For a Legacy seed, click the BIP32 tab and make sure the derivation path is m/0
For a Segwit seed, click the BIP141 tab, select P2WPKH, and change the derivation path to m/0'/0

The addresses generated will match those in Electrum.

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: o_e_l_e_o on November 08, 2020, 09:15:27 AM

Quote from: Saint-loup on November 08, 2020, 04:32:24 AM

The real quote is

Quote from: traderethereum on November 08, 2020, 04:08:00 AM

it is preferred to save that 12 words in separate devices or write it in the paper and save it in a safe place.

Then your post is pointless

I don't think it is pointless. The original quote is incorrect - it is not preferable to back up your seed phrase on a separate device or on paper. It is preferable to back up your seed phrase on paper only. It should never be saved electronically on any device unless you really know what you are doing regarding airgapped devices and strong encryption, but for newbies this is not the case. Back it up on paper. Do not enter it or save it on any electronic device. If you do, consider it compromised.

It's your own opinion, but it's not an academic conclusion. PGP keys are not writable on paper for example, so if you were right it means PGP (and all encryption systems) should be considered as compromised...

Quote from: o_e_l_e_o on November 08, 2020, 09:15:27 AM

Quote from: NeuroticFish on November 08, 2020, 06:06:05 AM

Just then the user (OP) has to be warned that Electrum seed may not work in another wallets (without extra processing) and that he should also backup xprv, I guess.

Given what I've said above about Ian Coleman, I don't think it's necessary to back up an xprv as well. There will always be a way to recover Electrum seeds.

LOL could you give us the script then? nomad647 and other people are looking for a real solution.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: Saint-loup on November 08, 2020, 04:32:24 AM

The real quote is

Quote from: traderethereum on November 08, 2020, 04:08:00 AM

it is preferred to save that 12 words in separate devices or write it in the paper and save it in a safe place.

Then your post is pointless

I don't think it is pointless. The original quote is incorrect - it is not preferable to back up your seed phrase on a separate device or on paper. It is preferable to back up your seed phrase on paper only. It should never be saved electronically on any device unless you really know what you are doing regarding airgapped devices and strong encryption, but for newbies this is not the case. Back it up on paper. Do not enter it or save it on any electronic device. If you do, consider it compromised.

Quote from: pooya87 on November 08, 2020, 05:55:52 AM

it is very easy to ask the community to create a very simple tool with less than 20 lines of code (hence easy to review) to convert the Electrum mnemonic to an extended private key (xprv) that could be imported in any wallet or used to get the private keys out.

It doesn't even need to be that difficult. Changing two lines of code in the Ian Coleman site and selecting the correct derivation path will allow you to use it to turn Electrum seed phrases in to private keys/public keys/addresses.

Quote from: NeuroticFish on November 08, 2020, 06:06:05 AM

Just then the user (OP) has to be warned that Electrum seed may not work in another wallets (without extra processing) and that he should also backup xprv, I guess.

Given what I've said above about Ian Coleman, I don't think it's necessary to back up an xprv as well. There will always be a way to recover Electrum seeds.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: Saint-loup on November 08, 2020, 08:19:33 AM

Quote from: NeuroticFish on November 08, 2020, 06:06:05 AM

he should also backup xprv, I guess.

It will be a little bit complicated if he wants to keep it "safe for many years on metal plate" IMO since xprv keys are very long and non-resistant to wrong and missing characters as mnemonic seeds are.
In this case I think it would be more convenient and sustainable to download bitcoin core and to use its crappy non-mnemonic WIF formatted seed, at least the string is (much) shorter Undecided

Indeed. I also said there "he can use whichever he finds more suitable".

Again, my primary suggestion was generating a seed with Ian Coleman's tool, so he is not restricted to Electrum only.
The part you're commenting on is only an acknowledge that under certain circumstances/constraints (i.e. he will also backup xprv, or he will be careful he has a verified Electrum "at hand" no matter what) using Electrum's seed alone could be an option. If the user indeed wants to keep it on steel (he may think twice after reading about the costs, for example), then he will obviously not go onto this path.

Maybe I was too short and maybe this was not clear from start because it was a follow up and you didn't read all my posts in this thread. (No offense intended, it can happen.) I hope it's clearer now.

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: NeuroticFish on November 08, 2020, 06:06:05 AM

he should also backup xprv, I guess.

It will be a little bit complicated if he wants to keep it "safe for many years on metal plate" IMO since xprv keys are very long and non-resistant to wrong and missing characters as mnemonic seeds are.
In this case I think it would be more convenient and sustainable to download bitcoin core and to use its crappy non-mnemonic WIF formatted seed, at least the string would be much shorter Undecided

AB de Royse777

legendary

Activity: 2464

Merit: 3878

Hire Bitcointalk Camp. Manager @ r7promotions.com

Quote from: Saint-loup on November 07, 2020, 03:39:17 PM

Quote from: NeuroticFish on November 07, 2020, 03:00:20 PM

Quote from: AB de Royse777 on November 07, 2020, 02:19:55 PM

Download electrum , make sure you verify
~snip~
Create a wallet.
~snip~
Write down the seed in a paper

Wasn't Electrum seed work only with Electrum?
Why not download Ian Coleman git source code and run that for the seed? ( https://github.com/iancoleman/bip39 )
That will work in Electrum and other current or future HD wallets too.

This is what I wanted to suggest.
@nomad647 What you are describing is a paper wallet. You don't need to download and install any software to create one. You can just use an offline tool like the iancoleman page for that https://github.com/iancoleman/bip39/releases/latest/ Moreover you'll get a real BIP39 seed as NeuroticFish said.
Then you'll be able to check your funds on a blockchain explorer or a watchonly wallet thanks to your public key.

As long as the OP had a good idea of how to secure his seeds and keep the wallet safe, I think we achieve our goal. What I understand is that OP is not much tech-savvy/bitcoin friendly, so he needs an easy way so that he can easily sign a transaction and broadcast it when it's needed. However, for users like us who are in the space from long time and had good understanding of handling the wallet then we can go for that.

Quote from: nomad647 on November 07, 2020, 02:57:45 PM

ok, thanks for help.

so i think i get it now.

use electrum to create 12 words
use electrum to copy a bitcoin address to text file on usb

go to exchange, send bitcoin to that text address, (not to any online type wallet)

then get a 'watch-only' wallet, enter the address and see if bitcoins are there

and never enter the 12 words on any wallet that goes online..

You are good now buddy.

pilosopotasyo

member

Activity: 952

Merit: 27

Quote from: nomad647 on November 07, 2020, 02:13:56 PM

hi, i'm new, no experience, i'm buying bitcoin on exchanges

i want to cold store without using hardware wallet.
(i've tried keepkey and it is too complicated for me)

my idea is to use, say a coinbase wallet,
keep 12 words safe & not upload backup to cloud
then transfer all my bitcoins from exchanges to wallet
then delete the wallet

then all i need to do is keep my 12 words safe for many years on metal plate
i tested by opening another different wallet (bitcoin.com),
then, using these words, all my bitcoins appeared
is this safe to do and still work again in say 10 years

This is new to me, metal plate, but of course as long as no one discover what is inscribed on that metal plate, your coins are safe, it's definitely is safe even after ten years as long as Bitcoin is profitable, but get ready to HODL for that those years, I know some guys who tried to stored their private key in a vault but ended up trading it after a year.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: pooya87 on November 08, 2020, 05:55:52 AM

you can easily export your extended key from Electrum (the xprv) and import that in any wallet.

Never did that, but indeed, this can be a good point.
Still a bit advanced, however it can be a proper option. Just then the user (OP) has to be warned that Electrum seed may not work in another wallets (without extra processing) and that he should also backup xprv, I guess.

Then there are 2 working directions, he can use whichever he finds more suitable.

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: Saint-loup on November 08, 2020, 03:41:49 AM

Quote from: pooya87 on November 08, 2020, 01:16:43 AM

besides Electrum mnemonic algorithm is not complicated at all, you can always reproduce it if you needed.

LOL I think you didn't realize that you are in the Beginners section here. Cheesy

Currently there isn't any documentation that fully describes the algorithm used AFAIK
The Electrum doc page only explains it very partially https://electrum.readthedocs.io/en/latest/seedphrase.html
And it's an issue because users can't evaluate and compare its real security if they can't read and understand the python code https://github.com/spesmilo/electrum/blob/master/electrum/mnemonic.py

i do realize that and i didn't mean OP reproduces the process himself (sorry if it wasn't clear). it is a reply to the other user suggesting using BIP39 web tool to create a mnemonic.

what i meant is that if the need arises to recover Electrum mnemonics and the Electrum wallet for whatever reason in the future wasn't usable, it is very easy to ask the community to create a very simple tool with less than 20 lines of code (hence easy to review) to convert the Electrum mnemonic to an extended private key (xprv) that could be imported in any wallet or used to get the private keys out.

Quote from: NeuroticFish on November 08, 2020, 04:50:14 AM

I find this a strange mix-up. You first want to make it easy to install and handle, but later on you seem to forget that not everybody has programming skills. But maybe I missed something.

i meant if the recovery wasn't possible through Electrum itself.
you still don't need such tools or even the mnemonic itself to recover your keys. you can easily export your extended key from Electrum (the xprv) and import that in any wallet.

OcTradism

hero member

Activity: 1722

Merit: 801

Store your bitcoin seed / private key safely (Water, Fire, Shock-proof). Store your key or seed backups with mental plates is good but there is one more thing you need to know.

I recommend you to create multiple wallets to store your bitcoin. Split total amount of your bitcoin fund into few wallets and store their backups at different safe places (in mental plates). If you lost one wallet, you will have rest ones and don't lose all your bitcoin.

You have ideas to keep your backup offline and that is good to help you don't be caught by online attacks. Somehow try to think of some different backup methods (paper, encrypted files, etc.)

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: o_e_l_e_o on November 08, 2020, 03:11:46 AM

Quote from: NeuroticFish on November 07, 2020, 03:00:20 PM

Why not download Ian Coleman git source code and run that for the seed? ( https://github.com/iancoleman/bip39 )

If it were me, I'd probably use both. Download Ian Coleman and Electrum, verify them both, and transfer them to my airgapped computer. Use Ian Coleman to create a seed phrase, make a note of the master public key and the first address, restore the seed phrase in Electrum, and check the first address matches.

Yep, I agree, this is the best way to move forward.
Before having hardware wallet, this is also what I've done to have the peace of mind everything is correct.

Quote from: pooya87 on November 08, 2020, 01:16:43 AM

for starters it is written in JavaScript and runs inside your browser. it can never be as secure as a stand-alone desktop application such as Electrum that is also written in python. additionally you need more features such as signing transactions when you want to spend coins, etc. so you need to have a wallet anyways. only focusing on one thing (Electrum) is better than having two different software, one to create the mnemonic and another to create the wallet.

besides Electrum mnemonic algorithm is not complicated at all, you can always reproduce it if you needed. and if you want to migrate to another wallet other than Electrum you must always send the coins to a new wallet created by that new software instead of importing the seed into it.

I find this a strange mix-up. You first want to make it easy to install and handle, but later on you seem to forget that not everybody has programming skills. But maybe I missed something.
However, Electrum is indeed the easy way to go, but if this seed is used, one may get a huge surprise at a later point if he tries to use something different.
So.. I still stick to my point: generate with Ian Coleman's scripts. Then, for checking it out or for easy later us if necessary, yes, Electrum (with imported seed) is the best option (until the user learns about CJ or LN, if ever).

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: ?? on ??

Quote from: traderethereum on November 08, 2020, 04:08:00 AM

it is preferred to save that 12 words in separate devices

Saving seed in electronic device is risky. It can be destroyed within no time, can be lost as well. Well, writing in paper carries the same risk but I would prefer writing in paper than saving in electronic devices. Moreover, if you are saving on devices which you need to go online, you are risking the fund as hackers may target you.

Don't spam the thread please
The real quote is

Quote from: traderethereum on November 08, 2020, 04:08:00 AM

it is preferred to save that 12 words in separate devices or write it in the paper and save it in a safe place.

Then your post is pointless

traderethereum

hero member

Activity: 2870

Merit: 574

Vave.com - Crypto Casino

I assume you already have a wallet installed on your computer/ mobile phone, and you have your 12 words.
That will be safe as long as you don't upload that 12 words to any cloud or online server, and it is preferred to save that 12 words in separate devices or write it in the paper and save it in a safe place.
If you don't do anything with the wallet and that 12 words, and you don't send it into any cloud online, you don't have to worry because you can avoid hackers from penetrating or stealing your bitcoin.
You can work with the different wallets as you say, and you can see how much bitcoin you have in that wallet, and you can use that 12 words in other wallets.
You don't need to tell other people that you have bitcoin because that can make them curious. You can only say to the person you trust.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: ?? on ??

There is even more simple way to get your cold address for storing bitcoin. All you need is to toss up the coin 256 times and convert resulting random binary number into bitcoin address. There are plenty WEB sources that may instruct you how to do that. One of them is that video on youtube https://www.youtube.com/watch?v=XQ8Uz0qMtoU Don't forget to memorize the private key (i.e. random number generated from coin flipping) relevant to that address otherwise you will not be able to access it.

As much as I am a fan of generating your own entropy using coin flips, rolling dice, or something similar, there are a few things I disagree with here.

First of all - don't use a web source. As soon as you enter your entropy in to a website, then you have negated the entire point of creating it manually. Whatever you use to convert binary in to hex, make sure it is done offline (you can also do it manually with a simple lookup table such as this one: https://i.imgur.com/BjpomPf.jpg).

Second of all - don't memorize it. Back it up written down on paper. If you try to memorize something as complicated as a random private key, you will almost certainly forget some portion of it and lose access to your coins.

Lastly, I always think it is better to work with seed phrases rather than individual private keys. They are easier to use, harder to make a mistake with, allow you to back up an entire wallet rather than just a single address, and avoid issues with coins being sent to change addresses you cannot access. It is also very easy to use your own entropy to generate a seed phrase by selecting the box "Show entropy details" on the Ian Coleman page.

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: pooya87 on November 08, 2020, 01:16:43 AM

besides Electrum mnemonic algorithm is not complicated at all, you can always reproduce it if you needed.

LOL I think you didn't realize that you are in the Beginners section here. Cheesy

Currently there isn't any documentation that fully describes the algorithm used AFAIK
The Electrum doc page only explains it very partially https://electrum.readthedocs.io/en/latest/seedphrase.html
And it's an issue because users can't evaluate and compare its real security if they can't read and understand the python code https://github.com/spesmilo/electrum/blob/master/electrum/mnemonic.py

Topic: my simple way to store bitcoin - is it any good (Read 416 times)