I've read this medium article, but I'm a bit confused about the second part (Funding & redeeming).
In the first part the author is doing everything right to keep everything on the offline laptop.
But then he suggests to copy the wallet.dat to an online computer?
For me this makes no sense. Why doing all those secure steps before to create a cold wallet and then just copy the wallet.dat to an online PC?
With this step the cold wallet instantly turn into a hot wallet. So what is the point here?
It does not matter for me, that the passphrase was never used so far.
In my understanding a cold wallet never touches a PC which is connected to any network.
He tries to justify his methodology here:In the first part the author is doing everything right to keep everything on the offline laptop.
But then he suggests to copy the wallet.dat to an online computer?
For me this makes no sense. Why doing all those secure steps before to create a cold wallet and then just copy the wallet.dat to an online PC?
With this step the cold wallet instantly turn into a hot wallet. So what is the point here?
It does not matter for me, that the passphrase was never used so far.
In my understanding a cold wallet never touches a PC which is connected to any network.
Quote
Note on cloud storage. You may think Im crazy by storing the wallet.dat file online where corporate overlords or the overreaching deep state agencies could potentially grab a copy, but there are a few factors that make me OK with this. First, I know myself and after a decent amount of time goes by there is definitely potential for me to lose the wallet files. But more importantly, it doesnt matter if my cloud provider or the gubbermint copies my wallet.dat file its encrypted. Assuming you used a decent passphrase with a high number of entropy bits (>120), it would take the worlds strongest supercomputers trillions of years to brute force, yes trillions of years. You could store the USB drive on a park bench and have no worries. Choose what is right for you.
Basically... as the wallet file is encrypted (hopefully with the 40+ char random password that has only ever been stored offline) it should be "fine" to have your wallet.dat on an online computer... or even cloud storage. I think the important point is the last one: "Choose what is right for you." You need to work out what your acceptable level of risk is and go with a method that fits that risk model.
In your case, that is a wallet.dat that never touches an online computer until you're wanting to redeem the coins... in the authors case... it is wallet.dat encryption is "bulletproof", I'll put the wallet.dat on cloud storage.
In my case... it's a hardware wallet
Hardware wallets are good for storing large amounts of unused money.
Among other things...Quote
Hardware wallet system also exists the possibility of virus, cause your wallet to be invaded!
No. As far as I'm aware, you can only flash the full firmware, which will effectively wipe the device... and unrecognised firmware should be flagged during the bootup sequence of the hardware wallet to indicate to the user that the device is not running officially signed firmware.Quote
If the hardware wallet is lost or damaged it will be difficult to repair!
While you may not be able to repair the device, you can recover your funds by using your "seed mnemonic" (aka backup words) and importing it into BIP39/BIP44 compatible wallets for the coins you need to recover.