SD

Realistic-Jelly8133

Leaking your xpubs only reduces your privacy, not your security. I have a multisig setup and opted to not store any in online/cloud storage. Instead I placed them in multiple different SD cards and physical paper and distributed them in different places. Many hardware wallets (I know coldcard specifically) will also serve as an xpub backup since all the xpubs are stored on the coldcard when you verify the wallet at its inception.

schwengelstinken

You could just add a battery to the Pis power supply and also just plug in your mouse/keyboard and screen to the Pi if there were any problems and you are unable to use SSH. OPs question was if a Pi 4 has enough hardware capacity in order to operate as BTC full node, not if there is some alternative. Idk what would be good about a Laptop standing around running 24/7 when it's not intended for permanent operation, in opposite to a Pi, which is small, has low energy consumption and noise emission and is built for 24/7 operation. If the Pis hardware is capable of running a full node. What connectivity out of the box? Most laptops wifi cards aren't even supported by most Linux distros and you have to install drivers and stuff manually or get an ehternet to usb adapter opposed to the Pis own raspbian distro made specifically for the Pi and it's onboard wifi capabilities. The only weak spot of the Pi is the micro SD Card used as main harddive but you could just get a USB to SATA or M.2 adapter, put an SSD into it and plug it into the Pis USB instead of the micro SD and you get a system cheaper, smaller and just as reliable as an old laptop that can be easily put in a small space where it doesn't disturb you.

Throataway2345

Use my referral code SD6L60

Normal-Jelly607

If the SD card is corrupted , lost or stolen, the worst thing that happens is you are locked out of your bitcoin forever

minhkhiemk

I hope you're not mistaken xpubs for seed phrases. If someone got the SD card the worse thing they can do is track how much money I have lol

Normal-Jelly607

So everything rests on a single SD card? Stupid move.

InHaUse

For me it's BitBox02 for a few reasons: 1. It's open source. 2. The company is headquartered in Switzerland which supports privacy, at least way more than most other governments. 3. You can make SD card backups. 4. It can store BTC, ETH, LTC, and a few others. 5. When I was researching which wallet to get, I came across some dubious/concerning info about Trezor which is why I picked the BitBox02. I keep by other short-term/swing holdings directly on Coinbase with a strong password and 2FA. If you're someone with a ton of coins and need everything to be on hardware wallet, your options are limited so probably Trezor would be best for you.

gizram84

> Coldcard lets you do an encrypted backup to an SD card. Yup. How does that get transported over the internet to an attacker? Lol. You really didn't think that through. Ledger leaked the seed over the internet. Completely different galaxy of attack vector. The Cold Card literally cannot, under any circumstances leak anything to anyone if you run it in the 9v battery mode.

0100000101101000

Coldcard lets you do an encrypted backup to an SD card. What the hell do you think that encrypted backup contains? ...it's the seed phrase which is exported from the device to the SD card. Pretty much every single hardware wallet has the functionality to do backups or export the seed in some way.

Situation_Little

I didn't know you could buy bitcoin back then, so I mined it back in 2014. It took me 2 years to mine one through Slush pool. I also mined ltc, darkcoin, doge, mooncoin, and many others. I sold my btc to pay off some debt and put the rest in my savings account. I still have my 90k doge and all of my other useless crypto in wallets on a SD card. I am glad I sold my btc when I did or I would of lost it to BLOCKFi like alot of people. I transferred my Dashcoin aka darkcoin, doge, moon, and ltc off that SD. I have my original amount of doge in my cold wallet, dash on an exchange, useless moon on Coinomi, and lost some ltc on Blockfi. I have severe diamond hands lol is Reddcoin or Namecoin still worth anything? I have those still as well.

paperraincoat

Sparrow imports your *public* keys from your Coldcard, with those, it can search the blockchain to list UTXOs, show a balance and create unsigned transactions.  Sparrow can craft a transaction, then write the unsigned transaction to a Micro SD card, unplug it, plug it in to Coldcard, and the Coldcard uses the *private* keys to create a new file on the SD card, a signed transaction.  Remove the SD card, plug it back into your computer and Sparrow can broadcast the transaction. 

BlissKeyper

The 'create transaction' button needs to be blue to initiate the SD card part of it. But thx so much for the follow up, I don't know what I did, but this morning it worked! :) All I gotta say is thank God for Reddit.. ya'll's questions really helped to keep me from bashing my head to the wall. ;)

safehodl

1. Possibly depending on the hardware wallet, most will only change their firmware if it's cryptographically signed by the wallet developer. 2. Again, depends on the hardware wallet, but most use a special chip for signing and the display for showing what is being signed. It would be difficult to compromise this with malware alone, likely it would require physical tampering with the device. 3. The problem with USB is you don't know what communication is occurring. If you use an SD card or QR code based signing this greatly limits the communication that can occur. TLDR - I recommend you use a Coldcard + Sparrow and only use the MicroSD for communication. If you want additional security consider a 2/3 multisig with 3 different kinds of hardware wallets.

riscten

Generally, the simplest yet safest way is to use an open source wallet that doesn't have wireless functionality (Bluetooth, NFC) or USB, or at peast that can have these features disabled, and works instead using QR codes or SD cards. Blockstream Jade, Seedsigner, Coldcard and Foundation Passport are the top contenders that I know of.

BOFPH

-- 1. Yes -- For maximum security you want the interaction between the cold wallet and the software wallet to be as simple as possible, so that you can monitor as much of it as you can. USB, Bluetooth and NFC are generally not the safest as there could be a ton of data going on over these channels that you don't see. With SD cards and QR codes it's easier to control what data gets transmitted. You won't necessarily be able to decipher what data is transmitted, but you'll at least know when data is being transmitted So the problem is that I can be hacked even by using the cold wallet. Because if my laptop is compromised I don't know it of course.

riscten

1. Yes 2. The hardware wallet doesn't connect to Internet through your PC. In fact it doesn't connect to the Internet at all. The job of a cold wallet is to keep your keys from ever being exposed to the Internet. You can always check the balance on your address by just looking it up on the blockchain (for instance by searching for your public address on mempool.space). When you want to spend from that address, you'll use wallet software (such as Sparrow or Nunchuk on your PC or phone). The software will generate a transaction from your address to the address you want to send the funds to. But then that transaction will be unsigned, meaning that it won't be accepted by the network (otherwise anyone would be able to send money from any address they want). That's where the cold wallet comes in. The transaction that was prepared by the wallet software is sent to the cold wallet, either via USB, Bluetooth, NFC, SD card or QR code. Then the cold wallet will sign the transaction using the private key it knows, and send back the signed transaction to the software wallet (again via USB, BT, etc). That's all the cold wallet does. Once the software wallet has the signed transaction, it can send it to the network, which will then move the coins. For maximum security you want the interaction between the cold wallet and the software wallet to be as simple as possible, so that you can monitor as much of it as you can. USB, Bluetooth and NFC are generally not the safest as there could be a ton of data going on over these channels that you don't see. With SD cards and QR codes it's easier to control what data gets transmitted. You won't necessarily be able to decipher what data is transmitted, but you'll at least know when data is being transmitted.

paperraincoat

I’ve only used limit orders on Coinbase then Coinbase Pro since 2014, works fine.  For hardware wallets, f you want a clean, simple interface and setup: Bitbox02. Get the ‘Bitcoin Only Edition’. Want something more robust, feature-rich, but a little trickier to learn: Coldcard Mk4. I really liked that I could create a transaction, put it on an SD card, plug the SD card into the Coldcard, sign it, then port the signed transaction back to my computer. I.e. ‘air gapped’, your keys never touch an Internet connected computer. I also liked being able to roll dice 100 times to generate a key. Last suggestion, hook them up to Sparrow Wallet rather than the native app. Maybe verify the PGP signatures if you're the paranoid type. Boom, you're good to go, even for six or seven figures of Bitcoin.

Big-Finding2976

I've got four of them because they were the only option when I bought them, and they're better than nothing, but operating them with two little buttons and a tiny screen isn't awesome at all. I just bought a Keystone 3 Pro for $92 with the discount code they give to Ledger owners, and that's awesome, with a big colour touch screen making it easy to operate, plus a camera for QR codes and an SD card port for offline signing.

Frogolocalypse

Yes. EDIT: In one of my past lives I was an electronics designer. I know what I could do with the tech of the day, and it was pretty awesome. But the types of [microcontrollers](https://dronebotworkshop.com/esp32-2024/) available today is mind blowing. Multiple cores, wifi, bluetooth, RAM... > Here is Espressif’s list of features for the ESP32-S3 Series: > > Xtensa® 32-bit LX7 dual-core processor that operates at up to 240 MHz > > 512 KB of SRAM and 384 KB of ROM on the chip, and SPI, Dual SPI, Quad SPI, Octal SPI, QPI, and OPI interfaces that allow connection to flash and external RAM > > Additional support for vector instructions in the MCU, which provides acceleration for neural network computing and signal processing workloads > > Peripherals include 45 programmable GPIOs, SPI, I2S, I2C, PWM, RMT, ADC and UART, SD/MMC host and TWAITM > > Reliable security features are ensured by RSA-based secure boot, AES-XTS-based flash encryption, the innovative digital signature, and the HMAC peripheral, “World Controller.”

Kloaec-

Airgap doesn't actually help for security, at least for normal people. (Sure, if you are an exchange or whatever, better airgap your cold storage. Very few do though!). The fact that we need animated QR for PSBTs and all defeats the purpose of QR: you (the user) have no clue about the amount of information, or what's in it. A malware would be in the 10kB, and a key extraction would fit one QR code. Airgap is a marketing argument i'm afraid! But hey, you can use SD card airgap with Liana, QR will probably come at some point. It's just not as useful as people think.

Kalastics

In like 2010 or 2011ish, I found out about the silk road and various other ""deepweb"" sites and was definitely not trying to buy drugs with it lol. I thought bitcoin was sort of interesting so I occasionally would just take a glance at it (had no idea about trading/etc at the time- my only understanding of bitcoin was ''untraceable currency", and watched as it went from 6 or 8 a coin to about 18ish before other things occupied my interest. I'm pretty sure I did use it for some sort of transactions though back in the day. If I'm not mistaken, I had to use bitcoin to purchase one of those cartridges for the DS you can load an SD card into and play homebrew games and ROMs from some Japanese website. I remember what drove me to purchase it was that the first leaked build of HeartGold in JP had found its way to the internet, and I had to get all up in that.

uwu2420

>Never going to happen. According to you. By the same logic, what's the point of open source, because the average person isn't reading the code anyways, right? >You know just as much as you would on a Ledger. A ledger uses the same process as a Keystone, but instead of transmitting data through a cable you do it through cameras. It's a cryptographic signature. Both devices have trust assumptions. Data can move through QR and you are not definitely not checking each scan. That is just false. How do you know when data is going across a USB cable or Bluetooth? Can you see it? I know exactly when data is being transmitted to my Keystone wallet, because I had to actively scan the QR code myself to do so. >Same trust applied to firmware upgrades on Keystone. You trust Keystone and you trust the method you use to transmit the upgrade. Keystone firmware upgrades are done by a file transmitted over a SD card, and the firmware contents are open source. Ledger firmware upgrades take place over an encrypted tunnel between the Ledger wallet and Ledger servers. You can't see the contents of the communications, and the firmware is closed source. Have you ever wondered why Ledger Live is required for the update, why there isn't a community upgrade tool or why you can't just download the updates as a zip file and apply it manually? You seem to be somewhat misinformed. >This comment doesn't even make sense. You are at the same risk of signing bad contracts with any hardware wallet. The risk is the contract itself. Nothing is getting swapped out in some NSA spy movie esk style. You see the contract address your signing and you blindly sign it, Please google "Ledger blind signing" and then get back to me. I acknowledge that signing a bad contract is still user risk (as I've already said a lot of times in this thread) but there have already been many examples of malware or stealers designed to swap out addresses. >because there is no way to perfectly virtualize the actions of every contract in a human readable way that can guarantee safety with every sign. [https://blowfish.xyz](https://blowfish.xyz) [https://docs.tenderly.co/simulations/guides/how-to-add-transaction-preview-to-a-rabby-wallet-using-tenderly-simulation-api](https://docs.tenderly.co/simulations/guides/how-to-add-transaction-preview-to-a-rabby-wallet-using-tenderly-simulation-api) >It also doesn't opensource the entire firmware. [https://github.com/KeystoneHQ/keystone3-firmware](https://github.com/KeystoneHQ/keystone3-firmware) Schematics: [https://github.com/KeystoneHQ/keystone3-firmware/tree/master/hardware](https://github.com/KeystoneHQ/keystone3-firmware/tree/master/hardware) >At any point data can be hidden in a QR. [https://github.com/KeystoneHQ/KeystoneQRVerifier](https://github.com/KeystoneHQ/KeystoneQRVerifier) >Out of the three popular options the open approach of Trezor, even with the breakable HW (I think improved in latest Safe 3 version. We'll see.), is still probably the safest option. Nothing wrong with Trezor. It's just a matter of opinion at that point. >If there was a mass exploit on funds secured by Ledger we'd be able to buy back our assets for next to nothing anyway. No worries! Fair enough

Horror-Badger9314

My first one bricked after an update, which sucks. Got another one 5 years ago and had no problem with it. Ledger is the leader in this industry so there are millions out there. Much more costumers doing shit with it and messing. After ledger I bought a Bitkey (not using it). Yesterday I got a Foundation Passport and it’s great (a little more difficult than ledger but I think it’s because I’m not used to it yet). Passport has a lot of extra features like seed at an encrypted SD protected by a password, wich is great for leaving a backup with someone you trust. And it never touch internet. But it’s BTC only.

john-larry

Ledger supports monero and there are many other hardware wallets that do. Wallet providers are not impacted by financial regulators since they don’t have access to the coins. If it is banned from the app store, you can always sideload the apps (though I doubt it will get removed). Probably the most secure setup is to have an airgapped PC with no WiFi capability and generate the wallet there. Use SD cards / QR code to transfer transactions to/from it for signing. You can use it with ledger. You just need to download the official Monero GUI, as it is not implemented in Ledger live. https://support.ledger.com/hc/en-us/articles/360006352934-Monero-XMR?docs=true

GoldenrodScript

Could you let me know what the secure note feature is like? I’m more or less thinking about getting his for that feature alone. I want to write some important notes and store them offline, ideally also exporting the notes to an SD card in case the device were to fail in the future. Would love to hear your thoughts on the notes feature 🫡

Moss_spade

for this usecase Microcomputer like Raspberry pi without connection is enough, after finishing your work , just destroy SD card or wipe it. Also micro SD card with raspberry image itself could be good place to hide encrypted file, less secure though.

castorfromtheva

SD backups is not the concept of the Jade, you only backup through manually created QRs or writing your words down. Other than that everything you mentioned is possible with the Jade as well.

According-Ad-2594

I like my jade as well. The only thing it is lacking for me is a micro SD slot but covers all other backup/transaction options I might need.

Rizzostacks

I love my passport by foundation devices. That paired with their envoy app. So smooth and Easy I didn’t even need to look at any tutorials, it’s self explanatory. It’s signs and verify with QR code. It’s stores a backup and does updates with a micro SD. You can create multiple wallets behind your seed phrase with a pass phrase easily. What more could you want?

FortyandLife2Go

My state of SD has 0% cap gains.

zorg621

Two secure elements, source viewable code, option to use completely offline via batteries, sign tx via SD card, QR code, or NFC, tons of on Device security features, the list goes on and on

puffman123

Several wallets are designed to use third party apps like seed signer and also passport, both are better products in my opinion. And my opinion is valuable, I own all of the most popular hardware wallet to have tested them. I in fact liked the Mark three so I purchased several mark four devices for a multi signature solution, and they did not work right including the NFC, tapping technology, the SD cards slots, not aligning, And not being user-friendly so it’s really not usable as a multi signature solution in my opinion. I contacted customer support and they declined to accept a refund or exchange. And I want others to know about this because they are very expensive devices.

AdCharming2406

So what you’re saying is the only TRULY irreplaceable thing is your seed phrase? I can buy another SD card, buy another ColdCard, etc. and still be good?

paperraincoat

if you want a clean, simple interface and setup: Bitbox02. Get the ‘Bitcoin Only Edition’. Want something more robust, feature-rich, but a little trickier to learn: Coldcard Mk4. I really liked that I could create a transaction, put it on an SD card, plug the SD card into the Coldcard, sign it, then port the signed transaction back to my computer. I.e. ‘air gapped’, your keys never touch an Internet connected computer. I also liked being able to roll dice 100 times to generate a key. Last suggestion, hook them up to Sparrow Wallet rather than the native app. Maybe verify the PGP signatures if you're the paranoid type. Boom, you're good to go, even for six or seven figures of Bitcoin.

puffman123

Well, number one because their quality control sucks. Often the SD card slot does not align with the cheap plastic enclosure that they use. The NFC technology does not work to sign bitcoin transactions so you cannot tap to sign like the advertise. They also have a no refund and no exchange policy so if you have a problem with the product, you will not get a refund. They are also in Keener making customer service and accountability. More difficult. The buttons are Insa in the product and are difficult to press. Processing speed for multi signature is slow. Their latest product with a qwerty keypad is not at all innovative at all. They just pay Youtubers and advertisers money so that they can get advertisement. I can keep going, but these are the main points.

Ready_Education5326

When mine came the bag had imperfections too, I contacted them and they told me about flashing the firmware. And again also the Paranoia Guide (actual name) provides you with multiple options for using open-source code tools to verify authenticity but it gets pretty technical. I think 'wiping the card clean' is a bit of a misnomer, it's not like an SD card. But go check out that paranoia guide and use some of the tools and it should give you piece of mind

JoePie4981

This is absolutely not true. I recently purchased an additional mk4 and the micro SD port was skewn by 8 degrees. I contacted customer support and within the day they sent a replacement while also apologizing for the inconvenience. Sorry if you had a bad experience but coinkite is still bitcoin in my books.

Striking_Celery5202

Yeah, that's an issue, I could setup a machine without connection to the internet to create the stls and then pass it via SD card to the printer and then delete the stl.

Pasukaru0

Malicious data can be sent over any connection. Direct or indirect. This includes QR and SD cards. So by your definition, there is cold storage unless you calculate everything without any digital device. And even then one could argue that the person is the medium for the connection. TLDR: Everyone can draw the line differently of what is considered cold storage.

riscten

Unless you're willing to flash your own open source firmware on the machine, you have no idea what it's doing. Don't trust, verify, remember? And verifying the firmware of something as complex as a laser engraver won't be that easy. On top of that, any microcontroller will need some sort of memory to process a job, and even if it's volatile, there are instances where the data can be extracted, even after shutdown. That's not even mentioning that the job itself could be retrieved from the USB drive or SD card, even after deletion. Sure, the QR code is encrypted, but that encryption is only as strong as the passcode. You better hope that passcode has over 70 bits of entropy (11 truly random characters including the usual upper, lower, numbers and symbols), otherwise someone will crack it with off-the-shelf or cloud-based hardware in a matter of months. And if the passcode has enough entropy, then the problem becomes "how do you store the passcode?". Another metal-engraved plate you bury in the backyard? My guess is that it's memorable and thus relatively easy to crack. That's a lot of attack vectors and unnecessary complexity when you can simply hand stamp the seed phrase.

Crappyhodler

It's not very difficult to check the capabilities of the machine for a persistent job cache. Almost all non super expensive industrial machines work from data on a USB drive or SD card. Also, the data on the qr is already encrypted, so someone capable to copy the code is not a big risk. that's the purpose of this post: testing the strength of such encryption. Speaking of that, I don't think an usd 100 bounty is enough incentive to any serious cracking attempt.

riscten

>I thought the hardware wallet doesn't store your bitcoin or private keys? It depends. *Stateless* HW wallets don't store your private keys *persistently*, meaning that they only store it in volatile memory (RAM) for the duration of a session, and when you reboot the device, they're gone and you have to type them back in. Stateful HW wallets (like Coldcard) store your private keys persistently in a secure element. You can think of the secure element as a tiny, isolated computer within the device, that has its own storage very limited processing power, and is tamper resistant. When you reboot a Coldcard, you don't need to re-enter your seed (although it can be configured to be stateless too and clear the seed on every shutdown) So really, all wallets store private keys. What varies is when they clear them from memory. The fundamental feature of a HW wallet is to isolate the keys from wider networks (like a LAN or the Internet). The job of a hardware wallet is to sign transactions without ever exposing the private keys to the outside world. A phone or desktop wallet cannot do this because the software is running on a general purpose OS that's exposed (or will be exposed) to various networks. If you run Electrum on macOS, you can have malware watching what the wallet is doing, or a keylogger waiting for you to type in a seed, or a plethora of other attack vectors. Even if you disconnect from the Internet, it can save the data and beam it to the mothership the moment you're back online. A well designed hardware wallet will have no networking features and be completely airgapped. The fact that they are simpler and separate devices also makes it easier to control what's running on there. You will (hopefully) never be tempted to install a YouTube downloader extension that comes packaged with malware on a hardware wallet. You just type in your seed, generate a transaction on a hot wallet, send the transaction to the cold (hw) wallet via QR codes or an SD card, have the cold wallet sign the transaction using your private key, then transfer the signed transaction back to the hot wallet, which will broadcast it to the network.

mutinomonem

For me it needs to be multisig multi vendor hardware wallets. Biggest risk for your mentioned setup is coinkite. And if you're "airgapping" with the same SD card from the same pc you use for day to day stuff.

TaintDoctor

If he doesn't save the seed or the backup, it doesn't matter which hardware wallet he breaks, he'd be in the same situation. Hopefully he saved the seed or the SD card backup that the bitbox allows you to make when generating a new wallet.

Revolutionary-Ebb-26

You're storing so much that you should use a multisig vault at this point. One black swan event at one of the banks and boom a third of your wealth is gone. Instead, have one multisig address signed perhaps with 3 keys (with 2 of 3 multisig for example), and keep each key and a backup of the wallet (the wallet decriptor aka output descriptor data -- maybe both as laminated QR code page and on an SD card) in each bank. You could also consider making 2 extra copies, one you keep at home and one you keep with a third party thats not a bank in your country.. something like unchained or casa or even a trusted family member/friend in another country. One downside here is if you are really trying to protect for all scenarios, if all the banks are in the same country, then the government could seize your bitcoin. Assuming you got it via KYC exchange, then they know you have it and then know what banks you use. So, in some worst case scenario the country may decide to seize all bitcoiner's assets and search their banks for keys. So at less convenience but greater security, again would be ideal to have the 3 keys in banks within 3 different countries.

Frogolocalypse

No it isn't actually. It's a hardware wallet. For something to be cold storage it the keys can't touch a networked computer. So if you plug your hardware wallet into a computer USB port, it isn't cold storage. Cold card offers this functionality by loading transactions to new signed on the device via an SD card.

Corbimos

Yes, Ubuntu is very easy to flash. Lots of videos out there. Simalir to bitcoin, Ubuntu is an open source project. It's free and the majority of bitcoin tools will run on that platform. Just make sure your hard drive is big enough to last as the timechain grows in size. 2TB should last you until the drive dies. Electrum server is great for privacy only if you are using tor. If you connect to someone else's electrum server on clear net, they can tell what information they are serving to you. If you have your own electrum server, you do get some added privacy since you run the server. If you run Bitcoin core and Sparrow wallet, your addresses end up being stored on the machine. if you use a HWW it is not your private key info, just your public info. So if someone get phycial access to your computer, they could see your addresses, but thats it. I think Bitcoin Core is easier for most people and the privacy tradeoff is fine imo since they need physical access to get your info. Washers are good, but they can be easily lost. I would look to get another backup metal plate if i was in your position, just for redundancy if possible. Something simple works. I would recommend using existing BIP39 words. Maybe just use another 12 word seed as your passphrase for plausible deniability as most people would assume thats a different seed and not a passphrase. Put some decoy funds on that wallet and write in steel as well. HWWs like coldcard can store the passphrase encrypted on the SD card so you don't have to type every time. Yeah, use the PIN. Save the QR, but dont store it with the HWW. Keep it very safe and hidden. Plus, using the passphrase will protect that private key QR code. You should be exporting or scanning something on the jade to input the wallet data into Sparrow. It is pretty easy and the software shoudl walk you through importing the info. No need to apologize. Happy to answer any more questions.

Revolutionary-Ebb-26

You have to create a transaction with wallet software like Sparrow or electrum and use your cold storage device to sign it. Then you can broadcast the signed tx. You might need to google a bit Here's some steps if you have a cold card: Download sparrow desktop Export wallet to SD card on cold card (google sparrow cold card watch only wallet) Import wallet to sparrow desktop using sd card Make unsigned transaction and save to Sd card Bring SD card back into cold card to sign transactions Bring sd card back back to desktop to load the signed transaction in Sparrow and choose broadcast

CartographerOwn5913

Jump into the r/coldcard they will help - to answer questions, airgap is best. Think of the CC as a signing device and your SD card as the cable. Yes, it’s a learning curve, but if you are patient you’ll pick it up over a few weeks if you tinker around without rushing things start making sense as to why it’s a bit more tricky than other hw devices.

69xX_MarkyMark_Xx69

I tried to do this. The cold card seemed OK at first. Everything looked like it was working correctly, when I slotted the SD card into the cold card and tried to export a wallet onto the SD, the cold card told me there was no SD card inserted. I think the hobo piss screwed with the internals. 

Digital_Scarcity

Download firmware update from manufacturer site, install update to device via USB or air gapped SD.

reallycool_opotomus

It takes a little but of effort to get set up but you can build a seedsigner for around $40. All you really need is a raspberry pi zero, a camera that connects to the pi and an SD card. The case is a nice to have but not required. Or you can print one if you have access to a 3d printer

gr8ful4

There is the conspiracy theory that those invested in Blockstream who controlled and control Bitcoin core developers have been funded by Mastercard, AXA and other banking giants. They didn't want competition 10 years ago while their systems were not ready. They proposed LN as a scaling solution on a second layer as a band aid which is similar to modern banking infrastructure. But you are correct. The main argument was that people will not be able to run their nodes at home, as it will get to pricey. Instead they went the way of high fees (which also prices out users). BTC chain now has 5GB if we went along with bigger blocks (the compromise would have been 2MB + Segwit) we would have been around 800 GB today. In the meanwhile micro SD cards can hold 2TB of data.

kwestro

Have you tried restoring from the Backup SD Card?

Miserable_Twist1

Encrypted seed on micro SD if you need to hide it.

No-City94

You're misunstanding. That's not income tax or capital gain tax. Here's the list of Tax in Thailand. PIT : (Personal Income Tax) ภาษีเงินได้บุคคลธรรมดา CIT : (Corporate Income Tax) ภาษีเงินได้นิติบุคคล VAT: (Value Added Tax) ภาษีมูลค่าเพิ่ม WHT : (Withholding Tax) ภาษีหัก ณ ที่จ่าย SBT : (Special Business Tax) ภาษีธุรกิจเฉพาะ SD : (Stamp duty) อากรแสตมป์ WHT is not PIT. You still have to pay for PIT 15% of capital gain , or up to 35% if you bring your income in to Thailand.

oogally

I'm not sure if it's a bad idea, but I do this. I have several copies encrypted with openssl from an offline raspberry pi 2. The contents are on SD cards in safe deposit boxes and the like. Close family members know the decryption key. I like that you need physical access plus the decryption key so that you could provide the latter in a will or communicate it directly without putting the funds at risk. You could do something similar with a passphrase on a BIP-39 seed, which would be less error prone. The only advantage to an SD card is it doesn't look like a bitcoin wallet seed. (But it could also be corrupted and there are many ways you could leak the seed in the process.)

According-Ad-2594

Bitbox isn't important. It is just a tool. The words are the important bits. Using them you can access your wallet anywhere in the world on any device like the bitbox. Ledger, trezor, software wallets ....... Etc. Anything that deals with crypto for the same purpose will recognise and accept those words. They are the only thing you need and so the only thing you need to keep safe. Lose them, or give them to someone, or have them stolen, or lose them to someone - and you lose your crypto forever. All that hard work and money in an instant is gone. An SD is great until it gets wet. Paper is great until there's a fire. A photo or on a computer is NEVER NEVER a good idea. Too easily hacked. You need to find a way to keep it safe. Lots of ways to do it. Get a plastic bag. A steel plate. Hide it in a book. But it on in a water proof steel cylinder. I have two copies in different physical places. Both well hidden. Your job is to keep them safe and yet away from harm and from any electronic device - apart from your but box or ledger or other wallet you end up using. You will never need to type it into a keyboard if you are doing things right. Not a full explanation. Just a suggestion to learn more before you start using it. Good luck.

only_merit

I would not go with Ledger, bad history, bad privacy. I would not go with Trezor as it is not easy to make it right. If you want Trezor, you need to avoid model One (not sure about Safe 3), and you need to have a passphrase or SD card feature and you should set up your own backend (difficult currently).

ScoobaMonsta

420 Grade melts at 1450⁰-1510⁰ C. The average house fire is 815⁰ C. And that's at the top of the building. As with rusting, show me an example of stainless steel rusting to a point where it's unrecognisable? There's no way an SD card is better than stainless steel plate for protecting the seed from damage!

ScoobaMonsta

No you don't put it on an SD card! They can fail. Stamp it onto something like stainless steel that can not fail or rust or melt etc etc. an SD card can be damaged in a multitude of ways.

Linkamus

The fact that it's *possible* for malicious firmware to expose your private keys either over USB or to an SD card is reason enough to use 2 of 2 or 2 of 3 multisig with completely different types of hardware wallets.

DreamMighty

You can make your own hardware wallet with a SD card. Generate the wallet without a Internet connection on a brand new computer. Put the seed information on the SD Card. Go to home Depot. Buy 15 bags of the red quickrete. Put the SD card in a water proof container. Now mix the concrete and pour it into a 30 gallon trash can. Shove the container down into the concrete. Place this 16' 5.84" inches under ground. Pour remaining concrete on top. Cover with dirt and plant a apple tree. Send the crypto to your address. Or buy air gapped HW Wallet... I like my idea better idk. Lol.

rosarino356

Air-gap is when a device is not connected to another device (not via WiFi, not via USB, etc.). It allows you to sign transactions via QR code or SD card.

BOOMBOOKLAT

Why the 2 SD cards? Sorry if this question is stupid but I can’t find any info online?

Hour-Spring-217

Meanwhile SD cards can be frozend dropped Out of a plane and still hold data

streetfightermz

Relocate to a zero-income tax state like SD or FL before selling to opt out of state income tax.

japanb

oh yeah i always like controlling my keys, bought them when it was $200 and kept most of it on paper, well flash drive linux make a bitcoin and then keep it on an SD card as a general room photograph with the tiny pc in the back ground showing the address. I started writing out the address on paper as some cryptographic puzzle lol. I only recently put it onto kraken because I thought it would go mental but it didn't until now but it's so slow that it's probably best to put it back into cold seeing as kraken is being weird, just like coinbase in the past where they'll add something extra you need to do to give yourself away

Salamanber

This will happen. A lot of sell orders will be executed around 50K. Scenario 1: We will close the weekly candle beneath the SD zone, We will have fakeout + a correction to the downside. It will take more time and power to come back. Scenario 2: If the weekly candle of this week close above the sd zone, we will see a nice pump to the next zone around 60K in couple of days/weeks.

Aussiehash

Any SD card will work for PSBT exchange and firmware upgrades. The industrial MicroSD cards are only for the case that you want to store an AES encrypted .7zip of your mnemonic seed words on an more durable MicroSD Coldcards don't come with a power cable, but any USB-C cable/charger will work

Sir_John_Barleycorn

I’ve never owned one and I’m confused looking at the order page. Do I need to purchase the SD card and power cable separately or do they come with?

satoshisfeverdream

You can air gap your wallet and use the SD card to broadcast your signed transactions so your keys never touch online.

CidVilas

Can someone help me understand why all the SD support? What are they for? Also, whats up with the key pad? Theres a lot of features but im not sure i understand the reason for it all.

Strange_Director_621

I just read through the plan rules but my screens look very different from yours. I did go through to try and exchange to funds outside my plan and it does say I have into open a SD account.

trowawayatwork

my workloads kept killing the SD cards unfortunately

KhaoJai

One tech I use for this is called PSBT (partially signed bitcoin transactions). Then your hardware wallet is never connected to the internet. You set up a watch-only desktop/mobile wallet (wallet with only public key, not private key) so that it cannot make a transaction with your software wallet alone. When you start sending bitcoin, it creates a spent file that needs to be signed with your hardware wallet like Coldcard. You save the file in a micro SD card from your desktop/mobile wallet. You connect your hardware wallet with a power source (NOT your laptop but use offline battery. Some users purely run device from a v9 battery so that they ensure the device is not connected to the internet.). You mount your micro SD card to your hardware wallet and sign there. After that, you move the signed file back to your software wallet on your desktop/mobile and it broadcasts the transaction. I wish in good at explaining it but once you get used to it, the overall process is simple enough and more secure.

P_e_a_s_h_o_o_t_e_r

I see that for the halving forecast you're using +/-1SD but usually a 95% confidence interval is used which would be +/-1.96SD.

Successful-Snow-9210

Google, Microsoft and Authy hide the secret from you. If you don't record it when you established TOTP you will have to reestablish TOTP everywhere When you get a new phone. MS &Authy don't have a way to back it up locally. With Google you can export the QR codes but the lical authenticator database isn't encrypted and the app doesn't require a pin to open Right after Google released its cloud backup option it was immediately proven to be insecure. In all cases with cloud-based backup options you risk being unable to access them when your 8-year-old reset your phone or your internet's down. I need an encrypted backup that is written to my SD card and can be copied to USB or any other media to be stored in a safe

Magic-Dragon-Society

The BitBox02 Bitcoin-only edition is a hardware wallet with radically focused firmware dedicated exclusively to Bitcoin. Less code means less attack surface, which further improves your security when storing your Bitcoin. BitBox02 is very similar with the Coldcard Mk3. Both hardware wallets use the ATECC608A secure chip. But unlike the Coldcard, it has a faster 120 MHz microcontroller chip. This makes multisig setups faster and easier to perform. Furthermore, the onboarding process on the BitBox02 is simple and effortless. You can do the initial setup within a couple of minutes, as your encrypted backup gets stored on the SD card. But to increase your security, you can also get your BIP 39 seed phrase from the BitBoxApp. In comparative terms, the BitBox02 is the hardware wallet that: 1. Follows the open source ethos of Trezor; 2. Takes user interface simplicity cues from Ledger; 3. Offers physical security like the Coldcard. 4. Swiss Engineering The BitBoxApp also allows you to run a full Bitcoin node and also features Tor routing. This means that you get more privacy and security for your transactions. Also, the BitBoxApp combines all Bitcoin address types under one menu. This is great for newbies, as they don’t need to differentiate between legacy and bech32. By ticking the “Coin Control” box, you get to manage UTXOs, It’s a user feature which boosts your financial privacy in a way that very few wallets do. Hope this helps 🙂

nerd2ninja

I use a 3-of-3 multi-sig across 3 laptops using the airgapped laptop method. I don't expect everyone to do that necessarily, but I do want to push people to do \*better\*. Even if it is these baby steps like getting someone scared of heights to climb stairs (that's what it feels like sometimes), just don't stagnate, you know? Ledger customer leak which for accuracy I'm including the fact that it was actually a hack of a 3rd party service (shopify), but 3rd parties don't protect your business from fault. Shopify got hacked and its ledger's fault for using them: [https://protos.com/ledger-spotify-crypto-wallet-data-leak-class-action-lawsuit-roche-freedman/](https://protos.com/ledger-spotify-crypto-wallet-data-leak-class-action-lawsuit-roche-freedman/) This one is Trezor's data leak: "Trezor support site breach exposes personal data of 66,000 customers" [https://www.bleepingcomputer.com/news/security/trezor-support-site-breach-exposes-personal-data-of-66-000-customers/](https://www.bleepingcomputer.com/news/security/trezor-support-site-breach-exposes-personal-data-of-66-000-customers/) Data leaks are dangerous because they cause you to be the target of phishing scams and wrench attacks (someone coming to your house and threating life or death over your money). In Trezor's case maybe that won't be an issue but we will see: "Postal addresses, phone numbers, and other personally identifiable information were also stored on the breached system but Trezor does not believe these were impacted." \>I’m genuinely asking why they’re so popular, even here, if they’re PROVEN untrustworthy. Those people believe another leak won't happen again, but also there's this phenomenon I call iPhone syndrome, where people have decided they like a thing and no logical arguments, abuses from the company, or anything can move them away. You can see there is a sense of learned helplessness to it as well. "I can't stop using company because I don't know how to use anything else". You can see that mindset in the replies to my comment. I mean its just moving an SD card or pointing a camera at a QR code. "If someone has to do that they'll lose all their Bitcoin" they say. "Too complex". Then there's the FUD Bitbox posts around acting like their USB is actually better than an airgap. Its insane the amount of misconstrued information (true information made to look like it means something that it does not mean) or misinformation (false information) is out there.

EASt9198

Actually I’d 100% agree with you that using a microSD doesn’t qualify for me as airgapped. I know the official definition is devoid of any automated interfaces but for me, a Trojan or hacker could easily hack my pc and then extract the key via the SD that I put into the „airgapped“ wallet. Only QR codes are for me truly airgapped. I create a transaction on the hot wallet, sign it on the airgapped wallet, then broadcast it back. The key never ever comes into touch with any point where it could be extracted. You’re right though - we’re talking here about some very secure devices already, but still I’d go for 100% rather than 95%, especially if you keep everything in 1 wallet.

solomonsatoshi

Yes read this- https://electrum.readthedocs.io/en/latest/coldstorage.html You can create the offline device required using an SD card or USB stick...or an old laptop with Linux installed. [https://itsfoss.com/intsall-ubuntu-on-usb/](https://itsfoss.com/intsall-ubuntu-on-usb/) Always use Linux for any serious Bitcoin computing.

nerd2ninja

A PSBT stands for Partially Signed Bitcoin Transaction. Its a file you can export to bring to another device to then sign and then bring that signed or partially signed file to another computer. Its important for all signing devices to support the PSBT standard because if a device doesn't support that standard and that device is popular, then wallet makers have to dedicate a part of their development time towards "and also support ledger" for example. So PSBT is an open standard for signing Bitcoin transactions and once its implemented in a wallet, then all signing devices that support that standard are supported by the wallet. Okay, so an Airgap is literally just transferring files (again think of the PSBT file in this case) from device to device without using the internet. So SD cards or QR codes. An airgapped device does not have ANY wireless technologies (bluetooth, wifi, cell carrier, etc) and only allows for the transfer of files through the controlled, not automatic, file transfer medium. To give you the NIST definition in case there's inaccuracies with how I chose to describe it: "An interface between two systems at which (a) they are not connected physically and (b) any logical connection is not automated (i.e., data is transferred through the interface only manually, under human control)." (source: https://csrc.nist.gov/glossary/term/air\_gap)

solomonsatoshi

You need to read the linked information so that you understand the process. You can create a completely offline OS on an SD card or USB memory stick. https://itsfoss.com/intsall-ubuntu-on-usb/

MysteryLiezer

Just remember, the usb cable is simply a method of transmission; touting that a wallet is “air-gapped” is little more than a marketing ploy. The same harmful data that can be transmitted over usb is the same harmful data that can be transmitted over NFC, or directly onto your SD card before putting it back into your Coldcard. Food for thought, is all

Corbimos

Get a USB SD card reader. You can get one for under $10.

Nlo89

I agree with that. I recently purchased a coldcard but only have a newer Mac book air which doesn't have a SD slot 🤦‍♂️. May just have to buy a new laptop.

JoeYo743

What if something happens to the SD?

spottyPotty

And if anything happens to it, you just slip the SD card into another one. 

detherminal

OMFG, don't listen to this ignorant man. Transactions need to be signed only via storing like using SD cards.

observer942

I'm not seeing anything about this, but if I just use my SD backup and something happens to both bitbox02 and the SD card, then I lose all my funds? Is that correct? Seems more risky to trust the integrity of an SD card over a metal seed phrase. Or am I missing something ?

na3than

Adjust your mindset: you're not moving your Bitcoin to your ColdCard; you're moving your Bitcoin to *an address for which your ColdCard has the private key*. With this in mind, it should be more apparent that you don't need Sparrow Wallet as an intermediate storage location on the way to your ColdCard; you can just use Sparrow Wallet as an *interface* to your ColdCard. I use Electrum but [the process is nearly identical for Sparrow](https://sparrowwallet.com/docs/coldcard-wallet.html): export the wallet from ColdCard as a .json file to an SD card, then import that file into Sparrow.

fonaldduck099

Every time you want to do a signing from your passphrase wallet you are going to have to type in 7 words plus 4 numeric. Or are you going to keep them on SD or use seed vault?

AceKittyhawk

Sweet I’m in SD often. If you remember any specifically would you let me know? Curious if any remain or people didn’t know what to do with them!!

JumpProfessional3372

I recently got the coldcard MK4. It is not cheap. And it is not for beginners. But it has pretty good documentation. And it supports PSBT transactions. So basically you can spend from your wallet by creating the transaction on an online device (PC) saving the unsigned transaction (PSBT) into an SD card, putting the card into the hardware wallet, signing the transaction if everything looks ok and finally importing and broadcasting the signed transaction. The main difference of this method is that you never directly connect the hardware wallet to the online device.

btclover8869

Write the 24 words also down on paper, do not just rely on the micro SD card. And the most important thing: Never share your backup to anyone and never enter it somewhere online e.g. your laptop or smartphone! BitBox is great

HSuke

For individuals, it would be better to hold or stake ETH than to buy its ETF Same reasons as the Bitcoin ETF (which is more inflationary as ETH is currently deflationary): * Tax-advantaged retirement accounts (without using a complex and expensive SD-IRA) * Institutional accounts that are only allowed to trade on stock exchanges, etc. * Easy beneficiary setup * Good for non-technical boomers who are bad at self-custody

cunth

You could use an archival quality SD card. But etched steel would be the better option than all of these

Frogolocalypse

Been hearing it a lot lately; "Here's my new hardware wallet! Now I'm cold storage!" It's important to have a common language about these things. > Why Cold Storage? > Cold storage is primarily intended for digital-asset custodians who do not actively trade their digital assets. It offers a high level of protection for digital assets, because keys are secured offline or in hardware and should *never be on networked computers*. If you plug your hardware deviced into a networked computer, it's not cold storage. It's, in fact, very important to understand this concept. Is this an issue? Not really. I have no reason to expect that trezor or cold card is going to take your money. But if you do attach it to a network connected computer, there is a vulnerability. Cold card even has a process where you can load an unsigned transaction onto an SD card and sign the transaction, and then broadcast it on a network connected computer. That is cold storage. I'm sure there are other examples.

analogOnly

Yeah, ya definitely need multiple backups. SD is acceptable as long as it's encrypted.