@shipoffulls only way to learn is by doing 🤷🏻♂️ to your point, some people will and others never will. I think trying with small amounts of money until you’re comfortable to make the switch is the best option.
Badass Rhett. Another level of security. Once I have 20 BTC. This is a must! Basically, no one has seen your wallet address. Keep some spare 9volts though.
Yeah coldcard is really next level. I think I’ll be using it for almost all my wallets going forward with their bip 84 features - I’ll make a video about that soon
Wow lots to learn for a 60 year old guy but will do using ledger Nano -X Currently but makes me nervous as I am a Celsius victim now I know not your keys not your BTC Thank you
I think the ledger thing might be overblown (not a good idea to let engineers explain complex topics in public) but better safe than sorry Glad to help :)
I know. It’s hard for me too. I am also old. But you know… I know many kids and engineers that don’t understand 1/10 that you do regarding BTC. If you were that bad… you wouldn’t be here.😅
Yeah it’s so secure. I’ll put out some more videos about it, it’s so powerful. You can use your coldcard seed to generate other “accounts” and basically secure your BlueWallet or whatever other account with your coldcard
@tomcurry3358 yes but you would see the virus file (or you could open a theoretically corrupt .psbt file and see that it was trying to transfer to some other address)
Hey Rhett, Thanks for the great video! Wondering if you have a video showing how to switch wallets from Ledger Nano X (given the recent controversy) to a ColdCard wallet using Sparrow. I have currently started using Sparrow with my Nano X and have setup a ledger in Sparrow so I don't have to use Ledger Live anymore. But I really need to find out how to switch from a Ledger Nano X to a ColdCard wallet using Sparrow! Thanks!
You should be able to follow this tutorial and just send the funds from the ledger wallet tot he new seed you created on your COLDCARD following this tutorial
so to understand this better, this means the SD card doesn't contain the bitcoin ever right? once I transfered the xpubs from the SD card onto Sparrow, I sent in bitcoin to the key that is stored on my ColdCard. From there I don't need the SD anymore, until further transactions?
Exactly! The SD card is just there to transfer partially signed (and fully signed) transactions between your signer (coldcard) and a wallet to broadcast the transaction (sparrow in this case)
Thanks for the video. I'm having trouble understanding where the btc goes once the receiving transaction is complete and confirmed in Sparrow. Is the btc in Sparrow at that point? or is the btc in the coldcard at that point? To me (a novice), it just seems like you sent btc to a Sparrow account that had an address generated via Sparrow. Or am I misunderstanding where that address came from? Did the address come from the coldcard and once that receiving transaction is complete, the btc is secured on the coldcard? Thanks, Rhett.
You’re close - bitcoin is never “on a hardware wallet” bitcoin is always on the blockchain. You can think of hardware wallets like “signing devices”. The bitcoin is never on the COLDCARD the bitcoin is in a blockchain address that the COLDCARD has the private keys (the rights) to move around. So when you receive a transaction in Sparrow, Sparrow is just showing you that in the set of addresses that the CC generated you have X BTC. You could load those same addresses (extended public keys aka xpubs) into BlueWallet and it would show you the same balance. These wallet softwares are just showing a balance, but they can never move the funds - because they don’t have the keys. The CC has the keys 🔑 - so no matter what software you’re using, you need the CC to sign the transaction to spend the coins. Hopefully that made sense, if not, this video might help czcams.com/video/SXmM7MvqjB0/video.html
One more question for you if you don’t mind.. can multiple transactions be sent to the same receiving address? Or can a receiving address only receive one unique transaction?
Multiple transactions can be sent to the same receiving address. You don’t want to do that though for privacy reasons. Any address can be put into a block explorer. If you reuse the same address for every transaction you do, everyone you have that address to will be able to see very transaction you’ve sent. Hope that made sense.
Hi Rhett, temporarily have put BTC on a paper wallet until I can find a permanent solution. I’m looking for something super secure, and this seems to be the best so far. However, this is really technical and confusing. Like others, I’d like to know more about how Cold Card determines that malicious files have not travelled back in the sd card, and how sure we can be that that check itself can’t be compromised. Also, why don’t most wallets let you roll your own words? I’d like to have more than 24 and have the option to choose them myself. Great Video. Thanks.
A paper wallet is not a very good solution, you should put it on a mobile wallet or something instead while you wait. You can view when you plug in the SD card to computer (or on CC) what files are on the SD card (or on CC you can choose which files to execute) you would obviously not choose to execute a file that you don’t recognize (and you can always delete files that you’ve already used. If you find this too technical, you should use a Ledger or a trezor - they’re much more secure than a paper wallet. Most wallets don’t let you roll your own seed, becuase most people will probably mess it up (if you don’t roll enough dice your seed won’t be secure). For the same reason you should absolutely NOT choose a 24 word phrase that you made up (a phrase you make up will be much less random than a phrase generated by dice rolls or by the secure element of a ledger etc) - I explain the reason for this here: czcams.com/video/D9j5y3tyMo8/video.html It would also be better to have only 24 words (or 24 words and a passphrase) than making a 48 word seed and trying to remember how to input that seed into hardware wallets that only accept 24 words. The simplest option is often the best. Complexity will make it hard for you or anyone else (in an inheritance case) to recover your bitcoin.
Thanks for the tutorial. Do you know if in the coldcard is possible the see the seed phrase in case you lost the paper you noted to? The Trezor and others is not possible to do that. regards.
Hi Rhett - Awesome tutorial! If doing multiple transactions with the ColdCard airgapped do you just keep all the previous files on the SD card and just action the newest file?
I might make a video on how to read psbt files in the future. You should be able to easily see that there aren’t any extra psbt files being generated (ie. If you create one psbt file from unchained or something, there shouldn’t be 2 files there)
@@RhettReisman when I’m exporting the cold card to the Micro SD the name appears as “coldcard-export” not saying json in the name. But the “Type” is a JSON File? Also next to the name it has an internet explore logo. Seems weird, it’s on HP if that help at all. Is this okay?
Once sign a transaction, does it apply only to that transaction, or would that compromise the wallet as it already connected to the internet? My point is, I've heard that if you create a cold wallet (paper wallet specifically), you can load it with BTC. But if you ever need the funds, you should delete everything as the private key was exposed when you partially sent funds out. Would that also apply with a Coldcard? Btw, great video. I was having a hard time understanding what Coldcard was for. Thanks!
Thanks 🙏 No, once you sign a transaction the wallet is fine to continue signing transactions - you don’t need to remove all the funds in one transaction. The “wallet” (private key) is never connected to the internet in this process. The private key is in the secure element on the device and is used to generate signed bitcoin transaction files. Those .json files on the SD card don’t have your private key or a reference to your private key (you can confirm this by opening up the .Json file in a text editor on your computer) Here’s an article on the security risks of paper wallets: privacypros.io/wallets/paper/
Yeah still need to get on that BISQ video 🤦🏻♂️ Coinjoin is a way to mix your coins with other peoples coins to anonymize your stack. Risks would be that you don’t actually end up fully anonymizing or that chain analytics technology advances in the future and makes it possible to track coins through coinjoins,
@@RhettReisman but could You explain it in deep in a video ? I don’t understand HOW it works for real. A bit like BTC : i still don’t grasp Sats. If 1 BTC represents a folder (ledger) of transactions , sats are …?
@@ikust007 Think of sats like cents in a dollar. Just like it takes 100 cents to make 1 dollar, it takes one hundred million (100,000,000) sats to make 1 btc
Can bad actors attack the partially signed bitcoin transaction or upload extra information onto your microSD card, so that when you go to sign the tx on the coldcard, it has now "connected to the internet" and it's air-gapped benefits are no longer as strong?
This is a great question. Theoretically possible which is why Coldcard has the anti-phishing words and the lights to show that you're operating with stock Coldcard firmware etc In reality I think if you're moving around .json files it would be difficult for bad actors to inject code into your Coldcard. The fact that the software (sparrow, bluewallet, etc) we're interacting with are so limited in what they do makes them more secure
I think they're probably both fine. If you're at the poitn that you're worried about supply chain security holes I'd just make a multisig with different devices and stop worrying.
Umbrel is really unreliable with uptime and I didn’t feel like going to turn it back on and getting it to work mid-tutorial. Thinking of running a permanent one from my mac.
I get that you don't want to plug it into a pc/mac directly but why use the battery to power it? Is it less secure to use an USB-C charger plugged into the power socket?
For show mostly. USBC into wall is fine. It is worth noting that plugging a USB into a random outlet at an airport there could be a device on the other side transmitting data through the USB to your phone/computer/wallet etc. But, to your point, your wall outlet at home is safe.
The device doesn’t show your balance. You can view the balance in Sparrow Wallet. As soon as you receive a transaction Sparrow should update you don’t need to use the SD card. Coldcard is only there to verify a transaction you’re trying to send. Hope that makes sense.
I can make a tutorial. But I’d say if you’re not comfortable with it start with a small amount, get comfortable and then make the switch. The flow the same flow as sending from any other wallet. Lmk if there’s a part you get stuck with.
@@RhettReismanabsolutely need that video. Incorporate the Whirlpool from the start. Also BTC sessions isn’t using Lodger Live for sending BTC from ledger to sparrow. Please follow the same route but with your style of saying stories ,😊😊
How is using an SD card to do the signing of transactions anymore secure than a usb cable? Both are exposed to a computer so both can be infected and attacked. I don't get it.
You can read what information is changing in the partially signed bitcoin transaction files on the SD card and be 100% sure that you're signing what you meant to sign. That being said, I agree with you that air gapping generally is a small security benefit in the grand scheme of things (but it's not nothing - it is definitely more secure).
You could reset and redo it how I explained it. That will be a different seed phrase though, make sure to back up your existing one so you don’t lose your funds
Mostly to prove that you **can** operate a coldcard without connecting to any external smart devices. Wall outlet or portable charger would be the same, but battery is more provably not smart
I got a question thinking bout getting cold card. The computer my wife has is pretty old with viruses runs slow. Could this be a problem with security? Do i need to buy a new computer to be safe?
If you know your computer has viruses you shouldn’t be using it for anything meaningful. I suggest using anti-malware software (I use malwarebytes - no affiliation) to remove the viruses or getting a new computer before you put any consequential information into the computer. That being said, even if your computer has viruses your private key and funds on cold card should still be safe (not virus security advice). Someone might be able to steal your xPub though if you upload it to a computer with viruses.
Can you hypothetically use the cold card to generate the 24 word seed (using the dice rolls) and then restore a ledger nano using the newly generated 24 word seed? I just love ledger but I question their entropy situation
Great question Think COLDCARD defaults to BIP84 derivation paths, not sure if Ledger defaults to 84 or 44 but they should be compatible with both. You might need to configure something on the ledger side to match the derivation path of the coldcard. Worst case you’ll load the seed phrase and ledger won’t recognize the funds. Funds are still secured by seed phrase but will only show up once you’ve matched the derivation path.
Hi Rhett, thanks for the video! I saw that you said in response to someone else's comment that a paper wallet is not very good. I know it may be a silly question, but what are the major downsides of a paper wallet? Is it simply that the paper could get ripped up or easily damaged? If a paper wallet was locked away in a safe, it would seem secure to me. Could you explain the security vulnerabilities of a paper wallet? Thanks!
- **Susceptibility to Physical Damage:** Paper wallets can be easily lost, stolen, or physically damaged, making the Bitcoin irrecoverable. - **Technical Complexity and Security Risks:** Creating and using a paper wallet securely requires technical know-how, with risks such as malware on the generating computer or printer memory retention. - **Spending Complications:** Incorrectly spending from a paper wallet can lead to a loss of funds, as unused coins may be sent to an unintended change address controlled by the software used to handle the transaction.
Sending from another wallet (say Trezor or Ledger) to a cold card, does it matter if you mix address types? For instance, can you send bitcoin originally sent to a legacy segwit address on the sending wallet, starting with '3', to the cold card default which I understand is BIP84 native segwit? If not, what do you have to do to ensure the coins show up in the cold card? Thank you for a great video - cleared up quite a few queries I had.
How do I know with certainty that my device wasn’t preloaded with a private key? Yes I know I can do dice rolls, but even if I did them, there is no way to still prove coinkite doesn’t just throw out your inputs and give you the PK they made and have a copy of. Having a hard time trusting this
The source code is fully verifiable all the code is available here and you can confirm that your COLDCARD has the latest source code: github.com/Coldcard Instructions to verify the source code is the same as what is on your device here: github.com/Coldcard/firmware You don't have to trust, you can verify it yourself.
One trick is to generate one and throw it away, then generate another one. An hacked version will mostly give you back the same words and you would be able to spot it.
If you don't trust their entropy, you could use other methods to generate a seed and import that to the device or you could use a passphrase of your choice. If you need more security then multisig.
Should be able to use any usbc cable. There's is power only which means no data can be transferred but idk how big of a deal that is (especially if you're just connecting to a battery)
I'm only new to all of this but I do know these days that USB cables are being infected with malware from some dodgy manufacturers in China. I'm not sure how ColdCard manages this but perhaps that's why they only sell USB cables that do power only
The device will let you choose which file you want to sign. To your point though, you will probably get confused if you have 100 transaction files on your SD card all named about the same thing. So you don't HAVE to delete them but you probably should archive them or delete them every once in a while
XPub is an extended public key it’s basically every public key that your wallet could ever generate. Here’s a full explanation: unchained.com/blog/the-ticket-to-understanding-extended-public-keys/
I'd like to use ColdCard but i'm not savvy enough to set up, run, and connect my own node to Sparrow. Does using the public node option in Sparrow make this set up risky because it allows everyone to see my stack balance? Just wondering if the air-gap prevents malicious actors from seeing my balance and stealing my stack
No one should be able to see your balance or steal your stack even if you use a public node option in Sparrow (even if you don't use the fully airgapped setup) Using a public node is less private but everyone won't be able to see your stack balance. The node operator would be able to see transaction queries you were making and theres some privacy loss there but it's not linked to your identity or anything like that. I wouldn't worry about it if you're not super tech savvy. That being said, if you're not very tech savvy, I think you should treat Bitcoin as though it's not very private (you have to do a lot of technical work to make sure that all your Bitcoin transactions are truly private)
Think that’s a fine idea - I haven’t used whirlpool before but I’ve heard good things. Ultimately if you want full transparency you’d need to run a node, but the node connections in sparrow claim not to hold balance information or anything like that.
Rhett, I'm looking to understand the principles of a cold card. Im using sparrow and I have a Mark IV and love it. However I can't seem to find someone who explains what is actually happening in the process of using it. What I mean is the bitcoin is actually stored on the block chain and my seed phrase is what gives one access to it on the block chain correct? So whatever I put on my SD card of my cold card does not need to be backed up because its not really on the sd card all thats there is a transaction which says where my bitocin exists on the block chain, correct? Just trying to understand whats happening a little more. I cant seem to find anyone who unpacks this. Help? Thanks!
Yeah I think you’re really close you’re maybe just not understanding the last bit. The bitcoin is on the blockchain ✅ Your private key was generated by the coldcard ✅ Your XPub was loaded into sparrow (this means a view only version of the wallet was moved to sparrow - a version not capable of signing transactions without input from the private key / signing device - the coldcard) When you create a transaction in sparrow you need to prove that you have the key to move that bitcoin Sparrow creates a bitcoin transaction file (.psbt) that needs a signature (this file doesn’t expose any information about your private key because sparrow doesn’t have it) You move the .psbt to your coldcard to sign it. This creates a second “signed” version of the file (the signed version of the file doesn’t have any information about the private key, but it was only able to be created by combining the private key with the .psbt file) Now that you have that “signed” transaction you can put it back in sparrow to broadcast the transaction (over the internet) to bitcoin miners who will pick up the transaction and move the bitcoin out of the address to the new address. Hope that helps :)
Awesome! So there is no need to copy my sd card as a back up since the keys are on cold card. since its a view only would it be wise to leave in the computer to remember how much is on it or no?
Exactly - you can actually just delete the transaction files after they’ve been broadcast and have settled (since the transaction has already happened and been confirmed by miners you don’t need to keep the file) I would only load sparrow and your xPub onto a computer that is 100% yours (not a shared library computer or something). I wouldn’t bother deleting sparrow from the computer every time you use it, but don’t leave it unlocked if you have privacy concerns with it. I think you can password protect sparrow too which is another good option.
Maybe if you ran a script or something on the coldcard from the SD card, but if this happened your COLDCARD should light up showing you that the firmware of the COLDCARD has been tampered with. If you're just signing partially signed bitcoin transactions (which is what I demoed) it shouldn't be possible for your COLDCARD to become corrupted. A lot of people have had this question, might be interesting to do a video on what partially signed bitcoin transaction files are and why they're secure - if you think that would be interesting.
Feels like you could use a portable charger, I don’t think it’s a security risk - but I’m also not an expert and it might depend on how smart the portable charger is (dumber the battery the better)
@@RhettReismanThese days regular USB cables have been known to contain software from the manufacturer that can steal information that passes through it. How does ColdCard prevent this?
You can open the json file in a text editor and see that there isn’t a private key string in the json file. You should be able to Google the structure of partially signed bitcoin transaction files (.psbt) to see what should be in there
I have a question please, if you have a private key seed phrase on another wallet like Ledger can you input those seed words into coldcard and transfer the balance over?
According to Ledger documentation they use BIP 39 and generate a 24-word mnemonic. Coldcard FAQ states that you can import 24-word BIP 39 so the answer is: Yes. If you don't trust Ledger, consider creating a completely new wallet on Coldcard and send the keys over. That would be the only way to guarantee that it's not leaking from the Ledger device, ever. Maybe not wrong to be paranoid here.
Trying out the trezor model T now. Will have some comparisons soon. If it were up to me I would use a coldcard, but trezor might be integrated with more applications (and obviously if you’re trying it store non-btc coins you would need a trezor). Model T is pretty expensive though IIRC. TLDR think it depends on your use case
Not that I’m aware of here’s a list of SD card functions in the coldcard: coldcard.com/docs/microsd My understanding is that trezor does that through command line?
@@RhettReisman thanks dude! on a completely unrelated matter. Since you've setup python/api, i've noticed that if i withdraw btc from kraken, i only get 5 decimal places of precision. The rest remains as dust on the exchange which is really annoying. In your experience, do you have more control over the precision of the value you're withdrawing when doing so through an api call? - thanks again
I don’t use kraken much but I don’t think the api would give more precision. Function should be the same as regular withdraws. Pretty sure Gemini and Coinbase are 8 digits of precision
Sparrow just wouldn't work for me, wouldn't show the received btc I sent it, so I'm using electrum. It's a shame because Sparrow seems to be everyone's go to wallet. However I just want to keep things very simple and easy, and electrum seems fine.
@@RhettReisman yes I'm sure it's just me being silly and missing something obvious with Sparrow, but it's no biggie. Electrum seems fine and I'm only using it for the most minimal public key usage. I might also give numchuck a go before moving everything over from ledger.
Once the wallet xpubs have been uploaded onto Sparrow (or whatever desktop app) you can use any microSD to transmit data back and forth between the coldcard and the computer. If you export the xpubs and then the SD card breaks you can just export the xpubs onto a new SD card and do the process again
Seems that way. I’ll put out a quick video this week on the topic and a disclaimer before the Monday video (Monday video is a ledger tutorial 🤦🏻♂️) I don’t think you’re going to lose your coins overnight or anything but definitely lost a lot of trust in ledger. We’ll see what they say
No, the bitcoin is in the addresses generated by the coldcard. Sparrow is just a way to visualize those addresses. If your Sparrow was deleted you could load the xPubs from the coldcard into any other wallet viewer (Sparrow/Bluewallet/Electrum etc)
Lots of missing steps for people just beginning. Like the transferring of the files on and off your computer to the Cold Card. Waaaaaay too fast and complicated
11:25 you lost me . Cant you use your Umbrell !? Damn getting lost . I need to find a picture showing the differences between Sparrow , Wasabi, Blue, Strike, etc
I can use my umbrel - I didn’t because I wanted to film the video faster and didn’t want to deal with the hassle of setting it up. All these wallets use a block explorer in the back end to track your transactions but only some of them let you connect to your own node for the source of that data.
An xPub (or extended public key) is basically the list of every public key that can ever be associated with your wallet (private key). So when you export you xPub you’re basically giving watch only access of your wallet (forever for that single wallet) to whatever software you import into. Hope that made sense
@@RhettReisman thank you for your quick response. I’m new to this so had to read it several times, lol but basically to be honest, I’m not quite clear. Do you have a video on it. There are indeed a lot of terms I need to learn associated with Btc. It’s like learning a new language in a sense.
this is very hard to use. Just imagine you have to keep removing and moving the micro sd card each time you have to send a transaction?? I don't think this will catch up. Might be dead in a couple of years.
I disagree. It’s a great way to teach yourself how Bitcoin works. If you’re looking for an “easy” solution check out ledger. But for only a little more time investment you’ll level up your knowledge of bitcoin and have a safer self custody solution.
There is a reason it is called "cold" storage. It is not meant to be interact often. The main use case is to safeguard the majority of your bitcoin. Use a ledger or an hot wallet with smaller amounts for the everyday usages.
You did not verify your receiving address, generated by Sparrow wallet, on the device before sending funds to it. Very dangerous, since you have just downloaded the open source Sparrow Wallet from the internet and are trusting it not to generate a malicious receiving address. It is ridiculous to be so paranoid as to want to use a device fully air-gapped and then fail to do such an essential security check. No private keys have ever been lost by connecting a Trezor, or other, hardware wallet, to a USB port on a computer and on such devices, which are far simpler to use, verifying the receiving address on the device's display is a compulsory and the most important part of the security process, before any funds can be received. Your video is a typical example of trying to be clever and making your security far worse, as a result.
You should definitely verify your addresses and change addresses vs what’s on screen. On the other hand, we’re sending a really small amount which makes that risk pretty meaningless especially in a setup demo. I have a video coming out this month that explains the risk you’re talking about and how people have lost money making that mistake.
What do you think of the ColdCard? Was the tutorial easy enough to follow?
Great tutorial… easy to follow. Thank you for all your help!
Cheers :D glad to help!
Thanks. It helped me out to stay air gapped. I am gonna use this instead of my ledger. This is way more safe.
This might be safer but for your average person, this would be impossible without massive amount of fear of screwing it up and losing their crypto.
@shipoffulls only way to learn is by doing 🤷🏻♂️ to your point, some people will and others never will. I think trying with small amounts of money until you’re comfortable to make the switch is the best option.
Great job Rhett - happy to see more Bitcoin content creators pumping out quality tutorials. Keem em coming!
Thank you so much man 🙏 I’ve learned a ton from your videos over the years. Happy to pass it forward
this is the best tutorial for coldcard!! i didnt understand how to send from my coldcard until i watched this. thank you
Cheers Liam glad to help - more coming soon :D
Watching it again. This time I understand more. Thank you
Learn something new every time :)
Badass Rhett. Another level of security. Once I have 20 BTC. This is a must! Basically, no one has seen your wallet address. Keep some spare 9volts though.
Yeah coldcard is really next level. I think I’ll be using it for almost all my wallets going forward with their bip 84 features - I’ll make a video about that soon
Great tutorial!
Thanks Mike glad to help :)
I came here from the ledger drama. ColdCard is BASED
Facts
Wow lots to learn for a 60 year old guy but will do using ledger Nano -X Currently but makes me nervous as I am a Celsius victim now I know not your keys not your BTC Thank you
I think the ledger thing might be overblown (not a good idea to let engineers explain complex topics in public) but better safe than sorry
Glad to help :)
I know. It’s hard for me too. I am also old. But you know… I know many kids and engineers that don’t understand 1/10 that you do regarding BTC. If you were that bad… you wouldn’t be here.😅
Great video. Thank you. Kinda complicated but its worth it
Yeah the security is huge 🔥🔥
Amazing how secure you can get if you really want to!
Yeah it’s so secure. I’ll put out some more videos about it, it’s so powerful. You can use your coldcard seed to generate other “accounts” and basically secure your BlueWallet or whatever other account with your coldcard
@@RhettReisman is it impossible to put a virus into an SD card?
@tomcurry3358 yes but you would see the virus file (or you could open a theoretically corrupt .psbt file and see that it was trying to transfer to some other address)
@@RhettReisman thanks for your input
One of the video of the coldcard builder proved me not to use usb plugged on the laptop! Was good one .
Glad to help :)
Thanks for the video! Trying to decide between Coldcard Mk. 4 and BitBox02 (BTC-only version ofc) for my first hardware wallet 🤔
Haven't used the BitBox yet I'll have to check it out :)
Hey Rhett, Thanks for the great video! Wondering if you have a video showing how to switch wallets from Ledger Nano X (given the recent controversy) to a ColdCard wallet using Sparrow. I have currently started using Sparrow with my Nano X and have setup a ledger in Sparrow so I don't have to use Ledger Live anymore. But I really need to find out how to switch from a Ledger Nano X to a ColdCard wallet using Sparrow! Thanks!
You should be able to follow this tutorial and just send the funds from the ledger wallet tot he new seed you created on your COLDCARD following this tutorial
Air gapped is indeed essential.
Facts 🔥🔥🔥
8:39 !!! So funny … I was going to text you what was the difference with a simple Public key!
So YES . Please
Haha I will make sure to make an XPub video :D
so to understand this better, this means the SD card doesn't contain the bitcoin ever right? once I transfered the xpubs from the SD card onto Sparrow, I sent in bitcoin to the key that is stored on my ColdCard. From there I don't need the SD anymore, until further transactions?
Exactly! The SD card is just there to transfer partially signed (and fully signed) transactions between your signer (coldcard) and a wallet to broadcast the transaction (sparrow in this case)
Thanks for the video. I'm having trouble understanding where the btc goes once the receiving transaction is complete and confirmed in Sparrow. Is the btc in Sparrow at that point? or is the btc in the coldcard at that point? To me (a novice), it just seems like you sent btc to a Sparrow account that had an address generated via Sparrow. Or am I misunderstanding where that address came from? Did the address come from the coldcard and once that receiving transaction is complete, the btc is secured on the coldcard? Thanks, Rhett.
You’re close - bitcoin is never “on a hardware wallet” bitcoin is always on the blockchain.
You can think of hardware wallets like “signing devices”.
The bitcoin is never on the COLDCARD the bitcoin is in a blockchain address that the COLDCARD has the private keys (the rights) to move around.
So when you receive a transaction in Sparrow, Sparrow is just showing you that in the set of addresses that the CC generated you have X BTC.
You could load those same addresses (extended public keys aka xpubs) into BlueWallet and it would show you the same balance. These wallet softwares are just showing a balance, but they can never move the funds - because they don’t have the keys.
The CC has the keys 🔑 - so no matter what software you’re using, you need the CC to sign the transaction to spend the coins.
Hopefully that made sense, if not, this video might help czcams.com/video/SXmM7MvqjB0/video.html
One more question for you if you don’t mind.. can multiple transactions be sent to the same receiving address? Or can a receiving address only receive one unique transaction?
Multiple transactions can be sent to the same receiving address. You don’t want to do that though for privacy reasons.
Any address can be put into a block explorer. If you reuse the same address for every transaction you do, everyone you have that address to will be able to see very transaction you’ve sent.
Hope that made sense.
Finally watching it again. Merci mon ami
Cheers man 🙏🙏
Hi Rhett, temporarily have put BTC on a paper wallet until I can find a permanent solution. I’m looking for something super secure, and this seems to be the best so far. However, this is really technical and confusing. Like others, I’d like to know more about how Cold Card determines that malicious files have not travelled back in the sd card, and how sure we can be that that check itself can’t be compromised. Also, why don’t most wallets let you roll your own words? I’d like to have more than 24 and have the option to choose them myself. Great Video. Thanks.
A paper wallet is not a very good solution, you should put it on a mobile wallet or something instead while you wait.
You can view when you plug in the SD card to computer (or on CC) what files are on the SD card (or on CC you can choose which files to execute) you would obviously not choose to execute a file that you don’t recognize (and you can always delete files that you’ve already used.
If you find this too technical, you should use a Ledger or a trezor - they’re much more secure than a paper wallet.
Most wallets don’t let you roll your own seed, becuase most people will probably mess it up (if you don’t roll enough dice your seed won’t be secure). For the same reason you should absolutely NOT choose a 24 word phrase that you made up (a phrase you make up will be much less random than a phrase generated by dice rolls or by the secure element of a ledger etc) - I explain the reason for this here: czcams.com/video/D9j5y3tyMo8/video.html
It would also be better to have only 24 words (or 24 words and a passphrase) than making a 48 word seed and trying to remember how to input that seed into hardware wallets that only accept 24 words.
The simplest option is often the best. Complexity will make it hard for you or anyone else (in an inheritance case) to recover your bitcoin.
Also I want to add that the Coldcard Mk 4 does let you roll a dice to add entropy for your own seed phrase.
Yep just make sure you actually roll 100 dice or you won’t have enough entropy and will risk losing your BTC
Yep just make sure you actually roll 100 dice or you won’t have enough entropy and will risk losing your BTC
This is so cool. I need one
COLDCARDs are sick 🔥🔥🔥 definitely get one
Thanks for the tutorial. Do you know if in the coldcard is possible the see the seed phrase in case you lost the paper you noted to?
The Trezor and others is not possible to do that.
regards.
Yeah you can see it in the advanced menu: coldcard.com/docs/advanced/
You can also lock it down if you want to
Hi Rhett - Awesome tutorial! If doing multiple transactions with the ColdCard airgapped do you just keep all the previous files on the SD card and just action the newest file?
You can just use the newest file. After you’ve broadcast a transaction the old file is basically useless
@@RhettReisman Legend!
I don t get how it’s safer, since the micro SD came in contact with both? Can someone explain
You can audit all the files and data from the microSD card. You can’t see what information is being sent across the cable.
@@RhettReisman can this be seen/read with no technical skills lol? Thanks for the info by the way
I might make a video on how to read psbt files in the future. You should be able to easily see that there aren’t any extra psbt files being generated (ie. If you create one psbt file from unchained or something, there shouldn’t be 2 files there)
@@RhettReisman that would be awesome, thanks so much for the clarification
@@RhettReisman when I’m exporting the cold card to the Micro SD the name appears as “coldcard-export” not saying json in the name. But the “Type” is a JSON File? Also next to the name it has an internet explore logo. Seems weird, it’s on HP if that help at all. Is this okay?
Once sign a transaction, does it apply only to that transaction, or would that compromise the wallet as it already connected to the internet?
My point is, I've heard that if you create a cold wallet (paper wallet specifically), you can load it with BTC. But if you ever need the funds, you should delete everything as the private key was exposed when you partially sent funds out. Would that also apply with a Coldcard?
Btw, great video. I was having a hard time understanding what Coldcard was for. Thanks!
Thanks 🙏
No, once you sign a transaction the wallet is fine to continue signing transactions - you don’t need to remove all the funds in one transaction.
The “wallet” (private key) is never connected to the internet in this process. The private key is in the secure element on the device and is used to generate signed bitcoin transaction files. Those .json files on the SD card don’t have your private key or a reference to your private key (you can confirm this by opening up the .Json file in a text editor on your computer)
Here’s an article on the security risks of paper wallets: privacypros.io/wallets/paper/
@@RhettReisman thanks a lot
Could you explain to us what is coinjoin ? Risks ? Utility ?
Also: a P2P exchange video.
Yeah still need to get on that BISQ video 🤦🏻♂️
Coinjoin is a way to mix your coins with other peoples coins to anonymize your stack. Risks would be that you don’t actually end up fully anonymizing or that chain analytics technology advances in the future and makes it possible to track coins through coinjoins,
@@RhettReisman but could
You explain it in deep in a video ? I don’t understand HOW it works for real. A bit like BTC : i still don’t grasp Sats. If 1 BTC represents a folder (ledger) of transactions , sats are …?
@@ikust007 Think of sats like cents in a dollar. Just like it takes 100 cents to make 1 dollar, it takes one hundred million (100,000,000) sats to make 1 btc
@@MrFooChopsI know but is always need a real definition . Like the bitcoin ledger I can represent it. Just can’t represent the Sats 😅
is it still considered air gapped even is the SD card was connected to a laptop that is connected to the internet?
Yes because the keys are never exposed to the SD card - all the signing happens on device and you can inspect every file on the SD card
I am mechanically uninclined - I almost broke the cover trying to pry it off before realizing it slid off. Should have watched your video first lol.
Bro lol I did the same thing 🤦🏻♂️ thank god for editing
Subscribed! Thanks! Please do a video on xpub thank you!
Cheers will do :)
Can bad actors attack the partially signed bitcoin transaction or upload extra information onto your microSD card, so that when you go to sign the tx on the coldcard, it has now "connected to the internet" and it's air-gapped benefits are no longer as strong?
This is a great question. Theoretically possible which is why Coldcard has the anti-phishing words and the lights to show that you're operating with stock Coldcard firmware etc
In reality I think if you're moving around .json files it would be difficult for bad actors to inject code into your Coldcard. The fact that the software (sparrow, bluewallet, etc) we're interacting with are so limited in what they do makes them more secure
It s better Bitbox, it was prived cokdcard has potential supply chain security holes
I think they're probably both fine. If you're at the poitn that you're worried about supply chain security holes I'd just make a multisig with different devices and stop worrying.
11:43 confuse… I thought your plugged to your node .
Umbrel is really unreliable with uptime and I didn’t feel like going to turn it back on and getting it to work mid-tutorial. Thinking of running a permanent one from my mac.
Hello buddy.
Question : don’t you have the choice for 12 words? If so, why choosing 24?
You’re right 12 is generally better
I get that you don't want to plug it into a pc/mac directly but why use the battery to power it? Is it less secure to use an USB-C charger plugged into the power socket?
