Bitcoin Forum>Bitcoin>Development & Technical Discussion
Pages:
Author

Topic: Offline signing your paper wallet using air gapped phone via Electrum - page 2. (Read 980 times)

PrimeNumber7
copper member
Activity: 1652
Merit: 1901
Amazon Prime Member #7
Re: Offline signing your paper wallet using air gapped phone via Electrum
December 26, 2020, 06:42:12 PM
#11
Quote from: krogothmanhattan on December 26, 2020, 01:38:43 PM
   
      Wipe out all data on cellphone and have it reboot with factory reset, thus cleaning it of any malware of viruses.
I am not sure this is a valid assumption. In theory, malware could modify what your phone does when you initiate a factory reset. I would rather buy a new phone from a random store in person. There is still the possibility your phone will have malware, but it should remove the possibility you will be specifically targeted.
Quote from: krogothmanhattan on December 26, 2020, 01:38:43 PM
     Install Electrum and then will place it in Airplane mode, disable wifi, disable bluetooth, remove sim card and also remove the antenna thus making it air gapped.
How are you getting electrum onto your phone? Are you downloading it?
krogoth
full member
Activity: 1298
Merit: 176
Krogothmanhattan alt account
Re: Offline signing your paper wallet using air gapped phone via Electrum
December 26, 2020, 05:30:10 PM
#10
Quote from: NotATether on December 26, 2020, 05:28:43 PM
Quote from: krogothmanhattan on December 26, 2020, 01:38:43 PM
     (I tried this but my PC electrum s]crashed everytime I attempted to place the signed transaction back into the PC, so I had no choice but to use 2 Cell phones, one air gapped and the other hot.) The PC electrum allows much better control of mining fees compared to the cell app.

I'm curious to know if Electrum ever displayed a stack trace or at least an error message before exiting. I'm tempted to run it in a Python debugger to see exactly what's going on if it doesn't involve connecting a hardware wallet. I don't have any handy.

    An error window did pop up...i will get a pic tomorrow for you.

    Edit...btw...i installed it using a windows installer and also just downloading it and start via exe file directly.

     Via windows installer startup the electrum vanishes.

      Via the exe file directly...the windows error pops up.

       I did in two different computers!
krogoth
full member
Activity: 1298
Merit: 176
Krogothmanhattan alt account
Re: Offline signing your paper wallet using air gapped phone via Electrum
December 26, 2020, 05:29:15 PM
#9
Quote from: Sanglotslongs2 on December 26, 2020, 04:01:15 PM
Nice setup ! As phones are cheaper and cheaper, they are a lot of useless phone, this give them a second life !
But be carefull with the antenna, must be removed to be sure.

Also, QR code transfert are really good, because there is few information, so you will be 100% sure it's legit way to communicate between devices. If you use USB on a computer there is a lot more "memory" available so a virus can possibily steal your coins... QR code ftw Smiley

  Yes...not all antennas are easily removed. The first cheap phone lg i bought..even the phone professional didnt want to try.

   Then i found this model.  https://youtu.be/ICV7vPF9mPE

    As soon as you remove the battery...the antenna is there...5 screws and its out!
NotATether
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Re: Offline signing your paper wallet using air gapped phone via Electrum
December 26, 2020, 05:28:43 PM
#8
Quote from: krogothmanhattan on December 26, 2020, 01:38:43 PM
     (I tried this but my PC electrum s]crashed everytime I attempted to place the signed transaction back into the PC, so I had no choice but to use 2 Cell phones, one air gapped and the other hot.) The PC electrum allows much better control of mining fees compared to the cell app.

I'm curious to know if Electrum ever displayed a stack trace or at least an error message before exiting. I'm tempted to run it in a Python debugger to see exactly what's going on if it doesn't involve connecting a hardware wallet. I don't have any handy.
Sanglotslongs2
full member
Activity: 260
Merit: 129
Re: Offline signing your paper wallet using air gapped phone via Electrum
December 26, 2020, 04:01:15 PM
#7
Nice setup ! As phones are cheaper and cheaper, they are a lot of useless phone, this give them a second life !
But be carefull with the antenna, must be removed to be sure.

Also, QR code transfert are really good, because there is few information, so you will be 100% sure it's legit way to communicate between devices. If you use USB on a computer there is a lot more "memory" available so a virus can possibily steal your coins... QR code ftw Smiley
krogoth
full member
Activity: 1298
Merit: 176
Krogothmanhattan alt account
Re: Offline signing your paper wallet using air gapped phone via Electrum
December 26, 2020, 02:57:34 PM
#6
Quote from: hosseinimr93 on December 26, 2020, 02:33:23 PM
Quote from: krogothmanhattan on December 26, 2020, 01:38:43 PM
        You can set the mining fees on the app, but IMO they are still too high. With the PC version I can adjust down to 5 Sats but I cannot see that available on the app.
If you change the method to "Static", you will able to set the transaction fee to lower amounts.
Look at the image below. The fee is only 1 sat/byte.





    Awesome to know! Thankyou...it was driving me crazy paying those fees! Will add a new pic once i go back on my main computer...cheers!
hosseinimr93
legendary
Activity: 2380
Merit: 5213
Re: Offline signing your paper wallet using air gapped phone via Electrum
December 26, 2020, 02:33:23 PM
#5
Quote from: krogothmanhattan on December 26, 2020, 01:38:43 PM
        You can set the mining fees on the app, but IMO they are still too high. With the PC version I can adjust down to 5 Sats but I cannot see that available on the app.
If you change the method to "Static", you will be able to set the transaction fee to lower amounts.
Look at the image below. The fee is only 1 sat/byte.




Quote from: Kakmakr on December 26, 2020, 02:30:34 PM
Is there any way for someone to hijack the transaction when you go online to sweep the wallet? I have been asking for a method where you do this whole process "Offline" and that the "Private Key" get encrypted, before you go "online" again to finalize the process.
The raw transaction doesn't include your private key.

You may ask how nodes validate the transaction without the private key.
When you sign a transaction, you generate a hash and a signature using your private key. For validating the transaction, nodes calculate the hash using your public key and your signature without any need to your private key.
If the hash calculated by nodes matches the hash already generated by you, your transaction is validated.  
Kakmakr
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
Re: Offline signing your paper wallet using air gapped phone via Electrum
December 26, 2020, 02:30:34 PM
#4
Is there any way for someone to hijack the transaction when you go online to sweep the wallet? I have been asking for a method where you do this whole process "Offline" and that the "Private Key" get encrypted, before you go "online" again to finalize the process.

So you would be doing this offline and it only finalizes the process on the Blockchain the moment when you go "online" again. (Difference being that the "Private Key" would be encrypted already, before you go online. (If the packet gets hijacked, the hacker will have an encrypted version of your "Private Key and the "Private Key" will not be in it's raw format on the Internet.)  Wink
iBitcoinHongKong8
copper member
Activity: 441
Merit: 180
Re: Offline signing your paper wallet using air gapped phone via Electrum
December 26, 2020, 02:13:27 PM
#3
Fantastic thread Krogoth! Absolutely amazing to get this amount of detailed step by step instructions all while remaining as secure and safe as possible. I'd have given more merit but all I had was 1 to send. If I had 50 I would have happily sent you 50! I'm still getting used to Windows and Android so it will take me a while to learn and play around with super small amounts to get comfortable but I want to learn all ways of doing it. I understand how to use Electrum with a MacBook and that's been good, but I want to learn as much as possible and it's threads like these that gift our community with such valuable information and help! Cheers all and thanks again Krogoth. You the man!

iBHK8
krogothmanhattan
legendary
Activity: 2520
Merit: 3238
The Stone the masons rejected was the cornerstone.
Re: Offline signing your paper wallet using air gapped phone via Electrum
December 26, 2020, 01:39:01 PM
#2
THIS OFFLINE WALLET SWEEP WILL BE USING AN AIR GAPPED PHONE AND A PC ELECTRUM.

   Again create the same steps you did with the air gapped wallet as we did in the example above.

   Next for the hot wallet on the PC, install Electrum....

   

    STEP 1   NAME YOUR WALLET
   STEP 2    CREATE NEW WALLET...SELECT IMPORT BITCOIN ADDRESS
                           On the hot live PC wallet, we will be importing the public address ONLY
   STEP 3    Click on camera tab and scan in front of pc camera
                           the Public address part of your  paper wallet. HIDE THE PRIVATE WALLET, MAKE SURE NOT TO EXPOSE IT TO CAMERA!!
                           As you notice, if bitcoin word is in front of the address then you need to delete the word otherwise the next button will be greyed out.
   STEP 4    Once the public address is on their click on next, a password option is given, if you want to add  you can otherwise hit next.

     
   

    STEP 5  Watch only wallet created meaning the paper wallet public address is on the electrum with no private key which is EXACTLY WHAT YOU WANT! Click OK and the click on the send tab
     STEP 6  Click on camera tab on the pay to box, this will activate your computer camera. SCAN the QR code for the public address you want to send all the funds from your paper wallet to. Then click on MAX on the amount line. You should see the full amount of the balance minus miner fees in this box. Then click PAY
      STEP 7  You can see you have an unsigned transaction in the highlighted box top left. Also I adjusted the miners fee down to 2 sats in the middle highlighted box.
                  In the outputs boxe, you can find the public address where the funds will be sent to. SO double check to confirm it is correct, with the amount to be sent as well.
                  Click FINALIZE
      STEP 8  You now have an UNSIGNED transaction ready to be signed on your air gapped phone. Click on export and then show as QR code.
                   Once the QR raw transaction pops up, scan with you are gapped wallet and the following will come on the screen...

                   

      STEP 9  The unsigned transaction scanned into your air gapped phone will be shown. Click SIGN
      STEP 10  Confirm signing transaction...Click OK
      STEP 11  You can now see on top it says signed and also the transaction ID is shown as well. This is ready to be broadcast as the button is available as well, but since this is an air gapped phone you cannot, so we need to click on the QR code and take back to the live wallet on the PC. Also you can double check amount and pub address where the funds are to be sent to to confirm nothing has changed!!

                     

      STEP 12    On laptop Electrum, On top where the tools tab is click on load transaction and then select QR code. This will activate camera, the scan the QR code raw transaction from your air gapped phone.
      STEP 13    You will see the identical information you have in your air gapped phone come up. Again double check to confirm all is correct! Once ready, click broadcast and your raw transaction has been sent to the blockchain! The payment sent TX id will pop up as well!

                 Hope this helped you all, any questions ask!!


                 To recap...

               
 

krogothmanhattan
legendary
Activity: 2520
Merit: 3238
The Stone the masons rejected was the cornerstone.
Re: Offline signing your paper wallet using air gapped phone via Electrum
December 26, 2020, 01:38:43 PM
#1
 One of my most favorite ways of storing bitcoin is on a paper wallet. Paper wallets if done right are one of the most secure ways of storing bitcoin especially if done on an air gapped computer which in my opinion is a must.

     The tricky part is when the time comes to sweep the wallet and that is where screwups can happen. If your computer or phone has a malware or virus infecting it, then chances are you can lose your bitcoin.

     One way to prevent this from happening is to never expose your private key to a hot wallet or the internet, but rather have it signed using an airgapped device with a wallet on it.

     We will be using Electrum and to make sure you have the right Electrum, you can read about it on this thread I wrote on another way of siging a BTC transaction where people brought up ways to make sure your electrum download is not tainted in anyway. https://bitcointalksearch.org/topic/how-to-generate-a-signed-btc-transaction-using-electrum-and-trezor-5106013   www.electrum.org

     I will use cell air gapped cold wallet to cell hot wallet

     So in this setup we will have a cellphone and a computer both installed with the latest version of Electrum.

     These are the steps I took....
   

      Wipe out all data on cellphone and have it reboot with factory reset, thus cleaning it of any malware or viruses.

     Install Electrum and then place it in Airplane mode, disable wifi, disable bluetooth, remove sim card and also remove the antenna thus making it air gapped.

     
      Creating new wallet as follows.....

   


       Click NEXT then name your wallet
     

      Next create new password
     

      The select type of wallet you are creating..in our case we are importing a public or private key.
      So up to this point you can use for both the air gapped and live hot phone electrums.
      Click on the camera tab to scan the qr code.

       

       Here I will be importing the private key for the air gapped wallet phone

       

       You can do the same for the HOT LIVE Cell phone wallet, BUT, ONLY IMPORT THE PUBLIC KEY!

     

       
       On the air gapped phone the OFFLINE will show as there is no connection with any internet signal. Thats exaclty what we want to see.

       
       


        When clicking receive on both phones, and then request, the public address matching THAT particular private key will show.
         The Air gapped and the Hot phone Public addresses should both match!

         
         

       
           On the HOW LIVE phone, click click scan and scan qr code of public address you want to send the paper wallet funds to
         Then Click amount and send MAX. Always sweep a paper wallet fully!

         
         

         You can set the mining fees on the app,
         Change the method to "Static", you will be able to set the transaction fee to lower amounts.
         Look at the image below. The fee is only 1 sat/byte.



         Next click PAY and the following information will show. Here you can check amount of BTC sent, mining fee and most importantly BTC address where bitcoin is being sent
         to.
         
         



         Next click on QR tab and the following RAW UNISGNED TRANSACTION QR code comes up.

         

          Now with your air gapped phone click on SCAN and scan the QR code from your live phone.
          This will take your raw unsigned transaction into your cold air gapped phone with the private key to be able to be signed!

          This is what will show on your air gapped phone after scanning the QR code from the LIVE HOT phone wallet.

         

          Next click on the sign TAB and the following will come up confirming you want to sign the unsigned transaction.

           

           Once you click on yes, the new window coming up will show you a signed BTC transaction with the address the btc is going to also the amount!
           This way you can be sure the btc is going to the BTC address you want it to goto and not some malware altered BTC address!! Also the TX data is also present and
           showing.

           

           Now for the final steps of transferring this to your hot phone by clicking on the QR tab on the air gapped phone which will produce a QR code.
           Take your live HOT Wallet phone and click on Scan, then scan the QR code from the Air gapped wallet.

            The following will show up, and again you can confirm and the information. Once you are satisfied, click on Broadcast and the raw transaction will be broadcast on blockchain and the bitcoin will be transferred from your paper wallet to the BTC addy of your choice.

             


              I hope this helps people understanding how a paper wallet can be swept without ever having to expose the private keys to a HOT wallet.

              Again test with a very small amount of BTC until you have it nailed down and feel comfortable in doing this.


Made another visual aid to make it even easier to understand.



                   or full version here














Pages:
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: