Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Electrum
Topic OP
Which spending method from cold wallet is safest for a novice.
by
Joe-Bloggs
on 08/03/2024, 13:18:49 UTC
I started a specific thread for this idea only. To get critique from experts on a process to spend as safely with a cold wallet as you can.
Maybe other novices can use this thread after experienced users say it is going to work.

I'm a novice user trying to understand this but I see on reddit so many people wanting to achieve this. But they get stuck on setting up electrum servers or worrying about connecting to a malicious electrum node or set of nodes. Or stuck because their qr code is not large enough to contain the information from the psbt,  but they want to remain ice cold.

I want my cold wallet to remain 99.99% cold as possible.
No physical connection with usb or any input at all except my own typing or qr code at worst.
Output I prefer only QR code. No usb extraction if I can.
Would like to broadcast on my own bitcoin node if possible.

This could be ideal for when you get an issue where the qr code can not contain all the info from the psbt. Then you need to go usb but dont want to.
I'm not sure of any hardware wallets that you can import a priv key, and you dont trust hardware wallets maybe.

Option A -  perhaps could work out? Or a possible issue? How to select appropriate fee?

Forget psbt? Maybe this is easier if your qr is too large to work.

1.import private key to electrum airgapped
2. Look what address appears.
3. Set up electrum watching wallet for that address only  on other internet live machine see balance.
4. On airgapped wallet select spend but untick use new change address ( this is because if I'm not wrong the drawback with starting on an airgapped wallet is it doesnt update its memory of prior tx until you submit and it gets confirms which it cant do airgapped.
But at least getting all change to the same address. You can keep spending from this cold wallet until you know it is all used up. Or can you? Are uxto the same as addresses? Maybe even when change is issued to the same spending address. There can still be an issue starting a new spend from a cold wallet? This I dont know right now.  
5. Export the signed tx with qr code.

At this point nothing has been put on the cold machine only a qr code taken off from it.

6. Spend that qr code with the watch only electrum, or if want to spend on you own bitcoin full node see 7.
7. You have a qr code but electrum encodes it with some other format. Maybe to save space and pack more info. Or maybe to make sure electrum only can read this qr code. You can not easily see the hex code that you see if you save a signed.txn on a usb stick. To see this
Hex code you need to spend with bitcoin core. Some person made a website electrum43 to decode that signed tx QR code to hex format.
I am guessing there is a way that an electrum watch only wallet can scan this QR code and you can look at the hex version there and save to a usb or maybe you have that on your same machine with bitcoin core full node running.
8. I believe it is possible to spend that hex directly on bitcoin core wallet with a command like sendrawtransaction or some other command. If you can figure that out you could test the hex code from that QR code one time on your watch only electrum but dont submit. Then if looks good go to blockstream pushtx site and send from there at least their node would not be malicious but you lose privacy so use a burner phone if that is an issue you dont like.

All done.

*4 is seen as a little bit unsafe taking the security from 256bit to 160bit think I understood so not good for long term storage.
I think this can be maybe avoided by clicking save tx to history but I dont understand that enough to know how that stops a possible attempt at spending from uxto that maybe dont have sufficient funds in the future? I think it would work if you only ever used the cold wallet on that machine and not a different cold wallet with the same private key.

This is the tricky part to understand as to how you start a spend with a cold wallet not start with a psbt from a watch only.
The second part is the fees. I guess just look at the network congestion and put a good fee.

Is there any safer way for a novice to spend from a cold wallet or paper wallet where the qr codes cant contain all the information of the psbt from the watch only wallet?p
Are there issues with this process?

On the other hand so to speak

One expert did say this entire idea was a convoluted mess, and if you are happy to have change return to the same spend address. You can just spend and sign on an offline airgapped bitcoin core wallet and copy the hex over to spend on a synced up full node push with blockstream push tx. But he didnt have time to explain how get this hex off the airgapped machine without usb.

So can anyone give the critique of my plan. Or suggest a better way for when qr codes dont work.
Is starting a spend from the air gapped unsynced wallet always a bad idea that can cause issue with attempting to spend from uxto that are now empty? Should you always go with a psbt from a watch only?

Spending from a cold wallet seems a bit tricky fully airgapped for a novice when they hit this qr code space limit on the psbt.
Also spending signed qr code from electrum on core can be a bit tricky too due to it having to be decoded. But I expect the watch only can show that qr hex in some option.