Topic: Signed raw transaction (Read 474 times)

It's valid solution, but complicated and risky (since you expose the private key).

It's easier and safer if you use Electrum to send whole Bitcoin to address generated by Bitcoin Core with 1 sat/vbyte fee. Obviously there are fee concern if you have many input (especially if each input hold small amount of Bitcoin) & privacy concern if you have many address for many usage.

No.
As mentioned earlier in this thread:


You might import all the private keys, as mentioned by NotATether.
However, this is not comparable to actually importing and using a BIP39 mnemonic code.

You can't directly import BIP39 seeds because support for that hasn't been implemented, however you can import it into another wallet, have it generate a bunch of addresses, export the private keys of them all and then import them into Bitcoin Core.

For example, using Electrum, after you import your BIP39 seed you'd go to Wallet > Private Keys > Export and then type a name for the file which it will dump all the private keys in, one key per line.

Then you make a new Bitcoin Core wallet and in its console you would type "importprivkey " for each private key.

Is there any way to import a BIP39 seed to bitcoin core?

This is a very good advise! It will be just hard to explain to newbies.
From my own experience, I would definitely do something similar (sign a raw transaction and save it offline or online) just for an extra safety precaution if for some reason I can't access my wallet any more.

Is the original query still up?
In Bitcoin Core, adding walletbroadcast=0 to your bitcoin.conf file will enable you to create wallet transactions without sending it to your own mempool.

If you use the GUI, simply create a transaction using the send tab but when you click "send", it wont be sent to the network or even your mempool (the transaction will have a Status: 0/unconfirmed, not in memory pool).
Then you can use "Right-click->Copy raw transaction" on the particular transaction to get its signed RAW transaction.

In Bitcoin-cli, sendto will simply create a transaction but wont send it to your mempool; but since it's in the wallet, you can use gettransaction to get its signed raw transaction.

Read the bolded part

Thanks, will try it out.

You can use IanColeman.io to try it (of course only do this online to see how it works, not to create private keys you're going to use):
12 words: plunge snow gorilla wool help income mom kitten volcano warm top girl
First address: 15Q9XKiYX4RZhNLdKYt894o1zguyhufoPZ

Now add BIP39 Passphrase: \q?mpN[!\4`LA5w*
First address: 19mYSjt1VaiGpTop31uEMWJFYbW76MCRJ3

Without the password, the same 12 words lead to different addresses.

Correct.



Correct.
Bitcoin core does not have BIP39 (mnemonic codes) implemented.
While it still creates hierarchical deterministic wallets (BIP32), it does not create a mnemonic code to back it up. The keys have to be backed up by either backing up the master private key or the wallet file.

Understood. And basically, from Seed1, the thief will never find out that I also have a Seed2.
As far as I know, the BIP39 mnemonic is not working yet on bitcoin core, right?

Not sure I understand this. If someone finds my 12 words but not my passphrase, he can see I have a smaller balance than the reality? I have 10 BTC, and without the password, someone sees I only have 0.1 BTC?

It works by basically deriving two different seeds:

Mnemonic Code -> Seed1
Mnemonic Code + passphrase -> Seed2

Seed1 is here used for small amounts. Enough funds to let the thief be happy, while only being a small portion of your total wealth.
Seed2 derives other private keys. These are used to store the majority of your wealth.


It basically allows you to have a "hidden wallet".
Without the passphrase, there is no way to know whether there is such a "hidden wallet".
Any passphrase can be used to derive new seeds. But only the correct one will derive the seed which is being used to derive the private keys for holding the majority of funds.

You can set a password (for instance in Electrum) to extend the mnemonic. So with just 12 words, you'll find your daily spending money worth 2 pizzas. But if you add your own password to the 12 words, you'll get your hodlings worth 2 airplanes.

Of course, your life is more important than your funds. No matter if it is private key or a signed tx, a robber would easily find out how much do you own and if he wants to take this from you... well there is not too much you can do.


Not sure how the BIP39 passphrase protected mnemonic code would not reveal your balance. Care to explain this? Thank you.

I'm not sure.
If someone wants to rob you, it probably doesn't matter whether you have the private key with you or a signed tx which shows how much money you own.

There are 2 cases:
1) If you have the private keys with you, he steals your money
2) If you don't but the burglar sees how much money you own, he might kidnap you if the amount is high enough. And if the amount is pretty low, well then losing this wouldn't matter at all and the whole setup wouldn't be required.

So in the end it might come down to what is more valuable to you: Your money or your health.

So, i'd say this question is not as easy to answer as you might think.


However, having a menmonic code with you, which is protected by a BIP39 passphrase might be a better option here.
The thief would take your mnemonic code and steal all the low amounts of BTC from the wallet. Without the password however, he will never access the large sum of BTC. You lose a little bit of money but don't get kidnapped.




Same applies to a BIP39 passphrase protected mnemonic code. He sees there are only a few bucks, takes or leaves them and you are free. He won't know how much you own. And you saved the majority of your funds.

With your approach.. if he sees the signed transaction, he knows how much money there is. Might be worth to kidnap someone.
And if the signed tx is stored on a 3rd party server, then the user has to rely on them.. And you'd be no longer in the mindset of "don't trust, verify".

Let's forget the 3rd party for now. Do we agree on one thing? If you want to protect against being robbed, it is safer to store 3-4 different signed transactions than to store the private key of wallet / address. Right or wrong?
Of course, you still need to somehow have access to all backup addresses (by storing the private keys of all backup addresses). But, if for some reason someone steals from you the private keys of the backup wallets and he doesn't know you are wealthy, he will probably check the balance, see it is 0 and will go away throwing it, thinking that this was just a test wallet and the probability of receiving funds later to this address are close to 0.

Regarding 1), you can't protect against everything.
If you forgot the locations where you stored the mnemonic code, you might as well forget how the service (your service) is called. Or that exchanges exist. Or you might even forgot that bitcoin exists.
That's a bad argument IMO.

For 2), that's what a N-out-of-M scheme is for. You might have a 4-out-of-7 scheme. Or a 2-out-of-5 or whatever.





Another problem with your approach is, that the user will depend on your 3rd party service.

Given that a user follows what you describe, after not having any possibility to access his coins, he relies on only your 3rd party service to broadcast that signed transaction.
The whole setup allows you to blackmail the user following your advices.

While the user could save the signed transactions himself, the user you are targeting with such a service probably doesn't even know what a signed transaction is.
Even without blackmailing, he relies on you not losing the signed tx.

Moving from proper risk management to relying on a 3rd party is... not how it is supposed to work.

IMHO, the best scenario is to keep the seed phrase in your head / mind, this way, it can't be stolen.
And, if for some reason, you forgot the seed phrase (or a wallet.dat passphrase), you can simply run the already signed transaction that will broadcast your funds to another address you control (and possibly have the keys somewhere else, not in your mind... ), or have it with a third party where you can KYC yourself and get back your funds.

Of course you should not, this was probably an extreme advise that should definitely not be followed by newbies. But if you setup 5 wallets / addresses: wallet A, B, C, D, E and you keep everything on wallet A, (B, C, D, E being all empty wallets) and you sign 4 different transactions to send all balance on wallet A to B, C, D, E (just save, not broadcast it), then you should simply take care of private keys of 4 empty wallets (B, C, D, E). Noone can rob you in this case. And, if you lose (or destroy) private keys of wallet A, you simply broadcast the transaction to any of the other wallets.


You do not need to rely on third party services, this is totally optional. You can keep all the signed raw transactions yourself, you can run your own node and verify every hour if the signed raw transaction is not invalidated and take action every time is needed.
Just think about this way:
a) what can I do if I somehow find the private key of your non-empty wallet (wallet A)? I can send all your funds, wherever I want, right? and you find this out only after all your funds are gone, right?
b) what can I do if I somehow find one of your previously signed transactions? the only thing I can do is to move your funds from your wallet A to one of your other wallets (B, C, D, E) and as soon as this is done you get instantly notified by wallet B that you received funds and you can immediately move away funds from there just to be save.

Which one of the above 2 scenarios are safer in your opinion? a or b?