Author

Topic: Newbie question about cold storage electrum wallet: how secure my method is? (Read 398 times)

member
Activity: 103
Merit: 31

I haven't really heard about bitkey before. Is there a widespread use of it? Again I ask this question because of trust. For electrum, I can be pretty sure that (due to its widespread use) its source code has been thoroughly vetted before. So I just have to trust the signature. Sure, as you indicated, there's the source code of bitkey, but how many people have gone through the code to check it?

On the other hand,  bitkey seems to be similar to tails, which I have been considering to use as a form of more secure linux. How different bitkey is with respect to tails?


Bitkey is a very limited system and is not supposed to be the installed in hard drive. You'll only boot from a DVD or flash drive and sign the transaction in offline mode.
This way, you are do not have to trust anyone. If there is something wrong, you would know, as you can check if the transaction is correct before broadcasting it using computer B.
legendary
Activity: 3472
Merit: 10611
i agree with @ranochigo, i just want to add a little thing about Web of Trust [1]. the way using PGP should really be like is that you build a WOT of your own. for example you start from somewhere, lets say you know me personally so you meet me face to face and get my PGP pubkey and then go home and add it to your trusted signatures. then some day you want to install Electrum and since i have been around a long time and i know for a fact what the right pubkey of Electrum dev is, you ask me to confirm it. then what i do is that i sign 0x2BD5824B7F9470E6 with my PGP private key and give you the signature to verify with my public key that you already had. now your WOT is grown a little more.
[1] https://en.wikipedia.org/wiki/Web_of_trust
This is new to me. If I understand this concept correctly, it should eliminate the need to trust an abstract website and its security setup. Rather, I could trust a real person that I know, or even better several individuals to verify that I have, e.g., an authentic electrum wallet. Has this concept been accepted to date? I mean, do you people use it when installing sensitive software from the internet?

i don't think that many people are doing it this way. most of them don't even verify the signatures and even if they do, they just download everything and get all the links from the same place (the website) and the best they are going to do is to double check if they are on the right website (eg. electrum.org)

of course the chances are low and if a hack actually takes place it will be known fast enough and you can find out about it on the social media.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
This is new to me. If I understand this concept correctly, it should eliminate the need to trust an abstract website and its security setup. Rather, I could trust a real person that I know, or even better several individuals to verify that I have, e.g., an authentic electrum wallet. Has this concept been accepted to date? I mean, do you people use it when installing sensitive software from the internet?
You're correct. Websites should not be trusted and users can't trust anything on the internet when they are validating things. It's simply unrealistic to go around passing your PGP keys but meeting someone face to face to authenticate their PGP keys is certainly the most secure method, you can't go wrong.

I haven't really heard about bitkey before. Is there a widespread use of it? Again I ask this question because of trust. For electrum, I can be pretty sure that (due to its widespread use) its source code has been thoroughly vetted before. So I just have to trust the signature. Sure, as you indicated, there's the source code of bitkey, but how many people have gone through the code to check it?

On the other hand,  bitkey seems to be similar to tails, which I have been considering to use as a form of more secure linux. How different bitkey is with respect to tails?
I would recommend for you to just use a more established distribution to use Electrum with. OS like raspbian and ubuntu has been vetted hundreds of times and it is unlikely that they are intentionally including any malicious code. Even if they are, the airgapped setup would pretty much eliminate most of the threats. AFAIK, Bitkey doesn't route data through Tor.
full member
Activity: 434
Merit: 246
i agree with @ranochigo, i just want to add a little thing about Web of Trust [1]. the way using PGP should really be like is that you build a WOT of your own. for example you start from somewhere, lets say you know me personally so you meet me face to face and get my PGP pubkey and then go home and add it to your trusted signatures. then some day you want to install Electrum and since i have been around a long time and i know for a fact what the right pubkey of Electrum dev is, you ask me to confirm it. then what i do is that i sign 0x2BD5824B7F9470E6 with my PGP private key and give you the signature to verify with my public key that you already had. now your WOT is grown a little more.
[1] https://en.wikipedia.org/wiki/Web_of_trust
This is new to me. If I understand this concept correctly, it should eliminate the need to trust an abstract website and its security setup. Rather, I could trust a real person that I know, or even better several individuals to verify that I have, e.g., an authentic electrum wallet. Has this concept been accepted to date? I mean, do you people use it when installing sensitive software from the internet?


I haven't really heard about bitkey before. Is there a widespread use of it? Again I ask this question because of trust. For electrum, I can be pretty sure that (due to its widespread use) its source code has been thoroughly vetted before. So I just have to trust the signature. Sure, as you indicated, there's the source code of bitkey, but how many people have gone through the code to check it?

