Comments (6)
Unfortunately yes, there is always the online-offline-online information flow somewhat inherent in this workflow. USB sticks are popular for this but obviously have a certain amount of attack surface. QR codes are definitely the most popular proposed alternative I'm aware of (but for large transactions you end up needing more than one, which has its own issues.)
from gui.
Why does this start with, 'On your ONLINE computer: Click 'Save to file...'to save your unsigned transaction to a file and transport it to your offline computer'
Shouldn't the online computer only be used for broadcasting the transaction? This would be more secure
from gui.
@Rspigler The offline computer, inherently due to being offline, does not have a copy of the blockchain. That means it can't create transactions, because of Bitcoin's UTXO model. Every transaction must spend some coins, but you need the blockchain in order to know what coins you have.
I copied this basic workflow from Armory, and from BIP 174 PSBT, but in principle there are other workflows possible, and you could push more work onto the offline machine -- you could have the online machine merely provide a list of coins in the wallet, and let the offline machine perform all coin selection and transaction creation. I don't have a sense of what the benefits / drawbacks of such a setup might be. (In the Bitcoin setting, where all transaction contents are public, there can be no privacy benefit that I can see; everything will eventually have to pass through the online machine anyway. Any security benefit from having the offline machine build the transaction SHOULD also be available from using the offline machine to review the transaction before signing it, which is the current workflow that I think everybody uses.)
(One could imagine a privacy-coin setting, unlike Bitcoin, where the online machine need not even know which coins were spent. But I don't know enough to speculate about what information the offline machine would need for transaction creation in that case, and it's not directly relevant to Bitcoin Core at any rate.)
from gui.
'Facepalm'. Duh.
My concern was that if the workflow was going online->offline and back to online, that that wouldn't be a secure airgap, and would be an avenue for malware transfer.
If more work was pushed onto the offline machine, it would still need some data input, like you alluded to. Unless that data could be manually input on the offline machine (probably not recommended due to user error), qr codes would be a good solution because they have a small attack surface and are verifiable (unlike USB's).
from gui.
This probably is no longer the place for this discussion then, as I don't want to crowd or slow the implementation of better UX for current offline/multisig design.
Core produces QR codes currently, but doesn't have the ability to scan them: bitcoin/bitcoin#9913
This discussion can probably be continued after that is merged.
Is there still a plan for a general 'Wallet Composer File' like discussed here: bitcoin/bitcoin#18142
from gui.
There is now a proposed BIP standardizing a process for setting up multisignature wallets - bitcoin/bips#1097
Also a proposed BIP for an updated hierarchy for cosigners in multisignature wallets - bitcoin/bips#1089
This would include descriptor wallets, PSBTs, and (hopefully) QR codes.
from gui.
Related Issues (20)
- Sort Receiving addresses by index (or creation date) HOT 2
- Confusing/misleading "Dust:" label in coin selection dialog HOT 3
- assert: "last < rowCount(parent)" in qabstractitemmodel.cpp HOT 11
- Memory leak in AddressBookTests HOT 3
- View JPEG-encoded data HOT 2
- Pruning keeps getting reenabled HOT 2
- net, gui: -upnp option -- "override" vs "can be changed on-the-fly"
- Add support for sighash flags in PSBT (like SINGLE|ANYONECANPAY)
- Error opening bitcoin core app: Error: Prune mode is incompatible with -txindex. HOT 3
- Blocks remaining falls offscreen with dutch language setting. HOT 8
- Crash using getnewaddress in the console
- .
- guiutil.cpp: formatNiceTimeOffset HOT 2
- Can't start bitcoin-qt by double-click on Debian 11 HOT 5
- crash on macOS 12.6.5 HOT 2
- Sign PSBT: Can't verify change output HOT 6
- Unquoted descriptor arguments cause RPC console to improperly detect method name HOT 3
- Command line options after any non-hyphen arguments are silently ignored
- `-min` does not minimize wallet loading dialog HOT 4
- Transaction details "virtual size" does not account for sigops
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gui.