Topic: Mycelium spend from cold storage bip32 bip38 (Read 3136 times)

Clearing up misinformation that Mycelium finds it ok to spread. Their feature is not "spending from cold storage," it's *AT BEST* "spending from a paper wallet" which does not imply cold storage.
If I spend coins from a paper wallet and send the change back to the same paper wallet, it is no longer cold. As my pubkey is exposed on the blockchain, and my private key has been exposed to an online device. The exact antithesis of cold storage.

Sure, maybe you can understand the intricacies of what's going on and you can understand that your paper wallet is no longer cold at all, and you accept that risk, but someday, someone won't, and they'll lose bitcoins with "no one to blame but themselves" (the chant everyone begins when someone not understanding every single aspect of Bitcoin loses coins due to error)

To answer your question:

Mycelium has no feature to spend from a BIP32 HD wallet xprv, nor exists there any protocol for encrypting an xprv like BIP38 (which only encrypts single private keys in WIF format (Starting with 5 or K or L))

This will likely never happen, as there are way too many factors of an HD wallet that are not encoded into the xprv that are needed to recover coins (like which path was used, which gap limit was used, etc. BIP44 aims to create a standard for all of these factors, but adoption by wallet apps is weak at best.)

However, this is also not a good idea either, as swiping a BIP32 key and sending change back to it would do that same thing that swiping a paper wallet and sending change back to it; give a false sense of security, when in actuality your setup is the same as a normal hot wallet.

If you think it's a great idea, bring it up on the bitcoin-development mailing list and see if anyone agrees with you. They'll give you a BIP number and everything.

Cold storage spending, the way Mycelium does it, comes from a single address.  An HD wallet might have 107 addresses with nothing in them and 8 addresses with funds.

I'm not sure what you are trying to achieve by posting that, but I am pretty sure you didn't build your phone from raw naturally occurring materials, and as such cannot be sure that is actually not tapping every single screen frame into some evil entity's computer. The same goes for your computer. And you use bitcoin? Outrage!!
Do you open up each device you buy to check exactly if all the pieces match the datasheet from the manufacturer? Are you sure the guy at the store didn't bug your phone or your computer?

If you want to do secure computing look into "How to make your own abacus" where the device does exactly what you see it doing.

Seriously, I know the implications and risks of using bitcoin. Or a computer, can we please keep this on topic? Do you know the answer to my rather simple and direct initial question?

"spend from cold storage" is only the first time.

Each successive time is "spend from storage you think is cold unless you have some vulnerability in your phone that some hacker is logging your RAM with, in which case it's such a hot wallet that the sun don't got anything on it."

If you want to spend from cold, you need to look into Bither, where the cold storage is an offline phone/tablet device.

I don't know if this is possible.

Does the 'spend from cold storage' feature supports spending from bip32 wallets?
What if those bip32 wallets are ecrypted (bip38)?