For show mostly. USBC into wall is fine. It is worth noting that plugging a USB into a random outlet at an airport there could be a device on the other side transmitting data through the USB to your phone/computer/wallet etc.
But, to your point, your wall outlet at home is safe.
Cool video... what's an xpub? Thanks
It’s basically a list of every possible public key for your bitcoin wallet. This way you can use and recycle them to your hearts content
Question! When I receive bitcoin to the public address. Do I need to place the microSD card back into ColdCard for it to reflect on device?
The device doesn’t show your balance. You can view the balance in Sparrow Wallet. As soon as you receive a transaction Sparrow should update you don’t need to use the SD card.
Coldcard is only there to verify a transaction you’re trying to send.
Hope that makes sense.
Hey Rhett wonderful tutorial. What's the best way to send btc from ledger to mk4?
I can make a tutorial. But I’d say if you’re not comfortable with it start with a small amount, get comfortable and then make the switch.
The flow the same flow as sending from any other wallet. Lmk if there’s a part you get stuck with.
@@RhettReismanabsolutely need that video. Incorporate the Whirlpool from the start. Also BTC sessions isn’t using Lodger Live for sending BTC from ledger to sparrow. Please follow the same route but with your style of saying stories
,😊😊
You are the first “technically challenged” software engineer I know of 😑
Lmao where did I mess up?
@@RhettReisman you didn’t mess up anything. I just found it funny that you kept saying you were technically challenged when you apparently are not.
I definitely am though 🤣 it makes me self conscious sometimes haha
Good point though I should just believe in myself
How is using an SD card to do the signing of transactions anymore secure than a usb cable? Both are exposed to a computer so both can be infected and attacked. I don't get it.
You can read what information is changing in the partially signed bitcoin transaction files on the SD card and be 100% sure that you're signing what you meant to sign.
That being said, I agree with you that air gapping generally is a small security benefit in the grand scheme of things (but it's not nothing - it is definitely more secure).
@@RhettReisman thanks 😊 🙏
I didn't know about air gapping is it possible to reset the coldcard and redo it the way you explained or would I need to buy another and start over?
You could reset and redo it how I explained it. That will be a different seed phrase though, make sure to back up your existing one so you don’t lose your funds
@@RhettReisman Great thank you!
any idea why a coldcard would be stuck on "verifying" with a red light?
Not sure - seems like a hardware / firmware issue. I'd try reaching out to Coinkite and seeing what they say
Why do people choose the Bitbox2.0 Btc Wallet over the MK4?
Why choose the MK4 Cold-Card over the BitBox?
Who has the answer?
Depends what kinds of features you’re looking for. Most people using the bitbox probably want the ability to hold multiple cryptocurrencies
Why to use the battery and not to conect a usb phone charger?
Mostly to prove that you **can** operate a coldcard without connecting to any external smart devices. Wall outlet or portable charger would be the same, but battery is more provably not smart
I got a question thinking bout getting cold card. The computer my wife has is pretty old with viruses runs slow. Could this be a problem with security? Do i need to buy a new computer to be safe?
If you know your computer has viruses you shouldn’t be using it for anything meaningful.
I suggest using anti-malware software (I use malwarebytes - no affiliation) to remove the viruses or getting a new computer before you put any consequential information into the computer.
That being said, even if your computer has viruses your private key and funds on cold card should still be safe (not virus security advice). Someone might be able to steal your xPub though if you upload it to a computer with viruses.
Can you hypothetically use the cold card to generate the 24 word seed (using the dice rolls) and then restore a ledger nano using the newly generated 24 word seed? I just love ledger but I question their entropy situation
Yeah you could do that. Be careful that you’re using enough entropy. Entropy explanation here: czcams.com/video/D9j5y3tyMo8/video.html
@@RhettReisman same derivation path?
Great question
Think COLDCARD defaults to BIP84 derivation paths, not sure if Ledger defaults to 84 or 44 but they should be compatible with both.
You might need to configure something on the ledger side to match the derivation path of the coldcard.
Worst case you’ll load the seed phrase and ledger won’t recognize the funds. Funds are still secured by seed phrase but will only show up once you’ve matched the derivation path.
Hi Rhett, thanks for the video! I saw that you said in response to someone else's comment that a paper wallet is not very good. I know it may be a silly question, but what are the major downsides of a paper wallet?
Is it simply that the paper could get ripped up or easily damaged? If a paper wallet was locked away in a safe, it would seem secure to me. Could you explain the security vulnerabilities of a paper wallet?
Thanks!
- **Susceptibility to Physical Damage:** Paper wallets can be easily lost, stolen, or physically damaged, making the Bitcoin irrecoverable.
- **Technical Complexity and Security Risks:** Creating and using a paper wallet securely requires technical know-how, with risks such as malware on the generating computer or printer memory retention.
- **Spending Complications:** Incorrectly spending from a paper wallet can lead to a loss of funds, as unused coins may be sent to an unintended change address controlled by the software used to handle the transaction.
Ok, thanks!@@RhettReisman
Sending from another wallet (say Trezor or Ledger) to a cold card, does it matter if you mix address types? For instance, can you send bitcoin originally sent to a legacy segwit address on the sending wallet, starting with '3', to the cold card default which I understand is BIP84 native segwit? If not, what do you have to do to ensure the coins show up in the cold card? Thank you for a great video - cleared up quite a few queries I had.
You can send bitcoin from an address to any other kind of address (ie. sending from a legacy address to a segwit address). Hope that helps :)
@RhettReisman Yes, indeed. Really appreciate your reply. Loved the video
ALWAYS send just a small amount first! to see if it works :)
Cool!
The greatest!
How do I know with certainty that my device wasn’t preloaded with a private key? Yes I know I can do dice rolls, but even if I did them, there is no way to still prove coinkite doesn’t just throw out your inputs and give you the PK they made and have a copy of.
Having a hard time trusting this
The source code is fully verifiable all the code is available here and you can confirm that your COLDCARD has the latest source code: github.com/Coldcard
Instructions to verify the source code is the same as what is on your device here: github.com/Coldcard/firmware
You don't have to trust, you can verify it yourself.
One trick is to generate one and throw it away, then generate another one. An hacked version will mostly give you back the same words and you would be able to spot it.
If you don't trust their entropy, you could use other methods to generate a seed and import that to the device or you could use a passphrase of your choice. If you need more security then multisig.
Hey! Can we use any usb-c cable? Or do we need one from coldnite?
Should be able to use any usbc cable. There's is power only which means no data can be transferred but idk how big of a deal that is (especially if you're just connecting to a battery)
I'm only new to all of this but I do know these days that USB cables are being infected with malware from some dodgy manufacturers in China. I'm not sure how ColdCard manages this but perhaps that's why they only sell USB cables that do power only
do you have to delete old transactions from the micro sd card so the device knows which one to sign?
The device will let you choose which file you want to sign. To your point though, you will probably get confused if you have 100 transaction files on your SD card all named about the same thing.
So you don't HAVE to delete them but you probably should archive them or delete them every once in a while
@@RhettReisman thanks for the quick reply to a months old video! you have earned a sub
Glad to help :)
Ledger is great
Facts - so easy to set up
What is XPUB? Thanks
XPub is an extended public key it’s basically every public key that your wallet could ever generate. Here’s a full explanation: unchained.com/blog/the-ticket-to-understanding-extended-public-keys/
Rhett,,,
Can i use a soft wallet app on my android phone?
What do you recommend?
I'm a beginner and want to buy btc.
Just ordered mk4
I would use BlueWallet or Muun for Bitcoin/Lightning and Exodus for altcoins
@@RhettReisman
Can I use an SD card on my android phone?
Thanks for all your help 🙏 👍
No problem :)
You should be able to with an adapter. I’ve done it on iPhone with a lightning to sd card adapter
@@RhettReisman
👍👍👍
I'd like to use ColdCard but i'm not savvy enough to set up, run, and connect my own node to Sparrow. Does using the public node option in Sparrow make this set up risky because it allows everyone to see my stack balance? Just wondering if the air-gap prevents malicious actors from seeing my balance and stealing my stack
No one should be able to see your balance or steal your stack even if you use a public node option in Sparrow (even if you don't use the fully airgapped setup)
Using a public node is less private but everyone won't be able to see your stack balance. The node operator would be able to see transaction queries you were making and theres some privacy loss there but it's not linked to your identity or anything like that.
I wouldn't worry about it if you're not super tech savvy. That being said, if you're not very tech savvy, I think you should treat Bitcoin as though it's not very private (you have to do a lot of technical work to make sure that all your Bitcoin transactions are truly private)
@@RhettReisman ah, fantastic. Thanks man!
If I lose or somehow destroy ColdCard device, how do I recover private key?
Backing up the seed phrase to paper or metal will keep your private key safe
What if we didn’t have a node?
I am thinking of sending from ledger to sparrow and then whirlpool . Please comment
Think that’s a fine idea - I haven’t used whirlpool before but I’ve heard good things. Ultimately if you want full transparency you’d need to run a node, but the node connections in sparrow claim not to hold balance information or anything like that.
@@RhettReisman when you next video on whirlpool :)
I’ll look into it, I haven’t had a super compelling reason to use mixers yet
Are you able to directly move your BTC from a Ledger Nano X to the ColdCard wallet?
Yes 🙌
Rhett, I'm looking to understand the principles of a cold card. Im using sparrow and I have a Mark IV and love it. However I can't seem to find someone who explains what is actually happening in the process of using it. What I mean is the bitcoin is actually stored on the block chain and my seed phrase is what gives one access to it on the block chain correct? So whatever I put on my SD card of my cold card does not need to be backed up because its not really on the sd card all thats there is a transaction which says where my bitocin exists on the block chain, correct? Just trying to understand whats happening a little more. I cant seem to find anyone who unpacks this. Help? Thanks!
Yeah I think you’re really close you’re maybe just not understanding the last bit.
The bitcoin is on the blockchain ✅
Your private key was generated by the coldcard ✅
Your XPub was loaded into sparrow (this means a view only version of the wallet was moved to sparrow - a version not capable of signing transactions without input from the private key / signing device - the coldcard)
When you create a transaction in sparrow you need to prove that you have the key to move that bitcoin
Sparrow creates a bitcoin transaction file (.psbt) that needs a signature (this file doesn’t expose any information about your private key because sparrow doesn’t have it)
You move the .psbt to your coldcard to sign it. This creates a second “signed” version of the file (the signed version of the file doesn’t have any information about the private key, but it was only able to be created by combining the private key with the .psbt file)
Now that you have that “signed” transaction you can put it back in sparrow to broadcast the transaction (over the internet) to bitcoin miners who will pick up the transaction and move the bitcoin out of the address to the new address.
Hope that helps :)
Awesome! So there is no need to copy my sd card as a back up since the keys are on cold card. since its a view only would it be wise to leave in the computer to remember how much is on it or no?
Exactly - you can actually just delete the transaction files after they’ve been broadcast and have settled (since the transaction has already happened and been confirmed by miners you don’t need to keep the file)
I would only load sparrow and your xPub onto a computer that is 100% yours (not a shared library computer or something). I wouldn’t bother deleting sparrow from the computer every time you use it, but don’t leave it unlocked if you have privacy concerns with it. I think you can password protect sparrow too which is another good option.
Is it possible to use with a powerbank
Yes! Any battery
Am I the only one who understands your PIN? Hahahaha. I am 57 years old.
Lmao
I've had better usage experience with Electrum wallet, not Sparrow.
Electrum is great too
Is there any way for the SD card to compromise the Cold Card?
Maybe if you ran a script or something on the coldcard from the SD card, but if this happened your COLDCARD should light up showing you that the firmware of the COLDCARD has been tampered with.
If you're just signing partially signed bitcoin transactions (which is what I demoed) it shouldn't be possible for your COLDCARD to become corrupted.
A lot of people have had this question, might be interesting to do a video on what partially signed bitcoin transaction files are and why they're secure - if you think that would be interesting.
@@RhettReisman thanks for the good info. I’m definitely interested in getting a cold card after watching your video.
Glad to help! 😄
Can you use a portable charger instead of a 9v? Do you think it’s a security risk?
Feels like you could use a portable charger, I don’t think it’s a security risk - but I’m also not an expert and it might depend on how smart the portable charger is (dumber the battery the better)
@@RhettReisman if it works with a regular USB cable, does it also work with a regular phone charger ?
You can use regular USB-C cable yes
@@RhettReismanThese days regular USB cables have been known to contain software from the manufacturer that can steal information that passes through it. How does ColdCard prevent this?
They sell power only usb cables if you want them
How would you go about verifying that the json file you write to the sd card doesn't contain anything sensitive?
You can open the json file in a text editor and see that there isn’t a private key string in the json file. You should be able to Google the structure of partially signed bitcoin transaction files (.psbt) to see what should be in there
I have a question please, if you have a private key seed phrase on another wallet like Ledger can you input those seed words into coldcard and transfer the balance over?
According to Ledger documentation they use BIP 39 and generate a 24-word mnemonic. Coldcard FAQ states that you can import 24-word BIP 39 so the answer is: Yes.
If you don't trust Ledger, consider creating a completely new wallet on Coldcard and send the keys over. That would be the only way to guarantee that it's not leaking from the Ledger device, ever. Maybe not wrong to be paranoid here.
@@emmerichleimer3086 thank you I think this is what I will do and use coldcard for storage.
It’s like @emmerichleimer3086 is saying - you CAN transfer the seed from the ledger. But to be safe you should just make a new one
@@RhettReisman ok thank you.
Would you recommend this over the model trezor t?
Trying out the trezor model T now. Will have some comparisons soon.
If it were up to me I would use a coldcard, but trezor might be integrated with more applications (and obviously if you’re trying it store non-btc coins you would need a trezor). Model T is pretty expensive though IIRC.
TLDR think it depends on your use case
hey, just wondering if the CC has the sd card key feature like on the trezor T, that allows you to bind the device to the sd card ? - thank you
Not that I’m aware of here’s a list of SD card functions in the coldcard: coldcard.com/docs/microsd
My understanding is that trezor does that through command line?
@@RhettReisman thanks dude! on a completely unrelated matter. Since you've setup python/api, i've noticed that if i withdraw btc from kraken, i only get 5 decimal places of precision. The rest remains as dust on the exchange which is really annoying. In your experience, do you have more control over the precision of the value you're withdrawing when doing so through an api call? - thanks again
I don’t use kraken much but I don’t think the api would give more precision. Function should be the same as regular withdraws. Pretty sure Gemini and Coinbase are 8 digits of precision
Sparrow just wouldn't work for me, wouldn't show the received btc I sent it, so I'm using electrum. It's a shame because Sparrow seems to be everyone's go to wallet. However I just want to keep things very simple and easy, and electrum seems fine.
That sucks :/ yeah they’re both great options. Electrum is just as functional as far as I know
@@RhettReisman yes I'm sure it's just me being silly and missing something obvious with Sparrow, but it's no biggie. Electrum seems fine and I'm only using it for the most minimal public key usage. I might also give numchuck a go before moving everything over from ledger.
Yeah I’ll be looking into Nunchuck soon as well. Seems like a really interesting option
Voltage and Amboss next please
I’ll add them to the list
Agree
If the MicroSD card that the wallet was exported onto breaks, what would happen? Would you have to re-export another wallet with a new MicroSD card?
Once the wallet xpubs have been uploaded onto Sparrow (or whatever desktop app) you can use any microSD to transmit data back and forth between the coldcard and the computer. If you export the xpubs and then the SD card breaks you can just export the xpubs onto a new SD card and do the process again
@@RhettReisman cool thank you sooo much
Cheers :D
Is ledger not safe anymore with new updates?
Seems that way. I’ll put out a quick video this week on the topic and a disclaimer before the Monday video (Monday video is a ledger tutorial 🤦🏻♂️)
I don’t think you’re going to lose your coins overnight or anything but definitely lost a lot of trust in ledger. We’ll see what they say
How can I see the balance?!
If you export your public key to a wallet (ie sparrow or BlueWallet) you can view your balance there. You can view your coldcard as the signing device
@@RhettReisman thank you só much maan
15:00 why do you have the Blue Wallet logo ?
My Mac defaults .psbt files to open in BlueWallet
Can you send from ledger to coldcard?
Yes!
So what happens if you delete the wallet you created on sparrow? Will that erase the btc's you have received????
No, the bitcoin is in the addresses generated by the coldcard. Sparrow is just a way to visualize those addresses. If your Sparrow was deleted you could load the xPubs from the coldcard into any other wallet viewer (Sparrow/Bluewallet/Electrum etc)
@@RhettReisman thanks man. That just brought my anxiety level down 100 points.
No problem 🙏 glad to help :)
Lots of missing steps for people just beginning. Like the transferring of the files on and off your computer to the Cold Card. Waaaaaay too fast and complicated
Sorry - feel free to dm me if you have questions / got lost
is it open source?
The source code is verifiable. It used to be open source until foundation copied the code and made a competitor device.
11:25 you lost me . Cant you use your Umbrell !?
Damn getting lost . I need to find a picture showing the differences between Sparrow , Wasabi, Blue, Strike, etc
I can use my umbrel - I didn’t because I wanted to film the video faster and didn’t want to deal with the hassle of setting it up.
All these wallets use a block explorer in the back end to track your transactions but only some of them let you connect to your own node for the source of that data.
@@RhettReisman how to stop that info ?
How to stop what? Sorry :/
@@RhettReisman sorry … i will come
Back on the subject later
What’s an ex pub??
An xPub (or extended public key) is basically the list of every public key that can ever be associated with your wallet (private key).
So when you export you xPub you’re basically giving watch only access of your wallet (forever for that single wallet) to whatever software you import into.
Hope that made sense
@@RhettReisman thank you for your quick response. I’m new to this so had to read it several times, lol but basically to be honest, I’m not quite clear. Do you have a video on it. There are indeed a lot of terms I need to learn associated with Btc. It’s like learning a new language in a sense.
this is very hard to use. Just imagine you have to keep removing and moving the micro sd card each time you have to send a transaction?? I don't think this will catch up. Might be dead in a couple of years.
I disagree. It’s a great way to teach yourself how Bitcoin works. If you’re looking for an “easy” solution check out ledger. But for only a little more time investment you’ll level up your knowledge of bitcoin and have a safer self custody solution.
There is a reason it is called "cold" storage. It is not meant to be interact often. The main use case is to safeguard the majority of your bitcoin. Use a ledger or an hot wallet with smaller amounts for the everyday usages.
@juliengrenier9678 100%, great point
I understand you and you are totally right. We will be a minority . But it’s always like that since the dawn of time.
It started off well...then I slowly lost the will to live...
Damn, sorry :/
Please stay alive :)
jennie jennie who can i call?
Wat
@@RhettReisman Jenny by Tommy Tutone
I am profoundly wondering how many of us will do such manoeuvres …
For sure not any members of my family neither Friends.
Which part do you think is too complicated?
@@RhettReisman you are not the issue. The whole System is. We are used to not being in controlled of our money .
Totally 💯💯💯
Some humans have a desire to be responsible for oneself, most rather give that responsibility to others.
^^ exactly
You did not verify your receiving address, generated by Sparrow wallet, on the device before sending funds to it.
Very dangerous, since you have just downloaded the open source Sparrow Wallet from the internet and are trusting it not to generate a malicious receiving address.
It is ridiculous to be so paranoid as to want to use a device fully air-gapped and then fail to do such an essential security check.
No private keys have ever been lost by connecting a Trezor, or other, hardware wallet, to a USB port on a computer and on such devices, which are far simpler to use, verifying the receiving address on the device's display is a compulsory and the most important part of the security process, before any funds can be received.
Your video is a typical example of trying to be clever and making your security far worse, as a result.
You should definitely verify your addresses and change addresses vs what’s on screen.
On the other hand, we’re sending a really small amount which makes that risk pretty meaningless especially in a setup demo.
I have a video coming out this month that explains the risk you’re talking about and how people have lost money making that mistake.
you could at least breathe when you talk, there's no period, there's no comma, it's like a runaway train
I’ve evolved to the point where I don’t need to breathe
@@RhettReisman ahaha, Great!
😂🤣
Am I the only one that picked up on the Jenny 8675309 ? 🤣🤣
Easter egg winner 🥇 🥚
If I’m ever doing a giveaway of something in the future DM me a screenshot of this comment lmao
@@RhettReisman awesome man. Just subbed. Stumbled on this video/your channel today. Thanks for the info
Cheers man welcome aboard 🛥️