Topic: Possible method for cold wallet spend with bitcoin core. (Read 405 times)

No, and according to my little guide, it's even easier. Once Tails start, all you need to do is connect to a Tor circuit, open Electrum, create a wallet, backup the seed phrase, and it will connect to random Electrum server via Tor automatically.

SeedSigner is more comfortable than an airgapped computer once you learn the basics, but it'll take a few hours until you set it up and experiment with Sparrow to see how it works. You don't need to run your own node, even though it's always recommended for better privacy.

Generally though, Electrum is the way to go for a Bitcoin newbie. Sparrow is more advanced. If you don't feel like you'll study Bitcoin, then just dedicate a computer as an airgapped device, and install Tails, using Electrum.

Please note that if you don't run your own full node, then the Electrum / Sparrow server can link your addresses together.

But if that is the reason, why aren't you worried about using Bitcoin Core? It's open-source, like many other software, but it means very little to you personally if you have no understanding of how it works under the hood. I don't see why you would be paranoid about Electrum and at the same time not be paranoid about Bitcoin Core.

It's more user-friendly than Bitcoin Core. It's a light client with a native seed format, but also supports BIP39 seeds. It's not hard to learn the basics.

You would be backing up a long string of letters and numbers that make no sense to the human brain. It's not user-friendly, and it's easier to make a mistake with a random character than it is when backing up a set of 12 or 24 English words. Don't forget, there are no seeds in Bitcoin Core.

thank you. i genuinely appreciate that.


trying to get a streamline, airgapped process using btc core only if possible and no manufactured hardware wallets (don't trust them). for some reason i am weary about having to use other apps or programs in the process. that is either due to a lack of understanding or paranoia.

also, isn't electrum quite difficult/not newb friendly? i have started looking into seedsigner but again it seems like i need an electrum server set up and sparrow wallet. two additional programs to keep all this together. but i don't know what i don't know.

thank you for the links i will check them out.

It would be a cold storage, but you should not rely on digital back ups, as disk corruption is a common phenomenon. Instead, you should be able to back up your bitcoin in paper, human-readable. That's a seed phrase.
[/quote]

and getting a paper back up of a btc core HD wallet is difficult/cumbersome?

I would add the Blockstream Jade to that group. It can be used as a normal hardware wallet (not-airgapped) or as a stateless signer, as it uses SeedQRs just like the Seedsigner. The one thing that is questionable is that it requires Bluetooth or USB connection with the Blockstream Green software wallet during the initial setup to download the firmware. After that, everything can be done with QR code scanning. The official shop is in the US, but they have a bunch of resellers all over the place.

Feel free to make any question you want. There are no stupid questions.

Well, yes, but my question is why would you want to do that? Bitcoin Core is not newbie friendly, and does not support a seed phrase standard like BIP39 (which helps a lot for backups). Instead, I would follow this little guide and install Tails which come with Electrum pre-installed.

It would be a cold storage, but you should not rely on digital back ups, as disk corruption is a common phenomenon. Instead, you should be able to back up your bitcoin in paper, human-readable. That's a seed phrase.

but you don't have private key needed for latter in your wallet hehe

forgive me. i am struggling with this stuff as well.

could someone just install btc core on an airgapped device. launch core. create a new wallet. create a "receive address" and the from an exchange or other hot wallet send btc to that  receive address?

would this not be a cold wallet? then that person could make back up copies of the wallet.dat file for redundancy/protection?

Look. Cold / Airgapped storage is generally more secure, if you know what you're doing. The whole premise lies on the fact that the private keys never "touch" an Internet connected device, so they can only be compromised physically. Hardware wallets on the other hand, while are separate concept than a usual "hot wallet", are not airgapped, because you're connecting them to your Internet connected computer. Theoretically, if a security vulnerability is discovered, the attacker might be able to compromise the private keys of your hardware wallet. This is impossible in an airgapped device, because it is simply physically impossible to send keys over any communication channels.

If I were you, I'd buy myself an airgapped device instead of a hardware wallet. Either Foundation Passport or SeedSigner. It is an opportunity to educate yourself about the Bitcoin space as well.

I think there is a way.

Let's say you use vanitygen to create a bitcoin address, and save the addy and privatekey.

Then with bitcoin core you build the transaction but never send it to the blockchain, when you create the transaction you you use the new generated address as the output.



At this point you save the signed transaction and have it ready to broadcast.

When you want to get the coins then you can send the raw transaction from a wallet or an online service like: https://live.blockcypher.com/btc/pushtx/ or from a core with the command:


And to access those coins you only have to import the privatekey from that address (the one that you generate with vanity gen) to any wallet, and then you will be able to spend them.

Oh that is very strange, mine started to sync up at once when copied over the appdata folder

Hardware wallets seems to have mixed replies when I ask.
Some like hardware wallets some like cold wallets held in offline laptop.

Also I didnt get any answer yet how to dump priv key direct  to a hardware wallet.
Also one person just seems to lost 27btc on ledger on reddit and lots of people cant see why it happened yet. Even experts looking to it.  I didnt understand the issue of course but lots of people with high ratings I see were puzzled and never seen it before.

Someone said cosmic Ray's changes 1 bit of info during some process.
At first I thought they were joking but I see more people saying that is the only explanation.

I'm liking electrum with watch only atm.

But yeah its weird we have a different experience with the syncing up element of core
Can other verify this is the case please?

Your wallets will not start to sync without the password.entered first?

No, it doesn't work like that.  how can you sync your wallet with the blockchain if you don't enter a password?  But another problem is that your transaction will not be automatically broadcast to the blockchain just by copying the folder from the offline computer. You'd still need to open the wallet and broadcast them yourself, which, guess what, requires that password.



I think you are doing everything wrong. Maybe you should just consider buying a hardware wallet that will save you all the trouble and protect your coins from being hacked?

Yes I think I have not described well what i was originally intending to do. I was not going to enter any password on the internet connected machine.

Like this.


Laptop 1. Offline with v21. Wallet there is not synced fully because machine has not been online maybe 2 years.
When you open bitcoin core v21 on this offline machine, it  tries to sync but can not because it has no internet.

However you can attempt to send bitcoin and it asks for the password.  If you enter the password it signs the tx and says unconfirmed.
Then you can shut down bitcoin v21 on the offline laptop.


So at this point I thought the tx has been signed but could not be submitted and will sit there unconfirmed forever because laptop1 has not internet.


So how to send this already signed but not confirmed tx I wondered?


I assumed ( incorrect perhaps) that if I copied the entire appdata folder over from laptop1 to an internet connected laptop running v23 that v23 would load up and auto try to sync fully and then without asking for the password again it would auto send the tx I created on laptop 1.  I did not think laptop 2 the internet connected machine would ask for the password again.

Then you informed me that actually no need to transfer the entire appdata folder just transfer the wallet.dat and the same thing would happen.  I have not tried that because I decided to go the electrum way.

But either way if I copied the entire appdata folder or just the wallet.dat from the offline machine I was thinking that if I never had to enter any password on the internet connected machine that the private keys were never revealed to the live internet computer at any point.


Perhaps that is not correct.
I am using electrum now. 


But I just didnt and still dont understand if the internet computer never asks for the password but just finished syncing up and broadcasts the tx. I dont understand how that is as risky as just only having 1 live internet connected machine where you have to type your password on it.

I mean I have not tried the entire process luckily. So maybe V23 has to ask for the password again even though you already have sent and signed it on v21 on the offline machine.

If you press send on laptop1 the machine with no internet and it asks for the password is that not signing it at that point. ?
So once you close the qt down is that tx not already signed and stored ready to launch somewhere in the appdata folder?
I assumed this point all signed and never need to be resigned again?

I didnt know if you grabbed the entire appdata folder or maybe just the wallet.dat and moved to a new machine that machine will still need to ask the password to broadcast.

