Topic: [Newbie question] How to keep my Electrum wallet and BTC safe (given scenario) (Read 146 times)

If it's just the "Master Private Key", a simple command getmasterprivate() can be used to extract it.
The user might also have to use convert_xkey() for it to be compatible with other wallets.

BTW, a forum user "HCP" has done that code modification 4 years ago: https://github.com/HardCorePawn/electrumBIP39 | Profile HCP

This is correct.

Download the latest .zip version of Ian Coleman from GitHub (https://github.com/iancoleman/bip39), and verify your download against his PGP key (https://iancoleman.io/pubkey.txt).
Currently this is version 0.5.4.
Extract and navigate to \src\js, and then open the file jsbip39.js with a text editor.

Navigate to line 118:
Change this line to the following:

Navigate to line 146:
Change this line to the following:

The first change tells it to ignore the checksum since you are using an Electrum seed phrase and not a BIP39 seed phrase. The second change fixes the salt that Electrum uses when turning seed phrases in to private keys. That's all you need to do. Then just go back in to the \src\ folder and run index.html, and you'll be able to import Electrum seed phrases and extract the relevant keys.

Obviously do all of this an an airgapped computer for safety!

Thanks for correcting me, I didn't mean to say they are the same thing but both can be shared publicly.
I have edited the topic to avoid confusion.

With a simple modification to the code, I think iancoleman can be used, or extract a Master Private Key, which can be imported into all wallets.

A seed phrase generated by electrum isn't BIP39. Electrum uses its own algorithm. Therefore, you can't use iancoleman for deriving your private keys from your seed phrase if it has been generated by electrum.


To OP:
Electrum is open-source and you will be always able to run the previous versions even if developers no longer release new updates.
Also note that your private keys and addresses are derived from your seed phrase through a standard algorithm and it's possible to derive your private keys even without electrum, if you have some knowledge of coding.

You will need electrum software to regain access to your wallet. If you're worried that electrum will disappear then you need to archive a copy of the wallet software along with your seed.

You are worrying too much.
Write down the words in a piece of paper (don't save them in digital format, don't take a picture of the words or even a part of the words, don't show it to anyone except the ones you trust with your life, don't lose it).
Keep the paper in a safe place as safe as it kept in a vault of Swiss Bank.

Better to write the words in a fireproof metal and keep the it in a safe place like you keep your gold and diamond out of reach from everyone.

Once your seeds are kept safe, then remove the Electrum application, break your computer, bomb the headquarter of the OS provider, take down the current internet system, do everything to destroy the world. You will still not lose your coins unless you are able to destroy all copies of full nodes 😉

Good luck.

Before I get into answering your questions, I'd like to point out that you missed a very critical aspect of using Electrum safely; verify that you downloaded the official app, and not some malware.  I'll shamelessly direct you to the guide I wrote to ensure you've downloaded the official release:

https://bitcointalksearch.org/topic/guide-how-to-safely-download-and-verify-electrum-guide-5240594


Your seed represents your funds.  Anyone who gains access to your seed has the ability to move all your funds.  Keep the seed phrase away from any wandering eyes, and make sure it's stored in a safe and secure place.  I recommend writing seeds down on paper, make a copy, store the copies in a fire and flood resistant, and secure location.  A small, hidden document safe would be very practical.

With hierarchical deterministic wallets (those generated by seed phrases) your private keys (and public keys) aren't regularly displayed, so there's little risk of someone else seeing them.  They can be exported one by one, if the need arises, but those are uncommon circumstances.  The private key can be used to move funds from one specific address, and the public key can be used to see if the address is funded.


I'm not a fan of Electrum's 2FA implementation either.  You can apply the same level security for free by creating your own 2 of 2 multi-sig wallet, or better yet, spend the money on a hardware wallet instead of the 2FA service.


Once you have generated a seed phrase, and have a list of addresses to which you want to send funds, then you don't need Electrum installed.  Regardless of what updates and upgrades happen to the software in the years to come, once you're ready to restore your wallet all you'll need to do is download and install the app, and restore your wallet with the seed phrase.  All the fund you've collected over the years will be there.

Check this guide on how to use Electrum as cold storage, I hope it helps:
Creating a Cold Storage wallet in Electrum
note: a truly air-gapped device should've never been and will never be connected to the Internet or any other network.

For better security, each cosigner needs to generate his wallet on a separate device, seeds need to be stored on separate safe locations too.

If you plan to use Electrum as cold wallet, then you need to follow the steps described on the guide above to create one then send your coins to it. Importing your current wallet into Electrum on a air-gapped device can't be considered cold storage.

There is no point having a multi-sig if all the wallets are on the same device - you don't achieve any additional security. You could set up a multi-sig between your computer and your phone, however.

If you want to use an airgapped wallet, then you will need a second device which can be permanently airgapped (i.e. never connected to the internet at any time). If you can't have a second device, then a somewhat less good alternative (but still better than nothing) would be to use your current computer via a live OS while disconnected from the internet.

Just write down the 12 word seed phrase Electrum gives you. That is all you need to completely restore your private keys and access to your coins. There is no need to back up or even look at your individual private keys. Similarly, you do not need to back up the wallet file, and indeed, doing so adds more risk since it is harder to secure a digital file than it is to secure a piece of paper with 12 words written on it. The only reason you would need to back up the file itself would be if you had added labels to a bunch of addresses or transactions and you wanted to back those up.

Here is a youtube vid that shows how to use Electrum on an airgapped device (Step by step) as well as how to sign transactions.

https://www.youtube.com/watch?v=DQumISxkJsQ&ab_channel=FasterTutorialsCom

Exactly, seed phrase is your priority to take care of, No one should have access to it besides you, not even your family! If you have only one person that you trust much maybe just give some hints to him/her (in case you die)

The seed phrase (mnemonic phrase) is not the private key itself, but it is used to generate the private keys that are associated with the Electrum wallet and they shouldn't be shared too.
And sure take a backup of your Electrum wallet and secure it somewhere(I mean just encrypt it if you're on an online device) or just saved it on an airgapped device.

1. Firstly thank you so much🙏 and I'd like to ask you:

>Electrum on an airgapped device, multisig and 2FA wallet are safer.
I'm not sure how to use Electrum on an airgapped device. In case if you know any step by step tutorial/video then please point me in that direction. [I'm searching at my end to know about it]

I've 1 computer so is possible to use multisig on it. I already have a Standard wallet and coins are in it.
BTW 2FA I  not to prefer to use it because it cost extra fee and also 1 key is stored on their cloud so I refrain.

In a nutshell, what I understood from your and other reply, I need to take care of these:
1. seed phrase
2. seed or private key [both are same thing right!]
3. Also take backup of Electrum wallet via backup option

Am I correct?

Public keys are not addresses. Public key can generate address. Address can be given to anyone that want to pay you.

Private key: From the name, it is private and no one should know it. Keep it safe.
Wallet seed (12-words): It's like a keychain where you can group several private keys together.
Address: that you share with others, and the more you keep it hidden, the more privacy you have, and there are ways to enhance privacy.

The new versions of Electrum are compatible with the previous versions, and you can also use https://iancoleman.io/bip39/ to extract the private key, so you can spend from any wallet if Electrum wallet is stopped and there is no server for synchronization.


I recommended you to read Mastering Bitcoin https://github.com/bitcoinbook/bitcoinbook

Electrum on an airgapped device, multisig and 2FA wallet are safer.

Do not let anyone know your seed, seed phrase or private key because they can be used to steal your coins. Master public key can be used to trace your coins, but can not be used to steal your coins.

As long as you have access to your seed phrase, seed or master private key, you will be able to access your coins. You can import Electrum seed phrase on Bluewallet.

Hello Everyone 😀
I'm new to Electrum and I tried best to watched tutorials but there is still some confusion 😕

I'm sure there are so many people out here who have great experience 🧠 using Electrum wallet, may I ask your opinion about these question I've:

1. How to keep my Electrum wallet and BTC safe? [I created Standard wallet]
(In other words which constraints I need to focus on to keep my wallet and BTC safe: seed, private key, and public key)
FYI: I'm not in the favor of 2FA  reason is not willing to pay 3rd party any money and also they keep 1 key at cloud.


2. If I remove the Electrum application from computer then will my wallet remain safe for few yrs even if Electrum release updates about application
or even if Electrum decides to discontinue the wallet.


I'm glad to to be apart of this community 😀 and seek your wisdom✨ and guidance.