Using ElectronCash as a cold wallet
Foreward
Firstly, please note that I am unable to properly format this article since my account "is unable to post links" (possibly because it's a new account) and the read.cash editor considers some formatting like headers to be links! I will try to work around this limitation as best I can.
This article intended to provide an overview of a process by which the ElectronCash wallet can be used as a cold wallet for Bitcoin Cash (BCH), providing an air-gapped level of security without a lot of effort and in most cases without having to spend any money to buy anything.
As is the case with security topics, there are always ways to do things differently. Each difference comes with its own tradeoffs in terms of security and convenience. Generally speaking, very secure techniques are inconvenient and convenient techniques are less secure. Where there's a choice to modify this process to either make it more convenient or more secure, I will make mention of it, but a full description of such alternatives is outside the scope of this article.
Following this article will require some knowledge of computers, a basic understanding of Bitcoin/BCH such as how addresses and private keys relate to each other. An understanding of HD (hierarchical deterministic) wallets that use seed phrases, is also highly recommended, but not essential.
Finally, I am deliberately succinct when describing steps in the ElectronCash software as I didn't want the article to become bloated with screenshots and become an ElectronCash user manual. Additional information about the usage of ElectronCash is freely available online.
Disclaimer: I am providing this information as one possible method to store your Bitcoin Cash. THE METHOD IS PROVIDED AS-IS AND WITH ALL FAULTS AND WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE METHOD LIES WITH YOU.
Introduction
In the crypto world there are many different ways that one can store their funds. As with most things, convenience tends to vary inversely with security. The types of storage that are available listed from least secure, to most secure.
1. Custodial (e.g., exchange, some 3rd party wallets and apps),
2. Software wallet (e.g., mobile wallet or desktop wallet),
3. Paper wallet (if generated securely),
4. Hardware wallet (opinions will vary as to whether this should be 3rd or 4th).
Custodial Wallets
Custodial wallets are probably the most convenient wallets, but they are also the least secure. You have likely heard the saying “Not your keys, not your BCH”. This saying refers to the fact that in a custodial wallet situation, someone else holds the private keys to your BCH, meaning they have the ultimate control over it. Likely you have an account with that 3rd party and your BCH balance is just a number in their own private ledger. No different to money in your fiat bank account, except perhaps more prone to hacks and given the wild west like characteristics of the crypto landscape, not a good long-term bet. It is therefore recommended that you only hold funds in a custodial situation for the bare minimum amount of time (e.g., when buying from an exchange before transferring to your own wallet).
Software Wallets
It’s arguable whether mobile wallets or desktop wallets have the better security. There are some aspects about the mobile operating systems that make them more secure, but then there are ways to run desktop systems that can flip the advantage the other way. For the purpose of this article, I will consider them equal. The amount of funds you should put in a software wallet for any appreciable amount of time will likely depend on the level of trust that you have in the software itself and the environment in which you run that software. Some of that trust can be built up over time through continued use of the wallet, or it can come from the wallet’s code being open source, or it could come from the wallet’s wide usage with no or little evidence of bad user experiences. Furthermore, your own understanding of computer security and the various things you can do to reduce your risk is a consideration as to whether you should use a software wallet or not.
For some kinds of setup, e.g., a verified ElectronCash wallet on a clean computer and a tech savvy user, it may be reasonable to store a significant amount of funds, but in the case of any doubt, using a cold wallet for significant sums can be a prudent choice.
Hardware Wallets
When it comes to storing the majority of your BCH stash, people sometimes recommend hardware wallets. In my opinion, some problems with hardware wallets include:
You have to pay money for them,
You need to know how to set them up and use them,
Reliance on 3rd party (often closed source) firmware (e.g., trust, timely updates for security fixes, support lifecycle),
Uncertain handling of redundancy (e.g., in case of hardware failure or loss).
To be fair though, I personally have not used a hardware wallet. But that's because I firmly believe that with the process I am about to outline, I don’t (and you don’t) need one.
Getting Started
So then how can one use ElectronCash to implement a cold wallet that is arguably as secure, if not more secure, than a hardware wallet?
Things you will need before you start
One offline device; (e.g., old or unused desktop, laptop or old phone; also referred to from here onwards as the "old computer" or "old device"), running your operating system of choice. If it's an option, wiping the old device and installing a clean operating system is highly recommended. Anything you can do to shore up the security of the offline device should be done.
One online device; (e.g., desktop or laptop), running your operating system of choice (e.g., Windows, Linux, iOS). If you have the flexibility prefer a computer that is not used for your general day-to-day web surfing, to avoid unnecessary risk of malware infection.
[OPTIONAL] A mobile device that is connected to the internet running Android or iOS.
A small capacity USB drive (for transferring software to the offline computer and optionally thereafter).
For the offline device, ensure that it cannot connect to the internet nor connect to any other device that can. See the "Keeping devices off-line" section below for more details. Additionally, if possible, use full-disk encryption on the offline device. The latter is not essential but does increase the overall security.
NOTE: Using a phone for the offline device may reduce security and reduce flexibility when it comes to cold wallet spending, but I have included it as an option since the core workflow is supported.
NOTE: A discussion of how to use full-disk encryption is outside of the scope of this article, but most modern operating systems include such a feature, and it is a good use of your time to become familiar with those capabilities.
NOTE: Using Linux in lieu of Windows is undoubtably a wise choice, especially for those who know what they are doing and who can compile or otherwise execute ElectronCash directly from source, but for the majority of us, Windows is still a valid option in this scenario since the offline (cold) wallet will not be connecting to the internet, ever (or the gig is up).
Keeping devices off-line
For a PC/laptop this can mean (in order of level of security provided):
Ensuring wireless network information is not saved (and never re-entering it),
Changing wi-fi passwords after taking the offline device offline, so that the offline device has never "seen" the current wi-fi credentials,
Disabling networking (wifi, Bluetooth, etc) hardware at the BIOS level,
Physically removing networking hardware.
For an old phone the minimum that you should do is remove any SIM cards and forget details of any wireless network connections (and never re-enter those).
NOTE: I personally recommend removing hardware where possible, but if you are very careful to never connect to the internet, this is not an essential step.
Steps to set up and configure the ElectronCash offline cold wallet
Using your internet connected computer, acquire a copy of the ElectronCash software in the flavor of your preference. New users will likely prefer one of the EXEs for Windows or the AppImage for Linux. Be sure to verify at the very least the SHA256 checksums of the files that you download. In a perfect world, however, you would familiarize yourself with how to use GPG (e.g., Kleopatra on Windows) to verify the integrity of the software against provided PGP signatures.
Install or deploy the verified ElectronCash software wallet on to your old, non-internet connected computer. Since this computer no longer has a working internet connection, you will have to copy the verified software to it via USB. If you are using a phone as the offline device that phone must either be temporarily online for you to acquire the ElectronCash software from the relevant app store, else if you know how, for Android you can copy the APK file manually and still keep the device offline.
On the old, non-internet connected computer, in ElectronCash, create a new standard wallet (generate a new seed) using the wallet software. When asked, verify the seed phrase and finally use a strong password that you can remember to encrypt the wallet file. (As mentioned earlier, ideally this computer will also be fully encrypted, acting as a second layer of security). This wallet will be your BCH cold, air-gapped, wallet.
Make a backup of the seed phrase for the new wallet. (If you didn't record it during the wallet setup, you can still get it: In ElectronCash... Wallet --> Seed and enter your wallet password). Note that there are various ways to handle making redundant back-ups of your seed phrase, ranging from creating encrypted files on USB sticks, to engraving the seed phrase into metal plates and storing in a safe or other secure location. It is outside the scope of this article to recommend how you should do this, however, it's most definitely within the scope of this article to insist that you must do this! The bare minimum requirement is some redundant (preferably multiply redundant), secure backup of your cold wallet seed phrase.
If necessary (e.g., if you cannot remember it or need someone else that you trust to be able to use it), also make a redundant backup of your wallet password.
[OPTIONAL]. Make a redundant backup of your cold wallet file. If your offline computer is encrypted, you will want your redundant backup(s) to be encrypted too. Consult the ElectronCash documentation for the location of your cold wallet file.
[OPTIONAL]. Make a redundant secure backup of the verified ElectronCash software (saves re-verifying the software integrity in future).
Viewing funds in this wallet can be done through copying/transcribing the Bitcoin cash addresses from the cold wallet to an online block explorer (online computer), or if you prefer a more convenient method, please continue to the steps for configuring the read-only (watching only) wallet.
NOTE: A full discussion of the procedures to verify the ElectronCash downloads are outside the scope of this article.
NOTE: A discussion of what constitutes a strong password is outside the scope of this article.
NOTE: A full discussion of the various techniques for securing sensitive information both securely and redundantly is well outside the scope of this article and itself would merit a completely new article.
Steps to set up and configure the ElectronCash "watching only" wallet
NOTE: This step is optional, but you may find it convenient to dynamically view funds that are in the cold wallet, without exposing any private information from the cold wallet. But also remember what I said about security and convenience! Having your cold wallet funds easily visible may reduce the privacy of your cold wallet.
NOTE: You can still spend funds from your cold wallet and determine the balance of your cold wallet without following this procedure. To find out how skip to the section entitled "Spending cold wallet funds".
Use the downloaded software obtained from step #1 (in the offline cold wallet set up steps) to install or deploy the same software to your online machine (computer or optional phone/mobile device from the start of the article). The images that follow were generated with ElectronCash on Windows, but the process is virtually identical under Linux and similar for the phone-based version of ElectronCash, though the UI necessarily looks quite a bit different on that platform.
On the old (offline) computer, obtain the xpub (master public key) for the cold wallet by choosing Wallet --> Information. This will show a long string of text that starts with "xpub".
Copy or otherwise transfer this xpub to the online computer and create a new standard wallet, but this time instead of creating a new seed, choose Use public or private keys. If you are using a phone as your online device then using the ability of ElectronCash to display the xpub as a QR code will expedite the process greatly.
You are now the proud owner of a read only (aka watching only) wallet that can dynamically view the contents of your cold wallet without breaching the airgap. Since the wallet is based on public information there is no additional requirement to back anything up for this wallet. You can try to spend from this wallet, but you will not be able to since it does not possess the private key information that is necessary to sign/spent UTXOs (unspent transaction inputs, or your "BCH coins").
To complement the cold / watching wallet pair, you will also likely want a hot (online) wallet for smaller sums of BCH and general daily use. It makes sense for this wallet to also be an ElectronCash wallet since it opens up some opportunities to spend cold wallet funds (if required), however, if you don't need or want this ability then you can ignore this recommendation and use any other wallet of your choice as your day-to-day online wallet.
To fund your cold wallet, simply send funds to one of the Bitcoin cash addresses in the cold wallet (in ElectronCash, discoverable under the addresses tab). TIP: You may want to send a small amount of BCH first and verify that it arrives in the cold wallet as expected, before sending larger amounts.
NOTE: When setting up your online hot wallet (or any other HD wallet for that matter), you still must follow steps to secure your seed phrase.
Spending cold wallet funds.
The general intent of a cold wallet is to store funds for an extended period, so if you need to spend funds from a cold wallet regularly then it is likely that you need to reconsider your usage of a cold wallet or at least the proportion of your overall funds that you are assigning to it.
There are two ways using ElectronCash where it is feasible/viable to spend cold wallet funds.
Using an ElectronCash hot (online) wallet to sweep the private key of a cold wallet address.
Using the ElectronCash cold wallet to create and sign an offline transaction that can be copied to and transmitted (broadcast) from the online wallet.
Both of the above techniques arguably have the effect of reducing the overall security of the cold wallet that I discuss below.
Sweeping a cold wallet address [not recommended]
The process for sweeping a cold wallet address is as follows:
On the offline computer in ElectronCash, go to the Addresses tab, then right click on the address and choose Private key. You will have to enter your wallet password after which the private key will be displayed.
Transfer the private key to the online computer (e.g., transcribe the private key).
On the online computer in ElectronCash, choose Wallet --> Private Keys --> Sweep...) and enter the private key.
This process will "sweep" the funds from the address associated with the private key. In reality, behind the scenes a transaction for the full amount in the address is created, signed and broadcast with the funds directed to first available address in the online ElectronCash wallet.
The act of sweeping a private key is to expose the private key of a cold wallet address to the online wallet. For the purposes of the cold wallet you must now consider the address that corresponds to the private key to be compromised. Furthermore, you will also now need to keep track of which addresses have been swept to avoid depositing further funds into them. It may be better to create a new cold wallet if you have to do this, especially if the funds in the cold wallet were all allocated to a single address.
If you are able to manage sweeping cold wallet addresses and wish to leverage the convenience of being able to sweep funds when needed, then you need to carefully consider how you fund the cold wallet including how much BCH you send to each address (since as already mentioned, when you sweep an address you sweep the entire amount contained within it), and how you will manage keeping track of which addresses have been swept and therefore compromised.
Additionally, since the cold wallet is offline, and as you run out of unused cold wallet addresses, it will still only show a set number of unused wallet addresses. Beyond that limit (known as the gap limit) you will not be able to see additional wallet addresses. There are ways to increase this gap limit to gain access to additional addresses, but that process is beyond the scope of this article. It is recommended that you consider using offline transactions as a better way to spend cold wallet funds.
Creating an offline transaction [recommended]
The preferred way for spending from your cold wallet would be to use the wallet just as if it was online, but when trying to spend from the wallet, instead of clicking send on the wallet (which won't work because it's offline), click preview which will provide you with options to both sign and save the transaction.
You can then copy the saved transaction file from the old (offline) computer, and in the online wallet choose Tools --> Load Transaction to load the transaction, at which time you will be able to send it by clicking on Broadcast.
In terms of the security profile, the offline transaction approach this is one of those cases where convenience can affect security and there is more than one way to transfer the transaction to the online machine to be published.
For example, you could save the transaction as a file on the offline computer and then copy it to USB and use that USB to move the transaction to the online machine where it can be loaded and broadcast. That approach, however, arguably breaks the airgap of the cold wallet by inserting a device into the machine (the USB stick) and transferring information to the online wallet.
A second, less convenient, but more secure, approach is to manually transcribe the content of the transaction to the online wallet (more tedious than transcribing an xpub, but doable) and then save that as a text file on the online computer and load the transaction into ElectronCash.
The second approach, though less convenient is the recommended approach for security reasons, but even that approach is not foolproof. Consider a scenario where malware was able to get on to the old air-gapped computer (maybe the malware was already there). The malware may be able to attach additional data to your saved transaction that you then unwittingly copy that to the online computer. In the scheme of things, however, and if you follow recommendations about starting with a new clean operating system of the old/offline computer, then this risk seems quite low, all things considered.
Epilog
The above article has been slapped together from content that I have previously written across several other articles and should be considered draft quality. It is my intent to accept any and all constructive criticism and modify this article as necessary, but there are no current plans to widen its scope. If there is need for additional content, such as discussing methods of securing seed phrases and things like legacy planning, encryption of important information, redundancy, secure paper wallet generation and so on, I could consider authoring additional articles in the future.