Offline signing your paper wallet using air gapped phone via Electrum

HCP

legendary

Activity: 2086

Merit: 4314

Quote from: krogoth on January 21, 2021, 08:09:06 AM

I was asked by a member, he was trying to place the private keys of a loaded physical bitcoin like Casascius onto the electrum air gapped phone, but somehow electrum was not allowing him to type in the private keys manually. One way around this that worked out for me was to type in the private key on the phones mail...text..word wrap or anything that can be typed into..then copy and paste it on electrum.

Correct... Electrum only seems to allow you to "paste" private key "text" in... you can't physically type it in... I've always found that a little bit "odd"... but possibly related to security issues around trusting 3rd-party keyboards? Huh

PacificKA

newbie

Activity: 8

Merit: 3

Wonderful explanation. Thank you. I use the desktop version and as such before I broadcast the final signed transaction, I verify it to ensure the transaction will do exactly what I want it to do. There are several offline tools you can use to verify a Bitcoin coin transaction. They give you a human readable output of the transaction to ensure the amounts and addresses involved are correct before you broadcast it.

krogoth

full member

Activity: 1211

Merit: 135

Krogothmanhattan alt account

I was asked by a member, he was trying to place the private keys of a loaded physical bitcoin like Casascius onto the electrum air gapped phone, but somehow electrum was not allowing him to type in the private keys manually. One way around this that worked out for me was to type in the private key on the phones mail...text..word wrap or anything that can be typed into..then copy and paste it on electrum.

PrimeNumber7

copper member

Activity: 1624

Merit: 1899

Amazon Prime Member #7

Quote from: Dabs on December 30, 2020, 04:01:35 PM

Quote from: PrimeNumber7 on December 29, 2020, 01:53:38 AM

... If you write down the seed, someone could view the seed while you are writing it down, or while you are importing the seed into an air-gapped computer/phone, or while you are transporting the paper wallet from your secure location to the location of your computer.

The chances of the above happening may be low, however, they are non-zero, and are in addition to the scope of vulnerabilities of having a wallet stored on an air-gapped computer/phone.

I think we all understand what you are saying, but this boils down to physical security already. If you do everything in a separate room, or one you properly prepared (or you can do what Snowden does and hides under a dark blanket), fire up some white noise or turn up the TV volume to mask ...

"So, there is a chance?" = that depends on how you do it.

For most people, they should not worry about it too much. For people like me who hold other people's coins in escrow, I've grown a habit of doing most of the things I mentioned above and then some; it doesn't hurt that I have other forms of physical security as well, armed guards at the gates, etc. If some government were to specifically target you, then you are screwed no matter what.

Everyone else, 0.000001% or 1 in ^256 = for all intents and purposes is impossible. (Peppa Pig says whistling is impossible! Just put your lips together and blow? It's impossible!)

There is an additional chance, and there are additional precautions (costs) you can take to reduce these additional chances, but they are nonzero.

Or you could eliminate these additional chances by not using a paper wallet. While I do use paper wallets as a backup to my private keys, by default I will not use a paper wallet for accessing cold storage.

krogothmanhattan

legendary

Activity: 2520

Merit: 3238

The Stone the masons rejected was the cornerstone.

One other site I found that was helpful in trasmitting the raw TX was https://bitaccelerate.com/pushtx/

PushTX - Broadcast Raw Bitcoin Transaction
With this tool, you can anonymously broadcast your transaction over the Bitcoin network. To do this, enter the raw transaction HEX in the form above and press the button. The service will send the transaction to our Bitcoin node, which is connected to over 100 other Bitcoin nodes at any time.

This way, your transaction will spread as fast as possible across all Bitcoin nodes. This will keep your anonymity because the transaction goes out of our node. We do not keep any information about the transactions we broadcast, nor about the users of this page. You can rest assured.

This service is using the "sendrawtransaction" method of the Bitcoin Core client. Your transaction must be signed and must not contain unconfirmed inputs.

So when you have the signed transaction back on the live electrum, instead of broadcasting thru electrum, I copied and pasted it on the site.

Dabs

legendary

Activity: 3416

Merit: 1912

The Concierge of Crypto

Quote from: PrimeNumber7 on December 29, 2020, 01:53:38 AM

... If you write down the seed, someone could view the seed while you are writing it down, or while you are importing the seed into an air-gapped computer/phone, or while you are transporting the paper wallet from your secure location to the location of your computer.

The chances of the above happening may be low, however, they are non-zero, and are in addition to the scope of vulnerabilities of having a wallet stored on an air-gapped computer/phone.

I think we all understand what you are saying, but this boils down to physical security already. If you do everything in a separate room, or one you properly prepared (or you can do what Snowden does and hides under a dark blanket), fire up some white noise or turn up the TV volume to mask ...

"So, there is a chance?" = that depends on how you do it.

For most people, they should not worry about it too much. For people like me who hold other people's coins in escrow, I've grown a habit of doing most of the things I mentioned above and then some; it doesn't hurt that I have other forms of physical security as well, armed guards at the gates, etc. If some government were to specifically target you, then you are screwed no matter what.

Everyone else, 0.000001% or 1 in ^256 = for all intents and purposes is impossible. (Peppa Pig says whistling is impossible! Just put your lips together and blow? It's impossible!)

krogoth

full member

Activity: 1211

Merit: 135

Krogothmanhattan alt account

Made another visual aid to make it even easier to understand.

or full version here

PrimeNumber7

copper member

Activity: 1624

Merit: 1899

Amazon Prime Member #7

Quote from: BrewMaster on December 28, 2020, 10:04:15 AM

Quote from: PrimeNumber7 on December 27, 2020, 11:53:02 PM

and in addition will be subject to additional vulnerabilities when you print your paper wallet,

i just want to point out that if you create an HD paper wallet where you write down the mnemonic words on paper then there is no need for printing anything so you avoid the vulnerability that involves printers.

This is true, however, it will not solve the problem I described. If you write down the seed, someone could view the seed while you are writing it down, or while you are importing the seed into an air-gapped computer/phone, or while you are transporting the paper wallet from your secure location to the location of your computer.

The chances of the above happening may be low, however, they are non-zero, and are in addition to the scope of vulnerabilities of having a wallet stored on an air-gapped computer/phone.

krogothmanhattan

legendary

Activity: 2520

Merit: 3238

The Stone the masons rejected was the cornerstone.

Again for anyone who still loves the idea of paper wallets, I am conducting a test on these water proof papers.

Its been almost a month now for some submersed under water, and they have passed with flying colors!

I do recommend to use any of them or similar material if you make any. The worries of water will be eliminated some or completely!

https://bitcointalksearch.org/topic/--5296179

krogoth

full member

Activity: 1211

Merit: 135

Krogothmanhattan alt account

Quote from: BrewMaster on December 28, 2020, 10:04:15 AM

Quote from: PrimeNumber7 on December 27, 2020, 11:53:02 PM

and in addition will be subject to additional vulnerabilities when you print your paper wallet,

i just want to point out that if you create an HD paper wallet where you write down the mnemonic words on paper then there is no need for printing anything so you avoid the vulnerability that involves printers.

Yep...I practiced that idea..love it. But as far as printing goes...buy a non wifi printer...and only use printer with air gapped computer..PERIOD. Thats what i do. IF done using..then destroy printer if security is an issue. That will eliminate that vulnerabilty.

BrewMaster

legendary

Activity: 2114

Merit: 1292

There is trouble abrewing

Quote from: PrimeNumber7 on December 27, 2020, 11:53:02 PM

and in addition will be subject to additional vulnerabilities when you print your paper wallet,

i just want to point out that if you create an HD paper wallet where you write down the mnemonic words on paper then there is no need for printing anything so you avoid the vulnerability that involves printers.

Evilish

hero member

Activity: 882

Merit: 563

Bitcoin to the moon!

Great post, krogothmanhattan. Good to learn that you can do this with phones too.

I will also add that if you use Coldcard wallet (a hardware wallet), this process becomes a little simpler as the wallet has a built-in way to sign transactions offline. It goes like this:

1) You generate a transaction on Electrum desktop and export it to file as PSBT, copy that file to a MicroSD card
2) Insert the MicroSD card into Coldcard wallet and sign the PSBT
3) Coldcard wallet will generate the final transaction and save that to the MicroSD card
4) Insert the MicroSD card into your PC through a card reader, copy the final transaction, and finalize the transaction on Electrum

Takes a couple minutes to finish the transaction, but it's really the most secure way I've found on signing transactions offline. Your private key never touches your computer or your phone which is great.

PrimeNumber7

copper member

Activity: 1624

Merit: 1899

Amazon Prime Member #7

Quote from: krogoth on December 26, 2020, 07:47:51 PM

Quote from: PrimeNumber7 on December 26, 2020, 07:42:12 PM

Quote from: krogothmanhattan on December 26, 2020, 02:38:43 PM

Wipe out all data on cellphone and have it reboot with factory reset, thus cleaning it of any malware of viruses.

I am not sure this is a valid assumption. In theory, malware could modify what your phone does when you initiate a factory reset. I would rather buy a new phone from a random store in person. There is still the possibility your phone will have malware, but it should remove the possibility you will be specifically targeted.

Quote from: krogothmanhattan on December 26, 2020, 02:38:43 PM

Install Electrum and then will place it in Airplane mode, disable wifi, disable bluetooth, remove sim card and also remove the antenna thus making it air gapped.

How are you getting electrum onto your phone? Are you downloading it?

Yes downloading it before antenna is removed

Downloading something from the internet on a cold storage device is not the best of ideas. It is most ideal for a cold storage device to have never touched the internet.

I am also not a fan of using paper wallets as a means of cold storage. If you were to generate a wallet on your cold storage phone, there is a subset of possible vulnerabilities in which your phone could leak your private keys. If you use a paper wallet to store your private keys, you will be subject to the same vulnerabilities as if you were storing the private keys on your phone, and in addition will be subject to additional vulnerabilities when you print your paper wallet, and when you move the private keys from your paper wallet to your cold storage phone.

krogothmanhattan

legendary

Activity: 2520

Merit: 3238

The Stone the masons rejected was the cornerstone.

Quote from: NotATether on December 26, 2020, 07:55:20 PM

Quote from: krogoth on December 26, 2020, 07:52:46 PM

Will give to all tomorrow...and one computer is brand new dell..so as clean as they come I hope.

Just make sure that Procmon is capturing events before you start Electrum, or it's going to miss some at the beginning.

You would not believe what was causing the error.

First I bought and installed procman, but before I used it , I tried electrum again, and I noticed instead of going to load transaction I click on sign verify message instead of load a transaction...I guess my brain was a bit fried at that point.

Anyway, so today I continued and just briefly did a succesful transaction which I tried again to replicate and post in here step by ste with pics.
Well guess what, at the end at exactly the part where I want to load a transaction with a QR code, to my horror this error came up.

AHHHHHH!!! Then I have no idea why I thought about it, I realized my electrical tape was still covering my camera ( YES I cover my camera), I restarted electrum and this time it worked like a charm!!! Cheesy

You can see the step by step between Laptop and air gapped phone here https://bitcointalksearch.org/topic/m.55941154

coinableS

legendary

Activity: 1442

Merit: 1179

Quote from: Kakmakr on December 26, 2020, 03:30:34 PM

Is there any way for someone to hijack the transaction when you go online to sweep the wallet? I have been asking for a method where you do this whole process "Offline" and that the "Private Key" get encrypted, before you go "online" again to finalize the process.

You can build one with bitcoin libraries like nbitcoin or bitcoinjs (for example). Or use one already created by someone else like coinb.in by outkast or coldsigner(https://github.com/coinables/coldsigner) that I made.

The ways these work is basically all you need to create an unsigned bitcoin transaction is (3) things:

the transaction ID,
output position (vout) and;
value.

This is the essential data of a UTXO, and this part is usually done online unless you saved this information ahead of time.

You can now take this data (unsigned bitcoin transaction) offline, sign it with your WIF private key in a secure air-gapped environment, and then it is ready for broadcast.

ranochigo

legendary

Activity: 2954

Merit: 4158

Quote from: hosseinimr93 on December 26, 2020, 03:33:23 PM

You may ask how nodes validate the transaction without the private key.
When you sign a transaction, you generate a hash and a signature using your private key. For validating the transaction, nodes calculate the hash using your public key and your signature without any need to your private key.
If the hash calculated by nodes matches the hash already generated by you, your transaction is validated.

To be more specific, the signature is contained in the scriptsig, together with the public key. The validation is done then with the signature in the first ~70ish bytes and the public key at the end. There's no hash but the nodes will calculate the signature with your raw transaction and your private key. The signature encompasses the entire transaction and as with public key cryptography, you only need the public key to match the signature.

I don't think factory reset will necessarily cover all the malware there is, some malware can exploit the privilege escalation to plant itself into the firmware and factory reset won't remove it. It seems pretty hard for the malware to really transfer information anyways so it's not that big of a deal even with malware.

I think using Tails on a USB would be quite convenient as well.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: krogoth on December 26, 2020, 07:52:46 PM

Will give to all tomorrow...and one computer is brand new dell..so as clean as they come I hope.

Just make sure that Procmon is capturing events before you start Electrum, or it's going to miss some at the beginning.

krogoth

full member

Activity: 1211

Merit: 135

Krogothmanhattan alt account

Quote from: NotATether on December 26, 2020, 07:48:59 PM

Quote from: krogoth on December 26, 2020, 06:30:10 PM

An error window did pop up...i will get a pic tomorrow for you.

Edit...btw...i installed it using a windows installer and also just downloading it and start via exe file directly.

Via windows installer startup the electrum vanishes.

Via the exe file directly...the windows error pops up.

I did in two different computers!

So this is an error coming from Windows Problem Reporting or something like that name. What's your Windows version?

You don't see a console window appear even briefly? That indicates that Windows was able to run electrum but Electrum itself hit an exception.

I'm not sure how much this will help but if you run Procmon[1] and filter it to capture events from the Electrum program and PM me the saved output, I might be able to see if it has something to do with your Windows installation. From experience I know that Electrum works on a clean windows install.

[1]: https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Will give to all tomorrow...and one computer is brand new dell..so as clean as they come I hope.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: krogoth on December 26, 2020, 06:30:10 PM

An error window did pop up...i will get a pic tomorrow for you.

Edit...btw...i installed it using a windows installer and also just downloading it and start via exe file directly.

Via windows installer startup the electrum vanishes.

Via the exe file directly...the windows error pops up.

I did in two different computers!

So this is an error coming from Windows Problem Reporting or something like that name. What's your Windows version?

You don't see a console window appear even briefly? That indicates that Windows was able to run electrum but Electrum itself hit an exception.

I'm not sure how much this will help but if you run Procmon[1] and filter it to capture events from the Electrum program and PM me the saved output, I might be able to see if it has something to do with your Windows installation. From experience I know that Electrum works on a clean windows install.

[1]: https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

krogoth

full member

Activity: 1211

Merit: 135

Krogothmanhattan alt account

Quote from: PrimeNumber7 on December 26, 2020, 07:42:12 PM

Quote from: krogothmanhattan on December 26, 2020, 02:38:43 PM

Wipe out all data on cellphone and have it reboot with factory reset, thus cleaning it of any malware of viruses.

I am not sure this is a valid assumption. In theory, malware could modify what your phone does when you initiate a factory reset. I would rather buy a new phone from a random store in person. There is still the possibility your phone will have malware, but it should remove the possibility you will be specifically targeted.

Quote from: krogothmanhattan on December 26, 2020, 02:38:43 PM

Install Electrum and then will place it in Airplane mode, disable wifi, disable bluetooth, remove sim card and also remove the antenna thus making it air gapped.

How are you getting electrum onto your phone? Are you downloading it?

Yes downloading it before antenna is removed

Topic: Offline signing your paper wallet using air gapped phone via Electrum (Read 931 times)