I have a potentially really dumb question:
Why is a hardware wallet "Necessary" for cold storage?
Since the seed phrase to generate keys are the important thing, why does a body need to spend money on hardware wallet to store the seed phrase? (How to do that is another thing and I've already got that covered.)
I just haven't had the answer to that click yet. Help?
#asknostr
That’s a great question. Since they both require a seed phrase why do
We need hardware. Maybe because they sell hardware?
It's got me scratching my head.
Wallet is the signing devise from which funds can be sent spent or secured.
Bitcoin is in your wallet or someone else's wallet. Custodial vs. Non custodial.
Not your keys not your cheese.
Another dumb question:
Why do I need a device to sign an outgoing transaction? If I have the keys, why do I need a device to do that?
You could do it with pen and paper and complex math that nobody but 0.00001% of people understand.
or you can hire a computer to do the complex math for you using libraries which are well tested.
But if you use a computer connected to the internet, then you seed is no longer "cold"
So that is why we employ "hardware wallets", which are minimalist special purpose computers to do the math on a cold seed, and have the confidence that the seed hasnt accidentally "gotten hot".
"You could do it with pen and paper and complex math that nobody but 0.00001% of people understand."
Sure, but... If the hardware wallet generates keys, and does not connect to the internet how does the blockchain network know that:
A. I "own" (have the keys for) that wallet address?
B. Even know that address exists?
You send the transaction to the device (usb, qr, whatever) the device signs the transaction, and then sends it back to the computer to be broadcast to the Bitcoin network.
Why? The wallet is a blockchain address, not something on the device. Why do I need a thing to just store BTC?
The "wallet" isn't a blockchain address, it is a private key used to sign Bitcoin transactions. A cold storage device stores those keys in a place they can't be easily stolen from, and let's you sign transactions to broadcast to the blockchain
It can't do that without some kind of connection to the internet, so... How does that not just defeat the purpose of the thing?
That's the whole point of a cold wallet 😂 The key is on an external, non internet connected device. You use that to sign the transaction, then transfer the signed transaction back to an internet connected device to broadcast to the blockchain.
But why do I need a device to do that? If I just have the key, I can sign.
You don't need one, but it is probably more secure. A key stored on your computer or phone can be more vulnerable to theft, hacking, malware, etc.
The real answer is you really don’t need a hww/signing device.
You only really need one if you want to make & keep xpub/xpriv completely offline for maximum security.
The blockchain knows UTXOs and locks (locking scripts). An address ~= a public key.
When you sign a transaction with your hww you give your wallet a PSBT which contains the UTXOs you want to spend, and the UTXOs you want to create.
Something which does have a view of the network is what creates the PSBT, so it knows what UTXOs are yours.
Both the hww and the thing that makes the PSBT knows your public key (xpub) and using that info can determine 1. What UTXOs are yours, and 2. That it can sign for the UTXOs
You prove that you own it by signing for it
Hopefully that helps
The keys never leave the device. If you input your keys somewhere and that somewhere is compromised, goodbye coins.
I'm aware of that, and why I'm asking, but I also don't understand how one thing works, and I'll read more replies before asking....
The device and PIN is needed to authorize a spend or send. This validates the holder is the owner. I'm guessing Without that check, anyone's funds could be sent or spent without their knowledge. So best to keep the wallet, PIN and seed/keys seperate.
They keys would only used to recover your authority IF you needed a new wallet.
That's still not answering the questions I have, which I elaborated in a reply below.
you don't. In theory you can sign a transaction with any node you can access via RCP. But you need to know what you're doing. Best solution is having keys on a pen-drive with PGP and an offline device like an old laptop. You put Electrum on that laptop, create a new wallet with seed, backup that seed and then forget about it cause you wont need it, ever.
Then, when you want to move coins on-chain you'd plugin your usb stick to the offline device. Import the key you need to that wallet, sign your transaction, download the tx to a different usb drive and then you can delete the private key again from that wallet.
Then you go to your online machine, open electrum and transmit the signed offline transaction to the blockchain. done.
I think it's because any hot wallet has potential security leaks through wifi connection and devices.
A cold wallet means that your seed phrase is never in contact with the internet.
OK...
I'm not talking about a hot wallet. I just mean for cold storage and still not understanding the need for a hardware device for this.
I'm not sure if I'm going to do you any good in this convo beause I'm fumbling around 😬 but my question would be - if not a hot wallet, where does that initial setting up of the seed phrase happen? I don't know a way to do that offline except with a cold wallet
You don't *unless* you are doing on chain transfers, or you want to receive funds on a unique address. You're right in that hardware wallets are a redundancy IE if the metal is lost or hard drives fail.
I would say that Metal backups are more indestructible, but they need different security.
Jameson Lopp might have a good video or blog about this.
That's getting to the crux of my not understanding this:
How does a thing that is not on the internet generate an address/wallet/keys that are needed to do anything on the blockchain? I don't get it. I've been watching videos and I understand HOW most hardware wallets work, EXCEPT for this one thing that just doesn't make sense to me yet.
Very simplified, it takes your private key and a derivation path and hashes that. The derivation path is just a sequence of numbers, and if you increment one of those numbers, you get a new private key.
The fun bit is you can apply the same derivation path to the public key, and get a new address which belongs to the derived private key.
Therefore if you have the master private key on a separate device, and the master public key somewhere else, they don't need to communicate to get a new address to receive, which you have the private key to spend for offline.
This is very simplified, there's probably a few more steps involved, but this (I think) is the gist of why you don't need internet.
This is a playground where you can play around. If you click generate, you'll see a list of addresses, public keys and private keys at the bottom of the page. These are all generated from the same entropy, and you don't need anything else.
WRNING: do NOT use private keys based off of this website. This is a public website and you should never put private keys in there or use private keys generated from a public website.
I... Don't really follow this yet.
No problem, they're tricky concepts to get your head around. Are you more of a visual learner?
Maybe something like https://www.youtube.com/watch?v=bBC-nXj3Ng4 helps, although I'm not sure if this actually covers your questions.
If you load the same key and the correct path into different wallets, and it properly generates a new address for every transaction, would the two wallets generate the same address in a sequential fashion? Or could it conceivably sit there for years, searching through billions of addresses?
Sorry to butt in on this. Are you having trouble with how the signing happens without the cold wallet going "online" as in connecting to another internet connected device? ColdCard is the only device I have experience with, but signing can be done over SD card, or USB transport.
Your other question: Why use hardware over seed import. There is never a trace of your private key on the "hot" device. You'd "never" have to worry about leaked private key data if it never leaves the signing device.
It may be worth looking into the secp256k1 algorithm to understand what keys are, how they are generated and stored etc. Oversimplified: if you can securely generate a 256bit number that is valid on the curve, you have your private key.
Some examples from coldcard that might help
It's not butting in, my dude. I appreciate all the participation in this thread!
Thanks! I'll check that out.
The keys stay on the hardware wallet, the transaction is just sending a message that was signed using the keys stored on the wallet. It's the same general flow whether it's a partially signed Bitcoin transaction from a cold card transferred via micro SD to a computer or a Ledger or trezor which connects directly to the computer..
I don't understand why you need to access the keys. At all.
You can do this with an offline computer running those bip39 webpages saved locally. Or you can poke around GitHub and find Python scripts that also do this offline.
The address is our generated with the private key and the wallets hd path, see walletsrecovery.org
This is a good question to put on bitcoin.stackexchange.com. That's where I go with hard questions.
Have you read the Bitcoin white paper as well? It might answer some of your questions
Nope. I have not read the whole thing. I'm not really into BTC much. It's useful and powerful, but, it's so little of my life I just don't really care that much when I have too many other things to turn my attention to!
So also the hardware wallets have a security chip which has been proven to generate a key that is random. Although there are some who are paranoid about even those chips being "random enough" and those people generate their phrase using dice and the diceware lookup table. The seed phrase is just a friendly way of representing the actual 256 bit hexadecimal string which Bitcoin core actually uses.
I get generation thing. What I'm not getting is how you can possibly "receive" BTC to that address/whatever without going on line. You have to go online at some point to interact with the blockchain. Since that is the case, what is the point of having a hardware "wallet?"
All the private keys and associated addresses already exist. You don’t create them, you find them. You can do that multiple ways, by hand, with software/hardware, or combination
If they already exist, how can you claim to access one, if not ONLY by going online and signing transactions?
You can receive without ever going online. But yes to send you need to sign a transaction and send to mempool
How can you "claim" an address as yours without going online? Your saying someone can just pick random addresses and send a bunch of BTC to them, and anyone who derives that address can go "get" that BTC? If that's the case, can't more than one person try to claim it?
Theoretically yes. You don’t claim private keys and addresses. Theoretically someone could randomly generate your same private key. But there’s some sufficiently large ( like more than the amount of atoms in the universe or something?) number of private key pairs to where both of those things are, in practice, impossible
Also, I am no expert, but this is my understanding.
That's what I also understand, but, gosh... That makes me feel a bit squidgy about the whole thing...
Because you don't want your private key to touch anything that's connected to the internet. Otherwise it's not cold storage.
Then what's the point of the hardware wallet?
I just don't get this.
"you need a hardware wallet to sign transactions with your private key. But it generates a private key without the internet, so, how does anyone transfer BTC to the wallet that the keys open?"
How does the wallet generated on a piece of air-gapped hardware get utilized by the blockchain to correctly direct transactions? That does not compute.
You extract the public key and put that into wallet software.
Naming conventions are a bit conflated, unfortunately.
A hardware wallet is for storing a private key.
Wallet software is for managing addresses from your public key.
The wallet software can construct a transaction, as that knows all your addresses and as it has access to the blockchain, knows your balances so you don't create transactions for amounts you don't have. However, as it doesn't have the private keys, it cannot sign.
The hardware wallet can sign your transaction, but doesn't know your wallet balances, so it cannot verify if you have the balances to spend, only that you have the private key that can sign.
As the hardware wallet doesn't have internet, it cannot broadcast a signed transaction, that has to go back to the wallet software, so it can broadcast the signed transaction to the broader network.
For sending, you need both. For receiving, you only need the wallet software, as you're not signing anything.
A hot wallet is basically these things combined.
You extract the public key and put that into wallet software.
Extract the public key from what, exactly?
100%. A big part of the hardware wallet industry is definitely based on sales due to fear of losing money. Especially Ledger.
I'm comfortable with using amounts of $1,000 on a hot wallet but that's because I'm a security conscious user.
I hadn't thought of the dynamic of marketing based on fear.
technically there is no cold storage or self-custody anyway. Coins only exist ON the blockchain. There is just good and bad practices for securing keys (or seeds)
just get 3 USB sticks for $5 each and PGP and be happy. Or get some heat resistant metal slates and engrave BIP38 encrypted keys on it.
Metal I can handle, no clue how to DIY a cold storage solution.
DIY
You'd first create a new keypair preferably BIP-38 encrypted and preferably on an offline device. Then just get a engraving pen on Amazon and find some suitable heat resistant metal slates. I like ISO-4955 treated metals but you could also use Titanium or other metals. Then engrave the BIP-38 public and private keys on the card and you're done. Alternatively you can get the metal lasered including fancy QR codes for public and private key.
There is also companies who offer these cards and you can (kinda) trust them because a BIP-38 key is useless without the coresponding passphrase used to encrypt it. However, I don't trust anyone I cannot punch so I make my own.
The other alternative I've mentioned already. Get 3 USB stick for a fiver each and PGP. Put your keys into a notepad, throw it on all three pen-drives and encrypt them. Three because you don't want to wake up to a unresponsive pen-drive.
I can punch/engrave metal. I hope I can, since that's part of my job as a welder... LOL
wait, you're a welder? then you know all about heat treatment of metals anyway. you've got this! just be creative there is so many ways to store private keys securely. You could probably create something that looks awesome out of metal and embed a key in 100 different ways in the sculpture or artwork. Nobody will ever know.
Yes. I can. I'm planning to do that, eventually. But, I need to understand what I'm doing first. 😅
oh boy. I'm right there with you.
After reading all the responses I think I'm more confused than I was before. They're very clear explanations but I must be missing something.
In any case, you're not wondering about how to store the private keys, right? (You're wondering why have a wallet if you have already secured the keys?)
That's part of it, yes. The other part is how you can do something offline to generate keys offline that can be both unique and accepted by the rest of the blockchain. Plus, you still need to use something of the generated thing to to online/on chain stuff. How? I don't get it.
I'm relatively new to the world of bitcoin. The philosophy and implications for freedom and human flourishing made sense to me almost immediately, but every time I think I understand a little bit more of the technical side I realize how much I still have to learn. Analogies help a lot (or would help) but I don't know if there are analogs in the physical world for some of this stuff.
Anyway - I'll keep following your questions and looking things up. I bet in a year we'll understand more than we do now.
A hot wallet is only hot if it runs 24/4 like a node on a server. A wallet on your PC is considered a cold wallet.
I disagree
every computer connected to the internet and running a wallet software is a hot wallet in my threat model
it definitely a threat to have a wallet (with active keys) on an online machine 😉
I also think Bitcoin terminology has been always wack that's why people are easily confused.
(But I will follow this thread because I've never felt that I had a full grasp on wallet vs address vs seed phrase)
It's quite simple.
A seed will recover ALL addresses from a specific wallet. Used or not. So most of those addresses you'll probably never use.
If you go the private keys route you'll only backup keys that are actually being used and known to the blockchain. Advantage is that you can import a key at any time to any wallet. Also, if you add an address to a wallet for which you have a seed but do not create a new backup, whenever you restore that backup the newly added address wont be restored and thus will be lost forever.
I prefer keys over seeds but that's just me.
This is a very dense concept that I'm not currently equipped to make heads or tails of.
If you ever feel like it jump into one of my streams and I'll be happy to demo whatever you want to know about
I forgot that I actually wrote something on this topic a while ago.
https://habla.news/u/thegrinder@nostrplebs.com/bitcoin-self-custody
OK.
So... You used a hot "wallet" to generate a new set of keys. But...
That's not my understanding of what happens with a hardware wallet, which I'm still trying to understand.
Without a computer how are you turning that seed phrase into addresses or signatures that allow spending from owned utxos? You can do the math on paper but it takes a long time. You can put your seed phrase into a general purpose, internet connected computer but that is dangerous due to the large attack surface. Signing devices or hardware wallets, are just calculators with all the right math pre-programmed in and a reduced attack surface.
Yes.
But...
If they are just offline (in terms of internet connection) calculators, how do the keys and seed phrase get generated and then used online to correctly approve transaction? I am not seeing how those two things work.
keys are generated offline in a one way process. you can for example install Electrum on a PC without internet and create a whole set of new keys. An address generated offline is then unknown to the blockchain until you transact with it. This also means that you can sign a transaction on an offline device to then broadcast it from an online device. The tx is already signed and cannot be tampered with.
I asked nostr:npub1tayp5jjjfqx4ufukxqamsl28wd5pggvteqe6u9n3svjn62lfr0hsp89l42, here is the answer:
A hardware wallet is considered "necessary" for cold storage due to its inherent security features and operational benefits, which significantly mitigate the risks associated with storing cryptocurrencies. While it's true that the seed phrase is crucial for generating and recovering keys, the hardware wallet offers additional layers of security and functionality that justify its use:
1. **Isolation of Private Keys**: Hardware wallets store private keys in a secure, offline environment, isolated from internet-connected devices. This isolation prevents remote attackers from accessing your private keys, even if your computer or smartphone is compromised.
2. **Secure Transaction Signing**: Transactions are signed within the hardware wallet itself, ensuring that the private keys never leave the device. This means you can safely transact even on a compromised computer, as the malware cannot intercept your private keys.
3. **User-friendly Security**: Hardware wallets provide a balance between strong security measures and ease of use. They often feature simple interfaces, making it easier for non-expert users to securely manage their cryptocurrencies without risking exposure of their private keys.
4. **Protection Against Physical Theft**: Advanced hardware wallets require a PIN code for access, and some offer passphrase support—an additional layer of security on top of the seed phrase. This means that even if someone physically steals your hardware wallet, they cannot access your funds without knowing the PIN or passphrase.
5. **Recovery and Redundancy**: In case of device loss or damage, your assets can be safely recovered using the seed phrase. This ensures that you're not solely reliant on the physical device for your cryptocurrency holdings.
6. **Resistance to Certain Attacks**: Hardware wallets are designed to be resistant to a variety of attacks, including sophisticated ones like side-channel attacks, which might compromise less secure forms of cold storage.
While it is theoretically possible to store a seed phrase securely without a hardware wallet—using methods like paper wallets or metal backups—these approaches lack the operational security, convenience, and additional protections provided by a hardware wallet. For significant amounts of cryptocurrency, the investment in a hardware wallet is considered a prudent and necessary measure to safeguard one's assets from a wide array of potential threats, both online and physical.
Maybe this will help you understand beave.
it isn't. I've been around for years and I don't have one. but, I also don't do seeds only keys.
I don't know what that means...
A seed phrase is not a private key. It is a recovery kit for both the public and private keys. Grinder skips that and just manages his raw keys directly like they did in the olden days before BIP-39
Hardware "wallets" are better referred to as signing devices. A cold wallet stores the keys and signs transactions entirely offline, meaning the private keys are never exposed to the internet. If you only need to store your sats and never need to spend them, then you don't need a hardware wallet. However, assuming at some point you want to move those sats, then you will need a wallet (signing device).
100%. I bloody hate the term 'wallet'. But I guess it is what it is at this point.
Importantly, consider the trajectory of airport security over the past 20 years. Assume that trend will continue. Expect not to be able to take hardware cross border at some point.
HWW have a place but they aren't an excuse to stop thinking critically for yourself about your evolving circumstances.
OK, here's where I'm currently still confused:
The hardware wallets are just for signing transactions. I get why they are useful. But...
I'm not understanding how you use an offline device to generate whatever it is that lets you control (send and receive) X amount of BTC, which are actions that require you to connect to the internet to push or receive info from the miners running the blockchain.
With an airgapped hardware wallet like the Coldcard, you move an SD card with the partially signed Bitcoin transaction from the computer to the wallet, sign it there, and then move the SD card with the signed Bitcoin transaction back to the computer to broadcast to get mined.
Short answer, you don't need one to have cold storage, only to send the coins out of cold storage securely.
You can generate a valid bitcoin address entirely offline using an entropy source (coin toss, dice roll, etc.) to generate a private key then paper/pencil to do the math to generate a public address from the private key.
I watched a video of a guy doing a mostly manual generation...
But how can you use that on the blockchain? I'm know I'm missing something really simple. But, gosh, I'm really frustrated with what seems to be really simple for other people.
Think of it like email. Anyone who knows your email address can send you a message, but you're the only one with the password to unlock the account and read the emails or send emails to other people from that account.
Bitcoin is similar. The public address is like your email address. Anyone who knows it and wants to send you bitcoin can send it to your public address. You would then have control over any bitcoin in that address to spend at a later time using your private key.
For example, I buy bitcoin from an exchange and decide to withdraw to self custody. I tell the exchange the public address to send the bitcoin to, they then broadcast a transaction to the network which gets included in the blockchain, giving me ownership of the bitcoin I bought from them.
