Topic: Old phone as cold storage? (Read 1007 times)

It's nice, but it's not necessary. The extra protection provided by a steel back up can be replicated with paper by simply having two or more back ups in separate geographical locations.

As I said higher up in this thread, a software airgap will always be inferior to hardware airgap, and it is near impossible for the average person to actually confirm that airplane mode is preventing their phone from transmitting any data.

Your points are very correct, but you should know that sometimes some people do not plan exactly how long they want to hold, they just start and see what happens, and "much BTC" is subjective, what could you or o_e_l_e_o could afford to lose, may not be what i can for example. And 0.01 BTC may not be so much now, but a hypothetical situation BTC rises to 100k usd in the future, and it now worths something.

So i will think the best thing to do if one cannot get a hardware wallet is to have two wallets on different devices, one a cold storage in all the true senses and the other a hot wallet, it does not matter how long they want to hold the BTC that's in the cold storage, or if they start with 0.001 BTC, but just so they know they have a completely airgapped device that holds their BTC and less chances of vulnerabilities, they can always send funds into cold storage whenever they like, and in the future they could have an attractive portfolio that's safe in their custody.

Definitely I know we talk about cold wallet. My point is that it's not necessary to take very strict measures if you don't plan to hold it for a very long-term or if you don't plan to hold much bitcoin, that's why I am saying that most people who say that they want cold wallet, will safely keep their funds with hot wallet which happens to be offline at the moment.

The problem is that you can't actually trust your Airplane mode on your smartphone, nor on your laptop. I think, there are laptops with motherboards that do not come with built-in Wi-Fi.

Usually, in this era, the main target of thieves is always when they break into a house, money and the things you mentioned except for weapons or belongings are always taken.

     It seems that in such scenarios, the thief will not think about the hardware wallet, because the first thing the thief knows is that the person he robbed has a hardware wallet. So instead of using the cold storage of the phone, it is still really good to use another trustworthy and recommendable software wallet or hardware wallet.

It's even more easier to do it if you have modular smartphone like Fairphone, they can be totally disassembled to parts, including antenna.

That might not be enough with new smartphones, because most of them have eSIM that can be downloaded and installed, so there is no physical card slow to glue.
Even worse news are coming from Apple who are planning to fully remove card slot and use only eSIM in future.
If Apple really starts doing it, than you know most other brands will follow like always.

Most of this can easily be disabled with Airplane mode, so it's not that hard, unless you want to permanently remove them.
Laptop is better for many things, but you can't disable or remove anything unless you have specific models ^{(example old Thinkpads)}, most laptops today (sadly) have almost everything soldered on board.

Phones are a really bad choice for cold storage.

They are always connected to cell network/tower and internet. Ever noticed how you can do an emergency call without a sim card? That connection potentially works backwards via backdoors as well.
Police can access your phone and listen in without you knowing. If they can, so can potentially other unwanted parties. Doing anything crypto related on your phone open you up for attack.

There is also risk of chip/battery failure. Even USB devices need to be reactivated every 1-2 years, otherwise they won't hold enough charge to keep the memory alive, which leads to data loss.
You mentioned cold storage, i assume that will be long term, so anything electrial is a no.

For cold storage you want to store your seed words (ideally encrypted) in something

- indestructible
- fireproof 1400°C (a house fire is around 1100°C)
- waterproof
- corrosion proof
- shock proof
- earthquake proof

Basically you want this:

https://i.etsystatic.com/41503409/r/il/689efd/4813988559/il_1588xN.4813988559_fcds.jpg
Picture taken from here: https://www.etsy.com/listing/1434977816

More information on that topic here:

https://jlopp.github.io/metal-bitcoin-storage-reviews/
https://incoherency.co.uk/blog/stories/diy-cryptosteel-capsule.html
http://bulletproofbitcoin.com/
https://blog.lopp.net/a-treatise-on-bitcoin-seed-backup-device-design/
https://www.econoalchemist.com/post/backup
https://blockmit.com/english/guides/diy/make-cold-wallet-washers/
https://bitcointalksearch.org/topic/securing-your-seed-phrase-with-washers-5389446

Absolutely. I have a hot wallet on my phone which is pretty much online 24/7. I've had such a hot wallet for years, which I've spent from multiple times a week, and I have never been hacked and never lost a single satoshi from it. It's entirely possible to have a safe hot wallet. However, I am under no illusion that such a wallet is by far the riskiest wallet I own and is by far the most likely wallet I own to be hacked or exposed to malware. I only ever keep a small daily spending amount of bitcoin in it (certainly no more than 0.01 bitcoin as you say).

But the discussion here is about cold wallets. The wallet I describe above will never be a cold wallet. A mobile wallet which only goes online once a year is also not a cold wallet. It might be safe so far, but it is never as safe as an actual cold wallet. I could drive for 10 years without ever wearing a seat belt and never suffer any injuries - doesn't make it a good idea.

Do you trust modern hardware? What if there is a tiny secret wireless transmitter? You'll never know, maybe modern hardwares come with advanced spying components, who knows?

Maybe it sounds crazy but to be honest, I would trust old 2000-2008's device more than 2023's devices. I think that when it was a new thing, priority was to develop this technology and they rarely thought about spying through it. You can pretty much create a bitcoin wallet on old computers.

I think that when one has 0.01 bitcoin and wants a secure wallet, hot wallet which happens to be offline at the moment is a normal choice. If you are a person who regularly downloads pirate softwares, games, visits suspicious websites that are full of spam advertisements and so on, then you definitely need to use cold wallet even for the low amount of bitcoins.
If you are a regular user who somehow happens to have Google Pixel smartphone and 0.01 bitcoin into it's electrum wallet and only uses Facebook, Youtube, Netflix, Twitter, Reddit and Amazon apps, I genuinely believe no one will take a single satoshi from your wallet, even if we both agree that modern hardwares and softwares spy on us.

Maybe so, but there is also WiFi, Bluetooth, RFID, NFC, and other connectivity modules to consider too. Disabling all of them without breaking the phone is difficult. It is far easier to start with an old laptop which does not have the majority of these at all and then just remove the WiFi card.

Well then you no longer have a cold wallet. You now have a hot wallet which happens to be offline at the moment.

The whole point of staying 100% airgapped is to mitigate other risks that are harder or impossible to protect against. Are you 100% sure there is no malware lurking on your device already? Are you 100% sure your device won't be targeted when you go online? Have you completely audited every piece of hardware and every single line of code in your device prior to using it? The answer to all of these is no. But if you can stay 100% airgapped at all times, then any such vulnerabilities will have a much harder time trying to steal your coins.

I agree with you but if you are storing several Bitcoins into your device, you will want to be protected against the risk that a malware could be waiting somewhere into your OS and would be able to send your seed to someone else as soon as your device is connected to internet, even briefly. The topic is about replacing a hardware wallet by an old smartphone, so you can't tolerate this kind of flaw.

If you use the smartphone/ tablet as cold storage, I dont see an issue if it will by mistake connect to the internet at some point. Yes it is not the best that can happen, but it will not automatically download a bitcoin specific virus, that cracks your encrypted wallet in no time. Seems a little bit to paranoid to me.

It's usually not very hard to remove the antenna on smartphones https://www.youtube.com/watch?v=ICV7vPF9mPE
But if you can't do it you can destroy/damage the SIM card slot in order to avoid someone from your home or a burglar to use it. And if you can't easily access it on your phone, you can just put some glue into it. It is very unlikely that the burglar will manage to fix it on the same day as the thief. So it would leave enough time to transfer your funds elsewhere.
But IMO it's simpler to use a tablet only offering a Wifi connection and to deactivate it in your OS or to physically remove the antenna.
There are maybe some Android GPS with no network connection able to run the Electrum app too.

That's what I aim for.

If you are planning to physically hide your wallet as a main part of your security set up, then a phone is bulky and difficulty to hide. Compare to some of the much smaller hardware wallets which are on the market, or to just a simple sheet of paper with a seed phrase written down. Not only are both a good airgapped hardware wallet or a properly set up paper back up easier to hide than a phone, they are also more "cold" than a phone could ever be.

If someone should decide to use an Android phone wether old or new make for cold storage  then it's expected that the person should have a secure hidden place place that by chance still wouldn't come to the thought of a burglar that anything of value like a phone could be placed there not to talk of a phone used as cold storage.
Like every home has some spot's where no one would ever believe that something of value could be kept there not even a member of the house either.

The thing about smart phones is that they are designed to to be connected to some sort of network through different means, with or without SIM. A PC on the other hand is not designed that way and the steps you need to take to make it truly airgap are very simple and short. Your PC doesn't have an antenna by default, it doesn't have Bluetooth by default, or network card or a connected network cable, etc. all of which your phone already has.

Of course, its telephony can see what antennas are around in order to send SOS calls, which can be done without SIM. NSA can find out what antennas the phone was interogating and triangulate/approximate the position.

And if NSA wants to get in your devices, the old phone you start now and then to sign transactions is your smallest problem
But I don't deny it you have a point. Maybe a bit paranoid, but not too much.

If someone knows enough about your set up to make you a target for such an attack, can gain access to your airgapped computer, bypassing all physical and all electronic protections you have in place in order to install the necessary malware to start transmitting your private keys via modulating electrical signals in various internal components, as well as bugging your house with the necessary hardware in order to pick up and transmit those signals, then every single wallet you own is at risk (not to mention literally everything that you own). Such attacks are almost entirely theoretical.

I will never trust a software airgap (i.e. a phone with airplane mode turned on or WiFi turned off) as much as I will trust a hardware airgap (i.e. a computer with no WiFi card). It is almost trivial to open up a computer and remove the WiFi card, ethernet card, etc., while it is almost impossible to remove the antenna, WiFi, Bluetooth, NFC, RFID, etc. from your average smart phone without breaking it in the process. And how does the average person verify that airplane mode is doing what you want it to be doing. Even the NSA have admitted they can still track phones which are in airplane mode, so your phone must still be sending and receiving some data.

This can be a good point indeed: basically hiding the cold storage in plain sight.


True, this part I forgot about.


This is a good argument. Still, this doesn't make the cold storage unsafe per se, especially since the wallet seed has backups.

Another argument is that a burglar is unlikely to expect you to use a smartphone for a cold storage. If he sees a phone to steal, the steps he'll do later are pretty much known. Reset, and sold to some stranger for a ridiculously low price. Also, as said, you can use a password to encrypt everything.

The best argument for not using a smartphone as cold storage, is that desktop wallet software such as Bitcoin Core and Electrum are simply more tested, and are consisted of a bigger community. Another good argument, is that a linux distro is far more tested than a smartphone OS.

This is true for most smartphones but there are certain modular models like Fairphone and you can open them very easy and replace or remove almost anything you want.
After removing antenna and all the other things you don't need (maybe microphone) you could also put phone in airplane mode just to be sure.
I would never buy and use Iphone as cold storage, but there are phones with secure storage and some people are working on fully open source phones.
It's not my first choice to use phones as scold storage, but it's possible to do it.

Unless you're high profile person, very important person or letting people know you're extremely rich, worrying about this kind of vector attack is pointless. Additionally, this kind of attack is also theoretically possible on mobile devices.


This could be partially mitigated by setting password on your device (both smartphone and laptop). And on certain smartphone or OS for laptop, the password could be used to encrypt whole storage.

I keep seeing people telling that phones are hard to airgap and.. sorry, but I'm not convinced.

* one can remove the SIM then mobile internet will no longer be used
* one can turn off NFC (if available); however, not a great attack vector
* one can turn off Bluetooth and go airplane mode; however, not a great attack vector unless 100% targeted
* one can remove/forget all known Wi-Fi SSIDs and set the phone not connect to any other/unprotected SSID

One very good argument is that a burglar will most probably steal that smartphone even if it's older, put a SIM in it and turn everything on, making indeed phones somehow risky for cold storage.
Another very good argument is that somebody in the house would do exactly that too (put a SIM in) because of not knowing it's a "special use" phone.

But all this can easily happen with a laptop too (stealing or plugging in a network cable). And let's not compare online securit between old laptops and old phones because both are bad and also dependent of owner's skills in setting them up.

At the end of the day an air-gap PC is the safest option compared to both phones and hardware wallets because it is physically disconnected from the rest of  the world whereas hardware wallets are not and phones are extremely hard to made truly air-gap.

The attacks you describe on PC are very complicated and more theoretical than practical specially since the attacker needs to be close to the PC and in some of these attacks they need physical access. Meanwhile there are other attack vectors on hardware wallets that are being connected to a system that could be infected. Granted they too are theoretical but there has been real cases in the past and when comparing it with your examples they are more serious.

Well, all DIY-made stuffs have always its cons. But an unused, updated android patch security, stock rom, and using it while in safe mode android phones is a bit good option for a cold storage stuff ^{(or if there's a alternate word/term for it than using cold-storage)} and better than other web/hot wallets out there.

As they said --air-gapped smartphones are much safer than the air-gapped PC which are vulnerable to hacking, did you know that even fully air-gapped PC can exfiltrate information through the output radio signals generated by the computer or call ^{[electromagnetism]}.
Also expert says that through ^{[ultrasonic waves]} a virus can be used to steal the private key out of the computer.
I had always preferred the hardware wallet over the old PC or phone for cold storage, they don't have the security features that hardware wallets have. A hardware wallet has minimal attack surfaces not unless they steal it from you personally.
So no way for the old phone to be a cold storage wallet or worst a PC to be a cold storage wallet, however --I am overthinking for 25% way of a possible scam using an air-gapped wallet.

I don't think a mobile phone will ever be considered good cold storage, ever. The issue is that unlike an old laptop which you can take apart and remove the BlueTooth/Wifi chips, you cannot do this to a mobile phone.

You can open the phone up and remove the antenna, however it can still form a weak connection. You cannot desolder the Baseband chip (for Iphones) to prevent 100% connection loss because the phone won't boot up.

I guess this is much better than a hot wallet but still not as secure as true cold storage such as Electrum on an air-gapped PC.

Basically for convenience.
While you can easily sign with the offline phone just by transferring images between that phone and the laptop, if you use an USB with a live OS and Electrum you'll need to restart the laptop for signing (and also the transfer with yet another USB is considered unsafe).

In addition to your point about thieves and what they'd generally be searching for, I think you've got a valid point here as well.  I don't think using a smartphone as a HW wallet would be a great idea for someone like me, who's too technologically incompetent to wipe a phone free of all the potential spying shit that's preinstalled on it. 

Otherwise, it isn't a horrible idea at all--you can hide a smartphone pretty easily, and other than the times when you want to actually use the device, it's easy to keep it offline.  Then again, why not just use one or more USB drives or even a seed phrase engraved into metal, coupled with Electrum for sending/receiving?  That seems like a much more secure option (though a lot less creative than using a phone).

I think it's a moot a point. An opportunistic thief isn't "looking" for anything specific, as you suggest. They are rummaging in drawers, closets, desks, under beds, etc., looking for anything and everything that is easy to transport and might be worth something. If they find some old phones, they'll take them. If they find some hardware wallets, they'll take them. Even if they don't know what hardware wallet is, they are quite clearly small electronic devices and could be worth something. Maybe they'll think a Trezor is some kind of smart watch. Maybe they'll think a Ledger is some kind of USB power bank. Maybe they'll think an OpenDime is a USB drive, or a ColdCard is some kind of smart device remote. It doesn't matter. They are small, easy to steal, and might be worth something, so they'll get stolen.

And if we are considering a targeted attack rather than an opportunistic one, then as PN7 says above then obviously they will take anything at all which could store a bitcoin wallet.

Not that much. I remember though that I've seen so much junk I was wondering why they bother moving it there/putting it on sale. I don't understand that market so maybe you're right.
Maybe I'll go and try to sell there some stuff, starting with my Nokia 6110


That is indeed a good point I didn't consider. I was considering that he will be too busy/loaded with TV, laptop and such, hence won't bother for an old phone.


Maybe. On the other hand, why get all electronics which is more difficult to hide and sell, than just everything that's related to crypto which may fit easily into one pocket?

---
However, I don't understand thieves and you guys do have good points and I may be very well be wrong.
All in all, I'm happy that I've shared this little experiment. I've got quite a lot of interesting input.

Once a thief finds a phone, it takes 5 seconds to pick it up. An old phone is small enough that a thief would not have to give up taking something else if they take the phone, so there wouldn't be any reason not to take it (other than the obvious part about doing so being illegal).

If a thief targets someone because of their known involvement in bitcoin, they would likely (IMO) be targeting any and all electronic devices that could potentially store private keys.

The reason why the QR codes doesn't work across different wallet is because Electrum encodes the PSBTs in Base34. If you need to sign them, then encode them back into the original format.

I don't really recommend old phones as cold storage because it is quite well known that most wallet developers don't really care about mobile wallets. Some of them are littered with bugs and vulnerabilities. I'd very much rather just get a dedicated device (ie. RPi or an old laptop) if you want an air-gapped non-HW wallet. IIRC, I was able to extract the MPK out of a rooted phone quite sometime ago. Not sure if it has been patched yet.

This is probably true, but some people are probably holding all their valuable treasure including hardware wallets or more important seed words in same place, maybe a safe or security box.
I would NEVER suggest anyone to do this, and it's much better to keep hardware wallet hidden in obvious places, some people even use empty candy boxes, etc.
Same goes for paper or metal seed phrase backup, NEVER keep them in a same place with your paper money, gold or jewerly.
You would be surprised how many people are doing this.

Have you ever been to a flea market in your local area?  
It's sometimes fun to do that and it makes you wonder how they are constantly receiving all kinds of junk including old smartphones, maybe seller makes a shot ''business trip'' trip in other western countries.
Nothing is ignored and for every merchandise you can find a buyer.

1. A thief may very well ignore a 10 years old smartphone.
2. I'd expect to be more likely for a thief to come because one was bragging about bitcoin. And then the thief will be looking for hardware wallets and will know how they look like.


No. It was a test, I've been using testnet coins, no need for more safety measures there.
For the real deal reset to factory may help, although I don't know how much, since it will have no SIM card, no WiFi, no Bluetooth, no NFC started. All the transfer will happen through images.

This might sound stupid, but I just thought I mention it.

Imagine you are a thief and you break into someone's house.... What is the first thing you are looking for.... ?

1. Money
2. Notebooks / Tablets
3. Mobile phones
4. Weapons 

I think you get what I am pointing to.... A thief will more likely take a phone, than target a hardware wallet. So, it would ..in my opinion.. be better to use a hardware wallet, because not a lot of thieves know about hardware wallets.

Did you "Factory default" the Android device, before you used it for Cold storage?

There are certainly some airlines which have allowed phones to be used for several years now. Probably the age of the aircraft is relevant as well. But certainly in the future I'm sure flight mode will become a thing of the past.

I suppose the solution to all of this would be to have a modular phone, in which it is easy to open up the phone and remove the antenna module, the Wi-Fi module, etc. Such phones already exist, although they are not commonplace, but if you don't already own one then buying one specifically for this kind of defeats the purpose, since you could spend less money on a more secure hardware wallet.

All things considered, any device with connectivity hardware, even if turned off, uninstalled, disabled, in flight mode, etc., is not truly airgapped. While this will be safer than a standard hot wallet or mobile wallet, I wouldn't trust flight mode to secure large amounts of coins.

Airplane mode is designed for people who are flying in an airplane (hence the name). There are certain FAA(?) regulations that dictate the types of devices that can be used, and the strength of their signals.

Most (all?) airlines offer very expensive WiFi services for their passengers. Some airlines have also opted to stop installing TVs in the front of each seat and instead offer the same content via their smartphone app that can be accessed via a free version of the WiFi service the airline offers. So you will watch the same movie on your smartphone instead of a TV installed in the headrest of the seat in front of you.

So I am sure that this is not a display issue, and it is the intended behavior. I think "airplane mode" really means that the cellular antenna is turned off.

---

Another issue is that default settings for some phones allow for someone to turn on (or off) cellular, WiFi, and Bluetooth without unlocking the phone. There may be ways to disallow this, but there is always the risk that someone will find a way around any modified settings.

With regards to the iPhone specifically, Apple is very good with the security of their devices, however, security vulnerabilities are occasionally found. When there are security vulnerabilities found in their devices, Apple is able to patch these vulnerabilities. However someone using an old phone as cold storage would never receive any of these updates, so an attack may potentially use a vulnerability that was found (and patched) a long time ago.

Actually from my experience, Airplane mode does disable at least cell and WiFi (I just don't know about the rest). But, with airplane mode on, you can afterwards re-enable at least the WiFi. I don't know if anything else.
And the reason is... explained in suchmoon's post 

There is on-board WiFi on some planes and of course you want the airpods to keep working too.

Airplane mode has very little to do with interference (often cited official reason). It's more about old cell towers getting confused with all those flying phones... not sure if that's even relevant these days but we're still taking shoes off so there's that.

But how is that possible? How is that airplane mode in that case?
If the whole idea behind airplane mode is to ensure that all connections to and from the device are disabled, how can you have WIFI and Bluetooth enabled? Maybe iOS just displays them as being still turned on in the system, but in reality they aren't, and all networks and antennas are disabled.

It would be like saying these pair of shoes are waterproof unless you step in a puddle of water. In that case your feet will get wet.

On the scale of things to be paranoid about, I think I'd be more worried about e.g. a compromised GPU BIOS on my computer running with full privileges than an old reformatted Android phone. For all their faults, there is a decent security model on those phones as opposed to the 40-year-old dumpster fire that is a PC.

This is not a concern with this set up. The airgapped phone will never go online, so neither the firmware nor the wallet app will ever ask for an update or even know there is a new version to update to. If the combination of firmware + wallet app works now, then it will work exactly the same in 10, 20, 50 years' time. The only concern is that if the online version of Electrum moves to some new standard which means older version of Electrum installed on the airgapped wallet can no longer sign transactions, but if that happens, then you can either install the new app if supported, or create a new airgapped wallet with a more modern model with updated firmware.

There is another hidden advantage to this set up, and that is the ubiquitousness of old phones. If someone sees you using a hardware wallet in public, or breaks in to your house and finds a hardware wallet, then they know immediately you are using bitcoin. If someone sees you using an old phone in public, or breaks in to your house and finds an old phone in a drawer, they don't look twice. If the phone is old enough, a thief might not even bother to steal it since it would be impossible to sell for any meaningful amount.

It's definitely big concern if you use Windows as airgapped storage. But with Tails, there are less concerns since,
1. You usually need to manually choose boot to Tails.
2. Tails doesn't connect to Tor network automatically.
3. Tails is designed with security and privacy in mind, so it's unlikely your Tails compromised when you connect it to network/LAN cable.

My understanding is that with iOS, Bluetooth (and possibly WiFi) will be turned on by default when you turn on airplane mode. You can turn off these features after you turn on airplane mode.

---

My biggest concern with the setup as described in the OP is that "cold storage" is something I will typically define as private keys being generated and stored on a "computer that has never, and will never be connected to the internet".

An old phone will very clearly have been connected to the internet in the past. I am not sure about new iPhones, but I suspect there is the potential for an iPhone being previously connected to the internet right out of the box.

You're partly right. The only phone I would have for this (if my HW would break today) would have (drums) Android 4.4.4. And I would have to see if I can flash an Android 5+ on it (which may or may not work).
But I expect many have older phones with Android 5+ on them gathering dust (while I keep my phones for 3+ years and then I give them to relatives for further use, I expect most keep them for 2 years then keep them in a drawer). And Google Play store shows that Electrum needs Android 5+. And that's old.
And you just don't need anything else on that phone, Electrum has its own scanner too.


Tails OS or similar USB sticks is seen as a good option for simple and effective cold storage. Still, if one forgets the network cable plugged in to the laptop, he may have surprises.
Or if you have a properly airgapped Windows laptop with cold storage and somebody else from your family plugs the network cable in,... same story.
I mean that there are always this kind of risks. In most cases for home brew cold storage the prerequisites are there.

If one cannot manage them I clearly recommend a proper hardware wallet.


As about the concept, I've been checking one of the topics with many "hardware wallets" (and similar devices). And I stumbled over this AirGap software and I thought "why not?". Just while for the cold wallet (or call it as you want) I know I have to be somewhat flexible, I do want to be able to pick the "client side", whether it's Electrum, Sparrow or something else. And my conclusion is that (for Bitcoin) Electrum+Electrum is better than AirGap solution, although it's not presented in that list.

But you're right, this was only a test. A proof of concept. For daily use - although this concept is fairly easy - I still recommend a proper hardware wallet, especially for newbies.

The main problem with old phones using as a storage I see is the fact that an old phone is old. I am not much of a tech guy, but I am pretty much sure that the software/app, that is planned to used as a cold storage will get updates, while old phones one day will lose support from devs and their firmware will be in-upgradable. One day wallet will ask for an update, but it wont be updated because the new version will not be supported with your current firmware.

This is common to iOS/MacOs devices (dont know about Android). I cant use YouTube on my old ipad mini, because an app requires an update, but firmware can no longer be upgraded. I cant use finance app and import data to new phone, because it needs an update and crashes after any tap in it.

I understand that you are just testing this, but I still don't think it can be called an airgapped cold storage solution. There must be a distinction between a setup that doesn't have the required hardware to establish a network connection and a device that has but only has it turned off by enabling flight mode. Your airgapped system becomes a hot wallet by sliding your finger down the screen, disabling flight mode, or enabling WIFI. It's not enough for an attack, but the prerequisites for one are there. Nevertheless, it's an interesting concept to think about.   

Yes, that's a possibility, and as I said above I think the biggest risk in this set up is that it is very easy to turn off flight mode or turn on WiFi by mistake. If you have root access to your phone then you can permanently disable the WiFi module to prevent this from happening, or you could physically remove the WiFi module, but otherwise I think you just have to be very careful not to. You should make sure to delete shortcuts or rearrange/hide any menu buttons so you at least have to go looking for the option to turn on WiFi and you can't just do it with a fat finger.

Well, this use case is meant for those who do know what they're doing and it's certainly not the best approach for safeguarding big funds. There's proper cold storage for that.
This was meant as an use case for some who really know what they're doing and it's meant as something relatively safe and much more convenient than a cold storage, probably for a short time, until a hardware wallet replacement is bought/delivered.

I expect such an user acknowledge that some risks may be involved. But let's not exaggerate them.
For example, after discussing that best is to never add an WiFi SSID at all, after implying that the device will never again have a SIM inserted and will also stay in Flight Mode, (also Bluetooth and NFC stopped), I think that your use case has very low chance to happen.
Of course that the fact the device is probably not encrypted is a risk. Of course that the data transfer (meaning tx) should not be done via USB or SD.
And of course that if one decides to do other tests that involve SIM or network/connectivity changes, he should first move away all his funds to a new wallet with a new seed.

I know that, but the risk is: What if you accidentally switch on the network connection, and simultaneously, a vulnerability is exploited in the app by a malicious payload as soon as the app attempts to communicate with a server? It's rare, but it can happen. The fake update warning a few years ago is a good example of this.

This is true, but it is also true of any hardware wallet or any airgapped cold storage device, which could one day just refuse to turn on. As long as you have your seed phrase backed up then it's a minor inconvenience at most.

Electrum for Android does not have the permissions to either turn on or off your WiFi or to turn on or off flight mode. If you are happy that flight mode is sufficient for your needs, then the biggest risk is going to be from you accidentally turning it off. The next steps would be to operate the phone inside a Faraday cage or open it up and physically identify and remove the connectivity modules.

Old phones can get bricked by deteriorating hardware or a battery wearing out, and this often happens without warning.

Plus there is no good wallet app out there that won't try to connect to the internet - since this is on a mobile OS, you have effectively no way to stop it from attempting to do that, even if you turn off WiFi and cellular (thus shutting off all network connectivity).

Indeed, I was worrying for nothing, it was much easier than I've expected. The AirGap Vault direction was counterproductive for me.
Indeed, it works with Electrum.
(And indeed, installing from SD sounds even better than setting up any WiFi.)

I had some small problem - I didn't find a way to made the Android Electrum on testnet -, but after finding out the right derivation path (m/44'/1'/0'), the Android didn't care it shows mainnet addresses, it signed the testnet tx gracefully.


Thank you all.

Sounds like nc50lc has identified the issue. Looks like you'll either need to use an Electrum/Electrum pairing or an Airgap/Airgap pairing.

Electrum's mobile app does have a few key features missing, notably coin control, but since you will only be using it for signing and will be creating the transaction on your laptop (which does have these features), then that won't be an issue for you.

Probably better not to. I would factory reset the phone and keep it permanently airgapped. Download and verify the Electrum mobile app on your laptop, and then transfer the .apk file to your phone via SD card or similar to install it. You'll need to enable installing from unknown sources in your phone's settings.

You can use any wallet that is supported by your android phone, if you remove sim card and disable any wi-fi, bluetooth and internet connection.
Problem I have is that older phones stops supporting most of the apps, so you can't really install anything on them if they are few years old.
In my case I could only install Mycelium wallet on Android v4 or v5 for testing purposes.

Emulator would probably work installed on offline computer, camera QR would work just fine if you have it on your computer/laptop (tested and works).
Problem is that most of this android emulators are closed source and full of junk, but more wallets will probably be supported than with ancient Android phones.

I wouldn't use smartphones as cold storage for various reasons, having regular offline computer/laptop with software wallet installed on Linux OS is much better option.

If that's the case, you can try Electrum versions lower than 4.x for the watch-only wallet on your Laptop.

But you'll be stuck with those old versions so I'd also recommend you to use Electrum on your Cold-storage Android to be able to use the latest version.
Electrum supports camera and QR codes in both desktop and Android so transferring the transactions for signing will be easy.

Indeed, I should have been explaining better, but the test was a bit odd... But it was meant to be a test
Here it is, as I remember it now:

I've generated a 12-word seed with IanColeman's to make it sure it's not an "electrum" seed.
I've imported it to Electrum, used it for testnet.
I've made one more watch only wallet (also on testnet) with the public key from previous step. This is meant to be the live wallet in my tests. I've sent some testnet coins there.
I've imported the 12 words seed into AirGap Vault.
In the live wallet made a transaction, shown the QR code and tried to get it with AirGap Vault to sign it. It has read the QR, but it said it's unrecognized data, hence I couldn't sign the tx.


Believe it or not, I didn't use Electrum on Android at all since (from what I've read) it doesn't support hardware wallet.
So (stupid me!) I didn't think at all on Electrum as solution. I'll give it a try later today. Thank you for the idea!


It's meant to be an old phone with no SIM,. So the only network may be the WiFi. I can make a temporary WiFi by Tethering from the in-use phone and never again use that SSID (it can be GUID). Bluetooth is turned off. NFC.. hm.. iirc it can be turned off.
Still, I understand your logic, and I will give it one more thought. The point was for a replacement for a Nano S at the moment it will no longer work, maybe until a new one is bought.
Of course it depends on how much funds one handles vs the expected risks.


Yep, this may be the actual technical description of my problem. Thanks for that.

---

I'll try with Electrum for Android, maybe the solution was easier than first expected.

I don't know if Airgap Vault supports PSBT (Partially Signed Bitcoin Transaction) which Electrum generate when exporting unsigned transactions;
if it doesn't, the whole setup wont work.

Question 1:
In what way did it not work out? You couldn't install the vault app? You couldn't create a new wallet? You couldn't move transactions between the vault and Electrum?

Question 2 & 3:
If you are only interested in bitcoin, and are going to be using Electrum on your laptop, then why not just use Electrum on your airgapped phone as well?

Question 4:
My issue which such a set up has always been that I don't trust the phone, because there is too much hardware and software in there (mostly closed source) and I don't know what it is all doing. Is it properly encrypted at rest? Does turning on flight mode really airgap the phone? Can it still send or receive data via WiFi, 3G/4G/5G, radio waves, Bluetooth, NFC, etc? Is there something on there which might affect the random number generation?

After reading, discussing and thinking on the topics discussed about Ledger's hardware wallets', especially Why I wouldn't buy Ledger Nano S ever again? and Ledger Nano S Plus I came to the conclusion that the better option may be a DYI and a pretty cheap and safe solution could be using an old smartphone for the job, completely airgapped. Please correct me if I'm wrong.

The point would be that, with the right software installed on the phone, one can use its camera for reading QR from other smartphone or laptop, can display QR that can be read by other smartphone or laptops' camera...


I wanted to try out yesterday, shortly, AirGap vault with an Lectrum on laptop. On testnet.
It didn't work out and I don't know yet if the reason was that testnet is not supported by AirGap, or it's that AirGap vault works only with AirGap wallet.

Question 1:
Do you know what I am missing? Did you use this kind of setup and you know that it would actually work on mainnet with AirGap vault and Electrum?

Question 2:
Do you know of different cold storage app for Android? Can you please share?

Question 3:
Is there any similar solution I've missed? Some emulator under Android and installing the cold storage under that emulator? Then how I handle the camera/QR reader?

Question 4:
It's all wrong and I should abandon the idea?

Thank you.

---

Update: the setup works with Electrum on both sides - laptop and old phone.