Reddit Posts
What is considered the best bitcoin-only airgapped hardware wallet that uses QR codes to sign txns instead of a SD card like coldcard?
Can the BitBox02 show a wrong seedphrase (BIP 39 wordlist)?
Top 3 Undervalued Gems on BNB Chain To Watch Out For in 2024
Driving me crazy!! Bitcoin core / Sparrow wallet connectivity issues, cant figure it out!!
Guys, after assembling my seedsigner, can I use the same components and use Raspbian on another micro SD?
How to use AirGap vault to turn a spare phone into a cold wallet.
Cyber security guide: A few ways to figure out if a crypto tool is legit (vetting Wallet Guard app)
Received Steem, SP, and SD but Have No Idea What to Do With It
Multisig 2 of 3: Once set up can I repurpose my HWWs?
What is the biggest risk for your Bitcoin security according to you?
[Serious] so, I have a good use case for "web3.0" after having a very annoying experience with Amazon Prime...
My Dream Hardware Wallet (it doesn't exist yet)
Comparison of Hardware Wallets (Conclusions After My 5 Hour Evaluation)
Coldcard SD backup question and Keystone multisig issue
Stable coin hearing ! Framework on Stablecoins !
Is it safe to store my Bitcoin in my cellphone? I use the bitcoin wallet and I have multiple copys saved in SD cards, even if someone hacks in my cellphone they won't be able to get my key because of my password right? Some advice?
Call to action: Bills are currently being rushed through committee in MANY states that would redefine money, such that Crypto currency is excluded, and the way is paved for CBDCs to take their place. CBDCs are bad enough, but if Crypto is not allowed as a valid form of money, we're screwed
How do you protect your crypto?
SD Governor Urges 20 States to Block Legislation That Bans Crypto's Use as Money — Says 'Its a Threat to Our Freedom'
One click WalletConnect instant dapp sign-in on a DIY open source Ethereum/L2s raspberryPi hardware wallet. Build it yourself, no coding skills needed. Swappable SD cards for multiple air-gapped private keys. Complete autonomy.
Multi-vendor Multi-sig + Sparrow Wallet: One of, if not the best, self-sovereign solutions to self-custody
An Achilles heel of the Cryptocurrency
For what it's worth, these are the bitcoin wallets I recommend depending on your level of knowledge. Do whatever you want with this information.
Recommending that the only way to use and hold bitcoin is via an airgapped laptop or via a narrow spectrum of hardware wallets is counter productive.
buying a second hand Raspberry PI with SSD attached.
Bipartisan Senators have introduced a new bill to classify Bitcoin and Ethereum as "Digital Commodities", under CFTC's jurisdiction and away from the SEC. Here is a look at the Digital Commodities Consumer Protection Act
Bipartisan Senators have introduced a new bill to classify Bitcoin and Ethereum as "Digital Commodities", under CFTC's jurisdiction and away from the SEC. Here is a look at the Digital Commodities Consumer Protection Act
Is this a mistake posted on Amazon?? This is a metal card used for seed phrase backup. It's supposed to be no-tech device but it's description says it stores 1GB Storage and uses Micro SD. WTF?!
Question about running my own node. It’s a set and forget or I need to personally verify everything?
Two critical weaknesses of hardware wallets you need to consider
Looking for some hard-to-find answers regarding cold storage and safety
| Sia Doge | Next Doge Coin Launching Soon With Huge Marketing Budget | Could Be Next MoonShot |
| Speed Doge | Fair Launch In Few Minutes | The most talked about cryptocurrency in the BSC space, is paying out more $DOGE then anyone else . Not only does this project have the HYPE but it has the ecosystem to back it up |
Buy the new Razer Blade 17 and pay with Crypto to get 3% off!
Buy the new Razer Blade 17 and pay with Bitcoin to get 3% off!
so my dad might have done Bitcoin back when it started...
If you missed out on $Doge you must read this! - Superman Doge is coming to Metis Andromeda!! Just Launched |
If you missed out on $Doge you must read this! - Superman Doge is coming to Metis Andromeda!! Fair Launch In Few Minutes |
| Shiba Driver | Just Launched | Low Mcap | Could Be A Good Gem | Based Dev |
This Project Will Rise To The Shiba Driver Coin / $SD | Fair Launch In 5 Minutes | Next 100x Gem |
Let me introduce you to SmartDefi and the Project: WISE INU
Let me introduce you to Wise Inu on SmartDefi
$ Just Launched •=> Strong Dog <=• Low Tax | We Are Ready For Being A Legend In BSC $ | Lp Locked | Transparent And Experienced Team | Website Soon | We Are Ready For Being A Legend In BSC $
~=> StrongDog <=~ Launcing in 5 minutes | Low Tax | Website Soon | LP Locked | Take Your Place In The SpaceRocket To Moon
Launching in 45 min | Strong Dog | Website is soon! |LP Lock Before Launch | Marketing and Influencer proposals soons!
Strong Dog | Launching in 1 hours | LP Lock Before Launch | Website is soon! | Marketing and Influencer proposals soons!
Russians prepping for SWIFT lockout like
How Russians will handle SWIFT lockout - BITCOIN EDITION
Swift Doge $SD | Just Launched | Low Mcap | Safu Dev | Audit| Lp locked | Experienced Marketer | Huge Marketing budget |
Swift Doge $SD | Fair Launch In 10 minutes | Safu Dev | Audit| Lp locked | Experienced Marketer | Huge Marketing budget |
Hawaii's Chance to deal with Crypto hangs in the balance
Smart Inu! First dog on the block built on SmartDeFi technology! Learn more about SmartDeFi!
StarDust | Staking Started Right Now | Only $360k MC | Big Marketing Plan This Week! Yahoo Finance Articel, PooCoin Banner and More! | Top Gainer on CMC & CG Next Days! | 10x-20x This Week!
StarDust🌟 Staking Start Sunday ✅ Only $160k MC 📈 Marketing Start Today! 🚀 Top Gainer on CMC Tomorrow! 🚀 10x-30x This Weekend 📈
StarDust🌟 NFT + SD Token 👉 Biggest Giveaway Ever! 🎁
🍭SugarDaddy 🍬 Launch in 5 min | Join to our TG now or cry later! | Initial liquidity: 25 BNB | No dev/team wallet
🍭SugarDaddy 🍬 Launching in 45 min / Join to our TG and enjoy! don't miss this launch, the best project in the bsc launching now!
🍭SugarDaddy 🍬 Fairlaunch in 1 hour | Good marketing plans after launch | Active community on TG with futures sugar daddy!
Potential for crypto rewards in gaming tournaments?
🍭SugarDaddy 🍬 Launching in 2 hours without presale before! | No dev/team wallet, ownership renounced, liquidity locked, join to our TG!
🍭SugarDaddy 🍬 Fair launch in 3 hours | Don't miss this GEM in the BSC, Initial liquidity: 25 BNB
Mentions
The only thing i have that makes me think we couldve hit the top already is the timing matching up with expected cycle timing based on my linear regression on various times (top to top, halving to top etc), however there is still some uncertainty in the timing and the 1SD is like 30 days, we still have till at the very least mid October or November to hit a new ath. As well almost every other indicator has not shown close to cycle top metrics
Does this device really not have an SD card slot? 128GB without option for more and no slot is a huge miss if so, can’t find an answer
Trezor is fine. I prefer cold wallet options that arent relying on usb to send transactions. Look for QR or SD card options.
To generate an address, you don't actually need to plug your hardware wallet into anything. The hardware wallet protects the private key and signs transactions. You use a software wallet to interact with the hardware wallet. The software can receive an xpub file from the hardware wallet to generate receiving addresses. Some hardware wallets are air gapped, meaning it does not need to connect to a computer at all. For example, to sign a transaction, you might partially sign a transaction with your software wallet and save it to an SD card. Insert the SD card into your hardware wallet and sign it with private key. Place SD card back to your computer and broadcast your fully signed transaction. Same can be done with QR codes if your hardware has a camera. No connection direct connection needed which can be more secure. But to directly answer your question, after you buy on exchange, you can generate an address with your software wallet and the money will go into your wallet. You may want to occasionally verify the address actually belongs to your wallet with the hardware device. The hardware device is the source of truth. Software wallets can be corrupted or compromised.
Raspberry pi 4 / 8gb ram + case = $140 Cheap 2TB SSD = $80 64gb Micro SD = $14
Ok your case is a classic one, you dont saved on Google Drive the 12 seed phrase words but the master key public, congrats you dont saved the private key on the Google Drive exactly because the hacks and etc. like screenshots and whatever, i have some questions here and starting this conversation i gonna say don't accept the finish of it... this is not over yet... i have some questions: 1 - from 2012, how many and exactly Bitcoins you are talking about? 2 - that hdd still exist? 3 - if still exist, you formatted it or uninstall the Bitcore ( Bit Q ) only? 4 - independent the answers for my 3 question, you already tried to recover files of that hdd, like Recuva or other softwares!? 5 - go deep in the search of the . txt file, go check all your USB pendrives; all your SD cards; all your electronic devices who have Rom memory; go check your email again and clouds, search by specific key words, i say that because we cannot remember everything, sometimes we do alot of backups of the same thing and we just dont remember how many or where, life goes on and we just forget... think if you wrote it either to somewhere... only you can answer it! 6 - you used the public master key on electrum of course this will be a watch-only wallet, like i said you need the private key or the seed phrase, you can use and test all the different wallets you want, this will be a watch-only wallet always. 7 - when i asked what i ask in the 3 question is because some people uninstall the Bitcore but the bitcoin paste (where is the wallets and other infos), stay there in the majority of the cases... c:/ - users - YOU - appdata - bitcoin - wallet... But because you switch to electrum isn't your case, but you can check it anyways maybe you have some other Bitcoins or a fraction of it from that old times, just check it either... 8 - final and sorry for the long text lol, i dont understand one thing, you said you had much more Bitcoins than what you saw on electrum, that's strange, we have 2 options here: or you confused or someone stolen part of it... but if someone stolen part of it, why not to stolen all of it??? For it, please go to the Blockchain explorer (google it), and check all your addressees from electrum, one by one, go see the transactions and tell me if you see something wasn't you... 9 - read all of it with attention please, answer me what i ask if you want, if you need more help after it, just dm me ty and good night, good luck 🤞!
**Open Source?** * Goal: **Yes, progressively**. I will open up the *client code + protocol spec* after independent **security audits**. * The core out-of-band relay logic will stay closed at first (IP protection), but **NDA access** will be available for reviewers. Priority is security first, then disclosure. **“Offline balance check – I don’t see the advantage.”** * The point is not to “guess the balance without network.” The idea is that the **phone itself remains offline**, while an **out-of-band relay** fetches blockchain data and returns only the **minimal metadata** (balance/confirmations) to the user. * Useful in **zero-connectivity scenarios** (blackouts, remote regions, border crossings, crisis zones): the user can still **see their balance and send transactions** without ever turning on data. **“Offline signing already exists with Coldcard, etc.”** True — *offline signing* exists. The difference with Bitsend is that it’s **end-to-end**: * **No QR codes, no NFC, no Bluetooth, no SD cards, no second online device needed.** * A transaction is **signed offline** and then **instantly broadcast worldwide** through an alternative relay — so the user never needs internet access at all. * It’s not just “signing.” It’s **offline signing + instant broadcast** without the device ever going online. You can see the result on the blockchain in real time. **Security** * **Keys/seed never leave the device.** * The relay has **no access** to private keys. * Independent **audits** will precede wider release. The demo runs on **testnet** and shows exactly this: **offline register → offline balance → offline send → instant on-chain broadcast.**
13BVb8SD6rgaWivTZfbrdZzMcpASgEgLn1
Use a raspberry pi with full disk encryption, I don't trust those hardware wallets. Copy the encrypted SD Card to multiple SD Card's for safe backup.
The SD card backup is generated with BitBot02. It has a SD card slot
Do NOT put your seed phrase on an SD card. The seed phrase should remain strictly offline and never touch an internet connected device. Putting it on the card requires typing the words into a program on a computer, which opens up attack vectors you haven't even considered. Doesn't matter if the computer is online or not. For a blockchain explorer, you can use mempool which comes with a front end and back end in a docker container. Really easy to set up.
Which Debian build did you install on the Raspberry Pi 4 — the unofficial one from raspi.debian.net, or the official ARM64 build from Debian? From what I’ve gathered, if you go with the official Debian ARM64 image, you’ll need to install UEFI on the SD card first. That UEFI firmware then detects GRUB and boots into Debian. However, this approach can lead to issues with USB boot support. You mentioned better and cheaper hardware is available - so which hardware do you recommend?
not a requirement. but advised. any transaction, signature or generic communication (master public key pairing with watch only wallet for example) between airgapped device and connected system can be verified, decoding QR code or raw SD card data. this is not possible using USB connection. USB connection might also be affected by unknown exploits. also, if device firmware and application software is not opensourced, user has no idea if the device is capable of leaking full seed or private keys. this is absolutely not possible using airgapped devices and verifying the content of airgapped data transfers.
Air gapped hardware wallets don't need to connect to a computer or phone. You pair it with a software wallet. In the software wallet, you partially sign a transaction, export it to the hardware device either with micro SD card or using QR codes. Then you sign it in the hardware device and send back to your software wallet to broadcast the transaction. It is impossible for a remote actor to steal your money because transactions must be signed by the hardware device.
For anyone dealing with ColdCard: If you need a watch wallet you can export a wallet from the device onto an SD card that you then import into Sparrow.
>However I'm not sure if that's any better. still closed source so not really any better. The security game is linux or losses. > .still no to the passphrase? Generally speaking, the passphrase as used by most people makes the system wildly less secure. And when used properly by an opsec expert, makes it only slightly less secure only due to being more complex. The bonus word cannot improve anything. They are only good for make-believe situations that can never happen. > May I ask how you store your crypto? If you have only small amounts to secure, all you need is electrum on a linux. That will be 99.9% of what anyone would ever need, and donig more is overkill for most people. Coinbase published a guide called the "glacier protocol" which i think is a half decent starters guide if you have very large amounts. It has a few flaws, such as using USB drives instead of using SD cards, but its a decent overall description. >.should I just buy into an ETF? not your keys not your coins >grift is the name of the game in 2025. Not at all, not with bitcoin at least. What we are seeing is an awakening to personal security. For over 40 years, people have accepted insecure personal computing practices, purely idiotic password policy, social media violations of their privacy, and many other opsec failings are normal and acceptable. In reality, the concept of your computer catching a virus should sound as silly as your car catching cold. Closed source software should be laughed out of the room. Windows OS should have never existed. Security is honestly easy to do right. We just dont have a culture of people doing what is right, so the average person has no privacy and no opsec. And the average person thinks doing things right is too hard, even when its really not. And that will cause pain until it changes.
2. The only way for that to happen would be IRL. And let's say if someone did manage to login to my Linux laptop: I use TailsOS, so everything is erased on shutdown, nothing is stored. Even if they managed to catch my laptop while it's turned on and I was in the middle of using Sparrow. They only have access to my public key. Even if they managed to catch my laptop, turned on, with SD card in. They only have access to my public key, the signed/unsigned TX cannot be tampered with. The RPi device is also stateless and 100% air-gapped, if they get to that, nothing is stored. 3. 1 slot 4. Yes, it's in the dev. notes, on the GitHub, and I've used it myself. Everything is stored in RAM, and it's gone when power is off 6. Check the GitHub, you can see the (public) contributers and code there. It's open source. The email on their website is for donations and community outreach.
\>The SeedSigner is purely a signing device, it is not a wallet. 1. The wallet is essentially a set of private keys. Private keys are needed to sign transactions. It's the same thing. 2. The most important attack vector is when someone gets to your device. What then? How strong is your password? 3. You have 2 SD slots on RP? 4. In theory maybe, but has anyone tested it? 6. The code is signed by an anonymous account "seedsigner <btc.hardware.solutions@gmail.com>", if that's not sus for you then well I guess you're just built different. There are a lot of other well established open source solutions.
I understand your concerns, but I have a few things to mention: 1. The SeedSigner is purely a signing device, it is not a wallet. 2. The open source OS is a specialised version of the Buildroot Linux OS, it's very barebones, this is to keep it lightweight and reduce any possibility of attack surfaces. 3. Only two things touch the SD card: transaction files, public key for watch-only. Private keys and seed phrase stay purely offline. 4. The signing device is stateless, when powered off it does not retain any memory. 5. The hardware itself has no WiFi, radio, Bluetooth modules - and comes from a reputable UK based company. 6. Everything used in the setup is open source, Sparrow (wallet), SeedSigner (air gapped signing device). If you're more security inclined, have Sparrow be on a Linux Laptop running on TailsOS, running your own bitcoin node, and link it to Sparrow via TOR, and only ever use that device for BTC. I much prefer this open source setup than trust a commercialised company.
Look, I'm just saying that this whole thing doesn't project any confidence. Not to mention that you don't need any special distros to do what you're doing, i.e. just transferring files via an SD card. What you should consider is how well the data is encrypted, given that you're exposing the contents of the sd card to an online system, and whether the software leaves any traces in the sd card memory.
My setup is: RPi Zero board v1.3 (has no WiFi, Bluetooth, Radio, modules) with SeedSignerOS flashed. That device is completely offline and can never touch any kind of network. Seed phrase can be generated offline. Use this offline device to input seed phrase, from this private/public keys are created and stored locally and stateless (if you power off the device, it deletes memory). The RPi Zero can then export your public key to the SD slot. You take out the SD card, and put it on a laptop with Sparrow or Blue Wallet to generate a watch-only wallet. Now you can freely have bitcoin sent to you and you can observe your bitcoin through Sparrow safely and securely, and your private key and seed phrase stay purely offline. If you want to spend/send your bitcoin, use Sparrow or Blue Wallet to generate a transaction, and export it to the SD card. Now you remove the SD card from your laptop, and put it into the RPi, the RPi uses the offline stored private key (if you reboot the RPi years later, or you lose it and break it, order a new RPi (<10$) and/or enter the seed phrase again purely offline to get the private keys - again stored completely offline, to sign the transaction. Now remove the SD card and put back into the laptop so Sparrow can verify and broadcast the transaction.
I think the best way to store your seed phrase is encrypt it with something like Cryptomator using a passphrase that means something to you. Don’t store this in your password manager. Just remember it. You can generate a great passphrase by using a word with meaning to you and making each letter something that relates to that thing. For instance. Your first girlfriend Patty - Perfect!Ass!Terrible!Tattletale!Young# Store this file on a local offline SD drive and on an online storage provider that encrypts your drive like Proton. No way someone gets to it and can read it.
Model T is better than others even with secure element. Shamir Passphrase SD Card removable that links SD to device physically with encrypted PIN Open Source It's the best choice.
Fixed ! thanks I used the SD card to verify.
I did not, I copied the transaction to the SD card, verified and back to sparrow, thank you.
Yes, I know I have a few messages waiting LoL thanks for the reminder. I was able to do the transaction, it’s not as straightforward as some videos claim to. I had to copy the transaction to the SD then loaded into the CC verify it and then upload it back in Sparrow. Thanks for the quick response
Jade Plus. Simple interface and can be used fully air gapped via camera and/or SD card. Supported by Sparrow and Nunchuk at a minimum. Can be used with a persistent key via Blind Oracle or as a stateless signer.
Trezor One (and T) have known weaknesses that enable attacks on the device with physical access to the device. Much of the attack vector have been addressed in current firmware. The glitching hacks that have been demonstrated on Trezor one with firmware 1.6.0.do not work with current firmware but I see it likely an attacker with physical access can use similar message hids to extract the pin-encrypted encryption key and the encrypted seed phrase and then perform an offline attack on the pin. And even if the glitching attack would fail to extract the encrypted data there are destructive physical attacks that enable extraction of the encrypted data and enable offline attack on the pin. Using a passphrase protects from these attacks. But is vulnerable when you enter the passphrase via your computer. The SD key of model T (and Safe 5) adds another protection layer to the device data encryption. But that layer is only as strong as the physical protection of the SD card location. Physical security is hard.
Paper or SD don't stand a sigle chance against house fire... Get the steel today and stamp them.
You can 100% use Blue Wallet with a Hardware wallet like coldcard using PSBT. Just export and ferry the file with a micro SD. You can get a USBC micro SD reader. Don't use a seed that's been on an internet connected device as long term storage. You are asking for trouble.
Your private key is what allows you (or anyone) to spend your coins on the blockchain. So your only job is to keep your private key private. That’s the 12-24 words depending on the wallet. Both are sufficiently secure. 24 might give you extra peace of mind but 12 is certainly more than enough and is easier to backup. Cold wallet is a hardware gadget that keeps your private key inside the hardware, and will never release it out. If you don’t use a cold wallet you can also use a hot wallet. Hot is usually an app on your phone or software that runs on your PC. Hot also holds your private key, just like the cold ones, the only difference is that this hot app (that has knowledge of your private key) is running directly on a computer and is constantly connected to the internet. So if I manage to somehow connect to your device remotely, there is a chance that I could hack into your app and get your key. Cold one doesn’t have this problem because it keeps the key inside the hardware, which is disconnected from the internet. And even when you plug in your gadget, it still doesn’t release the private key, it only signs a transaction using the the private key, all done inside the gadget, and release only the signature (which is ok to disclose) to the public internet. Making it all so much safer than keeping your key right on your computer. Airgap is an extra step so that you don’t even plug in your cold wallet to your PC. The cold wallet signs the transaction using the private key, again inside the hardware, and you save this signed transaction on a SD card or display it as a QR code, and send it to the computer (without cable) so that you never actually connect a cable between your cold wallet and the PC. It’s a feature but not totally essential, the idea of a hardware wallet is to never release the key to begin with. So even if you connect a usb cable to it, it still never releases the private key, it would still only send out the signed transaction to your PC. But the paranoids of us would want to remove that theoretical “what if”, what if our hardware was compromised and go rogue and somehow send out the private key though the usb cable… it’s a very remote risk because if your cold wallet is working as designed it would never transmit the key through the cable. Personally I’d say air gap is not essential (even though I do air gap myself with my Coldcard) Hope this makes sense?
I mean, it is okay to have a little bit more safety features like your veracrypt and stuff like that. Okay, it's weird, but I see the point you want it safe with these multiple copies out of metal, but especially this point: >Give copies of the SD card to friends/families, give copies of the password to other friends/families. Only use people you trust, do not tell them who else has copies. Trust nobody and nothing, except the blockchain.
I'm not sure what you mean... It takes a few hours of work (outside of the actual step of giving the SD cards to the friends/family, which I did as I normally travelled to see them for the usual vacations etc), and it's a very safe system... Am I missing something?
Don’t forget the self-destruct mode you have to install in each SD card Mission Impossible style! 🙄 I sense a touch of paranoia here…
Take wallet file, use veracrypt to encrypt a SD card with a password, put wallet on SD card. Make multiple copies of the SD card, make multiple copies of the password (ideally stamped on metal). Give copies of the SD card to friends/families, give copies of the password to other friends/families. Only use people you trust, do not tell them who else has copies. Ideally, do not use a single wallet, but break down your stack into 2, 4, or more wallets, and distribute those to different people. Keep a list of the people and a description of the set-up in your bank safe or with your lawyer. If you want protection from kidnapping, set up a rule where they can only give you the card or password in person at their home, and only X weeks after you have requested it. Also set up a "distress" key word you can say to indicate you are under duress, and they should call the police. Doing all this has given me a lot more of a feeling of safety, especially after the recent Bitcoin kidnappings in my country. I don't actually have that much Bitcoin, but it's not a reason not to protect it well (and in a decade it might be worth a lot more. I'll update the setup as value increases to become more and more paranoid/fool-proof).
Take wallet file, use veracrypt to encrypt a SD card with a password, put wallet on SD card. Make multiple copies of the SD card, make multiple copies of the password (ideally stamped on metal). Give copies of the SD card to friends/families, give copies of the password to other friends/families. Only use people you trust, do not tell them who else has copies. Ideally, do not use a single wallet, but break down your stack into 2, 4, or more wallets, and distribute those to different people. Keep a list of the people and a description of the set-up in your bank safe or with your lawyer. If you want protection from kidnapping, set up a rule where they can only give you the card or password in person at their home, and only X weeks after you have requested it. Also set up a "distress" key word you can say to indicate you are under duress, and they should call the police.
What makes you think that QR signing or SD card signing is trustless? If the device is vulnerable attacker can generate payload and distribute via qr code, file on sd card or usb. It's all zeroes and ones in the end. It is HWW jobs to parse and decide if the data send is psbt or something else regardless of what transfer method you use.
I have multiple wallets, a few of them for r/thelightningnetwork, few hot on-chain, a couple for liquid, some cold on a single device, some on multiple devices. We're talking about a single device setup, remember? When we'll talk about multisig, your argument of an update on an SD card is moot. So please, don't try to win an argument, try to help yourself and others instead.
>Air gap is nice but doesn’t matter when you still connect an sd card to it to update firmware. I'm using the device stateless to sign transactions offline. Like an old fashion calculator. No, chance that I'm going to even put an SD card in. The math isn't going to change, the calculator will spit out the same number, updated or not. >Choose who you trust. I don't trust anyone, that's why stateless and air-gapped. If you feel the need to trust someone, good luck. You'll gonna need it.
Lol you been had mate. Don't worry we all go through our wanting to be a better bitcoiner stage. Of all the wallets and gimmicks I've tried. I mostly use my ledger. "Airgap" with cold card is the funniest one. SD cards are the easiest thing to corrupt for a malware. And the Q, more stolen on source code from real open source projects.
Most have a secure element that holds the keys and are, in theory, incapable of sending the keys over USB. I get you, I'm an SD card maxi, all about that airgap. But no, you aren't just throwing the entire security model out the window by using USB.
With a cold card, you can plug it into a wall outlet or battery pack and then use an SD card to sign a partially signed bitcoin transaction. Then you can broadcast it to the network by copying the fully signed transaction from the SD to a service like blockstream.info.
I put my numerous bitcoins on an SD card and shoved it in my mattress
Maybe Cold card, because the wallet doesn't connect to the internet and works through SD cards. Even has an anti phising code. It's too interesting.
Cold cards are best i agree. But kind of technical for a noobie. Great to learn. But starting off can be dauting with or signer and SD card updates and all that. But I love my cold card q. Put in calculator mode and people just think its a weird calculator haha
JM bullion, SD bullion, and Apmex ( i think) all accept bitcoin for precious metals. I think there's a dumb kyc requirement, though, where you have to upload photos and documents.
Steak n' shake needs to get their shit together there are literally none in SD County
Coldcard sucks balls. [Do you guys trust coldcard?](https://old.reddit.com/r/Bitcoin/comments/185mvtz/do_you_guys_trust_coldcard/kb3lv8c/) > I like how politically correct your response was. It doesn't paint the real picture though does it? They changed from open source because some one else was using the open source code? That's exactly the idea of open source code. They didn't like that? Boohoo. **You should expect flack for changing this.** > -They also continue to use code from actual Open source projects. Simultaneously blocking bitcoin developments in the space by dropping lawsuits on anyone that has code to similar to "their code". If you're buying a coldcard instead of true open source bitcoin projects, don't complain if progress is slower. > -Being pretend open source, like this also reduces the chance of anyone who actually knows what they're doing reading the code. The incentives to read code come from developing on top of the code. If you own a cold card and haven't verified the code, slim chance any professionals are checking it. > -They have a "no refunds" policy. Please remember your nations own consumer protection policies over-ride their bullshit "no refunds" so you can still claim a chargeback from the bank with proof of their "sorry no refunds" policy in the form of their shitty emails when you have an issue. > -They also sell your email address etc before "deleting" it from their website. I tested this by purchasing a cold card with completely fresh contact details. A week or so after purchase, spammed with phishing emails. > -Many claim they're "airgapping" this device. If you haven't disabled some of optional onboard features out the box you're not airgapped. Plugging an SD card into and infected computer to your HWW is really no more secure than a USB setup. Once you've broadcast a transaction from PC, you've broken airgap. Ultimately, still trusting CC code to save your funds. > -Let's not forget who profited most from the ledger debacle. Interesting really how that was blown out of all proportion and so many rushed to buy a coldcard. > -CC has a larger attack surface than majority of wallets for these 2 reasons. 1. It seems to be the most popular rn. 2. It has capability for USB, NFC, QR(newer models) and SD. Some of these, like NFC are auto connect features. Best disabled. But having all of this on one board is more surface for attack. It's like a house with many doors/entrances. Ideally you want one door per device. > -anyone aware of a security and penetration testing budget for this wallet? Or is it just a case of "well you can look at it guys, tell us if it's bad" > These are the red flags. Until they change, I'd probably not recommend this product for a singlesig, protecting someone's life savings.
Amazon is fine. An SD card is an SD card
This is what Grok Deep Search has to say about the subject: In June 2022, Uganda announced the discovery of substantial gold reserves, estimated at 31 million tonnes of gold ore, potentially yielding 320,158 tonnes of refined gold. This news, reported on June 8, 2022, by sources like Reuters, raised questions about its effect on global gold prices. On the day of the announcement, gold prices saw a slight increase, with the PM Fix rising from $1,849.60 on June 7 to $1,852.95 on June 8. However, this uptick was not sustained, as prices dropped to $1,844.85 on June 9 and further to $1,830.00 on June 10, based on historical data from SD Bullion. Despite the announcement, financial news and market analyses from June 2022 did not highlight Uganda's discovery as a key driver of gold price movements. Instead, factors like US dollar strength, inflation expectations, and geopolitical tensions, such as the Russian invasion of Ukraine, were more dominant. Some sources, like The Independent, noted that the global gold market showed "hardly any disruption," suggesting skepticism about the discovery's credibility. It appears the gold price did not have a significant or lasting reaction to Uganda's announcement, likely due to market skepticism and the influence of other economic factors.
Totally feel you on this—cold storage has come a long way, but there’s still no one-size-fits-all setup. What I’ve seen work best (and what I ended up doing) is less about which brand you choose and more about how you structure the whole system around your wallet. Most serious holders still start with a hardware wallet—something like Ledger or Trezor, or one of the newer open-source ones with better chip security. What’s changed is that people are getting smarter about redundancy and physical protection. Writing your seed phrase on paper and stuffing it in a drawer isn’t really cutting it anymore. I moved to a metal backup that I punched the phrase into—it’s waterproof, fireproof, and honestly a lot more reassuring knowing it’ll survive most disasters. There are a bunch of metal options now that aren’t super expensive and way safer than paper. Some folks are even splitting their seed phrase using Shamir’s Secret Sharing or multisig setups so no single place holds the whole key. It’s a bit more technical, but it adds a big layer of security. Others are going full air-gapped—signing transactions offline using QR codes or SD cards. It’s definitely more of a power-user move, but if you’re paranoid (or just careful), it’s worth exploring. One thing that often gets overlooked is offsite storage. I keep one metal backup in a safe at home and another in a secure location elsewhere. That way, I’m not one house fire away from a total wipeout. And I also wrote a basic guide that explains how to recover the wallet if anything ever happens to me—kept sealed and stored with the backup. Doesn’t matter how secure your setup is if no one can figure it out when they need to. So yeah, the best cold wallet setup in 2025 isn’t just about hardware—it’s about planning for every failure point without overcomplicating it. If it’s secure, recoverable, and something you’ll actually maintain long term, that’s the win.
https://open.spotify.com/episode/5kSnQa1KZQmF1zbho2mjdP?si=g_5SD50QSRC5VALmhdqMrA This podcast single handedly got me chasing Alice down the rabbit hole. Check out the Saylor series as well on the "What is Money" podcast it was his first 10 episodes. Read The Bitcoin Standard by Saifedean Ammous and The Price of tomorrow by Jeff Booth. Take your time to learn about Bitcoin and self-custody. Become your own bank and experience a freedom you never knew existed. But remember, with great power comes great responsibility.
Question: If you do a backup to SD card does it reveal the co-signing key if the backup is manually decrypted on a computer? Or is the co-signing key separately encrypted within the backup (perhaps by some key known only to coinkite and programmed into the coldcard)?
DIA SD ABT the trifecta this cycle.
the usb cable can also be compromised, key loggers & SD card rewrite of signed transaction. keep it air gapped and far away from Ai gadgets
True you could also put it on 10 or 20 different SD cards. You could put it on an encrypted QR code and email it to yourself. You could carry that QR code in your pocket. You could do all these things at the same time. Lots of ways. I myself don't do any of these things. Because I don't even know what bitcoin is. I've actually never even heard of it.
What you're dealing with is a **looping export bug**, and it's usually caused by a **stuck input**, like the OK or SELECT button registering multiple presses or worse, holding itself down. That triggers the Coldcard to repeatedly execute the export action without stopping, dumping a new file every pass. Here’s how you fix it: 1. **Power off the Coldcard completely.** Yank the power and SD card. Let it rest a sec. 2. **Inspect the keypad.** Look real close at the OK button and surrounding plastic. If there’s any grime, stickiness, or misalignment clean it. Use a cotton swab with a *tiny* bit of isopropyl alcohol if needed. 3. **Reboot with a fresh SD card.** Sometimes a bad sector on the SD or residual files from previous exports can cause this loop. Try a newly formatted card (FAT32, 32kB cluster size). 4. **Export again, but this time, press the OK button gently, once.** If it still loops, try using the **EXPORT XPUB** option instead of the dedicated Sparrow export, and manually import that into Sparrow. Same result, fewer headaches. 5. **If it persists after all that update the firmware again or downgrade one version.** Could be firmware related, especially if you’re on the bleeding edge. Check the [Coinkite GitHub](https://github.com/Coldcard/firmware/releases) and try the version just below the latest.
A cold wallet is a way to keep your private keys off the internet and safe. You need your private key to send or spend your holdings. A hot wallet is a software wallet that has your private key directly on a device connected to the internet. Not very safe. The wallet you pick will depend on the operating system you want to connect to. Whether you want other coins or just BTC. How much you want to spend. And if you want any additional optional functions. Not necessary for most. These include air gapped transactions transactions and micro SD or qr code back up. I'd just keep your holdings on a reputable exchange like kraken or coinbase or strike until you have a 1000 dollars or more. No rush IMO until then to buy a wallet and/or move it off the exchange
Umbrel, no SD card even inserted. Everything boots and works directly from an external SSD connected via USB.
Nearly everything you said is wrong. >The philosophy (and protocol) of bitcoin was designed to be very secure and run on general purpose hardware and software. Do not use general [general purpose hardware ](https://airgapcomputer.com/ for Bitcoin. Obviously you *can* but for the average person (or even an advanced user, see Luke Dashjr being hacked) it's a terrible idea. >manufactured by a recent startup enterprise CoinKite has been a company since 2011. Trezor since 2013. Ledger (not recommended) in 2014. >needs to interact with some website that's proprietary No good hardware wallet needs to be matched with proprietary website/software. CoinKite literally has no software because of the threat that could pose. >A hardware wallet marketed by a private enterprise is basically saying to you "we will custody your funds and let you spend it. Trust us". They are all very young startups. Absurdly wrong for the good companies. >Use a real airgap that you can see. Clearly you've never used a ColdCard via micro SD card. >Hardware wallets are sometime promoted on the basis that they have a "small attack surface". That is exactly the reason they will be attacked (because they are only used for storing money). Sure, if the attacker can find it. Ledgers Donjon unit is constantly test attacking hardware wallets - it's not easy at all. >Hardware wallets do not promote the bitcoin philosophy in the least. What >You cannot know who created it Yes I can >who supplied you it Yes I can >who updated the firmware it's downloading Yes I can because I am updating it myself >even if your postman is in on a scam ColdCards ship in tamper-evudent packaging >or the box packers in their warehouse If you install new, verified firmware this risk is lessened. >Contrary to what is promoted by many, you can never tell if a hardware wallet is genuine. Yes I can. And because I am generating my own seed it kind of doesn't matter. >It's the exact same thing as when people say "not your keys, not your coins". That thing is connected to the internet whether you like it or not. It's plugged into your "hot" machine. You cannot see the airgap. I can easily see the airgap. Seriously, [watch a video](https://youtu.be/985bAPKUAV4?si=giVQGNKeQxMgEpKQ)on how a ColdCard works. My hardware device has never been attached to an Internet connected device ever. *Some* hardware wallets are not good at all. Way too many people use garbage like Tangem for example, which actually does fit much of your description. But overall, a good hardware device is by far the better option for new users. Good choices: ColdCard Q, ColdCard Mk4, Jade, Trezor Safe BitBox02. Pair with Sparrow or Nunchuk, not the proprietary software (if any) offered by those companies.
Unprecedented defilement of the constitution but hey at least he's living up to the border issue that doesn't really impact most Americans and is largely just fearmongering. [Didn't Obama actually deport more illegals than Trump?](https://docs.house.gov/meetings/GO/GO00/20200109/110349/HHRG-116-GO00-20200109-SD007.pdf)
Seed phrase on Locked PDF in An Anonymously named File on hidden Micro SD. Keep the PDF password stored on separate device. For more security have 2 Micro SD And for ULTRA SUPER MAX Security keep your mouth FUCKING SHUT and DONT FUCKING LOSE THEM.
I did not expect to receive so many reactions, thank you for your inputs! I just redid the process and here is what it looks like: \-export Electrum wallet from Coldcard to SD Card and import Json file to Electrum \-open the old wallet (using the private seed) in Sparrow (this was compromising that seed but the intention was to empty it anyways) \-copy bc1 addresses from Electrum and paste it under "pay to" in Sparrow \-check that the funds arrived correctly in Electrum Then when I exported the Electrum wallet again from the Coldcard and imported the json file to Electrum, the addresses were different. I did not created any new seed either in Sparrow nor Electrum. Does that make more sense?
I did not expect to receive so many reactions, thank you all for your inputs! I just redid the process and here is what I did: \-Export Electrum wallet from Coldcard to SD Card and import the json file to Electrum. \-Open the old wallet (using the private seed) in Sparrow. (this was compromising that seed but the plan was to empty it anyways) \-Copy the bc1 addresses from Electrum and paste it under send to in Sparrow. \-Check that the funds arrived correctly in Electrum. Then when I exported the Electrum wallet again from the Coldcard and imported the json file to Electrum, the addresses were different. I did not create any new wallet either in Sparrow or Electrum. Does that make it easier to understand?
What do you mean by first vote ever though. Bitcoin reserve legislation is voted on and dead in OK, MT, ND, PA, SD, and WY. I’m not anti Bitcoin, just wondered what you meant by first vote ever. You mean first vote ever for OK? In that case yes. Shit, people need to learn and stop voting with fear about things they don’t understand yet. But whatever
During setup cold wallets usually generate your seed phrase (your private keys) 2. You can then encrypts and store the backup on the microSD card. 3. If your device for example gets lost or damaged you can restore your wallet using that microSD backup together with your password (if you set one) that is. Why it's safe: The file on the SD card is encrypted, so no one can read it without your cold wallet and password.
How did your seed words get on to an SD card?
In before people coming here to say that you compromised your seed with the SD card and CNC machine. (I don't know if you did or not but it seems plausible)
Jade is still super solid. I have both and use both. I prefer the Jade Plus because of the bigger screen and the buttons instead of rocker. I do like being able to flash the Jade Plus via SD card so it is actually fully air-gapped.
The video posted is of the original Jade (still a great device) which can be used fully air-gapped via QR code but firmware updates require physical connection via USB. In order to be fully air-gapped I'd recommend you go with the Jade Plus and also get their Jade Link drive which allows for firmware flashing (and PSBT signing) via SD card. There are probably a hundred tutorials on YouTube for any hardware wallet you are interested in.
Ideally you would accomplish this by creating a psbt (partially signed bitcoin transaction) and using an SD card to complete the transaction on a computer. This is called an air gapped device where the wallet never gets plugged into a computer which minimizes and attack vectors for hackers to try and insert themselves into the transaction and potentially steal your holding. Anything easy like a “cold wallet” that has an app for your phone is not good for substantial long term holdings. Ideally you would get a BTC only wallet that has fully open source code and is air gapped. Search that on YouTube and you will find plenty of more in depth explanations
When Apple turns their Phone screen from HD to SD you don't say: >That’s a harsh take You say: B*tch *ss M****f**** why did you reduce the screen resolution? We already had better. >The core model is still solid, and the promise of peer-to-peer is still there It is not. It was specifically limited to not be p2p cash. The company that got venture capital money that was involved doing that sells you a federated L2 these days. No, the p2p dream is dead on BTC. And the sooner everyone gets that the sooner we can search for real solutions.
>A USB stick or SD card is not "plastic crap" and may contain very important or sentimental stuff. Yes they are, and if they contain anything you think is valuable, it's because you fucked up. So it's still your fault.
A USB stick or SD card is not "plastic crap" and may contain very important or sentimental stuff.
Lol just no. A hidden seed phrase of like 24 words, maybe split, buried, hidden in cryptic ways or hidden on a micro SD card the size of a fingernail with or without 25th word, how is all that an easier target than people carrying there physical wallets with cards and cash, diamonds, jewelery, watches, handbags.
> at the exchange level (Coinbase, Crypto(.)com etc.) your seed phrase and private keys are held by the exchange This is false. The exchange does not have any seed phrase or private keys connected to your account. At the exchange level, you have an account with a balance and a transaction history. Your account is not a wallet. The exchange has a wallet. There is no correlation between the exchange's wallet and your exchange account > you do not own the crypto you purchased True, because an exchange account is not a wallet > with a hot wallet (Exodus, Trust etc.) you have access to your seed phrase and private keys True > cold wallets (Ledge, Trezor, etc.) and how are they different than a hot wallet A cold wallet is a computer, with wallet software. It's just like a hot wallet, but never connects to the Internet > If you can use your seed phrase to gain access to your digital wallet from your cold wallet device doesn't that hashed seed phrase need to be stored online? No. Your seed phrase and private keys are only known to you and your wallet. A wallet is self-contained. None of its secrets are registered anywhere. That's a centralized view. Crypto systems are not centralized At this point, you and your friends can check your assumptions - they're thinking that the only way for your seed phrase to be unique is to register all seed phrases on a central registry. Bitcoin is much more innovative than that bad assumption. The seed phrase (and all the private keys derived from it) is unique by being derived from a very, very, very large random number. Brilliant! Yes? > do cold wallets store your crypto coins on them Some do, some do not. It's not necessary. But your next question is the important one ... > how does that get back to the block chain to record the movement of said crypto The user needs an on-line wallet app with a watching-only wallet. This software comes with the device - Ledger Live, Trezor Suite - or the user can choose a hardware-wallet compatible software app, like Electrum or Sparrow. As a watching-only wallet, it knows all the wallets addresses, and none of the secrets. This makes a transaction a 5-step process (two important steps, it's not complicated) * the watching-only wallet uses its transaction history, and the blockchain, to build an unsigned transaction * send the unsigned transaction to the cold wallet - by USB, or SD card, or QR image, or Bluetooth * the wallet device is a computer, with wallet software and all the wallet's keys and addresses. It signs the transaction using the appropriate keys * the wallet device sends the signed transaction (by USB, or SD card, or QR image, or Bluetooth) to the PC or phone running the watching-only wallet * the watching-only wallet app sends the transaction to a node, for inclusion in a near-future block > why a cold wallet is more secure than a hot wallet The cold wallet stores its keys and never exposes the keys to any network. The transaction process is split into two * make transaction * sign transaction And the signing is done on the cold wallet using the keys The on-line watching-only wallet has all the access it needs, because it knows all the wallet's addresses. Because it never does signatures, it never needs to see the keys
Yeah, actually it can. It is the definition of air-gapped. Classic can be used air-gapped via QR scan. Plus can be used air-gapped via QR scan and SD card. The Plus ability to update its firmware via SD card makes it the only truly fully air-gapped version of the Blockstream Jade.
The classic one does air-gapped transactions with QR codes as well. SD card can't really be considered completely air-gapped.
SD card air-gapped option only available on the Plus, otherwise fully agree. The bigger screen on the Plus is nice as well as the navigation buttons vs rocker. Both versions rock solid choices though for sure.
Might not be safe for most people but I have my private spend key on my SD card for my camera, the photo is taken in a messy room and you have to zoom into the mini laptop to see it
Updating air-gapped wallets is not difficult. You normally use an SD card to flash an update. You can also reset to factory, flash via USB connection, reset to factory, restore via recovery seed or QR seed.
It is trivial to update an air-gapped Jade Plus using an SD card. I'm sure the Cold Card is the same. Do you have any examples of air-gapped wallets that can't be updated easily?
Ha. Didn't think it would be possible to upgrade firmware without the jade link specifically but apparently you can. 👍 Instructions here for usb and SD. Fat32 apparently. https://help.blockstream.com/hc/en-us/articles/39525482532377-Perform-an-air-gapped-firmware-upgrade
Okay. Well you can use the standard Jade fully airgapped as well using the camera and QR codes. But for updating, you'll need to plug in the USB. Using a micro SD is not really considered airgapped though, as malware can still transfer from one device to the other.
The Blockstream Jade Plus hardware wallet supports the use of SD cards to facilitate fully air-gapped operations, enhancing the security of your Bitcoin transactions. Recommended SD Card Specifications: Type: Standard microSD cards are compatible with the Jade Plus. Capacity: While specific capacity requirements aren't detailed in the available information, using microSD cards with capacities between 2GB to 32GB is generally advisable for compatibility and performance. Speed Class: A Class 4 or higher speed rating should suffice, but opting for Class 10 or UHS-I cards can ensure faster data transfer and better performance. Additional Considerations: Formatting: Ensure the microSD card is formatted to the FAT32 file system, as this is commonly supported by hardware wallets. Brand Reliability: Choosing reputable brands like SanDisk, Kingston, or Samsung can enhance reliability and reduce the risk of data corruption.
There is a version of the firmware that permanently disabled the Bluetooth radio which I recommend you use. One less attack surface. If it's a Plus, you can update it air-gapped using an SD card.
The original can also be used air-gapped with QR scanning. The Plus also supports SD card PSBT signing which the original Jade doesn't.
I have both the old and the new. The Jade Plus is worth the upgrade for the screen size and resolution improvement, the button vs rocker wheel navigation and the increased camera function. The Plus also supports SD card PSTB signing for another air-gapped signing option which the original Jade doesn't. The original Jade is still rock solid though.
I would. Particularly if I was iOS. It is without a doubt I think the best choice for iOS. iOS choices are limited. The device has to have Bluetooth. I am android. If I was to need another wallet then it would be a choice between the new Jade and bitbox02. Not an option for iOS. But because I'm android and have a jade already then I'd probably get the bitbox02. It seems a better build quality. Easier to use and just that little bit sexier. It also has the choice of BTC only or all coin versions. It includes micro SD seed backup if you want to use it that way. I think it's the ever slightly better choice for me if I was to get another. Both top tier though. And bitbox02 doesn't work on iOS.
If this was printed in PLA, it is a definite no. 3D printed PLA will warp if left in a warm car. If you \_must\_ do this, here is the absolutely safest method I can think of (short of buying a new computer) 1. Build an open source 3D printer with parts from different vendors, preferably an older model that doesn’t have any parts that connect to the internet. * if you want this to be credit card sized, get a .25mm nozzle and some ASA to print it in 2. Once the firmware is installed, if the printer was ever connected to the internet, disconnect it 3. Download a virtual machine on your computer (Ubuntu should be fine) 4. In the virtual machine, download blender and orca slicer 5. Disconnect your computer from the internet 6. Model the seed card in blender, using the sculpting tools to write the seed phrase. 7. Import the model into orca slicer, slice it, and save the gcode to an sd card 8. Print from the sd card (using the aforementioned ASA, if only so you will actually be able to read it) 9. Verify that the seed phrase card is readable and has the correct seed phrase 10. Factory reset your printer’s firmware and reformat the sd card using your virtual machine 11. Destroy your virtual machine (do not back up any files onto your computer) 12. Destroy the SD card and controller board of your printer
My fear is that the wallet software doesn't need to be compromised. A simple "file watcher" malware is all that is needed, and monitoring an SD card for file changes with is dead simple, and almost every program on the computer has access to the file system. I found that the Trezor T and Blockstream Jade do not show the "change address" during the confirmation. The ColdCard Q does.
Well SD, "Stable Diffusion" can be locally run with Automatic111 for example, and SDXL can produce decent results and is highly customizable. Like this for example: [https://imgur.com/a/NPfPixm](https://imgur.com/a/NPfPixm) It can be a bit tough to get into though. Otherwise there are others like DALL-E 3 or Midjourney for example that have good quality. I'm sure there are others.
Now that I've read the post again, it stings knowing they didn't put that gold in the SD and sell it through there and hold the loot and turn it into BTC. Oh well.
Remember floppy disks? Would you rather store your data on those, or an SD card? Bitcoin will not stay, nor will any technology over time.
It appears the SD card they sent me is corrupted. Do you happen to know if I can go to the store and get any 32gb MicroSD to get this going?
Im in SD CA. There is a Coinhub ATM at a Silverado's Liquor store in Poway CA.Its REALLY no KYC ! Just use any name and a burner phone. There are daily amt limits but the Store's owner is cool and its a great little store
You connect your SD card to your computer. Then you "flash" the Umbrel software to your SD card and then put the SD in your RP5. There are youtube videos that show you how to
It's been a while but I had to flash the software on a SD card and put it on my raspberry pi 5.
Using an SD card for PSBT (Partially Signed Bitcoin Transactions) is considered an air-gapped method because it avoids direct network connections, such as USB, Bluetooth, or Wi-Fi, which could expose the device to malware or remote attacks. The Jade classic does not support air-gapped SD card usage.