Reddit Posts
What is considered the best bitcoin-only airgapped hardware wallet that uses QR codes to sign txns instead of a SD card like coldcard?
Can the BitBox02 show a wrong seedphrase (BIP 39 wordlist)?
Top 3 Undervalued Gems on BNB Chain To Watch Out For in 2024
Driving me crazy!! Bitcoin core / Sparrow wallet connectivity issues, cant figure it out!!
Guys, after assembling my seedsigner, can I use the same components and use Raspbian on another micro SD?
How to use AirGap vault to turn a spare phone into a cold wallet.
Cyber security guide: A few ways to figure out if a crypto tool is legit (vetting Wallet Guard app)
Received Steem, SP, and SD but Have No Idea What to Do With It
Multisig 2 of 3: Once set up can I repurpose my HWWs?
What is the biggest risk for your Bitcoin security according to you?
[Serious] so, I have a good use case for "web3.0" after having a very annoying experience with Amazon Prime...
My Dream Hardware Wallet (it doesn't exist yet)
Comparison of Hardware Wallets (Conclusions After My 5 Hour Evaluation)
Coldcard SD backup question and Keystone multisig issue
Stable coin hearing ! Framework on Stablecoins !
Is it safe to store my Bitcoin in my cellphone? I use the bitcoin wallet and I have multiple copys saved in SD cards, even if someone hacks in my cellphone they won't be able to get my key because of my password right? Some advice?
Call to action: Bills are currently being rushed through committee in MANY states that would redefine money, such that Crypto currency is excluded, and the way is paved for CBDCs to take their place. CBDCs are bad enough, but if Crypto is not allowed as a valid form of money, we're screwed
How do you protect your crypto?
SD Governor Urges 20 States to Block Legislation That Bans Crypto's Use as Money — Says 'Its a Threat to Our Freedom'
One click WalletConnect instant dapp sign-in on a DIY open source Ethereum/L2s raspberryPi hardware wallet. Build it yourself, no coding skills needed. Swappable SD cards for multiple air-gapped private keys. Complete autonomy.
Multi-vendor Multi-sig + Sparrow Wallet: One of, if not the best, self-sovereign solutions to self-custody
An Achilles heel of the Cryptocurrency
For what it's worth, these are the bitcoin wallets I recommend depending on your level of knowledge. Do whatever you want with this information.
Recommending that the only way to use and hold bitcoin is via an airgapped laptop or via a narrow spectrum of hardware wallets is counter productive.
buying a second hand Raspberry PI with SSD attached.
Bipartisan Senators have introduced a new bill to classify Bitcoin and Ethereum as "Digital Commodities", under CFTC's jurisdiction and away from the SEC. Here is a look at the Digital Commodities Consumer Protection Act
Bipartisan Senators have introduced a new bill to classify Bitcoin and Ethereum as "Digital Commodities", under CFTC's jurisdiction and away from the SEC. Here is a look at the Digital Commodities Consumer Protection Act
Is this a mistake posted on Amazon?? This is a metal card used for seed phrase backup. It's supposed to be no-tech device but it's description says it stores 1GB Storage and uses Micro SD. WTF?!
Question about running my own node. It’s a set and forget or I need to personally verify everything?
Two critical weaknesses of hardware wallets you need to consider
Looking for some hard-to-find answers regarding cold storage and safety
| Sia Doge | Next Doge Coin Launching Soon With Huge Marketing Budget | Could Be Next MoonShot |
| Speed Doge | Fair Launch In Few Minutes | The most talked about cryptocurrency in the BSC space, is paying out more $DOGE then anyone else . Not only does this project have the HYPE but it has the ecosystem to back it up |
Buy the new Razer Blade 17 and pay with Crypto to get 3% off!
Buy the new Razer Blade 17 and pay with Bitcoin to get 3% off!
so my dad might have done Bitcoin back when it started...
If you missed out on $Doge you must read this! - Superman Doge is coming to Metis Andromeda!! Just Launched |
If you missed out on $Doge you must read this! - Superman Doge is coming to Metis Andromeda!! Fair Launch In Few Minutes |
| Shiba Driver | Just Launched | Low Mcap | Could Be A Good Gem | Based Dev |
This Project Will Rise To The Shiba Driver Coin / $SD | Fair Launch In 5 Minutes | Next 100x Gem |
Let me introduce you to SmartDefi and the Project: WISE INU
Let me introduce you to Wise Inu on SmartDefi
$ Just Launched •=> Strong Dog <=• Low Tax | We Are Ready For Being A Legend In BSC $ | Lp Locked | Transparent And Experienced Team | Website Soon | We Are Ready For Being A Legend In BSC $
~=> StrongDog <=~ Launcing in 5 minutes | Low Tax | Website Soon | LP Locked | Take Your Place In The SpaceRocket To Moon
Launching in 45 min | Strong Dog | Website is soon! |LP Lock Before Launch | Marketing and Influencer proposals soons!
Strong Dog | Launching in 1 hours | LP Lock Before Launch | Website is soon! | Marketing and Influencer proposals soons!
Russians prepping for SWIFT lockout like
How Russians will handle SWIFT lockout - BITCOIN EDITION
Swift Doge $SD | Just Launched | Low Mcap | Safu Dev | Audit| Lp locked | Experienced Marketer | Huge Marketing budget |
Swift Doge $SD | Fair Launch In 10 minutes | Safu Dev | Audit| Lp locked | Experienced Marketer | Huge Marketing budget |
Hawaii's Chance to deal with Crypto hangs in the balance
Smart Inu! First dog on the block built on SmartDeFi technology! Learn more about SmartDeFi!