On the other hand,  bitkey seems to be similar to tails, which I have been considering to use as a form of more secure linux. How different bitkey is with respect to tails?
member
Activity: 103
Merit: 31
As a beginner in the world of bitcoin, I wanted to ask the more experienced members of this forum how secure my cold storage method for keeping bitcoin is.

This is something I picked up on the internet, while searching for an affordable but relatively secure solution. I know that hard wallets are supposed to be super secure (or at least majority of people think so), but the up-front investment was too much for me at this time.

The method I am describing below is based on this guide http://docs.electrum.org/en/latest/coldstorage.html but I have no idea if I'm doing everything right.

For this, I basically used 2 electrum wallets and 2 computers.

Computer A + Wallet A --> for cold storage, always disconnected from internet
Computer B + Wallet B --> for broadcasting transactions and as "watching-only wallet"

So here it goes:

1) Set up computer A: In my case, this was an old laptop nobody uses any more to be used as cold storage.

2) Install electrum A: Here I installed electrum, just the way one would normally do. After installing it, but before creating my wallet, I disconnected the network. I decided never to connect it to internet again. I even turned off the wireless connection in the BIOS, so that there's no back door that could potentially be exploited.

3) Create wallet A: Now I created my NEW cold storage wallet A. Then I exported its Master PUBLIC Key (MPK), and stored it in a file on a USB stick, so I can transfer it to computer B.

4) Install electrum B on computer B: This is my normal computer that I use every day, always connected to the internet. Here I installed electrum again, but I didn't create any new wallets.

5) Import MPK on computer B, wallet B: This time, rather than creating new wallet, I imported the Master Public Key of wallet A, and created a " watching-only wallet".

So far so good, everything seems to work great.

In particular I can watch my funds, knowing that electrum B wallet doesn't contain my private keys.

The only downside to this approach (that I can see on my own) is that there's a little bit of hustle when I have to make a transaction.

It goes like this:

Create my transaction as unsigned on wallet B -->save it on USB stick --> transfer to computer A --> import in wallet A --> sign the transaction by wallet A --> save the signed transaction on USB --> transfer back to computer B --> open by watching wallet B --> broadcast by wallet B.

Now to my question again: how secure do you think this is? Is this juggling with files and USB's something that could pose a danger? For example, is it possible that I somehow transfer a virus via USB to my cold storage computer? Any suggestions to improve on this solution? Thanks.



You can try Bitkey: https://github.com/bitkey/bitkey and https://bitkey.io/.
legendary
Activity: 3472
Merit: 10611
additional to visiting the wrong or malicious Electrum website you can never know whether Electrum.org (the real website) is compromised or not. for all you know, when YOU download the wallet a hacker might have hacked the website 10 seconds ago and replaced the files with his own malicious versions.

which it also means that it is a good idea to check and see if you are really getting the real Public Key of the real author (Thomas V). like asking on the forum (0x2BD5824B7F9470E6), checking Github (https://github.com/spesmilo/electrum/blob/master/pubkeys/ThomasV.asc)

Great point. But, just for the sake of argument, what's the possibility of this forum or Github being hacked?

i agree with @ranochigo, i just want to add a little thing about Web of Trust [1]. the way using PGP should really be like is that you build a WOT of your own. for example you start from somewhere, lets say you know me personally so you meet me face to face and get my PGP pubkey and then go home and add it to your trusted signatures. then some day you want to install Electrum and since i have been around a long time and i know for a fact what the right pubkey of Electrum dev is, you ask me to confirm it. then what i do is that i sign 0x2BD5824B7F9470E6 with my PGP private key and give you the signature to verify with my public key that you already had. now your WOT is grown a little more.

[1] https://en.wikipedia.org/wiki/Web_of_trust
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Great point. But, just for the sake of argument, what's the possibility of this forum or Github being hacked?
Very very high. This forum was hacked many many times, through bugs or exploit or just good ol' social engineering on their host. The last serious incident was with the compromise of Bitcointalk's host and the user data were stolen.

Github was also compromised IIRC.

If someone have enough resources, compromising a website is relatively easy. If you don't verify your downloads through the PGP key, then you cannot assume ThomasV has validated it or it is authentic.
full member
Activity: 434
Merit: 246
additional to visiting the wrong or malicious Electrum website you can never know whether Electrum.org (the real website) is compromised or not. for all you know, when YOU download the wallet a hacker might have hacked the website 10 seconds ago and replaced the files with his own malicious versions.

which it also means that it is a good idea to check and see if you are really getting the real Public Key of the real author (Thomas V). like asking on the forum (0x2BD5824B7F9470E6), checking Github (https://github.com/spesmilo/electrum/blob/master/pubkeys/ThomasV.asc)

Great point. But, just for the sake of argument, what's the possibility of this forum or Github being hacked?
legendary
Activity: 3472
Merit: 10611
additional to visiting the wrong or malicious Electrum website you can never know whether Electrum.org (the real website) is compromised or not. for all you know, when YOU download the wallet a hacker might have hacked the website 10 seconds ago and replaced the files with his own malicious versions.

which it also means that it is a good idea to check and see if you are really getting the real Public Key of the real author (Thomas V). like asking on the forum (0x2BD5824B7F9470E6), checking Github (https://github.com/spesmilo/electrum/blob/master/pubkeys/ThomasV.asc)
HCP
legendary
Activity: 2086
Merit: 4363
Definitely a must... A simple read through of the various threads here claiming that "Electrum stole my Bitcoin" shows numerous cases of users who are "100% sure" they downloaded a legit version from the "official" site...

Only to actually look at their download history and discover they got it from Electrumwallet.com or electrumonline.com or electrumsource.com or some other scam clone site.

The only way to be 100% sure your copy is legit is to check the digital signature of the download. The scammers can't fake that! Wink
full member
Activity: 434
Merit: 246
(note that you should remember to verify the signature of the tarball here)
This would require to download a malicious version of electrum (with a smaller key space) or it would require the malware to somehow influence the entropy of electrum before the wallet is created.

The signature of the tarball was something I definitely didn't bother to check. Even though I downloaded the wallet from the electrum website, phishing/malware can never entirely be ruled out, right? To have a piece of mind (in view of the potentially malicious versions of electrum) checking the signature should be a must. Thanks.
legendary
Activity: 1624
Merit: 2481
Is this juggling with files and USB's something that could pose a danger? For example, is it possible that I somehow transfer a virus via USB to my cold storage computer?

This definetely can be a danger to your cold storage.
Every single interaction/interface between your cold wallet and your online-connected device poses a danger.



The worst case scenario would be that the virus managed to create an address that was somehow predictable and your addresses are weakened.

This would require to download a malicious version of electrum (with a smaller key space) or it would require the malware to somehow influence the entropy of electrum before the wallet is created.
This is one of the less-probable versions of a malware one would encounter.
full member
Activity: 434
Merit: 246
Quote from: ranochigo
The worst case scenario would be that the virus managed to create an address that was somehow predictable and your addresses are weakened. I've never heard of any virus that is able to do this though so take that as a hypothetical scenario.
Aha, I would have never thought of that!

Quote from: ranochigo
If anything, you should be using a Raspberry Pi with Raspbian. Linux are pretty hard to have malware on it, especially if its a computer that you probably wouldn't use. It costs 35 bucks and its easy as hell to setup. I've done it in an hour.
Thanks. Point taken about Linux, also in combination with Raspberry Pi. Next on my to do list.

And thank you all for helping me understand new tips and tricks about how to keep my wallet more secure.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
In fact, I thought of that myself, that my wallet A could have been contaminated before, while computer A was still connected to the internet.
But here's my logic.
Even if computer A was compromised before wallet A was installed, say, even if there was a virus, what could it do?
It could steal my private key, but there's no network to transmit it. Wouldn't I still be safe?
Probably. The worst case scenario would be that the virus managed to create an address that was somehow predictable and your addresses are weakened. I've never heard of any virus that is able to do this though so take that as a hypothetical scenario.

If anything, you should be using a Raspberry Pi with Raspbian. Linux are pretty hard to have malware on it, especially if its a computer that you probably wouldn't use. It costs 35 bucks and its easy as hell to setup. I've done it in an hour.
full member
Activity: 434
Merit: 246
when we say "cold storage" it doesn't mean a wallet that is offline. that is an incomplete definition. instead Cold Storage means a wallet that (1) was created in a safe environment and (2) will remain in a safe environment...
... another part of the cold storage definition that is omitted is that this wallet is your cold wallet not hot wallet, a cold wallet is where you store funds that you don't want to use every day.
I see. I shouldn't use that terminology, that is, "cold storage". Especially given my use of USB, which violates the definition of it each time. Thanks for pointing that out.

your wallet A was not made in a safe environment because your computer was connected to the internet before.
In fact, I thought of that myself, that my wallet A could have been contaminated before, while computer A was still connected to the internet.
But here's my logic.
Even if computer A was compromised before wallet A was installed, say, even if there was a virus, what could it do?
It could steal my private key, but there's no network to transmit it. Wouldn't I still be safe?
legendary
Activity: 3472
Merit: 10611
when we say "cold storage" it doesn't mean a wallet that is offline. that is an incomplete definition. instead Cold Storage means a wallet that (1) was created in a safe environment and (2) will remain in a safe environment. your wallet A was not made in a safe environment because your computer was connected to the internet before.
imagine an operation room in a hospital, the doctor doesn't just run in the room wishing he doesn't contaminate anything then go wash up and wear those special clothes.
what you need to do is to format that laptop of yours for wallet A, install a fresh Operating System (i prefer Linux here) and then install the wallet. in the installation step i prefer to transfer the wallet files (.tar.gz file) to it instead of downloading it directly from the internet but you can do that here but only this.
(note that you should remember to verify the signature of the tarball here)

the QR thing that was suggested is very good.

The only downside to this approach (that I can see on my own) is that there's a little bit of hustle when I have to make a transaction.

another part of the cold storage definition that is omitted is that this wallet is your cold wallet not hot wallet, a cold wallet is where you store funds that you don't want to use every day. for example if you want to buy some BTC and store it for 1 year you do that. but if you want to have some funds that you buy stuff with from shops you use a hot wallet (like a wallet on your cell phone or desktop) instead.
it is like the difference between putting your money in a savings account in a bank or having some money in your back pocket. you don't put a million dollar there, you have a couple of bucks there and your million dollar is in bank.
full member
Activity: 434
Merit: 246
Thanks for the reassurance, Abdussamad. I will try to implement the QR codes of the linux electrum wallet, as suggested by Xynerise, to try to deal with that last possible back door.
legendary
Activity: 3710
Merit: 1586
The risk of a USB virus is always there. Apart from that you're good.
full member
Activity: 434
Merit: 246
If you want to read QR codes, yes.
Scan the QR code from the offline computer with the online one.
Thanks for the advice. That would be much easier than dealing with a USB stick.
sr. member
Activity: 322
Merit: 363
39twH4PSYgDSzU7sLnRoDfthR6gWYrrPoD
Does that mean that this could work with QR codes on 2 linux computers?
If you want to read QR codes, yes.
Scan the QR code from the offline computer with the online one.
full member
Activity: 434
Merit: 246
Does that mean that this could work with QR codes on 2 linux computers?
sr. member
Activity: 322
Merit: 363
39twH4PSYgDSzU7sLnRoDfthR6gWYrrPoD
Windows version of Electrum doesn't support QR codes, or it'd be easier than using a USB stick all the time.
full member
Activity: 434
Merit: 246
As a beginner in the world of bitcoin, I wanted to ask the more experienced members of this forum how secure my cold storage method for keeping bitcoin is.

This is something I picked up on the internet, while searching for an affordable but relatively secure solution. I know that hard wallets are supposed to be super secure (or at least majority of people think so), but the up-front investment was too much for me at this time.

The method I am describing below is based on this guide http://docs.electrum.org/en/latest/coldstorage.html but I have no idea if I'm doing everything right.

For this, I basically used 2 electrum wallets and 2 computers.

Computer A + Wallet A --> for cold storage, always disconnected from internet
Computer B + Wallet B --> for broadcasting transactions and as "watching-only wallet"

So here it goes:

1) Set up computer A: In my case, this was an old laptop nobody uses any more to be used as cold storage.

2) Install electrum A: Here I installed electrum, just the way one would normally do. After installing it, but before creating my wallet, I disconnected the network. I decided never to connect it to internet again. I even turned off the wireless connection in the BIOS, so that there's no back door that could potentially be exploited.

3) Create wallet A: Now I created my NEW cold storage wallet A. Then I exported its Master PUBLIC Key (MPK), and stored it in a file on a USB stick, so I can transfer it to computer B.

4) Install electrum B on computer B: This is my normal computer that I use every day, always connected to the internet. Here I installed electrum again, but I didn't create any new wallets.

5) Import MPK on computer B, wallet B: This time, rather than creating new wallet, I imported the Master Public Key of wallet A, and created a " watching-only wallet".

So far so good, everything seems to work great.

In particular I can watch my funds, knowing that electrum B wallet doesn't contain my private keys.

The only downside to this approach (that I can see on my own) is that there's a little bit of hustle when I have to make a transaction.

It goes like this:

Create my transaction as unsigned on wallet B -->save it on USB stick --> transfer to computer A --> import in wallet A --> sign the transaction by wallet A --> save the signed transaction on USB --> transfer back to computer B --> open by watching wallet B --> broadcast by wallet B.

Now to my question again: how secure do you think this is? Is this juggling with files and USB's something that could pose a danger? For example, is it possible that I somehow transfer a virus via USB to my cold storage computer? Any suggestions to improve on this solution? Thanks.

Jump to: