Reddit Posts
What is considered the best bitcoin-only airgapped hardware wallet that uses QR codes to sign txns instead of a SD card like coldcard?
Can the BitBox02 show a wrong seedphrase (BIP 39 wordlist)?
Top 3 Undervalued Gems on BNB Chain To Watch Out For in 2024
Driving me crazy!! Bitcoin core / Sparrow wallet connectivity issues, cant figure it out!!
Guys, after assembling my seedsigner, can I use the same components and use Raspbian on another micro SD?
How to use AirGap vault to turn a spare phone into a cold wallet.
Cyber security guide: A few ways to figure out if a crypto tool is legit (vetting Wallet Guard app)
Received Steem, SP, and SD but Have No Idea What to Do With It
Multisig 2 of 3: Once set up can I repurpose my HWWs?
What is the biggest risk for your Bitcoin security according to you?
[Serious] so, I have a good use case for "web3.0" after having a very annoying experience with Amazon Prime...
My Dream Hardware Wallet (it doesn't exist yet)
Comparison of Hardware Wallets (Conclusions After My 5 Hour Evaluation)
Coldcard SD backup question and Keystone multisig issue
Stable coin hearing ! Framework on Stablecoins !
Is it safe to store my Bitcoin in my cellphone? I use the bitcoin wallet and I have multiple copys saved in SD cards, even if someone hacks in my cellphone they won't be able to get my key because of my password right? Some advice?
Call to action: Bills are currently being rushed through committee in MANY states that would redefine money, such that Crypto currency is excluded, and the way is paved for CBDCs to take their place. CBDCs are bad enough, but if Crypto is not allowed as a valid form of money, we're screwed
How do you protect your crypto?
SD Governor Urges 20 States to Block Legislation That Bans Crypto's Use as Money — Says 'Its a Threat to Our Freedom'
One click WalletConnect instant dapp sign-in on a DIY open source Ethereum/L2s raspberryPi hardware wallet. Build it yourself, no coding skills needed. Swappable SD cards for multiple air-gapped private keys. Complete autonomy.
Multi-vendor Multi-sig + Sparrow Wallet: One of, if not the best, self-sovereign solutions to self-custody
An Achilles heel of the Cryptocurrency
For what it's worth, these are the bitcoin wallets I recommend depending on your level of knowledge. Do whatever you want with this information.
Recommending that the only way to use and hold bitcoin is via an airgapped laptop or via a narrow spectrum of hardware wallets is counter productive.
buying a second hand Raspberry PI with SSD attached.
Bipartisan Senators have introduced a new bill to classify Bitcoin and Ethereum as "Digital Commodities", under CFTC's jurisdiction and away from the SEC. Here is a look at the Digital Commodities Consumer Protection Act
Bipartisan Senators have introduced a new bill to classify Bitcoin and Ethereum as "Digital Commodities", under CFTC's jurisdiction and away from the SEC. Here is a look at the Digital Commodities Consumer Protection Act
Is this a mistake posted on Amazon?? This is a metal card used for seed phrase backup. It's supposed to be no-tech device but it's description says it stores 1GB Storage and uses Micro SD. WTF?!
Question about running my own node. It’s a set and forget or I need to personally verify everything?
Two critical weaknesses of hardware wallets you need to consider
Looking for some hard-to-find answers regarding cold storage and safety
| Sia Doge | Next Doge Coin Launching Soon With Huge Marketing Budget | Could Be Next MoonShot |
| Speed Doge | Fair Launch In Few Minutes | The most talked about cryptocurrency in the BSC space, is paying out more $DOGE then anyone else . Not only does this project have the HYPE but it has the ecosystem to back it up |
Buy the new Razer Blade 17 and pay with Crypto to get 3% off!
Buy the new Razer Blade 17 and pay with Bitcoin to get 3% off!
so my dad might have done Bitcoin back when it started...
If you missed out on $Doge you must read this! - Superman Doge is coming to Metis Andromeda!! Just Launched |
If you missed out on $Doge you must read this! - Superman Doge is coming to Metis Andromeda!! Fair Launch In Few Minutes |
| Shiba Driver | Just Launched | Low Mcap | Could Be A Good Gem | Based Dev |
This Project Will Rise To The Shiba Driver Coin / $SD | Fair Launch In 5 Minutes | Next 100x Gem |
Let me introduce you to SmartDefi and the Project: WISE INU
Let me introduce you to Wise Inu on SmartDefi
$ Just Launched •=> Strong Dog <=• Low Tax | We Are Ready For Being A Legend In BSC $ | Lp Locked | Transparent And Experienced Team | Website Soon | We Are Ready For Being A Legend In BSC $
~=> StrongDog <=~ Launcing in 5 minutes | Low Tax | Website Soon | LP Locked | Take Your Place In The SpaceRocket To Moon
Launching in 45 min | Strong Dog | Website is soon! |LP Lock Before Launch | Marketing and Influencer proposals soons!
Strong Dog | Launching in 1 hours | LP Lock Before Launch | Website is soon! | Marketing and Influencer proposals soons!
Russians prepping for SWIFT lockout like
How Russians will handle SWIFT lockout - BITCOIN EDITION
Swift Doge $SD | Just Launched | Low Mcap | Safu Dev | Audit| Lp locked | Experienced Marketer | Huge Marketing budget |
Swift Doge $SD | Fair Launch In 10 minutes | Safu Dev | Audit| Lp locked | Experienced Marketer | Huge Marketing budget |
Hawaii's Chance to deal with Crypto hangs in the balance
Smart Inu! First dog on the block built on SmartDeFi technology! Learn more about SmartDeFi!
StarDust | Staking Started Right Now | Only $360k MC | Big Marketing Plan This Week! Yahoo Finance Articel, PooCoin Banner and More! | Top Gainer on CMC & CG Next Days! | 10x-20x This Week!
StarDust🌟 Staking Start Sunday ✅ Only $160k MC 📈 Marketing Start Today! 🚀 Top Gainer on CMC Tomorrow! 🚀 10x-30x This Weekend 📈
StarDust🌟 NFT + SD Token 👉 Biggest Giveaway Ever! 🎁
🍭SugarDaddy 🍬 Launch in 5 min | Join to our TG now or cry later! | Initial liquidity: 25 BNB | No dev/team wallet
🍭SugarDaddy 🍬 Launching in 45 min / Join to our TG and enjoy! don't miss this launch, the best project in the bsc launching now!
🍭SugarDaddy 🍬 Fairlaunch in 1 hour | Good marketing plans after launch | Active community on TG with futures sugar daddy!
Potential for crypto rewards in gaming tournaments?
🍭SugarDaddy 🍬 Launching in 2 hours without presale before! | No dev/team wallet, ownership renounced, liquidity locked, join to our TG!
🍭SugarDaddy 🍬 Fair launch in 3 hours | Don't miss this GEM in the BSC, Initial liquidity: 25 BNB
Mentions
There are a couple of recommendations when using seedsigner. One is to use it on a pi zero with no wireless card. Second is to remove the SD card right after booting, so by the time you punch in your seedphrase, there is nothing on the device that can transmit it or store it into. If you follow the above, unless you believe there is a component on the pi zero that actually has storage capability, shouldn't it be safe enough even if the firmware is closed source? So long as you generate the seedphrase using the dice roll method. You can even go one step further and not trust seedsigner for the seed words by verifying the number to word mapping elsewhere.
For some reason all anyone talks about is the SD method, but yea, USB works just fine.
SD card use on the cold card is optional. I just use the USB interface. imo the SD card is an airgap larp and adds a bunch of extra steps for little purpose.
I recommend coldcard. It’s kind of wierd having to load files into an SD card and plugging it into the wallet so it can sign and transaction. But other than that it’s cool. Needs to be powered via USB A/C Jade is cool but using their native application on MacBook is kinda glitchy but usable. Needs to powered via USB C. Bitbox02 was my first hardware wallet. I actually enjoy using it the most out of the 3 hardware wallets I own. Its native application is cool. Be aware though after a certain amount of times that you unlock this hardware wallet it will factory reset. I have the USB C version, it plugs into the computer.
I wouldn't recommend entering your cold storage seed phrase into a computer. Can you not just export your xpub to an SD card? That's all you need to just "look at your coins" on a software wallet without compromising your seed.
Whatever you do, use the wallet as a signing device and use a watch-only software wallet. In that way, you can avoid most trust issues, because both companies must to collude together to mess with anything. For example, use blue wallet or nunchuk wallets with a passport. Pass transaction data and signature via QR code. All wirelessly, securely and no need for SD card
F cold card. Avoid! I bought many of their products. The Mark for game with some bad NFC chips. The customer support was terrible. They did not replace the bad products. The plastic enclosures they use are flimsy and do not line up with the SD card slots. The firmware is buggy making me have to reload the seeds into the product. I would avoid it like the plague. Plus your transaction is just a pain in the ass. My favorite one right now is foundation passport. If it’s too costly, then you can try seed signer, but the passport is much better. F cold card man.
Trezor Suite, Sparrow and Blockstream Jade all run on Mac, I don't know if they run on a 12 year old Mac Ledger Live does as well, but don't use that Coldcard Q can use USB or SD Card and marries up nicely with Sparrow wallet
You don't need the hardware wallet to receive btc, only the public key. To send, you have an app that makes a request. Then, you either put that request into an SD card or a QR code. With the SD card, you then remove it from your phone or computer and plug it into the hardware wallet. You have to sign in to the HWW using a password or biometrics. You then approve the transaction on the hww and remove the card, and return it to the phone or computer that is connected to the internet. QR based HWWs have a camera instead of an SD slot, but the process is similar. I think QR codes are much easier. Remember, your btc is only stored in the block chain. Your HWW only stores your private key, which gives you access and control. I don't know anything about Jade personality, but it is well regarded.
There is no physical connection from your waller to the web. No wire, Bluetooth, or wifi. Your wallet communicates either by QR code or by moving an SD between devices. It insulates your wallet, preventing bad actors access.
Yup. Bought a Raspberry Pi, micro SD, heatsink case and a 2tb solid state hardrive. Flash the Umbrel OS on the card. Done.
Just download sparrow (and then verify the download- instructions on the sparrow website) and get a coldcard with an SD card
There’s basically a transaction file. You generate the transaction file in your sparrow, and it’s waiting for the final signature. That file gets put in your HW wallet via an SD, hardware wallet signs it, then you transfer that (signed) file back into sparrow where it can then be broadcast to the network
Using an SD card or a QR code scanner to sign transactions. And review transactions.
How you suppose to update firmware in this case? I think all hardwallet have at least USB-C or SD Card connections
You can go even further with no USB, no SD card.
You store your key offline on the coldcard, which never connects to an internet connected device. You use and SD card to sign the transaction and move the file to your computer to broadcast.
cold wallets never connects to the internet to transact instead, transactions are signed for offline with the offline device, and transported to an online computer for broadcast with an SD card. hot wallets are those that have some kind of wired connection to a internet connected device.
>Inserted SIM card into laptop to sign transaction. Couldn’t find the file to sign on sim. You have to create and partially sign the transaction in sparrow first. Save the transaction to your SD card. Insert SD card to coldcard and sign the transaction. Insert SD card back to computer and broadcast the fully signed transaction.
Send it directly to APMEX or SD Bullion in exchange. You’ll actually get a discount, too! My preference is SD Bullion.
Trying to read through the techno-lingo here... There might be something wrong with your cold storage device or your SD card or whatever you're trying to sign with. You may need to rebuild your wallet on another device or on a hot wallet to get to your funds and transfer it to another cold storage device. I've never done something like this or heard of this issue but it looks like it's a cold storage issue, nothing else really makes sense...
JM Bullion, SD Bullion, BullionExchanges are all tried and trusted
The only problem with a safety deposit box is it can be easily found and confiscated by the feds, other than that it's probably a pretty good place. If you have any family you trust enough to keep it secure and not rob you that might be better. One idea is to divide your seed phrase in half and give each half to different family members to keep secure. If it's a 24 word phrase it will still be impossible to brute force with only half of the words as far as I know. Even if you aren't 100% trusting of those family members they would still have to collude to steal from you. I would not recommend this with a 12 word phrase. If you decide to keep it to yourself you should stamp it on steel or at least keep it in a fireproof safe if it's on paper. Only problem with a safe is that's the first thing a thief would go for. Stamping it on steel and putting it somewhere in your house where no one will ever look is probably pretty secure, or burying it in your yard. Maybe just tell your next of kin where it is, or at least that it exists and they will have to find it in your house or yard to get your stash if something happens to you. As for your cold storage device, most are made to be nearly impossible to access or hack if you don't have the PIN to unlock it. I prefer cold storage that doesn't require bluetooth like Ledger does. I like the Passport because it can transfer information by scanning QR codes from the display making it very easy to use without having to deal with micro SD cards. If you also used a passphrase with your seed that's another layer of protection I highly recommend. There is no perfect solution and people will advocate for other things like multi-sig, but personally I think that's too complicated and introduces some issues that increase the risk of loss. Ultimately you need to research all the options, consider the trade-offs, and figure out what works best for you.
I'll have a set up where as long as I have my phone and an internet connection, I can sign transactions with a micro SD card and my cold wallet to send funds anywhere I need to. All you need is a micro SD to USB 3.0 memory card reader. I have a backup 24k mAh battery that to provide power for both my phone and the cold car if need be. Eventually I'll get something that can connect to satellite for Internet.
Asing as you followed good practices for setting up the BitBox--e.g. creating a backup on a micro SD card THAT YOU WILL STORE IN A SECURE LOCATION, recording your [recovery phrase](https://shiftcrypto.support/help/en-us/20-24-recovery-words/9-how-to-display-my-24-recovery-words-on-my-bitbox02) ONLY ON PAPER, WHICH YOU WILL LATER TRANSFER TO STEEL, AND KEEP IN A SECURE LOCATION, doing a factory reset of the BitBox and testing your backup before you moved coins to it--then yes, you're good. If you don't have a backup, or if you think you have a backup but you haven't tested it, you're playing with fire.
Is the only way to use the external SSD as storage to run Umbrel OS on it, or run it on the internal SD card and manually configure to use the external? Seems there should be a way via GUI to tell Umbrel (or apps) to use external storage.
To be honest, since I have been buying only for a while, right now I haven't had a need to sign a transaction for real except a UXTO consolidation. Currently, I would use them for convenience i.e. QR codes on the Passport is pretty quick and cool. Currently I keep my seeds in separate locations for multisig. In the near future I will also keep a Coldcard or Passport at each location. In order to move Bitcoin from my wallet , the signers will each need to deliver an SD card with a psbt. Or I would have to go to the locations with a watch only phone wallet and use the psbt option. Just the optionality is pretty cool. So for me, it's the convenience and the security options.
it’s def worth something to someone. If I ran into you in person I’d give you like $5-10 in BTC for that just b/c it would look cool next to the $100 SnoopDogg bill I have on my shelf lol! but actually, have you tried splitting that open by chance? like one of those false quarters that people buy to hide SD cards and such?
Sorry, attempt at a bad joke. I haw one writes down on paper, hidden somewhere. And I haw a picture taken with an offline camera with an SD card hidden somewhere else. And I haw my Ledger Nano X. I'm thinking of using hand ciphers to encrypt the private key and just hiding it on paper and don't haw to worry too much if someone finds it.
Now now let's not discriminate against the PhDs ...average IQ of a PhD is 124. Another source says that education PhD students have an average IQ of 123." 100 is not average, it's well above average as the world averages around 88. So phds have at least two standard deviations of IQ on top of the world average. SD 15 IQ points
The worry with a hot wallet is from a hack. Since you’re accessing the wallet on line your chances of a hack are much higher. With a cold wallet you’re accessing the private keys to sign through the device. The device will have a pin and sometimes a passphrase for added security. Many offline devices will also either have a USB or Bluetooth mode. For even more security some devices come “air-gapped” meaning the device never touches the computer. You simply scan a QR code or insert a a micro SD card and you have access to send your btc. Both work well, just what makes you sleep better at night and depends on how much you hold. Small amounts = hot wallet and larger amounts = cold wallet thats the mantra for most people
I don't use the software so can't tell if it would be worthwhile, but tell your uncle to keep all the AnyDesk files and logs. Disconnect that computer from internet completely, and then boot up and copy all AnyDesk config and logs to an SD card or something to send to forensics. It's possible the scammer could have left traces back to themselves through those logs if they were sloppy.
Exactly. That’s the big attraction for me to get the Q. Getting tired of swapping SD cards… It’d be perfect if the keyboard was hard plastic similar to a Blackberry, rather than this super spongy squishy buttons… oh well.
Awesome. I do want to use it on Sparrow as well - it gets annoying having to plug in multiple wallets or SD cards. A couple of QR scans and not having to wait for the computer to detect the wallet would be great
Wow thanks for the great review! I already have Cold Card MK4s and have my wallets setup. Just looking for reliable backups so I'm not looking for power user moves other than QR code and SD card PSBTs. Passport sounds like it might do the trick.
I'm using a Dell laptop from 2018 with USB 2.0 slots. You have to convert the USB-C male end to a male end USB 2.0. Usually, like with phones and other devices, you have a female end port so there are often redundant cables from old devices that connect into the female port end. This is why a male usb-c end is inconvenient- a lot less redundancy. I uninstalled the Bitbox02 App. Sparrow is still not detecting it but I think it is the computer and not the Bitbox02. I'll try later. Also to this point, maybe you guys can include SD card psbt as another way to to sign transactions in the future. My 2018 laptop does have an SD card slot.
That’s just a false sense of security. The update on the SD card can be corrupted as well. The points OP made ring true but only because of user errors. Every user caused problem you can imagine can happen to any brand of hardware wallet. You’re not going to find a single wallet compromised without the user being at the root cause because there are no instances of this happening. The only semi-valid point he has is the sending of seeds over the internet, and even that point barely has merit because I dare bet OP (and most people here) do not understand how or where the seed goes and why this as a service benefits outweighs the risk.
Absolutely not "the safest", you cannot keep it updated without linking it to a compter connected to Internet. There are hardware wallets like which you can connect only to a power source (no data cable) and updates are done through a SD card. So the attack surface of a Ledger is larger, thus not "the safest". OP is also correct on all facts they have listed, dismissing them with a "cool story bro" seems very s(h)illy of you, when there are alternatives that do not have all this baggage: Trezor, Keepkey, Coldcard for example
It is not safer to use a HW for hodling. It IS safer to use a HW for signing. A cold wallet on an air gapped computer is still a wallet on a general purpose computer. Regardless of the medium used to transfer an unsigned transaction to the device and back--flash drive, SD card, camera, Bluetooth, etc.--a general purpose computer has a greater attack surface than dedicated hardware that is capable of performing only a handful of functions.
Just looked up the beelink mini PC those are impressive devices! 16gb ram and internal cooling included that’s great. Thanks for the info! What operating system would it run? Would you be able to boot a free OS like umbrel from an SD card? That was one of the thinks I liked about the Raspberry pi build. Flash an SD card, slot it on the board and you’re off and running.
So I think you're mixing up your self-custody cold storage wallet vs. self-custody hot wallets vs. an exchange. An exchange, like Coinbase (although I recommend people use other bitcoin-only ones like Swan Bitcoin, River Financial, or CashApp) is simply a place to purchase bitcoin. When you have enough bitcoin to withdraw (I'd recommend minimum 1 million sats, so \~$570 at current prices, so that you don't get stuck with small/dust UTXOs in the future), then you pull it out to self-custody. A hot wallet is a self-custodial wallet where the private keys are stored on an internet-connected device, like your phone or computer. This is ok for small amounts, but we do not recommend that for large quantities of bitcoin, since that device is vulnerable to being hacked. A good example is Blue Wallet. A cold wallet is a self-custodial wallet where the keys are held offline. Hardware wallets, also called "signing devices," like the Coldcard, Passport, Jade, Seedsigner, etc., are meant to hold the private keys offline, so that they cannot be compromised in a hack. With a cold wallet, very often, you'll keep the wallet itself on your phone or computer, using something like Nunchuk, Sparrow, Specter, Bitcoin Keeper, Theya Bitcoin, etc. You'll use that app on your phone or computer to construct your transaction- where it is sent to, how much to send- then you move the transaction to your signing device via either USB, QR code, NFC, or SD card, sign the transaction on the device, and then move it back to the computer to broadcast to the blockchain. Watch [this youtube channel](https://www.youtube.com/@SouthernBitcoiner), he has several walkthroughs using Sparrow with Seedsigner and with Coldcard, to show you exactly how this setup works.
Finally great news! 
Let’s resume the Block Size Debate. It’s time. I’ll go first Blocks are too small, I can fit 20 years of bitcoin on a 1tb SD card. Also the chain is overpriced. Make blocks bigger. I have 10TB of redundant storage and a gigabit internet connect
The Cold Card and Passport are updated via SD card. The source code is open source, so if you want to you could even read the code. You don't even have to update the devices. Once you've set them up you never have to update them. They're both also the best in class for features. Compared to Ledger Nano, which has no on-board features besides signing. And every time you wipe the wallet it wipes the firmware so you HAVE to connect to an internet connected PC and update using their proprietary software.
This is just flashing a micro SD card, and formatting your external hard drive. No command line stuff
You can't go wrong with any that I listed. It's really up to your preference. Do you want your hardware device to have a camera? It makes it convenient to send bitcoin and/or verify your address by scanning a qr code. Do you want an air gapped device? Meaning it never connects to a computer or anything internet connected. You typically partially sign a transaction in your software wallet and then transfer it via SD card to your hardware device for final signing or scan a qr code if your device has a camera. Air gap is rock solid security but at the expense of convenience. A camera may cancel this inconvenience. Check out BTCSessions on YouTube. He has a video that reviews various hardware, pros and cons.
1. Open source or at least source code viewable 2. Airgapped- can move tx from desktop to device via NFC, SD card, or QR code 3. If it stores the seed on the device, then a secure element to prevent seed extraction 4. Compatible with 3rd party wallets (Sparrow, Specter, Nunchuk), and never being forced to set up through the manufacturer's own wallet 5. Adherence to common standards like PSBTs 6. Ability to enter a passphrase (that isn't stored on the wallet), thereby allowing you to create an entirely separate wallet 7. The ability to generate your own seed using dice rolls (please do this very carefully, minimum 100 dice rolls!) 8. The ability to save a single sig/multisig wallet into the device, so that you can check to make sure change addresses are inside your wallet and not being spoofed by your (potentially compromised) desktop or phone. 9. A nice screen that lets you easily double check all transaction details (receive address, change address, amount, miner fees, etc.) and compare them to your desktop or phone When it comes to having most or all of these options, it narrows down to three: **Coldcard, Foundation Passport, and Seedsigner.**
What do you think in terms of backup possibility. SD Card/NFC Token etc?
The duress PINs alone make it worth it. Get the CokdCard Q and keep your airgap via QR or SD card or by NFC. Add in BIP-85 and also SeedXOR and the ColdCard is simply in a different league.
There is nothing wrong with that. I also encrypt (AES cbc 256 bit) my seeds on a standalone computer without any communication / internet access. AES is a best practice algorithm for this. There are people that claim "but what if a super hacker finds it after breaking into your home, stealing your encrypted backups and using a super computer cluster to brute force you encryption" usually in addition with a link that provides a table showing how quickly one can brute force passwords of different length. However, they completly forget what I am protecting against. I am protecting myself against the common thief. If they see seedwords stamped into steel they probably know what to do. If they find an encrypted SD card formated in a way a windows computer cannot read, they will probably throw it away or not take it to begin with. Also the police, if they would for whatever reason, search my home, they too will not immediatelly know my seed phrase, if ever.
You put the SD card in the online computer with the watch-only-wallet and save the transaction to the SD card. Then you put the SD card into the offline computer and sign the transaction, saving the signed tx file on the SD card. Move the SD card to the online computer and broadcast the transaction via your wallet software or block-explorer.
Instead of screwing around with QR codes and webcams, just use a USB flash drive (or SD card or microSD card) to move the transaction between computers.
Don't you have to manually enter your passphrase with trezor? Ledger saves it to a pin, and coldcard encrypts it on an SD card, but I thought they had to be manually entered every time with trezor so people use short ones which defeats the whole purpose
Select the address type that matches your address from the UTXO you want to spend. Most likely BC1. From the coldcard site, >After selecting the desired address type, scroll down to view the first 10 addresses. When you reach the bottom of the screen, you'll be given a prompt to show the following 10. https://coldcard.com/docs/address-explorer/ >Save to Micro SD >After selecting the desired address type, press 1 to save the first 250 addresses to the MicroSD card inserted into COLDCARD with a file name of addresses.csv. You can then import these files to your computer for later use without needing to physically access your COLDCARD. You may need to update your firmware it's too old and doesn't behave the same way as the documentation.
You could sell 1+SD covered calls against it.
Google Electrum cold mode. Basically you prepare transaction on online PC, copy it to cold PC (with usb, SD card or QR code), sign it there. Then you copy signed TX back to online PC and broadcast it.
Good points. So if someone in your own household is attempting a bunch of pin numbers randomly then my BTC is under attack. With that being said I would love to not have my roommate troll me and brick my device obviously lol. I think a good way to prevent this would be to turn on the 2FA with a micro SD card (you can prepare a SD card with the coldcard that is required to be inserted while entering the pin or the CC will delete the seed) AND/OR turn on the setting that requires a set amount of time to pass (without the CC losing power) before you can attempt a login. As far as the random pin creating a random wallet, I was mistaken and I apologize about that. I just attempted a wrong pin and it definitely tells you it's wrong and shows how many attempts you have remaining. The pin always is in two parts: the pin prefix is required then it generates two anti-phishing words by hashing the pin prefix and (I believe) the serial number together. This way if someone provided you with a fake coldcard you could tell (by noticing the anti-phishing words aren't the same as normal) before you give the phishing attack your pin suffix. Turns out there is also a setting where you can have the coldcard wipe the seed and/or brick the device EARLIER than 13 failed attempts. Btw I'm just a happy customer and not sponsored lmao (sponsor me Coinkite)
That SD card 100% compromises your security
How about a photo w a 90s digicam on an SD card. Only use the digicam to look at the image
Terrible advice. Now your seed is in clear text on your computer, SD card, or wherever you are printing the file from.
Get a cold card. Watch some YouTube videos on how to use it. Test a small transaction to your cold card and then back to coinbase. Make sure you have a good offline backup preferably on steel not paper and hide it well. Never plug your cold card into a computer. Use the SD card. And then you are ready to transfer your funds from coinbase to your own wallet.
Sure, the same kind of data pass through the USB cable and the SD card. It's impossible to grab the private keys just by sending a malicious payload, unless you have a 0day, having to use an SD card just makes things more complicated and annoying, there is no difference between connecting the coldcard directly with a USB cable and signing transactions with an SD card.
How do you verify that the offline laptop isn't compromised? What if the laptop has a hidden micro SD embedded within it that boots up a compromised version of tails that will generate predetermined private keys with electrum?
Should I worry about my SD card Backups during the Solar Storm that is currently in the news?
Just bought everything last night to get a full node up and running, ~$200 USD Pi 4, 8GB - $75 Pi case w/ Fan and heat sinks - $10 Ethernet cables - $7 Industrial 16GB Micro SD - $11 SD card by USB C adapter (for computer) - $16 Pi official power supply unit - $9 2TB WD SSD (should last at least another 10 years) -$75 SSD hard drive enclosure with data cable - $8 Not saying this is the best, end all, be all list. This is just what I purchased and was about on budget for me. I’ll be attempting to connect this node through my VPN router to verify the block chain and broadcast transactions. VPN may impose issues that’s beyond my expertise, but I’ve always got time to learn about BTC. Good luck, have fun!
Metal plate got it. Isn't the SD card just for updating firmware?
Well, let’s see I ordered three Mark for devices, and on one of them the SD card slot would not allow the SD card to be inserted because of poor manufacturing. The nfc chip does not work for tap to sign. I tried on many devices, including multiple iPhones and multiple operating systems including android phones. Customer service sucks. They do not allow refunds or exchanges. Multi signature sucks, the change address is not verified by the device. I also contacted customer service to check on this and they did not answer the question. The manufacturer is in Canada, so any recourse from the USA is very limited. The operating system is buggy, at one point the multi signature transactions would not be signed, so I had to actually wipe the complete device, including the seed and redoing it on all the devices, which was a pain in the ass. The actual plastic enclosure is very cheap. I can go on and on. If you have any questions, please message me. So I’m currently using other devices from other manufacturers and im much happier.
Class action my butt. This is an astroturf class action law suit. Those six are paid spokesmen. Using a small investor gives the case a popular appeal that the SEC vs. RIPPLE lacks. The problem with these suits is that they will give the SEC and the government broad powers over cryptos and potentially other businesses models. I am no friend of Coinbase. They are run by scum who design new ways to get a chunks of change from you, block you from access to taking funds out, doing everything to make putting money in. These clowns took 7 months to KYC me. They were much less rigorous when they accepted my money. They say you can get your money when you want. Not exactly. I saw the headline and was hoping someone would sue for their God awful rules designed to keep your money. Bank have become criminal organizations. The process drug money, process terrorist transfer, steal from their customers, underpay employees, collude to set loanrates higher than they would be in a fair market, use reservations and SD to avoid regulations they would otherwise be subject to. And the list goes on. Is there no limit to their greed?
No, we understand how trezor works just fine. u/PowerDonkey You take the software you need and transit it over the air gap after auditing it via the method of your choice. USB, SD, etc.
> “This research shows that although cold wallets provide a high degree of isolation, it’s not beyond the capability of motivated attackers to compromise such wallets and steal private keys from them. We demonstrate how a 256-bit private key (e.g., bitcoin’s private keys) can be exfiltrated from an offline, air-gapped wallet […] within a matter of seconds,” Guri notes. That’s a two computer setup, with physical media such as an SD card in between. > Although kept on offline computers, external media – such as a USB flash drive, an optical disc (CD/DVD), or a memory card (SD card) – is occasionally connected to the air-gapped machine, usually for signing and broadcasting transactions. The use of removable media to infect computers is an attack vector known to be effective and attackers could use it to infiltrate the air-gapped wallet, Guri argues. Not a typical hardware wallet, such as a Ledger, Trezor et al. It’s very clear. It’s very simple. Most people don’t even need it spelled out in as many word because a two computer setup is obviously more complex than a typical hardware wallet, and as such has a much greater attack surface. It’s elementary. Please don’t make me draw it for you.
*Both* a hardware wallet, and two computers with one not connected to the internet, are an air-gapped wallet. Everyone knows this, it doesn’t need to be said, except to you. The article includes an attack using an SD card. No, you are like not see the file. It’s more sophisticated than that. Look, you surely agree simpler is better for security, right? Complex Computer > Simple Hardware Wallet > Secure Enclave Complex Computer > Physical Media > Complex Computer
My god your fkn article is about the fact that hardware wallets aren't really air-gapped. > Air-gapped cryptocurrency wallets are believed to hold private keys stored in them secure, but an Israeli researcher has demonstrated that attackers can leak the keys from such wallets in a matter of seconds. Quit with the google searches ffs. I have already covered this: https://old.reddit.com/r/Bitcoin/comments/1cfej47/how_do_i_go_about_getting_a_hard_wallet/l1qkbtu/?context=3 > You don't know what an injection attack is. You would see that on an SD card as a file. In order for that vulnerability to be possible, the OS of the network connected computer would need to be compromised, the SD card would need to be compomised, the SD-card ports on both the network connected computer AND the hardware device would need to be compromised. ALL of that would need to be done in person, short of infecting EVERY SD Card and SD Card reader. > And none of that drivel has anything to do with the vulnerability of connecting a device to a network connected computer. You know the only thing that would need to be compromised? The USB cable, or the hardware device which you have no way of validating, or the network connected computer. Because the keys are connected to a network. Which is the vulnerability that cold storage mitigates. You don't know what the fk you're talking about.
I’m sorry I deleted my comment. I felt it needed rewording, and I was having lunch. It’s *very* simple: you’re adding more, highly unsafe, attack vectors with physical media between two machines, the second air gapped one having more attack vectors than a hardware device. The question is not “Are hardware wallets 100% safe?”, it’s whether they are safer than using an SD card and two computers. They are. They’re also more convenient.
Quit with the google searches ffs. I have already covered this: https://old.reddit.com/r/Bitcoin/comments/1cfej47/how_do_i_go_about_getting_a_hard_wallet/l1qkbtu/?context=3 > You don't know what an injection attack is. You would see that on an SD card as a file. In order for that vulnerability to be possible, the OS of the network connected computer would need to be compromised, the SD card would need to be compomised, the SD-card ports on both the network connected computer AND the hardware device would need to be compromised. ALL of that would need to be done in person, short of infecting EVERY SD Card and SD Card reader. > And none of that drivel has anything to do with the vulnerability of connecting a device to a network connected computer. You know the only thing that would need to be compromised? The USB cable, or the hardware device which you have no way of validating, or the network connected computer. Because the keys are connected to a network. Which is the vulnerability that cold storage mitigates.
I was referring to the genre of attack, the general type; using physical media as the attack vector. The attacks have, of course, evolved in the last 30 odd years. This is assumed, of course, but not by you? You’re not wrong in there are attack vectors for *any* hardware software combination, open or closed source, including the popular hardware wallets. But using an SD card and two air-gapped computers is introducing *more* attack vectors, and is *less* safe as a result. Far less. > Although kept on offline computers, external media – such as a USB flash drive, an optical disc (CD/DVD), or a memory card (SD card) – is occasionally connected to the air-gapped machine, usually for signing and broadcasting transactions. The use of removable media to infect computers is an attack vector known to be effective and attackers could use it to infiltrate the air-gapped wallet, Guri argues. https://www.securityweek.com/hackers-can-steal-cryptocurrency-air-gapped-wallets-researcher/
If you’re using, say, a windows machine to copy to an SD card to copy to an air gapped/another windows machine I don’t even know why you bother. Linux to Linux is better, but you still have a fucking generic device connecting the two. This is classic, typical, ancient attack vector. The most common and oldest type. It’s how virus spread back in the ‘90s.
Wow. Fundamental lack of understanding of risk. Bitcoin hardware is designed for one purpose; Storing bitcoin keys. That makes it a honey-pot. Supply-chain attacks alone raise the risk of any device, because it is so specialized. All you need to do is attack one supply chain. In the case of SD cards? ho ho ho. There would be a billion SD-cards created for every bitcoin hardware wallet. Do you think someone that is capable of creating a hack for a device so pervasive, is going to use it for the one in a billion instance usage of stealing someones bitcoin keys? Ho ho ho.
Yeah… I wouldn’t be trusting an SD card or anything similar over an open source software and hardware device built to do only one, single thing that has been bulletproof for ten years and counting. : )
> I do red teaming mainly, Desktop support. > blah blah blah blah blah. > malware detects that and injects payload into the SD card along with the transaction. Which you would see on an SD card as a file. In order for that vulnerability to be possible, the SD card would need to be compomised, and both of the SD-card ports would need to be compromised. And none of that drivel has anything to do with the vulnerability of connecting a device to a network connected computer? You know the only thing that would need to be compromised? The USB cable. Stop cosplaying security. You're not any good at it.
I know very well what I am talking about because securing machines is my job. Being new to reddit does not make someone new to the internet, nor bitcoin. I have read the article you linked in the past because it is a very interesting idea. I know how hardware wallets work because I wouldn't trust a huge chunk of my net worth on something I don't know anything about. Malware can inject itself very easily inside the SD card and attempt to get the private key from the air gapped wallet if it was possible. The only way to prevent this is by getting the SD card in a separate, offline only, device to inspect and verify every line of the .json file, but no one does that. Can you explain the differences between a bitbox02 hw and an electrum hot wallet? And just to be clear, the bitbox02 only connects via a USB cable and the electrum hot wallet runs on the same drive the user plays games on and works at.
This is completely false, airgap is pseudo security, hardware wallets are made with the absolute worst cade scenario in mind, you can use your hardware wallet in a malware infested computer 100% safely, your keys never leave the device, they never actually touch the internet, the same exact data transmitted from an SD card are transmitted through a USB cable.
You can use a cheap HDD ibstead of thumb drives and SD card. A SATA/USB3 adapter does the trick. Unbuntu 22 & Raspberry 4 can boot from HDD. I have a second HDD for daily backups of the blockchain data.
Depending on how tech savvy you are, for hardware wallets, Tangem is simple, secure and cheap. In its easiest setup, you don't know your seedphrase (you can if you want). You just have 3 credit cards. In the middle are simple wallets like Trezor or Ledger. You use usb cables to sign transactions so you are briefly connected to the internet. Most complex and expensive, but most secure are airgapped wallets like Cold Card or Keystone. You sign transactions via SD card or QR codes and are never connected to the internet.
Oh man. The passport is so much better. It’s just designed to be simple and elegant. It has a micro SD card slot for backups and updates which is nice for restoring your wallet. It’s extremely easy to set up a pass phrase protected wallet. The app envoy is much better than green wallet too. It’s makes transacting easier and clearer. Coin control works better. Plus it looks like an old phone, that’s good for airport security. If you’re unfamiliar with pass phrases. The idea is you have your seed phrase which is your key to you wallet right? Well you can add a password or “pass phrase” and it creates a new wallet that comes from your seed but is hidden behind it with a pass phrase. The reason I do this is I keep a portion of my stack in my main wallet. But I leave most my stack on a pass phrase. So if someone tried to steal my coins sure they’ll get some but probably won’t bother digging around and getting to my real passphrase protected coins.
To add to what's already said there's also an official tool you can use to recover the SD backup without another bitbox02 wallet. It generate the seed that you can input in any other wallet. https://github.com/digitalbitbox/bitbox02-backup-recovery
Leaking your xpubs only reduces your privacy, not your security. I have a multisig setup and opted to not store any in online/cloud storage. Instead I placed them in multiple different SD cards and physical paper and distributed them in different places. Many hardware wallets (I know coldcard specifically) will also serve as an xpub backup since all the xpubs are stored on the coldcard when you verify the wallet at its inception.
You could just add a battery to the Pis power supply and also just plug in your mouse/keyboard and screen to the Pi if there were any problems and you are unable to use SSH. OPs question was if a Pi 4 has enough hardware capacity in order to operate as BTC full node, not if there is some alternative. Idk what would be good about a Laptop standing around running 24/7 when it's not intended for permanent operation, in opposite to a Pi, which is small, has low energy consumption and noise emission and is built for 24/7 operation. If the Pis hardware is capable of running a full node. What connectivity out of the box? Most laptops wifi cards aren't even supported by most Linux distros and you have to install drivers and stuff manually or get an ehternet to usb adapter opposed to the Pis own raspbian distro made specifically for the Pi and it's onboard wifi capabilities. The only weak spot of the Pi is the micro SD Card used as main harddive but you could just get a USB to SATA or M.2 adapter, put an SSD into it and plug it into the Pis USB instead of the micro SD and you get a system cheaper, smaller and just as reliable as an old laptop that can be easily put in a small space where it doesn't disturb you.
If the SD card is corrupted , lost or stolen, the worst thing that happens is you are locked out of your bitcoin forever
I hope you're not mistaken xpubs for seed phrases. If someone got the SD card the worse thing they can do is track how much money I have lol
So everything rests on a single SD card? Stupid move.
For me it's BitBox02 for a few reasons: 1. It's open source. 2. The company is headquartered in Switzerland which supports privacy, at least way more than most other governments. 3. You can make SD card backups. 4. It can store BTC, ETH, LTC, and a few others. 5. When I was researching which wallet to get, I came across some dubious/concerning info about Trezor which is why I picked the BitBox02. I keep by other short-term/swing holdings directly on Coinbase with a strong password and 2FA. If you're someone with a ton of coins and need everything to be on hardware wallet, your options are limited so probably Trezor would be best for you.
> Coldcard lets you do an encrypted backup to an SD card. Yup. How does that get transported over the internet to an attacker? Lol. You really didn't think that through. Ledger leaked the seed over the internet. Completely different galaxy of attack vector. The Cold Card literally cannot, under any circumstances leak anything to anyone if you run it in the 9v battery mode.
Coldcard lets you do an encrypted backup to an SD card. What the hell do you think that encrypted backup contains? ...it's the seed phrase which is exported from the device to the SD card. Pretty much every single hardware wallet has the functionality to do backups or export the seed in some way.
I didn't know you could buy bitcoin back then, so I mined it back in 2014. It took me 2 years to mine one through Slush pool. I also mined ltc, darkcoin, doge, mooncoin, and many others. I sold my btc to pay off some debt and put the rest in my savings account. I still have my 90k doge and all of my other useless crypto in wallets on a SD card. I am glad I sold my btc when I did or I would of lost it to BLOCKFi like alot of people. I transferred my Dashcoin aka darkcoin, doge, moon, and ltc off that SD. I have my original amount of doge in my cold wallet, dash on an exchange, useless moon on Coinomi, and lost some ltc on Blockfi. I have severe diamond hands lol is Reddcoin or Namecoin still worth anything? I have those still as well.
Sparrow imports your *public* keys from your Coldcard, with those, it can search the blockchain to list UTXOs, show a balance and create unsigned transactions. Sparrow can craft a transaction, then write the unsigned transaction to a Micro SD card, unplug it, plug it in to Coldcard, and the Coldcard uses the *private* keys to create a new file on the SD card, a signed transaction. Remove the SD card, plug it back into your computer and Sparrow can broadcast the transaction.
The 'create transaction' button needs to be blue to initiate the SD card part of it. But thx so much for the follow up, I don't know what I did, but this morning it worked! :) All I gotta say is thank God for Reddit.. ya'll's questions really helped to keep me from bashing my head to the wall. ;)
1. Possibly depending on the hardware wallet, most will only change their firmware if it's cryptographically signed by the wallet developer. 2. Again, depends on the hardware wallet, but most use a special chip for signing and the display for showing what is being signed. It would be difficult to compromise this with malware alone, likely it would require physical tampering with the device. 3. The problem with USB is you don't know what communication is occurring. If you use an SD card or QR code based signing this greatly limits the communication that can occur. TLDR - I recommend you use a Coldcard + Sparrow and only use the MicroSD for communication. If you want additional security consider a 2/3 multisig with 3 different kinds of hardware wallets.
Generally, the simplest yet safest way is to use an open source wallet that doesn't have wireless functionality (Bluetooth, NFC) or USB, or at peast that can have these features disabled, and works instead using QR codes or SD cards. Blockstream Jade, Seedsigner, Coldcard and Foundation Passport are the top contenders that I know of.