StarDust | Staking Started Right Now | Only $360k MC | Big Marketing Plan This Week! Yahoo Finance Articel, PooCoin Banner and More! | Top Gainer on CMC & CG Next Days! | 10x-20x This Week!
StarDust🌟 Staking Start Sunday ✅ Only $160k MC 📈 Marketing Start Today! 🚀 Top Gainer on CMC Tomorrow! 🚀 10x-30x This Weekend 📈
StarDust🌟 NFT + SD Token 👉 Biggest Giveaway Ever! 🎁
🍭SugarDaddy 🍬 Launch in 5 min | Join to our TG now or cry later! | Initial liquidity: 25 BNB | No dev/team wallet
🍭SugarDaddy 🍬 Launching in 45 min / Join to our TG and enjoy! don't miss this launch, the best project in the bsc launching now!
🍭SugarDaddy 🍬 Fairlaunch in 1 hour | Good marketing plans after launch | Active community on TG with futures sugar daddy!
Potential for crypto rewards in gaming tournaments?
🍭SugarDaddy 🍬 Launching in 2 hours without presale before! | No dev/team wallet, ownership renounced, liquidity locked, join to our TG!
🍭SugarDaddy 🍬 Fair launch in 3 hours | Don't miss this GEM in the BSC, Initial liquidity: 25 BNB
Mentions
Nearly everything you said is wrong. >The philosophy (and protocol) of bitcoin was designed to be very secure and run on general purpose hardware and software. Do not use general [general purpose hardware ](https://airgapcomputer.com/ for Bitcoin. Obviously you *can* but for the average person (or even an advanced user, see Luke Dashjr being hacked) it's a terrible idea. >manufactured by a recent startup enterprise CoinKite has been a company since 2011. Trezor since 2013. Ledger (not recommended) in 2014. >needs to interact with some website that's proprietary No good hardware wallet needs to be matched with proprietary website/software. CoinKite literally has no software because of the threat that could pose. >A hardware wallet marketed by a private enterprise is basically saying to you "we will custody your funds and let you spend it. Trust us". They are all very young startups. Absurdly wrong for the good companies. >Use a real airgap that you can see. Clearly you've never used a ColdCard via micro SD card. >Hardware wallets are sometime promoted on the basis that they have a "small attack surface". That is exactly the reason they will be attacked (because they are only used for storing money). Sure, if the attacker can find it. Ledgers Donjon unit is constantly test attacking hardware wallets - it's not easy at all. >Hardware wallets do not promote the bitcoin philosophy in the least. What >You cannot know who created it Yes I can >who supplied you it Yes I can >who updated the firmware it's downloading Yes I can because I am updating it myself >even if your postman is in on a scam ColdCards ship in tamper-evudent packaging >or the box packers in their warehouse If you install new, verified firmware this risk is lessened. >Contrary to what is promoted by many, you can never tell if a hardware wallet is genuine. Yes I can. And because I am generating my own seed it kind of doesn't matter. >It's the exact same thing as when people say "not your keys, not your coins". That thing is connected to the internet whether you like it or not. It's plugged into your "hot" machine. You cannot see the airgap. I can easily see the airgap. Seriously, [watch a video](https://youtu.be/985bAPKUAV4?si=giVQGNKeQxMgEpKQ)on how a ColdCard works. My hardware device has never been attached to an Internet connected device ever. *Some* hardware wallets are not good at all. Way too many people use garbage like Tangem for example, which actually does fit much of your description. But overall, a good hardware device is by far the better option for new users. Good choices: ColdCard Q, ColdCard Mk4, Jade, Trezor Safe BitBox02. Pair with Sparrow or Nunchuk, not the proprietary software (if any) offered by those companies.
Unprecedented defilement of the constitution but hey at least he's living up to the border issue that doesn't really impact most Americans and is largely just fearmongering. [Didn't Obama actually deport more illegals than Trump?](https://docs.house.gov/meetings/GO/GO00/20200109/110349/HHRG-116-GO00-20200109-SD007.pdf)
Seed phrase on Locked PDF in An Anonymously named File on hidden Micro SD. Keep the PDF password stored on separate device. For more security have 2 Micro SD And for ULTRA SUPER MAX Security keep your mouth FUCKING SHUT and DONT FUCKING LOSE THEM.
I did not expect to receive so many reactions, thank you for your inputs! I just redid the process and here is what it looks like: \-export Electrum wallet from Coldcard to SD Card and import Json file to Electrum \-open the old wallet (using the private seed) in Sparrow (this was compromising that seed but the intention was to empty it anyways) \-copy bc1 addresses from Electrum and paste it under "pay to" in Sparrow \-check that the funds arrived correctly in Electrum Then when I exported the Electrum wallet again from the Coldcard and imported the json file to Electrum, the addresses were different. I did not created any new seed either in Sparrow nor Electrum. Does that make more sense?
I did not expect to receive so many reactions, thank you all for your inputs! I just redid the process and here is what I did: \-Export Electrum wallet from Coldcard to SD Card and import the json file to Electrum. \-Open the old wallet (using the private seed) in Sparrow. (this was compromising that seed but the plan was to empty it anyways) \-Copy the bc1 addresses from Electrum and paste it under send to in Sparrow. \-Check that the funds arrived correctly in Electrum. Then when I exported the Electrum wallet again from the Coldcard and imported the json file to Electrum, the addresses were different. I did not create any new wallet either in Sparrow or Electrum. Does that make it easier to understand?
What do you mean by first vote ever though. Bitcoin reserve legislation is voted on and dead in OK, MT, ND, PA, SD, and WY. I’m not anti Bitcoin, just wondered what you meant by first vote ever. You mean first vote ever for OK? In that case yes. Shit, people need to learn and stop voting with fear about things they don’t understand yet. But whatever
During setup cold wallets usually generate your seed phrase (your private keys) 2. You can then encrypts and store the backup on the microSD card. 3. If your device for example gets lost or damaged you can restore your wallet using that microSD backup together with your password (if you set one) that is. Why it's safe: The file on the SD card is encrypted, so no one can read it without your cold wallet and password.
How did your seed words get on to an SD card?
In before people coming here to say that you compromised your seed with the SD card and CNC machine. (I don't know if you did or not but it seems plausible)
Jade is still super solid. I have both and use both. I prefer the Jade Plus because of the bigger screen and the buttons instead of rocker. I do like being able to flash the Jade Plus via SD card so it is actually fully air-gapped.
The video posted is of the original Jade (still a great device) which can be used fully air-gapped via QR code but firmware updates require physical connection via USB. In order to be fully air-gapped I'd recommend you go with the Jade Plus and also get their Jade Link drive which allows for firmware flashing (and PSBT signing) via SD card. There are probably a hundred tutorials on YouTube for any hardware wallet you are interested in.
Ideally you would accomplish this by creating a psbt (partially signed bitcoin transaction) and using an SD card to complete the transaction on a computer. This is called an air gapped device where the wallet never gets plugged into a computer which minimizes and attack vectors for hackers to try and insert themselves into the transaction and potentially steal your holding. Anything easy like a “cold wallet” that has an app for your phone is not good for substantial long term holdings. Ideally you would get a BTC only wallet that has fully open source code and is air gapped. Search that on YouTube and you will find plenty of more in depth explanations
When Apple turns their Phone screen from HD to SD you don't say: >That’s a harsh take You say: B*tch *ss M****f**** why did you reduce the screen resolution? We already had better. >The core model is still solid, and the promise of peer-to-peer is still there It is not. It was specifically limited to not be p2p cash. The company that got venture capital money that was involved doing that sells you a federated L2 these days. No, the p2p dream is dead on BTC. And the sooner everyone gets that the sooner we can search for real solutions.
>A USB stick or SD card is not "plastic crap" and may contain very important or sentimental stuff. Yes they are, and if they contain anything you think is valuable, it's because you fucked up. So it's still your fault.
A USB stick or SD card is not "plastic crap" and may contain very important or sentimental stuff.
Lol just no. A hidden seed phrase of like 24 words, maybe split, buried, hidden in cryptic ways or hidden on a micro SD card the size of a fingernail with or without 25th word, how is all that an easier target than people carrying there physical wallets with cards and cash, diamonds, jewelery, watches, handbags.
> at the exchange level (Coinbase, Crypto(.)com etc.) your seed phrase and private keys are held by the exchange This is false. The exchange does not have any seed phrase or private keys connected to your account. At the exchange level, you have an account with a balance and a transaction history. Your account is not a wallet. The exchange has a wallet. There is no correlation between the exchange's wallet and your exchange account > you do not own the crypto you purchased True, because an exchange account is not a wallet > with a hot wallet (Exodus, Trust etc.) you have access to your seed phrase and private keys True > cold wallets (Ledge, Trezor, etc.) and how are they different than a hot wallet A cold wallet is a computer, with wallet software. It's just like a hot wallet, but never connects to the Internet > If you can use your seed phrase to gain access to your digital wallet from your cold wallet device doesn't that hashed seed phrase need to be stored online? No. Your seed phrase and private keys are only known to you and your wallet. A wallet is self-contained. None of its secrets are registered anywhere. That's a centralized view. Crypto systems are not centralized At this point, you and your friends can check your assumptions - they're thinking that the only way for your seed phrase to be unique is to register all seed phrases on a central registry. Bitcoin is much more innovative than that bad assumption. The seed phrase (and all the private keys derived from it) is unique by being derived from a very, very, very large random number. Brilliant! Yes? > do cold wallets store your crypto coins on them Some do, some do not. It's not necessary. But your next question is the important one ... > how does that get back to the block chain to record the movement of said crypto The user needs an on-line wallet app with a watching-only wallet. This software comes with the device - Ledger Live, Trezor Suite - or the user can choose a hardware-wallet compatible software app, like Electrum or Sparrow. As a watching-only wallet, it knows all the wallets addresses, and none of the secrets. This makes a transaction a 5-step process (two important steps, it's not complicated) * the watching-only wallet uses its transaction history, and the blockchain, to build an unsigned transaction * send the unsigned transaction to the cold wallet - by USB, or SD card, or QR image, or Bluetooth * the wallet device is a computer, with wallet software and all the wallet's keys and addresses. It signs the transaction using the appropriate keys * the wallet device sends the signed transaction (by USB, or SD card, or QR image, or Bluetooth) to the PC or phone running the watching-only wallet * the watching-only wallet app sends the transaction to a node, for inclusion in a near-future block > why a cold wallet is more secure than a hot wallet The cold wallet stores its keys and never exposes the keys to any network. The transaction process is split into two * make transaction * sign transaction And the signing is done on the cold wallet using the keys The on-line watching-only wallet has all the access it needs, because it knows all the wallet's addresses. Because it never does signatures, it never needs to see the keys
Yeah, actually it can. It is the definition of air-gapped. Classic can be used air-gapped via QR scan. Plus can be used air-gapped via QR scan and SD card. The Plus ability to update its firmware via SD card makes it the only truly fully air-gapped version of the Blockstream Jade.
The classic one does air-gapped transactions with QR codes as well. SD card can't really be considered completely air-gapped.
SD card air-gapped option only available on the Plus, otherwise fully agree. The bigger screen on the Plus is nice as well as the navigation buttons vs rocker. Both versions rock solid choices though for sure.
Might not be safe for most people but I have my private spend key on my SD card for my camera, the photo is taken in a messy room and you have to zoom into the mini laptop to see it
Updating air-gapped wallets is not difficult. You normally use an SD card to flash an update. You can also reset to factory, flash via USB connection, reset to factory, restore via recovery seed or QR seed.
It is trivial to update an air-gapped Jade Plus using an SD card. I'm sure the Cold Card is the same. Do you have any examples of air-gapped wallets that can't be updated easily?
Ha. Didn't think it would be possible to upgrade firmware without the jade link specifically but apparently you can. 👍 Instructions here for usb and SD. Fat32 apparently. https://help.blockstream.com/hc/en-us/articles/39525482532377-Perform-an-air-gapped-firmware-upgrade
Okay. Well you can use the standard Jade fully airgapped as well using the camera and QR codes. But for updating, you'll need to plug in the USB. Using a micro SD is not really considered airgapped though, as malware can still transfer from one device to the other.
The Blockstream Jade Plus hardware wallet supports the use of SD cards to facilitate fully air-gapped operations, enhancing the security of your Bitcoin transactions. Recommended SD Card Specifications: Type: Standard microSD cards are compatible with the Jade Plus. Capacity: While specific capacity requirements aren't detailed in the available information, using microSD cards with capacities between 2GB to 32GB is generally advisable for compatibility and performance. Speed Class: A Class 4 or higher speed rating should suffice, but opting for Class 10 or UHS-I cards can ensure faster data transfer and better performance. Additional Considerations: Formatting: Ensure the microSD card is formatted to the FAT32 file system, as this is commonly supported by hardware wallets. Brand Reliability: Choosing reputable brands like SanDisk, Kingston, or Samsung can enhance reliability and reduce the risk of data corruption.
There is a version of the firmware that permanently disabled the Bluetooth radio which I recommend you use. One less attack surface. If it's a Plus, you can update it air-gapped using an SD card.
The original can also be used air-gapped with QR scanning. The Plus also supports SD card PSBT signing which the original Jade doesn't.
I have both the old and the new. The Jade Plus is worth the upgrade for the screen size and resolution improvement, the button vs rocker wheel navigation and the increased camera function. The Plus also supports SD card PSTB signing for another air-gapped signing option which the original Jade doesn't. The original Jade is still rock solid though.
I would. Particularly if I was iOS. It is without a doubt I think the best choice for iOS. iOS choices are limited. The device has to have Bluetooth. I am android. If I was to need another wallet then it would be a choice between the new Jade and bitbox02. Not an option for iOS. But because I'm android and have a jade already then I'd probably get the bitbox02. It seems a better build quality. Easier to use and just that little bit sexier. It also has the choice of BTC only or all coin versions. It includes micro SD seed backup if you want to use it that way. I think it's the ever slightly better choice for me if I was to get another. Both top tier though. And bitbox02 doesn't work on iOS.
If this was printed in PLA, it is a definite no. 3D printed PLA will warp if left in a warm car. If you \_must\_ do this, here is the absolutely safest method I can think of (short of buying a new computer) 1. Build an open source 3D printer with parts from different vendors, preferably an older model that doesn’t have any parts that connect to the internet. * if you want this to be credit card sized, get a .25mm nozzle and some ASA to print it in 2. Once the firmware is installed, if the printer was ever connected to the internet, disconnect it 3. Download a virtual machine on your computer (Ubuntu should be fine) 4. In the virtual machine, download blender and orca slicer 5. Disconnect your computer from the internet 6. Model the seed card in blender, using the sculpting tools to write the seed phrase. 7. Import the model into orca slicer, slice it, and save the gcode to an sd card 8. Print from the sd card (using the aforementioned ASA, if only so you will actually be able to read it) 9. Verify that the seed phrase card is readable and has the correct seed phrase 10. Factory reset your printer’s firmware and reformat the sd card using your virtual machine 11. Destroy your virtual machine (do not back up any files onto your computer) 12. Destroy the SD card and controller board of your printer
My fear is that the wallet software doesn't need to be compromised. A simple "file watcher" malware is all that is needed, and monitoring an SD card for file changes with is dead simple, and almost every program on the computer has access to the file system. I found that the Trezor T and Blockstream Jade do not show the "change address" during the confirmation. The ColdCard Q does.
Well SD, "Stable Diffusion" can be locally run with Automatic111 for example, and SDXL can produce decent results and is highly customizable. Like this for example: [https://imgur.com/a/NPfPixm](https://imgur.com/a/NPfPixm) It can be a bit tough to get into though. Otherwise there are others like DALL-E 3 or Midjourney for example that have good quality. I'm sure there are others.
Now that I've read the post again, it stings knowing they didn't put that gold in the SD and sell it through there and hold the loot and turn it into BTC. Oh well.
Remember floppy disks? Would you rather store your data on those, or an SD card? Bitcoin will not stay, nor will any technology over time.
It appears the SD card they sent me is corrupted. Do you happen to know if I can go to the store and get any 32gb MicroSD to get this going?
Im in SD CA. There is a Coinhub ATM at a Silverado's Liquor store in Poway CA.Its REALLY no KYC ! Just use any name and a burner phone. There are daily amt limits but the Store's owner is cool and its a great little store
You connect your SD card to your computer. Then you "flash" the Umbrel software to your SD card and then put the SD in your RP5. There are youtube videos that show you how to
It's been a while but I had to flash the software on a SD card and put it on my raspberry pi 5.
Using an SD card for PSBT (Partially Signed Bitcoin Transactions) is considered an air-gapped method because it avoids direct network connections, such as USB, Bluetooth, or Wi-Fi, which could expose the device to malware or remote attacks. The Jade classic does not support air-gapped SD card usage.
The regular Jade also has a camera for airgapped transactions... Using a SD card is not really airgapped.
I have the Jade and the Jade Plus. They are basically identical except for overall size, screen size and resolution, and the Jade Plus has the ability to be fully air gapped using an SD card and/or camera functionality. Watched a lot of Cold Card tutorials and they have all of the same features as the Jade. They have a traditional secure element I believe whereas the Jade does not. Jade uses the Blind Oracle to simulate a secure element. The Cold Card probably has a few very advanced features that the Jade doesn't and is multiple times more expensive depending on the model of each being compared. The mk4 has to have an external power source to operate, like a SeedSigner. Irritating in my opinion. The Q is about the size of an old BlackBerry and basically identical in form factor as far as I can tell. As a beginner I'd say Jade Plus all day. Does everything you need and is supported by any wallet you could possibly encounter. I'd recommend Sparrow on the desktop and Blockstream Green or Nunchuk for mobile.
Just so you know, I was able to get a new Nav SD for my car for 30 bucks on Amazon.
Sources: * Legiscan: [https://legiscan.com/SD/text/HB1202/id/3090725](https://legiscan.com/SD/text/HB1202/id/3090725) * Bitcoin Magazine Tweet: [https://x.com/BitcoinMagazine/status/1893322679408542189](https://x.com/BitcoinMagazine/status/1893322679408542189)
Stamped into a titanium plate in my fire proof safe bolted to the floor as with my backup Micro SD card. One other copy with a trusted family member with another backup SD and just the words written on paper. In a sealed envelope which as only open in the event of my death. Both include detailed instructions on how to access the wallet if I die.
Just Google Cana Kit or search for it on Amazon. They have a ton of different options. The default setup will not let you set it up “headless” but before you write the OS to the micro SD card there is an option to enable SSH. Just google instructions for this to, it’s very easy. Once it’s on and plugged into your network you can just SSH into it and you never have to hook up a monitor or keyboard. Lots of SSH software for free I like Putty. The first time you turn it on your router will DHCP it an IP address. I would look this up in your router and change it to a static IP address. Then reboot the machine. Now just SSH into that IP and boom you get the login screen. I already have a Linux server for media and backups etc. so this wasn’t a huge learning curve for me but I am sure there are tons of YouTube videos on the topic that will run it down step by step.
The Jade Plus can absolutely be used fully air-gapped, including firmware updates. SD card firmware updates were not possible with the Jade classic.
Yeah, it's the air-gapped portion that sets Cold Card, Jade, SeedSigner and a few others apart from Trezor for me. But always a trade-off. Using an air-gapped wallet can be done in different ways like the Blind Oracle provided PIN option for an initialized Jade. You are giving some trust to Blockstream, dealing with having to launch their PIN site or having to run your own instance. It gets around the non-open source secure element problem but introduces these other things. You can use each of these devices as a temporary signer but then you are dealing with having to manually enter your seed phrases every time you want to sign a transaction which is a massive PITA or you are relying on QR codes that you have to manually create and then keep up with. They are on paper and you have to have them readily available if you spend from that particular wallet. Or you can use SD card functionality but then you are going back and forth with the drive and it introduces a chance that malicious things can manipulate the data on the card. Trezor makes great wallets but the necessity of having to physically connect them to a phone or PC is a trade-off.
My experience is with the Trezor One so my understanding of the Trezor line may be limited. Didn't know later Trezor devices had QR, NFC or SD Card capabilities if that is the situation.
Yes, you can continue to use electrum with a hardware wallet, and it can be your one-stop-shop that you need to interact with that device. Ledger, Trezor, ColdCard; electrum is compatible with all of them and I believe most others. However electrum will not be generating the seed. The hardware wallet will generate the seed, and then produce a Watch Only Wallet, or a Master Public Key. Electrum will be able to read this data and show you your hardware wallet addresses and balances, the same as it would look when you have a seed on that machine. But when you go to create a transaction in this setup, it won't sign it (because it doesn't have the keys). Instead it will generate an unsigned transaction. You can then use your hardware wallet to sign the transaction, and electrum can broadcast that signed transaction. The exact mechanism for signing the transaction depends on your hardware wallet. A Trezor One would need to be plugged into the machine with electrum, you'd put in your pin, and the trezor would sign the transaction and send it back to electrum and broadcast it. For a ColdCard, electrum can produce the unsigned transaction as a file, which you'd put on the SD card for the ColdCard, go through the signing process on the ColdCard, which produces a signed transaction as another file, which electrum can open and broadcast.
> I still have to import and export the address to a hot wallet on a computer that is signed with the seed phrase on the device and transferred with a usb?? Usually the hardware wallet device is connected to a computer in order to copypaste addresses for receiving and sending of coins, yes. Keep in mind the hardware wallet is designed so that the private key never leaves the hardware wallet device, so connecting it to a computer is usually considered safe. But there are also ways to do this without connecting to a computer directly (QR codes, SD cards and whatnot), if you really want to be extra cautious.
We always do this.... Cold Card, Blockstream Jade (plus) and Trezor. Those are the gold standards. Each has their own trade-offs. If you are completely out of your mind psycho, go Cold Card. If you want the middle ground for air gapped with SD card and or QR, go Jade (can also go the PIN blind Oracle route). Trezor (Bitcoin only load) if you want simple old school open source dependable USB connected cold storage. I'd say tapsigner if you want to play with NFC. Not Tangem because fuck shitcoin support. For interfacing you will go with Sparrow for desktop, Blue wallet, Nunchuk or Blockstream Green for mobile. Anything else is mostly just noise. How'd I do guys? Can we just get a sticky at this point?
Why would you have that much money on a single hard drive? Even my small fish ass has two micro SD backups (in separate locations) and my seed phrase on a titanium plate. Just so fucking stupid!
Done it several times. I use Bitbox 2.0 and I also have the seed on a micro SD as a back up.
Appreciate everyone's input. Firstly, its important to note the term defense-in-depth or layers of protection. Practically all cybersecurity models follow this layered approach to protection and are based on defense-in-depth to shield the most important information from attack by requiring significant effort to reach the protected asset(s) (Bitcoin). This means the more security measures you can add the more you can protect your valuables. Obviously a practical trade off not making it too difficult for the lay person. To remind what is Airgapping it is the practice of isolating a device from any network connections—whether wired or wireless—to ensure that its sensitive data (like Bitcoin private keys) is completely cut off from potential remote attacks. In essence, an airgapped device never connects to the internet or any external network, making it much harder for hackers to access or compromise the data stored within it. With that in mind, you want to eliminate as many attack vectors (ways to get into your cybercastle) as possible in your security journey. Airgap adds an **extra** layer by isolating potential vulnerabilities from your PC to the cold wallet. Imagine your Bitcoin security as a fortified kingdom or castle with multiple layers of defense: * **The Moat (Airgap):** Think of the moat as the critical layer that isolates your castle from the outside world. Just as a deep, wide moat prevents invaders from easily reaching the castle walls, an airgapped device is kept offline to block remote attackers from accessing your private keys. The moat is the first line of defense, ensuring that no direct connection (or “bridge”) exists between your sensitive data and the hostile online environment. * **The Castle (Secure Storage):** Within the safety of the moat lies the castle, which houses your kingdom’s most prized treasure—your Bitcoin keys. The castle represents your secure offline device. Its thick stone walls and locked gates are akin to the robust security measures you employ to safeguard your private keys, ensuring that even if someone reaches the outer defenses, they still cannot penetrate the inner sanctum. * **The Trusted Messenger (SD Card Signing Process):** In order to communicate with the outside world (for example, to sign a transaction), you rely on a trusted messenger. This messenger is analogous to the SD card used in a cold wallet process ie coldcard. Instead of allowing direct communication that could bridge the moat, the messenger carries sealed, tamper-evident messages from the kingdom (your online environment) to the castle (your airgapped device). Even if an adversary lurks outside, the secure messenger ensures that only authentic and unaltered information reaches the castle. * **Layered Security in Action:** * **Moat:** Keeps your device completely isolated from online threats. * **Castle:** Provides a secure, fortified location where your keys are stored safely. * **Messenger:** Facilitates essential communication (like signing transactions) without exposing the castle to external risks. **Conclusion** Using this layered defense—a moat that isolates your sensitive environment, a castle that securely holds your keys, and a trusted messenger that carefully transfers necessary data—you create a robust security system. Even if parts of the kingdom (or the online world) are compromised, the critical assets inside remain protected behind multiple, well-designed barriers. PS. analogy helped by gpt (HBG) This is a part of the full picture, to get to a place that you can be at peace with securing your digital assets and cybersecurity. Theres more attach vectors than folks realise... best of luck.
Yes, you are correct, I haven't planned for updates. I honestly prefer to work with an always disconnected device with an older version of the Electrum app rather than re-hooking the wifi module and update it. I don't see this as a long term solution but as I keep changing phones (\~every 2-3 years) I will have updated hardware to work with. I am assuming that the app will keep being compatible with the newer pc version for signing offline, which is fairly safe assumption considering that their only interface is the QR code. I will look into the DIY Jade though, sounds like a cool solution. My idea is that once I use my seed on my device once, I should never for any reason re-attach that device to the any other physical device or network, so that automatically discard any possibility for firmware updates. I was checking the Jade air-gapped firmware update procedure though, I want to see if there is any vulnerability in that procedure. At a first glance, it seems a solid procedure but potential re-use of the USB pen or SD card could be exploited to extract the seed.
In crypto? Of course you can. That is the entire point of it! If it was gold bars, I'd agree. But it's a few dollars worth of SD cards, USB sticks, etc and some scribbled numbers, and you can hide those anywhere. You can even get special encrypted usb devices to store your wallet offline.
It was about time! Now I hope he gets some sort of compensation too. 
Live yes. You can definitely rent a 1 bedroom apartment on Newport Beach or the nicest neighborhoods in San Diego for $2,200-$2,800 a month. If you’re talking about owning/buying a home? GL. Average home price in SD is over 1 Mil. The nicer neighborhoods like La Jolla, La Costa, Encinitas, Del Mar? You’d be lucky finding anything decent under 2mil.
>If a virus can enter your hardware wallet through a cable then it can also be embedded in a QR code Or via an SD card, which is my preferred method. But it becomes a bit more challenging to do so undetected, especially if you don't use wallet software made by the hardware wallet company.
[https://youtu.be/04F4xlWSFh0?si=UGZ6kmWGa1SD8-57](https://youtu.be/04F4xlWSFh0?si=UGZ6kmWGa1SD8-57)
You can propose that horses are citizens in SD too… you can propose anything…
At the end of last month, the 200WMA for Bitty was 42,974, +1 SD at 62,560. We'll see where it sits after today, but 3 weeks into January it stood at 43,839, +1 SD 64,953.
All mine is on a missing SD card I mined with little usb asic chips on my og raspberry pi
SOUTH DAKOTA Bitcoin Bills! SD Introduced two Bitcoin bills today: 1) HB 1202: Permitting the State to invest in Bitcoin 2) HCR 6006: Urging the State Investment Council to invest in Bitcoin https://x.com/julian__fahrer/status/1885046356517282270?s=46&t=ihVglVXC0BQSbw6j57EoaA
That's true, an airgapped wallet can have a dark skippy type attack. I think I saw your presentation at Baltic Honeybadger a few years ago. I was thinking more along the lines of a malicious firmware update pushed out by the manufacturer if you're using their native wallet on desktop (like Trezor Suite or Ledger Live). I see no reason why it couldn't swipe your seed. An airgapped hardware wallet you could install new updates via SD card.
You're going to lose that, unless there's a new SD card inside it. I've had Hdd, SSD, SD, USB drive die on me I'm traumatized. Good thing you only need the key phrase to recover BTC, it's going to be pen and paper for me. Lightly coded.
Nope. In order to send a transaction you will need to sign on a mini SD card and transmit the transaction via a software wallet (like sparrow). Technically you can receive without a software wallet but it makes it much easier to see your addresses if you use something like sparrow.
Use multisig, 2 vendors and create the seedphrase by hand. Also use HW wallets without usb connection to the pc but either QR codes or SD card.
Not necessarily true. There are hardware wallets that can sign a transaction, and that transaction can be exported to an SD card, which can then be connected to an online device for broadcast. The wallet itself can be used in a way such that it is *never* connected to an online device. This is called air gapping. Yes, we're a paranoid bunch.
How would you physically buy bitcoin in 2009. Dodgy Bank transfers and SD cards?
When you initialize a BitBox02, the secure chip will generate your seed. Depending on the options you selected, it’ll either silently create a backup on the micro SD, or will display the words that make up your seed phrase. Based on your description, sounds like you picked the micro SD backup while you were setting up and then displayed your seed for transcription after the fact. That’s perfectly normal. A passphrase is not your seed phrase. It adds to your seed phrase to create a completely different wallet. BitBox02 is defaulted with optional passphrase disabled. You can search the support page for the step-by-step on how to enable it. When it’s enabled, the device will prompt for an optional passphrase as soon as you unlock with your password. If you want your base wallet, confirm blank - otherwise enter your passphrase and get to your passphrase wallet
Or you can use a qr code on jade or s micro SD on bitbox02. Or just pin protect your device so they have 3 chances to guess out of 10 million options before it resets anyway. And of course they then have to crack the passphrase as well. Added security? Yes. If the hacker guesses your pin. And then your passphrase. Likely? Not at all. Is it worthwhile added security for extra hassle? Not for me. Just pin protection and ask for passphrase every time is sufficient I think.
Even when it was only on your SD card, some program may have read it and write on your HDD/SSD, you never know. Never sell without removing all hard drives
If you have already the raspberry pi, the SSD and a micro SD in umbrel web you have the step by step to follow, if I was able to do it anyone can, really
So much wrong information. Make sure you have file vault on. It encrypts your computer storage. Then use the system settings to erase all data. This will remove the key needed for decryption. Done, you can give away your computer and you said all data was on SD card only so all temporary copies, if any, will be gone too. PS: if file vault was off you need to wait until it finished encrypting all data.
If you are sure it was only on SD card then you dont need to worry. But you can use DBAN to wipe your drives before you give it away.
Congrats to all the holders, it has been easier than I expected. We were right, we won! 
Fake tooth with micro SD. Mouldable Fake tooth "pearls" - $20 Micro SD - $10 international freedom - priceless. Alternatively. Get a book from a second hand shop with lots of notes in it. School comprehension books work great. Spread out your seed words randomly throughout the book. Make a note of the page numbers for the seed phrase in order. Write those page numbers in an email to yourself, or a Google sheet called something like "expenses" with the page numbers in place of actual amounts. You can spread it across multiple services to prevent exposure. Email drafts, WhatsApps to yourself, Google docs. When you're in a safe place, reconstruct the seed. When you're safe, you can reconstruct
I put an SD card inside a 5 cent coin I have in my wallet.
12 words are enough. TailsOS on an air gapped USB is a viable option. The key security detail is securely generating and storing your multi sig seed phrases. You can indeed generate them securely with TailsOS on air gapped USB. The advantage of Jade or ColdCard is the secure element that stores the encrypted seed. TailsOS on USB lacks this feature. ColdCard Q has even removed the USB cable and replaced with an SD chip chipping away at a security vector I did not previously know existed. Security is all about trade offs. You are on the right track for sure.
Can you not pin protect it? If you're worried you can reset it after every use so that you need to re-enter the seed phrase every time. Probably not hard with the SD card. But pin protect and good passphrase should both auto reset your bitbox02 if there are any brute force attempts on your pin or passphrase. You'd need to read the specific details on bitbox02 page. Not sure how exactly bitbox02 approaches this.
Yes, with the backup SD-Card or your seed phrase
Also jade. But would get a bitbox02 if I could justify it or my jade breaks. Jade is great. Bitbox02 is just sexier and sleeker and uses micro SD instead of QR. I think I'd prefer that But as I say. Jade is great and brilliant value so no plans on branching out yet.
Honestly I read into the first paragraph and stopped. There's no way for an airgapped device to be hacked. There is if you connect it to a computer. The odds of this happening are up for debate but if you're serious about securing your life savings you'd never take the risk of connecting a hardware wallet to a computer OR plugging an SD card into your hardware wallet, or using the NFC function for that matter. The coldcard Q allows you to send and receive from QR codes and PSBTs. Whether or not the QR codes themselves are a risk I don't know, but I doubt it, as I've built QR generators in the past and the amount of data they can hold is small. It just seems like an unnecessary risk to not use an airgap. To each their own though, we're all still trusting the manufacturers devices to some degree.
I've got jade. And definitely great value and has great properties. The bitbox02 is definitely sexier though. But jade is definitely an excellent choice too. I quite like the camera and qr code functionality. And I like the SD card on the bitbox02. Both great and jade definitely cheaper.
You can have multiple wallets on the SD cards and load up whichever you want. The only risk of a hack is losing your keys/seed. The wallet itself isn't a point of failure. By all means have multiple wallets but this one device is safe to access them all.
Ledger is probably totally safe. But if you're buying a new wallet there are wallets that on paper are safer. Open source and BTC only are considerations. If I had my time again then I'd get bitbox02. Great machine and reasonably priced. What I have is a cheaper blockstream jade. Also open source and BTC only. Great value. However the bitbox02 is much sexier and allows you to back up wallets on SD cards. If love one but can't justify it. To be honest I only use it a few times a year so happy enough with my cheap and secure blockstream jade.
Bitbox02 is regarded as one of the best HW wallets. Not quite cold card but much cheaper. Open source and has BTC only option. Easy to use. Micro SD backup if you want it. And a couple of black Friday deals started today. If I had my time again then it would definitely be my choice. I've got a blockstream jade. Also very good and excellent value.
I'd get the bitbox02 when it goes on sale tomorrow. Lovely thing. BTC only. Open source. Micro SD backup. Too notch security. Cheaper option would be the block stream jade with camera for qr code seed backup and air gapped transactions. Open source. BTC only. Not your options I know but thought I'd add a couple to the mix. Don't know how much the bitbox02 will be reduced tomorrow but my first choice.
Probably not. But no harm in it either as long as your safe. For me two is the minimum so I can have them in different locations. If I had the SD card I'd add that too just because it is so convenient to load onto the device. Great if you have more than one wallet to access them quickly on your device.
1. I use both PC and phone app 2. I didn't use the SD card
This sub is full of very very bad advice. When it comes to security, it's almost only bad advice with good advice downvoted deeply. If you can find posts here and other subs of people who lost their bitcoin, you will find its always people running windows. Hardware wallets just don't matter at all. There is no secure computing environment other than a Linux. And yes, if you want to use 2 Linux Machines, you can make a sneakernet cold storage with an SD card (not usb)
Yeah because if you look back, you’re going to be like me with my Canon camera complete with case, strap, extra battery and SD card I bought off OverStock.com for around $600 in BTC back in 2017. Fast forward to 2024 and I use my phone pretty much exclusively for pics and the camera is relatively worthless. Bitcoin was about $3,500 when I bought the camera. Most expensive f’ing camera 📷ever.
Well, first of all the company is a piece of shit. I had a bad unit and they refused to give me a refund on it. The plastic is super cheap making the SD card not fit inside. The NFC tap to sign feature does not work. They refuse to admit that it doesn’t work. I tried on multiple iOS devices and android devices. It’s completely unusable. The product itself is complicated and my wife who does not do bitcoin very much it’s very difficult for her to use it. They update the firmware sometimes and then you completely have to reset the device. I had a Mark three device that I had to completely re-enter the seed phrase on because there was a software bug preventing the device from signing any transactions. They just keep releasing new products because they don’t want to support their old shitty stuff. The do-it-yourself seed signer is a far superior product. The foundation passport is also a far superior product. So I will never buy coinkite card again. Plus, they’re in Canada so if you have any issues with the product, you have to ship it internationally. Plus, they won’t even accept any refunds or exchanges. I hope the CEO reads this and fucking fix some stuff.
The Coldcard devices usually come with the latest firmware. So you might not have to update it for a long time. I think the main risk there would be compromised firmware and not so much compromised SD card hardware or filesystems with some sort of exploit. I think with air gapped they mainly mean no USB connection needed. You should be able to do everything via files on the SD card, NFC or QR codes (Coldcard Q)
Bitbox02 would be my choice. Micro SD seed phrase back up. BTC only. Open source. Not too expensive.
Don't use general purpose computers (or accessories like SD cards) to store private key material.