Topic: Paper wallet on Android phone (Read 572 times)

I do not know anybody who browses the internet in that way. And even if you do, that does nothing to protect you against your final destination being compromised or the many possible attacks which do not require you to connect to a specific website first.

I also have a number of hot wallets on a number of different phones over many years, and have had nothing happen to them. I continue to use such wallets as my daily spending wallets. But I am under no illusion that although I have been safe thus far, these wallets have the worst security of any wallet I use, and therefore I only ever store an amount I am willing to lose in these wallets. They are for convenience, not safety. Given that OP is talking about buying bitcoin and holding it for "a very long time", a simple hot wallet like this would be a very poor choice.

For people it's the default search engine and they blindly beleive it's safe so whatever comes from their search is safe but in reality they are misleading you and for each ads they get paid no matter if it's scam attempt to make money out of users pocket because they are getting paid.The privacy is really compromised with it as it monitor your each activity like you have just made a normal search about anything you will be recommended with lot of ads as algorithm is set in this manner so what privacy people are expecting from Google? The CEO when can't answer the questions when asked privacy that they track your movements and other things you should be concerned about making more optimistic choices.

The main problem is you will be showcased lot of fake wallets and exchanges when you enter such keywords on google that will lead to some phising links draining your data of devices by installing malwares and most people don't use ad blockers as well but TOR is the best option for them only if they understand about the same.

From all the users who created a Bitcoin wallet in 2021, the ones who didn't take proper security precautions must have had more wallets hacked than the users who took proper precautions.
It's like saying you've been driving around without a seat belt for years, so you don't need it. The thing is: you don't know for sure until it's too late, that's why you take precautions.

That is not what I meant, if you google random things and don't look at the url of website, definitely you'll become a victim of malwares but in Google usage I meant simply searching music in google and visiting specifically youtube, spotify urls, searching biography of famous people and visiting specifically wikipedia. Google just speed ups the process, you should have a list of specific urls and website that you are gonna move from Google or type manually, no one should visit websites other than specific ones.
If you, I and others get malwares from these famous websites, then the whole world should be worried.


I don't say that what you or Loycev say are wrong. Definitely not! I just say that you two are very cautious. While it's a good thing, it's not always that much necessary. For instance, I have created bitcoin wallet in 2021, on a laptop that was connected to the internet. I have some $$$$ into it. Till today, nothing suspicious has happened and I am in total control of my funds, at least no one has stolen them from me.
I agree with you, everyone should be very cautious overall but I always thought that it was very exaggerated, so I risked and let's see how will it end up. 2 years have passed without problems, my behavior will stay the same on that laptop, I never visit an URL that I don't trust. I use that wallet as a hot wallet.

To sum up and make it clear again, I agree that your methods are way safer, I just say that being so cautious is not that necessary unless you hold significant amount of money.

Google!? As in, the same Google that are infamous for hosting scams and malware, for accepting money from scammers to boost their scam sites to the top of search results, for accepting money from scammers to place scam ads everywhere, for hosting malicious apps on their playstore, and for harvesting data from your microphone and keyboard and storing it on their servers? Even if you think using Google is safe, all it takes is one wrong click to end up on one of the scams that they are quite happy to promote in exchange for payment. I'm not trusting the security of my wallets to one wrong click.

And even if you don't browse any websites at all, your device still has an internet connection meaning it is still a viable target for attacks.

Hence the instructions I gave in the first post on this thread. These instruction, while still not perfect, are the best that can realistically be achieved using only a single smartphone and are far better than keeping coins in a hot wallet and hoping that you don't get any malware.

Allow me to destroy your feeling of security by showing you the first Google hit I get when I search "malware in ads":
Hackers abuse Google Ads to spread malware in legit software.
There are no safe websites.

Okay, I'm genuinely confident that if you visit only websites like Google, Youtube, Wikipedia, Instagram, Twitter, Facebook, Reddit, news websites like CNN, BBC, FoxNews, Deutsche Welle, Amazon, eBay, PayPal, Your bank's website, etc. I hope you got the point, if you visit that websites, I genuinely believe that your wallets won't be compromised.

OP's friend is limited to options. He wants to hold long-term but his only option is android smartphone. I didn't receive answer on how long or how much bitcoin he wants to hold, also OP hasn't answered to any response, not only my posts but including others too. And since he talks that he can't buy a new smartphone and doesn't have computer, I made an assumption that he is not going to hold a lot of bitcoins.

I think we should end this here Unless we hear response from OP

Some implement it correctly, some of them don't. It depends on the brand of the phone too, as some manufactures do weird things that aren't conventional.

I've had issues with a SIM card a few times, but the current OS I'm using all features work, but it's pretty much a stock version, with Google services removed. Nothing, special added.

When running a offline wallet, I'd prefer not to connect that computer to the internet, and just download, and verify the Bitcoin wallet on another computer or within a different Qube if you're using Qubes OS, and then install it in a offline environment. Checking the signature of the file on the offline computer again, just to make sure that the first computer wasn't compromised, and was displaying a fake signature.

If someone is confident enough to generate their private key via a manual process, then that can avoid some of the issues with hardware being compromised, but at the end of the day when you come to importing it, you still need to trust that hardware, so it's a difficult one.

Ahh, right. You are talking about PSBTs, which are in Base64, rather than a raw transaction in hex. I don't think Electrum lets you export unsigned transactions in hex anymore. So yeah, if you want to use hex encoding rather than Base64, you'll need to use different software.

You'll also save yourself a lot of time. Your PSBT has 1,308 characters. A similar one-input one-output legacy-to-legacy transaction in raw hex has "only" 382 characters.

I did a quick test with Electrum. This is what an unsigned transaction looks like:
Typing a legacy transaction is a lot more work than Segwit.

It's certainly doable, just not very convenient. Fine if your wallet really is long term cold storage though with very few (if any) outgoing transactions.

What format are you using? Raw transactions should be in hex, so 0-9 and A-F. There are no easily confused characters there.

For my long term cold storage, I probably don't want many new features such as Taproot and Lightning. Keep everything as simple as possible to reduce any attack surface to an absolute minimum.

I haven't done this for transactions yet, but it shouldn't be so hard. The key is to use a large font to avoid reading mistakes. I know this from experience typing private keys: misreading some letters happens much more than hitting the wrong key. I use md5sum to ensure I made no mistakes, and if there is a mistake, I can use a hash on part of the text to pinpoint it's location. I just tried: the most annoying part is that transactions don't use Base58, so there's an 0O problem. But even if it takes 10 minutes to copy a transaction, that's a small price to pay for something you don't do too often. And an extra reason to HODL

You can of course have both: old hardware for your cold storage on legacy addresses, and modern hardware for your daily transactions.

There is also the cost basis involved. It costs a lot of money to set up a high tech security system and pay armed security guards to protect your mansion 24/7. It costs nothing to download and use Tails with your internet connection disabled (although obviously better on a permanently airgapped device).

I have pretty much this exact set up for interacting with some of my cold wallets. One thing to remember though - unless you want to transcribe your transactions from the raw hex by hand, you need some way to transfer them electronically. So either leave the camera in but cover it with tape when not in use, or remember not to glue a SD card slot or USB port.

That's an unfair question: you're asking about the scenario in which no malware has been downloaded, and my point is you can't ever be sure you haven't visited a malicious website.

Mansions look different than cabins. Unless there's a targeted attack, an attacker can't know how many Bitcoins a system holds.

My laptop indeed has a sim card slot. I never went full paranoid, but I've considered it: remove the network module, remove the Wifi module, remove the camera, remove the microphone, remove the microphone jack and glue everything else in place.
It could be a fun project on one of those €25 laptops.

Technically, if your hardware is backdoored, they could potentially be using a way of communicating without being connected to the wifi etc. I'm thinking, potential hidden sim cards, however this would be easily verified by checking the hardware of your computer. Honestly, it should be a part of everyone's security practices to take a look at what's under the hood to make sure there's no unexplained parts or modified components, at least obviously modified. The chip itself is likely compromised, there's been several accusations in the past, but as far as I know there's been no real evidence showing backdoors.

Personally, I don't like recent developments in the CPU with the ME engine, and AMD equivalent. Opens up a ton of attack vectors, so a CPU that doesn't have that capability is definitely preferable. The issue is; often it's no longer supported, and therefore there's no way of updating the interfaces that interact with it.

In terms of phones; it's much less likely someone's checked their hardware on a phone, due to the nature of how they're manufactured. However, I'd probably trust the latest versions of Android more than the older one's, for one they have much better isolation implementations, which the older Android versions didn't even have any isolation if you go back a while.

I would never do that when there is perfectly good open source alternative called GrapheneOS, only problem is that you can use that OS only on g00gle devices.
In ideal scenario smartphones should be like computers and you should be able to install any operating system you want, but doing that is much easier said than done.
Second best option is using something like LineageOS, DivestOS or CalyxOS that can be installed on different smartphone models, but they inferior in many ways compared to GrapheneOS.
One more plus for GrapheneOS is that you can support development and updates with Bitcoin donations.

How many accidents have ever been where the scenario was similar to what I described and users' wallets still got hacked?
I don't say that it's the safest option out there but it's not the dangerous one too.

What do you use to create bitcoin address? Computer or what?
Any chances that your hardwares aren't backdoored?

While I agree with you that everything needs high security, regardless of what, I think that there is a difference between 1 Bitcoin and 100 Bitcoins. The bigger the treasure, the bigger the attack is. No cabin has security guards but mansions? They are on different level.

I think there is a high chance that modern hardwares are backdoored. It's personal choice but I trust old hardware and software more than modern ones in terms of safety and in this case I mean offline, yeah, offline. If you wish, we can discuss more why I talk about offline security.

Another reason why I would choose old device in offline mode is that even if they were compromised 15 years ago, who cares? I think no one is focus on old devices and probably the person who hacked your computer 15 years ago, isn't alive or doesn't use the same pathways he was using back then.

I don't know how many, I tend to prefer the vanilla variants which don't add any additional customization or toggles as you say, and just remove the Google related stuff. These are much less common unfortunately, as every custom ROM has gone down the path of trying to add as much customization as possible.

Generally, if a custom ROM has a ton of customization features, there's more room for error, and they very likely implement a lot of the customization via hacky ways, which go against the core Android security principles. So, ideally you want a custom ROM which hasn't added too much to the code, but instead removed the Google services, and dependent applications. There's a security risk with this also, as obviously Google claims to protect your device with these services.

There's a list of a collection of various GSI's (Generic System Images). There's also others out there that aren't included on that list. There's also the potential that you do it privately for yourself also.

Although, custom ROMS are better for improving privacy, rather than security since there's likely a trade off of removing the Google applications in the first place, due to them being tied in intrinsically to the Android operating system.

One example, of a popular custom ROM that claims better privacy, and security features is GrapheneOS. However, to achieve that it's heavily modified, and you'll ideally review the code yourself to see how they've implemented those features. Plus, this only works on certain hardware, which is typically the most used phones, therefore that could be an additional risk too. Hence, why a lot of users that haven't got mainstream phones opt for GSI's.

For example, here they strongly recommend Google devices:

Which, for me suggests they're ignoring the possibility that Google doesn't compromise your security or privacy via their hardware, which is a little bit hard to believe when they're so against the software of Google. So, there's a ton of different options out there, and ultimately everyone has to make their own decision, since as above one of the most popular custom ROMS suggest something that I don't entirely agree with. Although, we're getting to the tinfoil stage here (I think we've been there for a while to be honest, most users aren't worrying about this soft of stuff).

I am 100 % agreeing with you.
Moreover, buying a phone in a store has absolutely no guarantee, whether it is an online store or a physical store. In the case of refurbished phones it seems to me particularly dubious as to the security of the funds if one uses it as a cold wallet. I will never believe such a device personally.

Personally if I were to use an Android smartphone to store my bitcoin, the first thing I would do is change the base OS, or at least install one in parallel if I were to keep Android features like calling/SMS.

I guess my choice would be a Debian-kit. This is clearly the safest option from my point of view. Once this is installed I imagine I will generate privates keys offline from a safe device, and import them to an Electrum.

For those interested in Debian-kit, you can find more information here: https://f-droid.org/packages/org.dyndns.sven_ola.debian_kit/

I don't know if it would be possible to install Debian or Ubuntu with LTS encryption on a smartphone, but that would be an extremely efficient solution too.

Right, ideally you want to be using a custom ROM tailored for security, and privacy, that doesn't go against the security practices of Android. They tend to have some nice features about them, but ultimately you're trusting the developer, however usually you'd want to use one that has published their modifications to the AOSP. A lot of the newer custom ROMS support over the air updates also, which wasn't really a thing for a long time.

However, there's are some additional risks with custom ROMS, and you'd be sacrificing the Google protection if you remove the Google applications, make that what you will though. However, even some stock android that comes with the your phone could potentially be going against the security practices of Android, since they're typically modified by the manufacturer, and there's no guarantee that they implement everything correctly. Unless, they ship with 100% stock Android, which they typically don't.

Yeah, I'd agree with that. I personally don't use a phone for accessing my Bitcoin, however if you must I'd consider all the above personally. Although, a lot of it can probably be safely ignored. However, the privacy cocnern is definitely worth highlighting.

Yeah, I'm not sure I'd ever be comfortable with generating a private key on a online computer, honestly. If I wanted a hot wallet, I'd use a hardware wallet. It just prevents a lot of the issues you can come across when accessing your Bitcoin on a online computer.