Author

Topic: Organizing Proper Cold Wollet Storage (Read 475 times)

legendary
Activity: 1624
Merit: 2481
October 22, 2017, 07:02:00 AM
#5
Do I miss something?
What are possible attack vectors here? 

One big attack vector would probably be the most obvious. Physical access. Until you are not living in a bunker and depending on the amount you store this would be an efficient attack vector.
Since your plan does not mention any backups a "simple theft" of your harddrive would be an option.
Another way to gain access over your private keys is to infect your pc which is connected with the internet.
If you have a big amount stored and an attacker is targeting at you it probably wouldn't be that hard to get malware on your pc which will infect the usb stick.
And once USB is infected and you plug it into your cold pc to sign the TX the private keys could be copied over to the usb without you noticing it.
And the next time you connect it to a pc with internet connection (e.g. when you want to push the TX) the malware automatically pushes a TX of all your coins to his address even before you can start pushing your TX.

Of course this is more theoretical nature. But its definetly possible. Noone would put so much effort into it for 1-2 coins.
But 100 BTC are pretty attractive. Big Big Holders should definetly be careful about giving too much personal information away.
legendary
Activity: 2053
Merit: 1356
aka tonikt
October 20, 2017, 11:03:07 AM
#4
What are possible attack vectors here? 

You can't really think of all the possible attack vectors.

If I was to be an attacker, I'd probably first look into where you store the backup of the private key.

Then at a physical security of the room with the wallet PC.

Then the people having access to it.

There must be more.
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
October 20, 2017, 10:54:20 AM
#3
---snip---
Bitcoin Core is fine though I'm not sure how would you be able to create watch addresses from the HD key.

---snip---
The 100% foolproof method is to just use QR codes instead of USB.

with QR codes definitely the best air gapped system
he just need to get a camera for each PC to read/capture QR codes
and for creating watch addresses on online-PC in Room 2
he could also use the camera and do one address at a time, couldn't he?
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
October 20, 2017, 09:28:30 AM
#2
Do I miss something?
The steps are correct. What wallet are you planning to be using? I would recommend Electrum due to the ease of using the UI. Bitcoin Core is fine though I'm not sure how would you be able to create watch addresses from the HD key.
What are possible attack vectors here?
The only possible attack vector is if the USB somehow gets infected with virus and the virus has the ability to copy the files from the offline computer, store it in USB and broadcast it in the online computer. As far as I know, no malware has been this sophisticated thus far. If you're using Linux, it would be even more secure.

The 100% foolproof method is to just use QR codes instead of USB.
member
Activity: 392
Merit: 41
This text is irrelevant
October 20, 2017, 08:28:30 AM
#1
Say I want to organize Cold Wollet storage.
My plan is to do following:

1. Organize a disconnected secure room where 1 PC with encrypted private key is located (Room 1).
2. Equip another PC with properly connected and synced blockchain (Room 2)

Follow next protocol to execute transaction from Cold Wallet:
1. Take clean USB drive and use PC in Room 2 to create a transaction message. Write it on USB;
2. Go to Room 1 with the USB drive containing transaction message and sign transaction on "cold" PC using it's private key;
3. Return to Room 2 to execute (broadcast) transaction from "hot" PC


Do I miss something?
What are possible attack vectors here? 


Thanks!



Jump to: