Topic: Newbie question about cold storage electrum wallet: how secure my method is? - page 2. (Read 397 times)
March 21, 2018, 03:29:59 AM
Does that mean that this could work with QR codes on 2 linux computers?
March 21, 2018, 02:59:10 AM
Windows version of Electrum doesn't support QR codes, or it'd be easier than using a USB stick all the time.
March 21, 2018, 01:41:52 AM
As a beginner in the world of bitcoin, I wanted to ask the more experienced members of this forum how secure my cold storage method for keeping bitcoin is.
This is something I picked up on the internet, while searching for an affordable but relatively secure solution. I know that hard wallets are supposed to be super secure (or at least majority of people think so), but the up-front investment was too much for me at this time.
The method I am describing below is based on this guide http://docs.electrum.org/en/latest/coldstorage.html but I have no idea if I'm doing everything right.
For this, I basically used 2 electrum wallets and 2 computers.
Computer A + Wallet A --> for cold storage, always disconnected from internet
Computer B + Wallet B --> for broadcasting transactions and as "watching-only wallet"
So here it goes:
1) Set up computer A: In my case, this was an old laptop nobody uses any more to be used as cold storage.
2) Install electrum A: Here I installed electrum, just the way one would normally do. After installing it, but before creating my wallet, I disconnected the network. I decided never to connect it to internet again. I even turned off the wireless connection in the BIOS, so that there's no back door that could potentially be exploited.
3) Create wallet A: Now I created my NEW cold storage wallet A. Then I exported its Master PUBLIC Key (MPK), and stored it in a file on a USB stick, so I can transfer it to computer B.
4) Install electrum B on computer B: This is my normal computer that I use every day, always connected to the internet. Here I installed electrum again, but I didn't create any new wallets.
5) Import MPK on computer B, wallet B: This time, rather than creating new wallet, I imported the Master Public Key of wallet A, and created a " watching-only wallet".
So far so good, everything seems to work great.
In particular I can watch my funds, knowing that electrum B wallet doesn't contain my private keys.
The only downside to this approach (that I can see on my own) is that there's a little bit of hustle when I have to make a transaction.
It goes like this:
Create my transaction as unsigned on wallet B -->save it on USB stick --> transfer to computer A --> import in wallet A --> sign the transaction by wallet A --> save the signed transaction on USB --> transfer back to computer B --> open by watching wallet B --> broadcast by wallet B.
Now to my question again: how secure do you think this is? Is this juggling with files and USB's something that could pose a danger? For example, is it possible that I somehow transfer a virus via USB to my cold storage computer? Any suggestions to improve on this solution? Thanks.
This is something I picked up on the internet, while searching for an affordable but relatively secure solution. I know that hard wallets are supposed to be super secure (or at least majority of people think so), but the up-front investment was too much for me at this time.
The method I am describing below is based on this guide http://docs.electrum.org/en/latest/coldstorage.html but I have no idea if I'm doing everything right.
For this, I basically used 2 electrum wallets and 2 computers.
Computer A + Wallet A --> for cold storage, always disconnected from internet
Computer B + Wallet B --> for broadcasting transactions and as "watching-only wallet"
So here it goes:
1) Set up computer A: In my case, this was an old laptop nobody uses any more to be used as cold storage.
2) Install electrum A: Here I installed electrum, just the way one would normally do. After installing it, but before creating my wallet, I disconnected the network. I decided never to connect it to internet again. I even turned off the wireless connection in the BIOS, so that there's no back door that could potentially be exploited.
3) Create wallet A: Now I created my NEW cold storage wallet A. Then I exported its Master PUBLIC Key (MPK), and stored it in a file on a USB stick, so I can transfer it to computer B.
4) Install electrum B on computer B: This is my normal computer that I use every day, always connected to the internet. Here I installed electrum again, but I didn't create any new wallets.
5) Import MPK on computer B, wallet B: This time, rather than creating new wallet, I imported the Master Public Key of wallet A, and created a " watching-only wallet".
So far so good, everything seems to work great.
In particular I can watch my funds, knowing that electrum B wallet doesn't contain my private keys.
The only downside to this approach (that I can see on my own) is that there's a little bit of hustle when I have to make a transaction.
It goes like this:
Create my transaction as unsigned on wallet B -->save it on USB stick --> transfer to computer A --> import in wallet A --> sign the transaction by wallet A --> save the signed transaction on USB --> transfer back to computer B --> open by watching wallet B --> broadcast by wallet B.
Now to my question again: how secure do you think this is? Is this juggling with files and USB's something that could pose a danger? For example, is it possible that I somehow transfer a virus via USB to my cold storage computer? Any suggestions to improve on this solution? Thanks.
Jump to: