Re: How to move coins with good privacy from Bitcoin Core in an airgap laptop setup?
You can add the address in question as watched addresses in an online wallet, then from that online wallet you can create a PSBT to spend the coins.
The PSBT can be brought to an offline computer, which has the private keys but no copy of the blockchain... and it can sign it. Once signed, you can bring the result back online and transmit it. (Ideally over TOR).
I think there is GUI support for PSBT now but I've only used it from the console myself now-- someone else will have to chime in there. But I don't think you should be too afraid to use the console/command-line. It looks a little more intimidating but its really the same steps and its usually easier to search for help about a text interface.
I know several people who use a procedure like this without trouble.
You could practice doing it via testnet, which uses all the same software.
As far as breaking the connection on your coins-- that's a harder question. You'd like to break the link to protect your identity, but the problem is that in doing so you might accidentally end up with coins whose history appears connected to something dubious and thereby attract attention to yourself that you wanted to avoid.
As far as wallet compatibility goes, fortunately there is no danger from the wallet: keep your original copy safe. The worst that happens is that things don't work and you have some bug to report.
In any case, the biggest risk with any kind of manual transaction processing is accidentally turning your coins into fees usually due to a failure to understand that input coins that don't get given an output are implicitly fees. Segwit and taproot outputs require the signer to sign the fees-- making things closer to fool proof, but your txouts are obviously not going to be segwit due to the age, so you should be sure to triple check that the amount of outputs adds up to the amount of the inputs minus the fees you intend. If you don't understand this warning do not transmit a manually created transaction until you do understand it.
The nice thing about a manual transaction flow is that you'll have the untransmitted transaction 'in hand' to review for as long as you want before you transmit it (or even bring it online). You could show it to a friend or family member, or sleep on it to review the next day-- and I know people who do both of these things.
I suspect that one reason that there is a lack of tutorials is that publishing your coin handling practices is not ideal from a security perspective. But I hope my post gives you confidence in that the general idea you have is correct and is in use by people, and if you put some effort into implementing it you will eventually be successful.
The PSBT can be brought to an offline computer, which has the private keys but no copy of the blockchain... and it can sign it. Once signed, you can bring the result back online and transmit it. (Ideally over TOR).
I think there is GUI support for PSBT now but I've only used it from the console myself now-- someone else will have to chime in there. But I don't think you should be too afraid to use the console/command-line. It looks a little more intimidating but its really the same steps and its usually easier to search for help about a text interface.
I know several people who use a procedure like this without trouble.
You could practice doing it via testnet, which uses all the same software.
As far as breaking the connection on your coins-- that's a harder question. You'd like to break the link to protect your identity, but the problem is that in doing so you might accidentally end up with coins whose history appears connected to something dubious and thereby attract attention to yourself that you wanted to avoid.
As far as wallet compatibility goes, fortunately there is no danger from the wallet: keep your original copy safe. The worst that happens is that things don't work and you have some bug to report.
In any case, the biggest risk with any kind of manual transaction processing is accidentally turning your coins into fees usually due to a failure to understand that input coins that don't get given an output are implicitly fees. Segwit and taproot outputs require the signer to sign the fees-- making things closer to fool proof, but your txouts are obviously not going to be segwit due to the age, so you should be sure to triple check that the amount of outputs adds up to the amount of the inputs minus the fees you intend. If you don't understand this warning do not transmit a manually created transaction until you do understand it.
The nice thing about a manual transaction flow is that you'll have the untransmitted transaction 'in hand' to review for as long as you want before you transmit it (or even bring it online). You could show it to a friend or family member, or sleep on it to review the next day-- and I know people who do both of these things.
I suspect that one reason that there is a lack of tutorials is that publishing your coin handling practices is not ideal from a security perspective. But I hope my post gives you confidence in that the general idea you have is correct and is in use by people, and if you put some effort into implementing it you will eventually be successful.
Thanks. The thing about manually crafting the transaction with the console command is that I will probably screw up in the process somewhere. I think it's safer if I use Coin Control and simply click on coins I want to move. Im assuming I will be able to use PSBT with Coin Control window. I have not tested this yet, but im assuming that once you click on the make PSBT thing, you will be prompted with something and in this step you could use the Coin Control window hopefully, and if I understood correctly I will have to add enough that the transaction covers the fee. Last time I made a transaction with Core, it used to let you select an address where it would pick coins to cover the fee. So this process should all be available to do but to generate the PSBT file. If someone could confirm this? I will do with testnet first.
Of course another security measure is moving the PSBT file. How would one move this file safely? USB could be tampered with. Maybe in a rewritable CD? sounds like it would lower this risk.
About anonymizing the coins, like you said, it is a problem since I don't see how to do this properly. It is clear to me that you want to break the trace of your coins. Let's say you have here a public address and receive coins. Then you pay to someone, they are able to search this address and now they know it was you, but if you mix, you could received tainted coins... so im not sure what are you supposed to do here. This is why I have never been confident using BTC for payments, and just hold it. But at some point you want to spend it, it's just that it doesn't seem that great privacy wise.
As far as wallet compatibility goes, fortunately there is no danger from the wallet: keep your original copy safe. The worst that happens is that things don't work and you have some bug to report.
gmaxwell's post is pretty much all you need, but I 'd like to add emphasis on the quoted text, as it has saved me in the past.
Anything you do, when you mess with wallets and core, just make sure to do it on duplicate of the original wallet. Or, in simpler terms, backup your wallet before doing anything.
But im also going to need to understand how to use some sort of mixing service because otherwise you don't get any privacy doing this, as well as use Tor or a VPN or something to broadcast if you want additional privacy, and the mixing service must not increase risk that you are shuffling through tainted coins, because if you get some tainted coins, pay someone and then this someone goes into a centralized exchange to deposit the coins and he gets told that these coins are tainted, then he will point to the previous owner (you) and if you paid in person or somewhere where they know your details (like to rent an airBNB or something) then you would be in problems.
You 've posted this argument in the past.
I respect your opinion, but I will repeat again, that just like you 'd never ask anyone who paid you in cash how they received the bank notes, you wouldn't also ask how they received the bitcoins.
There is no such thing as tainted bitcoins, it's pure non-sense and it's Bitcoin's worst enemy as of today.
I 'll do something I really don't like, I 'll quote myself
Decide wisely who the "enemy" is. If you are worried that you own coins from illegal activities, let me tell you that anyone potentially owns this kind of coins, even if we use coinjoins.
It is not only me making this argument, gmaxwell pointed to this as well:
As far as breaking the connection on your coins-- that's a harder question. You'd like to break the link to protect your identity, but the problem is that in doing so you might accidentally end up with coins whose history appears connected to something dubious and thereby attract attention to yourself that you wanted to avoid.
Yes, If I pay someone to buy something from a p2p website, they are not going to ask, we will just do the transaction, and the product is sent or we meet in person and exchange the product for the bitcoin, or even paying an airBNB, or some other product. The problem here starts when this person sends the bitcoin that you send them in some sort of service that is using a coin analytics software, and then suppose that you mixed the coins and send it to them. Now they deposit this bitcoin in the service (like an exchange) and they get it blocked and asked about it, and they point to you as the person that sent this bitcoin to them. This is obviously a problem for you now, if they know who you are, which they will specially when you are hiring a service where you already let your dox like renting a place, paying for an hotel room and so on.