Author

Topic: Offline Transaction on a airgapped computer -Transaction process- (Read 255 times)

newbie
Activity: 8
Merit: 3
Just to add what has been stated already. Yes Electrum is good for signing offline transactions. You can also use Coinb.in wallet but make sure to only download it from the Github page. Coinb.in wallet supports offline signing.

And furthermore, very important - be sure to verify your signed transaction BEFORE you broadcast it. When you verify (decode) your transaction you will see all the details of how much you are sending and to which addresses. This means you will know exactly what your transaction will do before you broadcast it. To verify your transaction on the offline line computer you can again use Coinb.in. I will also suggest to use decode with BrainWalletX (again download from Github) and under the transaction tab, hit the Raw Transaction button, then paste your signed raw transaction in the lower box that says Raw Transaction (it will give you the JSON of your transaction which you can check). Lastly, on an online computer just before you broadcast you can again verify your decode your transaction with BlockCypher. The links are below:

offline: https://github.com/OutCast3k/coinbin/

offline: https://github.com/brainwalletX/brainwalletX.github.io

online: https://live.blockcypher.com/btc/decodetx/

Lastly, remember you are sweeping the whole amount on your address with the offline signed transaction, so make sure you specify your change address and to specify the miner fee.
legendary
Activity: 2212
Merit: 7064
The air-gapped computer needs a lot of knowledge from the average computer user and are definitely not for people who does not want to Geek out to do this. (It is the safest way for people to use their wallets, but the process is horrific for newbies and people with average knowledge on Crypto currencies)  

I doubt that many newbies and average users are using air-gapped computers, especially today when people want everything to be chewed and simple, so for that reason people invented hardware wallets like trezor and ledger.
Consider hardware wallets as more simple alternative version for air-gapped computers, and there is nothing wrong is using both paper wallet, hardware wallets and air-gapped computers if you know what you are doing.
I know some people who lost paper wallets, other messed up their air-gapped computers, or forgot passphrase for their hardware wallets, so there is no universal solution for human mistakes.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Guys, How can this be done in a more simple method? I create my Paper wallets on a old computer and printer that never goes online. I then transfer coin to it, but when I want to access those coins, I have to sweep those coins back to a desktop wallet. (This action actually voids that wallet, but I do not care that I cannot re-use that ..because I can create 1000's more from the offline computer)

The air-gapped computer needs a lot of knowledge from the average computer user and are definitely not for people who does not want to Geek out to do this. (It is the safest way for people to use their wallets, but the process is horrific for newbies and people with average knowledge on Crypto currencies) 
An air-gapped method is the only way to avoid your funds being stolen, there are plenty of guides around. Electrum is the easiest way to do so; get a LiveUSB, boot it load your private key in Electrum. I don't believe that you wouldn't be able to follow a few guides on this and it is really far from being a rocket science.

If you're unwilling to do so, then you have no other choice but to sweep it on an online computer and risk getting it compromised. Using a paper wallet should basically mean that you're going to have to use an air-gapped setup at some point in time.
legendary
Activity: 2268
Merit: 18748
Guys, How can this be done in a more simple method? I create my Paper wallets on a old computer and printer that never goes online. I then transfer coin to it, but when I want to access those coins, I have to sweep those coins back to a desktop wallet. (This action actually voids that wallet, but I do not care that I cannot re-use that ..because I can create 1000's more from the offline computer)
If you have a safe and working airgapped computer which you used to create the paper wallet, then moving the coins back off the paper wallet is actually very easy. Import the private key from the paper wallet to your airgapped computer, and import the address from the paper wallet to your online computer. Create a transaction on your online computer, move via USB or QR to your airgapped computer, sign, move via USB or QR back to your online computer, broadcast.

The air-gapped computer needs a lot of knowledge from the average computer user and are definitely not for people who does not want to Geek out to do this.
I don't disagree, but if they have been able to create a paper wallet using an air gapped computer in a secure manner, then signing an offline transaction should be easy for them to figure out, even if they have never done it before.

If that is still too complicated, then buy a hardware wallet. The only other option is to sweep the paper wallet directly on an online computer, but doing so is a risk to your coins.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
Guys, How can this be done in a more simple method? I create my Paper wallets on a old computer and printer that never goes online. I then transfer coin to it, but when I want to access those coins, I have to sweep those coins back to a desktop wallet. (This action actually voids that wallet, but I do not care that I cannot re-use that ..because I can create 1000's more from the offline computer)

The air-gapped computer needs a lot of knowledge from the average computer user and are definitely not for people who does not want to Geek out to do this. (It is the safest way for people to use their wallets, but the process is horrific for newbies and people with average knowledge on Crypto currencies) 
legendary
Activity: 3472
Merit: 10611
And, just in case, verify the signed transaction! I like to use different software (offline of course) to verify the outputs are still the same addresses as intended. So if I created and signed the transaction using Electrum, I use coinb.in to verify it. So far, I've never seen anything unexpected, but I don't mind spending some extra time for peace of mind.
If all your inputs are native SegWit then checking the transaction ID from the start takes care of that since the TxID never changes from the moment you create the transaction and if the outputs change (or basically anything that is not the witness) the TxID changes too. This is assuming the client you are using is computing TxID correctly and doesn't put any placeholders in txin's scripts.
Transaction ID of the following 2 are the same (first one is unsigned while second is signed):
[Version][TxInCount=n][txIn{0 to n}][[TxOutCount=m][txOut{0 to m}][Locktime]
[Version][SegWit flag][TxInCount=n][txIn{0 to n}][[TxOutCount=m][txOut{0 to m}][Witness{0 to n}][Locktime]

If the inputs are not all SegWit, then you're out of luck and still have to do it manually Smiley.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
The question is how and what tools he used to sign and broadcast a transaction, how to access transaction data and how to sign it, then broadcast it ?
Easy answer: get a hardware wallet, it takes care of everything internally without you worrying how it works.

I have heard some cases that it is possible malware can transmit through the use of USB for transfering the unsigned transaction
Use a Linux Live DVD for signing the transaction, that takes care of most malware problems.
And, just in case, verify the signed transaction! I like to use different software (offline of course) to verify the outputs are still the same addresses as intended. So if I created and signed the transaction using Electrum, I use coinb.in to verify it. So far, I've never seen anything unexpected, but I don't mind spending some extra time for peace of mind.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
You should take care that nothing is transmitted to the air-gapped computer other than the unsigned transaction.
I have heard some cases that it is possible malware can transmit through the use of USB for transfering the unsigned transaction, though I do not know how true it is, but it should be a very good reason we should still make sure our air gapped wallet is not having malware. Though QR codes can be a difficult means or impossible means that malware can be transmitted which should be the best way of transfer unsigned transactions to a cold wallet for transaction signing.
Transmitting malware via a USB drive/stick is fairly unusual, and if this happens, it probably means you are being specifically targeted. I think the risk of malware being transmitted via a USB stick is sufficiently low for most casual users that using a USB drive should be acceptable. I think using a hardware wallet is probably more desirable than an air-gapped computer unless you are handling the amount of coin that a major exchange would handle.
legendary
Activity: 2268
Merit: 18748
Though QR codes can be a difficult means or impossible means that malware can be transmitted which should be the best way of transfer unsigned transactions to a cold wallet for transaction signing.
I prefer to use QR codes over USB drives. I would worry less about QR codes transmitting malware, however, and more about malicious QR code software or generators taking your transaction and turning it in to something different before displaying it as a QR code. However, provided you double/triple check the transaction on your airgapped device before signing it and turning it back in to a QR code for transfer back to your online device, then you should be safe. I would also make sure you have two different cameras and aren't moving the same camera back and forth between your online device and airgapped device, since again, this could potentially be a vector for transferring malware.
legendary
Activity: 1652
Merit: 1208
Gamble responsibly
You should take care that nothing is transmitted to the air-gapped computer other than the unsigned transaction.
I have heard some cases that it is possible malware can transmit through the use of USB for transfering the unsigned transaction, though I do not know how true it is, but it should be a very good reason we should still make sure our air gapped wallet is not having malware. Though QR codes can be a difficult means or impossible means that malware can be transmitted which should be the best way of transfer unsigned transactions to a cold wallet for transaction signing.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
1 - You need to create an unsigned transaction. This is typically done with a computer that is connected to the internet and has access to the blockchain.
2 - You need to transfer the unsigned transaction to your air-gapped computer via some medium. You can use a USB drive, QR codes, or some other medium of transmission. You should take care that nothing is transmitted to the air-gapped computer other than the unsigned transaction.
3 - You need to sign the transaction on your air-gapped computer. Prior to doing so, you should review the transaction on the air-gapped computer.
4 - You need to transfer the now-signed transaction back to your computer with internet access. This will typically be done via the same mechanism as #2. You should ensure that only the signed transaction is transmitted.
5 - Broadcast the transaction to the network. This can be done via your wallet software, or one of many websites that will broadcast transactions to the network.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
The question is how and what tools he used to sign and broadcast a transaction, how to access transaction data and how to sign it, then broadcast it ? (According to the above method)
You will need to use wallet like electrum for this, two wallets will be created on two devices. One will be for the old storage, the other will be watch only.

First, you will need to create the cold wallet on an offline device, that will have no internet connection, and that will in no way be able to connect to the external environment through any connection aside transferring unsigned transaction to be signed, making it remain offline.

Second, you will create the watch-only wallet on another device. The watch-only wallet will be used to create a transaction which is not yet signed, transferred to the cold wallet through QR code or USB stick to sign the transaction, ones signed, the signed transaction will be transferred back in the same way to the watch-only wallet in order to broadcast it.

To easily know about how to create this wallet, you can read this simple guide by click the below link which includes how you can create both the cold storage and watch-only wallet using electrum, and how to sign an unsigned transaction generated by the cold wallet, and how to broadcast the signed transaction on the watch-only wallet.

https://electrum.readthedocs.io/en/latest/coldstorage.html
legendary
Activity: 1134
Merit: 1599
This older post of mine may help you our with the process. It's not that hard, but it does require quite a few more steps than the normal wallet does. Smiley
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
If you don't understand how it works, then Electrum would be the best for you as it simplifies the process by integrating it into the GUI.

Create an Electrum wallet on the offline computer, get the master public key and import it into the online computer. Create a transaction as usual, save the file as a PSBT or use QR code to transfer it to the offline computer, import it and sign it then transfer the signed transaction back into the online Electrum and broadcast it.

You'd be able to do the same thing with coinb.in as well, using the online instance to load the transactions and generate an unsigned transaction, transfer it to the offline computer to be signed with the private key on it.
member
Activity: 100
Merit: 30
Stay humble, be cool, make world better place.
Cold storage means storing and holding cryptocurrency and private keys offline, either in a device that does not connected to the internet (Airgapped computer) or printed on a laminated paper.

For people like me who do not know deeply what the transaction process is, but first requires to generate a signature from transaction data via private key on an offline computer, then write or transmitt it to a online computer until it broadcasts the signature to the Bitcoin network.

The question is how and what tools he used to sign and broadcast a transaction, how to access transaction data and how to sign it, then broadcast it ? (According to the above method)
Jump to: