Questions about your cold wallets rotation \ stacker news ~bitcoin

pull down to refresh

Questions about your cold wallets rotation

5142 sats \ 47 comments \ @DarthCoin 26 Oct bitcoin_beginners

Came to my mind a question about how bitcoiners are doing their best practices in regards of their cold wallets. You have a bunch of cold wallets. Hardware, paper, seed only, steganography, whatever other method it doesn't matter, is just for long term holding. I am not interested where you save. I am interested to see if you know how to hide and maintain them properly.

Questions:

Do you use an extracted xpub from the cold wallet or simply fully open your wallet?
How often do you check the balance of a cold wallet using the xpub extracted prior?

weekly
monthly
yearly
never

Are you keeping all the time a "watch-only" wallet in specific apps, to deposit or just check the balance? Or are you import the xpub only to check or deposit?
Do you periodically rotate your UTXOs? What do I mean by that?

create new wallets, with nee seed and move your old stash into new ones. Also creating many different size of UTXOs
move from legacy or standard segwit to taproot type of addresses
create multiple wallets from one wallet with large amount
Why do you still keep that legacy wallet? Ask yourself.
why do you keep all your stash in just one giant wallet?

If you do not want to answer these question, no problem. I raise them only to make you think about them and how you have a good maintenance of your cold wallets. Just think about and don't forget: read my guides.

view all related items

1256 sats \ 5 replies \ @pillar 27 Oct

I've found one very important practice is to regularly, on a schedule, sign a transaction from important wallets. It could be weekly, monthly, quarterly. Just gather yourself to go through the process of preparing a consolidation TX within the same wallet and sign it. No need to broadcast it.

This ensures that:

You actually check the balance periodically.
You verify keys, HWWs, documents, backups, etc. are still in place.
You make sure that all the details are fresh on your mind. This is probably the most important reason to me. In my opinion, people underestimate how, despite how deeply familiarized you might be with your setup, time erases everything from your brain. I've seen people not touch a cold wallet for two years and then have a real hard time making it work again despite having designed the setup very carefully and thoughtfully at the start. Making a TX every now and then prevents this brain rot.

@DarthCoin, regarding your idea on rotating UTXOs, I don't think it's a good idea in general. I understand the motivation is similar to the one in general IT security for key rotation.

I personally believe your setup should allow you to be confident nobody has ever managed to take a look at your keys. If your current setup makes you wonder if someone has looked at your keys successfully and you can't tell... I think you need to improve it.

If you have any suspicion at all that they might be compromised, I do believe you should rotate ASAP.

Why do you still keep that legacy wallet? Ask yourself.

Well, I can think of one reason, even if you truly don't intend to use that wallet anymore: someone in the future could send sats to the old wallet. If that happens and you don't have the private keys, you'll pull your hair out.

142 sats \ 2 replies \ @Scroogey 27 Oct

That's a very good point!

I used an old laptop with a read-only Tails stick like a hardware wallet (Electrum, offline, sign-only, xpub exported to the online computer).

What I didn't realize is that the updated Electrum on the online eventually produced unsigned transactions that the offline couldn't understand anymore.

No problem, update the offline. Huh, new Tails doesn't run on 32-bit anymore, and the offline laptop doesn't run 64-bit.

Sure, I solved it after cursing a few hours ("how the fuck can you make PBST incompatible?"). But it got me thinking about myself in 20 years. Sign a transaction as exercise every couple of months is excellent advice!

22 sats \ 0 replies \ @pillar 27 Oct

100%. Scenarios like yours are the exactly the kind of stuff that's hard to predict before hand and can throw you off.

0 sats \ 0 replies \ @Scroogey 27 Oct

deleted by author

0 sats \ 0 replies \ @Bell_curve 27 Oct

good response

I use Casa for multi-sig

0 sats \ 0 replies \ @DarthCoin OP 27 Oct

I wasn't saying to throw away the old keys... I said only to move the old stash into a new wallet. That's all. You can keep the old keys into a password manager just fine. Important is to compartmentalize your stash. Think about decoys.

293 sats \ 0 replies \ @Jon_Hodl 28 Oct

Do you use an extracted xpub from the cold wallet or simply fully open your wallet?

Absolutely. Nothing but air gapped hardware wallet for savings. For smaller stacks, I use a ColdCard that I plug directly into my computer.

How often do you check the balance of a cold wallet using the xpub extracted prior?

Whenever I open Sparrow wallet, it queries my node and updates all address balances and UTXOs.

Are you keeping all the time a "watch-only" wallet in specific apps, to deposit or just check the balance? Or are you import the xpub only to check or deposit?

I only use Sparrow wallet as my client software and that checks my xPub with my own node. I use this to receive as well as send.

Do you periodically rotate your UTXOs? What do I mean by that?

No new wallets. I hodl in the same wallet after I generated my own seed phrase on an air gapped signing device.

Whenever I find an old wallet with a balance, I move to the native SegWit address format.

Why do you still keep that legacy wallet? Ask yourself.

Because I have not moved some sats in a long time. I will move them eventually but not until I am ready to dig those addresses up out of the ground.

why do you keep all your stash in just one giant wallet?

I don't. I decentralize my risk. I have long-term savings, short-term savings, and some sats for sending mostly to do experiments.

I use burner wallets to "erase" my wallet after I spend all the sats in it. It helps to fragment any potential address clusters over a long time. In the event that even an empty wallet is compromised, the transaction history may be worth a lot more to a CA attacker than the bitcoin itself so I use a lot of short-term wallets to keep things lite and never link too many UTXOs.

In a perfect world, I would CoinJoin every sat I receive then send it to lightning or savings but that isn't always practical with fees and coordinators being shut down.

73 sats \ 2 replies \ @BTCLNAT 27 Oct

These questions, from my point of view, are aimed at those who have large stashes thinking about the convenience of having good practices, and for those of us who don't even have a place to fall dead, thinking about how to have good practices in the future and how to help others to have good practices.

In my case, I have learned that we should have several wallets, those for holding, caching and spending, that is Lightning.

In the holding wallet, they have advised me that never everything should be in the same place, a single attack leaves you without funds.

The use of cold wallets to some degree simplifies the issue of custody outside the network, but there is the issue of the HWW software.

I like the use of Just Look, it is not so complicated, I do not need great technical knowledge and very low costs, because if I have a mobile phone and a computer, I have the issue resolved. Also, with the WO wallet I already check the balance of the wallet that is offline and I have the deposit addresses, so there is no need to touch the internet with the private key.

As for moving from one address to another, I have to learn about its usefulness.

It is very important to have UTXOs of different sizes and to identify those that have CEX marks and those that I obtained from P2P.

0 sats \ 1 reply \ @Signal312 10 Nov

Just Look What's Just Look and the WO wallet?

34 sats \ 0 replies \ @BTCLNAT 10 Nov

Sorry, the translator I use often plays tricks on me, my English isn't very advanced.

Actually, it's WatchOnly Wallet. I use the wallet on my computer without an internet connection to sign the transaction and with the WatchOnly Wallet I transmit the transaction. That's all.

36 sats \ 0 replies \ @john_doe 27 Oct

I use an xpub I exported from my wallet, Green in my case. But I plan to switch since there is no taproot support (at least last time I checked) and I would like to try Multisig with taproot.
Maybe quarterly, just to check if it is still there.
Indeed the watch-only wallet for me is for deposit and sometimes check the balance.
I don't rotate my utxos periodically with the purpose to save in fees but rather to try a new wallet. Next time I will do it is to switch to Liana, to try their multisig which looks nice and is taproot compatible. In my case I had a legacy wallet once but it was a mistake, I didn't know what I was doing hahaha. I am not convinced however by the creation of multiple wallets with big amounts, in my opinion just one is fine. Although in my case I actually have one with a big amount but it is for Lightning, so to spend in the long run. This is the one with less security so to speak.

31 sats \ 1 reply \ @TheMorningStar 27 Oct

These are all great questions. Could you please tell me which wallet to start with for a little stack say 5 million sats.

0 sats \ 0 replies \ @DarthCoin OP 27 Oct

https://darth-coin.github.io/beginner/getting-started-stack-sats-en.html

30 sats \ 1 reply \ @IamSINGLE 27 Oct

Thank you Darth. At how much stack do you think a stacker should start using cold storage?

0 sats \ 0 replies \ @DarthCoin OP 27 Oct

All explained here: https://darth-coin.github.io/beginner/getting-started-stack-sats-en.html And https://darth-coin.github.io/beginner/be-your-own-bank-en.html And https://darth-coin.github.io/wallets/tails-hodl-cold-wallet-en.html And https://darth-coin.github.io/wallets/deposit-only-btc-wallets-en.html

49 sats \ 1 reply \ @jakoyoh629 26 Oct

What's the advantage of moving funds to new wallets? I figure if the wallet is hacked, the balance is gone in a flash.

35 sats \ 0 replies \ @DarthCoin OP 26 Oct

Good question. I wonder I didn't see your comment in the SN notifications.

Moving to new wallets will bring some advantages:

new types of addresses
moving away from a heavy loaded wallet with many many txs and UTXOs
consolidation into clean UTXOs and decent size of them
better coin control, you can consolidate /swap / coinjoin the ones that you don't want to keep them in your wallet.
better spreading of your stash
disconnect from the past

https://darth-coin.github.io/wallets/move-btc-taproot-address-en.html

100 sats \ 8 replies \ @profullstack 26 Oct

every 2 years. I'd have 2+ million USD in bitcoin had I rotated.

42 sats \ 7 replies \ @DarthCoin OP 26 Oct

I'd have 2+ million USD

LOL fiat mindset... NGMI You will never "have USD in Bitcoin". You have ONLY bitcoin.

0 sats \ 6 replies \ @profullstack 26 Oct

all i care about is the exchange rate.

21 sats \ 5 replies \ @DarthCoin OP 26 Oct

so you still continue into your fiat mindset LOL Damn this world is really fucked up.

0 sats \ 4 replies \ @profullstack 26 Oct

oh stfu. i've been here probably before you were able to talk.

333 sats \ 0 replies \ @DarthCoin OP 26 Oct

0 sats \ 2 replies \ @DarthCoin OP 26 Oct

It doesn't matter. Your brain is fried. You understand NOTHING about Bitcoin.

0 sats \ 1 reply \ @profullstack 26 Oct

I don't understand your point. I live off crypto so yes, I do have to exchange to fiat occasionally.

485 sats \ 0 replies \ @DarthCoin OP 26 Oct

I live off crypto

reply on another page

46 sats \ 0 replies \ @aliceandthewonderland 27 Oct

I only do air-gapped transactions.

I export my xpub to mobile apps (Nunchuck, BlueWallet) for balance checking, and sign transactions through my cold wallet.

I periodically combine my small UTXOs to consolidate them into a single UTXO.

I never leave my sats on a CEX for more than a second.

0 sats \ 6 replies \ @jk_14 27 Oct

move from legacy or standard segwit to taproot type of addresses

Taproot is not for cold wallet, but for "less amount" activites only.

Exposed public key is not good idea for cold wallet nowadays... Better safe than sorry, 100%

21 sats \ 5 replies \ @DarthCoin OP 27 Oct

Please find my keys...

0 sats \ 4 replies \ @jk_14 27 Oct

convince me it is better to have:

cold wallet with public key exposed

than

cold wallet without public key exposed

"Using your brain doesn't cost you nothing" ;)

1 sat \ 3 replies \ @DarthCoin OP 27 Oct

both are anyways "exposed", are visible on the blockchain. So what't your point with "exposed" ? Or are you announcing publicly on nostr that you moved your wallets to new addresses ?

On the blockchain will appear as a regular transaction anyways, but nobody knows that is the same owner. You do not do a 1:1 amount moving, you do 1:many or many to many with random amounts.

These movements also could be very well used as decoys... "uuups I got hacked, somebody stole my old wallets".... but nobody knows the truth (that you send to yourself).

If your old seed get compromised, they will find only... 0 sats... "nice try fucker you spend a lot to get my old empty wallet".

0 sats \ 2 replies \ @jk_14 27 Oct

"If secp256k1 will be broken, then:

All Taproot addresses could be spend by key.
All hash-based addresses could be spent, if the public key is revealed (so if a transaction is in mempool, or if there were previous transactions in past blocks). If the public key is unknown, then those coins will be unaffected."

https://bitcointalk.org/index.php?topic=5465000.0

1 sat \ 1 reply \ @DarthCoin OP 27 Oct

If secp256k1 will be broken

"IF".... We will be fucked anyways. We are all gonna die.

171 sats \ 0 replies \ @jk_14 27 Oct

we are all gonna die ...but I wanna die with no public key of my cold wallet exposed ;)

0 sats \ 5 replies \ @Satosora 26 Oct

Darth, l have a question for you. Do you think it is more important to hold btc, or to use it?

51 sats \ 3 replies \ @DarthCoin OP 26 Oct

You earn it. THAT IS THE MOST IMPORTANT.

Once you start earn it, you will see how easy is to use it/ spend it. You hold only what you consider "savings". As it should be after YOU SPEND WISELY those sats. Nowadays people forgot what is SAVINGS. They focus only on consuming. And that is bringing them to fiat debt spiral...

0 sats \ 2 replies \ @Satosora 26 Oct

Do you consider hodling a type of saving?

41 sats \ 1 reply \ @DarthCoin OP 26 Oct

No. When you say "holding" your mind goes to the moment you consider selling it for more fiat. Let's go back to the old "savings" word. Holding is coming from wall street jargon... you catch it?

21 sats \ 0 replies \ @Satosora 26 Oct

I dont care what jargon they use. I have never been planning on selling my btc for fiat. It can disappesr with me once l am gone.

21 sats \ 0 replies \ @ChrisS 26 Oct

Holding bitcoin is using it.

0 sats \ 3 replies \ @Satosora 26 Oct

I feel this is aimed especially at me.... I have to do more research, l know l am behind the times.

20 sats \ 2 replies \ @DarthCoin OP 26 Oct

hahahaha no, wasn't especially for you, is more in general. Like a wake up call.

0 sats \ 1 reply \ @Satosora 26 Oct

This post may bring out the fiat braggarts.

21 sats \ 0 replies \ @DarthCoin OP 26 Oct

0 sats \ 2 replies \ @Scroogey 26 Oct

deleted by author

1 sat \ 1 reply \ @DarthCoin OP 26 Oct

This is part of the whole training.... you can't get skilled if you do not do it. Practice is the mother of knowledge.

It also can be used as a trap for those who try to steal your wallets.

That's why so many people are afraid of using their brains to save 12 fucking words. because they do not practice it so often, the recovery and memorizing 12 words.

I have done that for years until now I can recover some wallets only from 12 words. Like a password. Using it every fucking day. Using your brain doesn't cost you nothing.

0 sats \ 0 replies \ @Scroogey 26 Oct

deleted by author