When you say if you just transfer the signed tx that will be okay.
Would copying only the wallet.dat across contain the tx signed on the offline machine to the online machine achieve this without having to enter the password again?

I thought maybe signed but unbroadcast Tx maybe was somewhere else in the appdata folder but also copying entire appdata avoid the rescan wait.

Either way I guess maybe not many people would want to have tried sending from an unsynced offline machine and moving it to a live machine because it has some security issues. So maybe nobody has tried it to see if you have to renter the pass again or it just auto syncs and sends without requesting the pass. I decided to ask here before getting to that part.

I'm sure though once with an alt coin I sent the coins before it synced up actually it was on airplane mode but I didnt see that.
Then my laptop ran out of power before it cold send because I wasnt paying attention and playing some games on playstation.
Then disaster it would not boot up

So took out the ssd and copied the appdata file and put on another machine and when it all came back alive I'm sure it synced up and I reinstalled the new alt wallet. It read the appdata and the tx sent but I sure it never asked the password again.

I could be wrong. But I seem to remember thinking it was surprising at the time. This machine could send but didnt know my password.

Thanks.

If you simply sign the transaction from the offline laptop, and transfer the signed transaction to the online laptop, there is no problem. If, however, you transfer the wallet.dat in the online laptop, and sign the transaction in the online laptop, you'll be asked the wallet's password needed to decrypt it. At that point, you'd risk having your wallet compromised.

If you transfer the encrypted wallet in the online laptop and you don't decrypt it, then, given that you've entered a very strong password, it does not introduces the same risk, no. The question is: why would you ever want to do that, though? Signing takes place in the offline computer. The wallet file has no other purpose than signing.

Thanks yes I am using electrum now. It is nice how the xpub and psbt works.


When you said this part :

"The wallet.dat is encrypted, but you decrypt it in the same device"
I don't understand that part.

Do you mean if you press send and enter your password on the offline laptop 1 then close bitcoin core on laptop 1.. Then grab the wallet dat with a usb and load that wallet.dat into laptop 2

That even though you don't enter your password on laptop 2 that the wallet dat is de encrypted to broadcast? I thought it would just sync and broadcast without asking the password.

I didnt realise laptop 2 still decrypted the wallet.dat even though it was signed and attempted to be broadcast on the offline laptop 1 previously.


Yes I think core is for experts and is probably safer but only if you know exactly what you are doing.
I may go back to it in the future after learning more about it.

Yes I notice already this exchange has closed down but they did give people some time to withdraw.

It is the most trustworthy one, but it is not suitable for inexperienced users. The best wallet software for inexperienced, in my opinion, is Electrum and Sparrow. If I were you, I'd spend a few hours to play with both and see which fits me better.

It's good that you felt the need to withdraw them from the exchange. 

Because you use the offline computer to mitigate malicious actors via the Internet. If you want to make sure that no one can access your wallet, then you must never expose it to an Internet connected computer. An Internet connected computer is prone to a host variety of malware and cyberattacks, which can compromise its security.

The wallet.dat is encrypted, but you decrypt it in the same device. What if some malware has made you believe you're using the authentic Bitcoin Core, whereas you're using their compromised version that sends passwords to their server on submit? Or what if a spyware logs everything you type and send it over to their server? These are just two examples.

Thank you marvel man.

I'm sure that you're correct.
But so as i can understand why. Could you explain why you say this.

I'm trying to learn how many things work with core and other wallets.
Why would  needing to enter your wallet password on an offline computer be the same as just entering it on the internet connected computer?  I thought that in doing this the internet connected computer would always have the wallet password protecting the private keys inside the wallet dat.  Is that part not correct?  

I don't doubt that is is just as bad or maybe worse, but I don't currently understand how? Can you explain it to me please.

Also what are the extra attack vectors you would open yourself to more than just using this wallet as an encrypted hot wallet that is brought online to sync ,sign and send.

I am going to use the method described above by blackhat, but I am interested in what you have said and feel it would be great to find out more about bitcoin core and things that increase or decrease security.


Thanks for your input.

Hey Joe-Bloggs, the process you laid out for using an offline wallet doesn't actually get you any of the security benefits of keeping a wallet offline.  You're just kinda shuttling the wallet file back and forth between computers - there's no reason for one of them to be offline if youre gonna do that.  Plus it introduces some new ways a bad actor could get at your coins when you move that file around. 

You are correct I shouldn't have really tackled with bitcoin core.
Although I wanted to remove my bitcoin from an exchange and thought this was the most trustworthy one.

Yes, one of the things I wasnt sure about was if tx that were not synced or confirmed were stored inside the wallet dat until they were confirmed or if there was something outside of the wallet.dat that was needed to ensure immediate broadcast

I entirely accept and am grateful for your suggestions.
Which I intend following.

Just asking a few extra questions to gain some further knowledge really.

It's kind of you to take the time to answer and advise. I appreciate it.
Maybe I'm not great at google but it's kind of hard to find specific answers to certain questions.

Actually bitcoin talk seems even better or just as good as reddit

Thanks.

.

This is precisely why I advised you to study more about how things work. It is apparent that you don't know how Bitcoin Core works, and with this behavior, it is a matter of time until you lose coins.

You don't need to transfer the entire application data. Just having the wallet.dat (and its password) is enough to recover the wallet from elsewhere. But, you shouldn't be using Bitcoin Core as a wallet software in the first place, if you want my opinion. Simply set up Electrum, and point that to your node (which can run in the same machine).

I totally agree that mitigating all risk should be the aim.

Why I tried moving the entire appdata/bitcoin folder was because I didnt know which files contained inside there were altered when you clicked send and entered the password.

I didnt know if all changes took place inside the wallet.dat or maybe some other files were altered inside appdata when it tried to broadcast when out of sync, and that would be needed on the internet connected machine.

Thanks for explaining I will not get 12 words when creating a electrum wallet from a priv key from core.

I have been reading on reddit and just got told so many ways to spend half of an old core wallet securely that I got confused.
The easiest way seemed to me to do it by just copying over to a machine that never experienced me typing my pass into it.

But as you noticed it has 2 major issues

1. . Biggest issue is needing to copy updated information post broadcast back to the offline machine so that for future transactions it is able to correctly spend the remaining funds.

A key logger could get inside this and get back on the offline machine.

2  . They could grab the wallet.dat from the internet connected machine with the private keys inside and crack it open their end.

So this isnt a good solution.

 

The Bitcoin AppData directory contains the wallet files. So, yes. If you expose that directory in an Internet connected computer, you introduce some risk.

Why would you just transfer the signed transaction to the Internet connected computer? You don't need to transfer the AppData.

Isn't that enough of a reason? 

You need to study more on how it works. If you import separate private keys in Electrum, you don't have a seed phrase for back up. Only if you create an Electrum wallet, you get a seed phrase. You can't import a separate private key in such a wallet, because creating a new one means it is deterministic (and therefore, all private keys have a connection, so they can be derived by a single seed phrase).

Thank you very much for the guide with tails and all of the links.

I'm going to go for the technique you describe. I'm just learning how to verify pgp signatures at this stage.
The links you provided are very helpful.

I know I'm pressing reply button  but I just mean can any person comment as you dont personally have time to just answer endless questions from novice users I know that.

Just for my own curiosity and accumulation of new knowledge

Can anyone explain to me a couple of things I dont currently understand.

1  .

 if you send a tx from a bitcoin core wallet that is not synced up from a laptop that has no internet connection then close the core qt and copy that bitcoin app data folder to an internet connected machine and install bitcoin core.
Is the private key (from the offline laptop) ever directly exposed in a useable way on the internet connected laptop to broadcast that tx that was sent from the out of sync offline wallet?

I mean I know the private keys will be on there inside wallet.dat but without cracking the password would the private keys ever be exposed

To maybe ask this question differently -

If I sent a tx from an encrypted  bitcoin core wallet.dat that wasnt synced up and my machine ran out of battery before it could sync and send.

If the laptop was then stolen and he took out my internal ssd scanned it and noticed there was a bitcoin folder in the appdata folder.
What is the worst he could do right up until he broke the password?

If he loaded it into his own laptop and synced up core ( using my appdata folder) then would my original tx spend and that would be it, he has to crack the password before he can send more coins?:


Let me say again I will not use this method because I can see this person helping me is an expert.

But I just wanted to understand other than cracking the password what could go wrong?
Most uxto based pos alt coins like black coin or peer coin seem to hold their wallets on a live internet connected machine to stake and gain rewards. They are unlocked for staking only but presumably they are 24/7 and their private keys are only protected by the password encrypting their private keys in their wallet.dat

I'm trying to understand where the attack points are.


2. .

When you import a bitcoin core private key into an offline electrum wallet or rather create an electrum offline wallet using the private key from dumpprivatekey on bitcoin core.

Then you get the xpub and send the internet connected machine so you can create psbt.

Imagine you make some tx in this way.

Is it best to

A keep the old core wallet.dat
keep a record of the private key
Keep a record of the 12 words from the electrum wallet.


3. .

I finally also found a new guide to the descriptors technique

It looks almost as simple as doing a command listdescriptors and choosing 2 different ones and then pasting those results into a command saying import descriptors in a online descriptor wallet. Then you can make psbt tx like electrum.

Am I correct in thinking that so long as you 0.1 btc is all stored on one wallet address then so long as you always have that private key you can restore you funds ? Because I see people saying they messed up inputs /change and all kinds of things and then their private key didnt seem to have all the info required or their tx got stuck forever.


4. .

Lastly when people say if your cold wallet ever makes a spend even via airgapped  electrum or descriptors core technique then it can be hacked and you need a new wallet. Something about a supercomputer can more likely reverse engineer your private key if you ever use it to make a spend. Or even if you receive on a cold wallet address more than 1x.  Not that small holders would be the first use of super computer owning hackers I would imagine.

Do they mean you need to make a new entire wallet.dat and get a new password to protect it,  or can you simply generate a new address inside your original wallet.dat and now use that as a cold storage. Are new Waller addresses generated inside the same wallet.dat bound together so all become poisoned by a spend on 1 of them?


I know here on this forum most people are technically trained and know what they are doing but those that are not familiar to computers and things like that should probably try to understand how it all works as best as possible

Is this even the correct part of the forum or is this mostly for experts to talk about complicated stuff.
Is there a beginners sub section for total novice questions about wallets and things or a known reddit sub.

If you don't feel like you've got the technical parts involved in Bitcoin Core, then I suggest you to migrate to either Sparrow or Electrum, both of which are excellent for having cold storage and are fairly simple to setup (and understand what you're doing along the way).

Your setup will look like this:

- Offline laptop will have Electrum or Sparrow (only for signing).
- Online laptop will run Electrum or Sparrow and connect to full node that runs on the same device.

---

In fact, judging by your experimenting ideas below, I strongly recommend you to follow my advice, or you risk losing coins. And by the way, in case you think this is airgapped or "cold storage", this is not. If your private keys are held in an Internet connected computer, it is a hot wallet.


Do me a favor, and follow this. This should be your airgapped environment. An Internet disconnected, Tails running computer.

Thanks for your help.

Yes. Laptop 1 was once used to receive my bitcoin a couple of years ago. But since then has stayed offline. Has v21

Laptop 2 is connected to the internet but only for the purpose now of broadcasting my spending tx.
Will have V23 or can just keep v21.

I was just confused how to sign the offline tx on the airgapped laptop 1.

I was told that since I'm not technical and seem unable to understand the descriptor process or making a manual raw tx.

Then my only other way was to simply send (signed, where I type my wallet passphrase in) as normal with core unsynced on latop1 then close v21 down.

Copy then entire bitcoin folder over to laptop 2 which is connected to the internet and when it syncs up it will broadcast the tx
So although my keys will be on laptop 2 which is connected to the internet they are actually encrypted by my password that I dont need to enter because the tx was signed on the air gapped laptop 1 unsynced wallet.

The only problem with this easier way is that now the airgapped laptop can not sign any further tx in the future  until I update its blockchain to later date that the spend takes place. So in theory I will need to later copy the synced appdata file back from the internet connected laptop to the airgapped laptop.

I just wanted to check there are no big issues with this way.

I was thinking about sweeping to an electrum wallet and using the watch only psbt guide.
But if I can do this with core just have to copy over the appdata bitcoin folder and no programming with the bitcoin core console instructions. Then I'll stick with bitcoin core.

I'll work out the safest way to get the updated bitcoin folder back over to the airgapped machine in a few years when I may need to spend the last 0.005. I suppose this is the most risky part.

Thanks for the help. I see what you mean laptop 1 isnt a real cold wallet because it has been on the internet to receive the btc a couple of years ago.

If you think it's going to work I'll give it a try.

Edit. Also I'm not sure if I just need to copy the wallet.dat or the entire bitcoin folder over from airgapped to internet connected machine for the tx to be sent? 

Has anyone else used this method for a little bit of extra security over just sending straight from a hot wallet?

I suppose this just stops you from having to enter your password that encrypts your priv key on an internet connected machine.  So give some extra security.

How can the laptop be offline and synchronize with the network simultaneously?

What's your setup, exactly? Is it a laptop that is sometimes online and syncing, and others offline for signing transactions only?

Based on the following, I assume you have two computers; one for signing only (airgapped), and the other Internet connected, holding your watch-only wallet:

So v23.0 as a full node, and v0.21.x for signing only. I don't see why this wouldn't work. Sounds good.

Hi folks.

I'm wondering what to do.

I have an old core wallet.dat with bitcoin core v 21
This is stored on an old laptop that was only used to receive my bitcoin and been offline since.
There is under 0.1 btc which I know is a small amount compared with some.
I wanted to spend 0.05 without brining this laptop online.
I looked at an electrum watching wallet method but I was hoping I can do this with sticking to the core wallet.

I was thinking of going this route and wanted to know if it would actually work.

The offline  laptop actually uses an external drive plugged with usb to store bitcoin full chain (at the time of recieve), wallet.dat. So bitcoin core 21 installed to external ssd never used for anything else.

Now I could install core V23 and try these descriptor instructions but I feel I could mess that up and I would like to not add anything new to the offline laptop if possible.

Would this work since I know I've never made any other tx with this wallet?
Can I just spend 0.05 on the unsynced offline wallet only unlocking to sign on the offline wallet so only expose the password there?
Then shut core down  and then copy over this bitcoin appdata folder to a hot that can sync up and broadcast from the hot wallet?

I know that sounds like a lot of hassle, but I really I dont mind time consuming stuff rather than doing something more technical like using descriptors which I think I would get wrong.

To later spend the remaining 0.05 bitcoin then I would need to copy and updated bitcoin appdata file via usb to the offline wallet before trying to spend since the inputs and outputs will have changed ?

Is this a crude attempt to cold spend that would work the first time but for future spends opens up some strong vulnerabilities? With having to copy files to the offline machine.

Is a wallet.dat that is strongly encrypted with a 30+ character pass thought of as vulnerable? Especially if online for just a few seconds to broadcast? Then laptop shut down once again.

A lot of pos coins are constantly online to produce rewards ?
I just want to know is that reasonably safe?

I dont want to get a hardware wallet at this time because I've used core before and have not had an issue.

Are there any other ways with core to cold spend that are not pretty technical.
Someone tried to explain making a raw manual tx but it was confusing and actually I didnt understand it at all.

I was advised to use V23 on the internet connected wallet but just stick with V21 on the offline laptop and it should still work?
I appreciate a lot of people will think just send it over this amount but I do want to reduce the chances of getting hacked if possible.

If this very insecure I will just wait and try to learn another way.

Thank you for some advice.