On Thu, Sep 15, 2016 at 5:26 AM, Andrew David Wong <[email protected]> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 2016-09-14 19:11, Franz wrote: > > On Wed, Sep 14, 2016 at 8:54 PM, Marek Marczykowski-Górecki < > > [email protected]> wrote: > >> On Wed, Sep 14, 2016 at 08:07:35PM -0300, Franz wrote: > >>> On Thu, Jun 30, 2016 at 12:42 AM, Andrew David Wong <[email protected]> > >>> wrote: > >>>> On 2016-06-29 09:37, Franz wrote: > >>>>> But how can I trust a printing dispVM for something as sensitive as > >>>>> a hot wallet? We would need two different dispVMs but we are not > >>>>> there yet. > >>>> > >>>> Indeed, not yet, but it will be implemented in R4.0: > >>>> > >>>> https://groups.google.com/d/topic/qubes-devel/xLZU0R5ijCg/discussion > >>>> https://github.com/QubesOS/qubes-issues/issues/866 > >>>> https://github.com/QubesOS/qubes-issues/issues/2075 > >>>> > >>> > >>> Andrew, > >>> After various tests I am getting a bit more confidence about bitcoins. > >> So I > >>> prepared the promised tutorial. I tried to go to Qubes documentation to > >> see > >>> if there is any way to upload it, but found no reference. So I post it > >>> here. Perhaps you know what to do. > >> > > Thank you for taking the time to write this, Franz. However, we > already have a page on using Split Bitcoin wallets (using > Electrum) here: > > https://www.qubes-os.org/doc/split-bitcoin/ > > Nonetheless, it looks like your guide has some additional > information that is missing from the current page. Please > consider submitting a pull request against this page with your > additions. Andrew Additions? Well I used a somehow different way, because i sign the transactions on both the hot and the cold VM. So the hot VM is not for "watching" it is for doing exactly all what does the non-connected one (including signing) and obviously for doing the real job of generating addresses for receiving and sending bitcoins to other addresses. It is what is called multi-signature. Is it worth to sign the transaction two times, once for each VM? I do not know, but it is not so much additional work because in both cases you always have to copy a file forward and back between VMs. But the two ways are somehow alternative. I see no point to mix them in the tutorial just to increase confusion to a matter that is already a bit complicated. The final part of editing the firewall rules of hot VM to limit connection to Electrum servers may be worth to protect the keys in hot VM, but may have less sense if there are no keys to protect in hot VM. So did nothing, but am obviously open to suggestions. Best Fran > You can see the documentation guidelines including > a step-by-step how-to) here: > > https://www.qubes-os.org/doc/doc-guidelines/ > > - -- > Andrew David Wong (Axon) > Community Manager, Qubes OS > https://www.qubes-os.org > -----BEGIN PGP SIGNATURE----- > > iQIcBAEBCgAGBQJX2ltIAAoJENtN07w5UDAwZwwQAL6eJaF0jCqlsKkN94DTFfYw > 9fcC2w/ybGbPii7h0zHeuzpLsdKc8BQt1ijQ4UiBKzotEQIqyBGDW5xs/7ex6iYn > vZibLWsfDK9Zoxqj0kxlZrGTmHbzInvWTVIjtoKY7pOfDfosgGTBqvd9uM1RqSn3 > MfWuWbJtY2JjRp4+Q80IUS4soQB8Emcm7ZSEBqu6TvX61ycBWyxm/DDLt9xLoFNg > WFB6jVFnUGkucRoKEKwevVOfFoSiLTPjiDjIarlhTKaiG1NCT5otItbfq60mdZcf > BYqS+1vb5WDm55YdDy8p4znz0ImKcLErmUZK+TgRLK4Yi36bvKb3EXr3gUQa4Tqd > MZHpjR6IP/t4tbgBXWc7x6CDqFv+T8LRdD1v5IlsmMl7RmcyV8ES1xFwYXDl4I81 > 7iYvOPjTqoMOASIOejdkuufu+adfgy4BYLqd1SV/C1oJk8SXJ0dkuvoT4IJ1nDBc > FAHIDE9S1MiJZ2fdHGq/B6plrDe/JluhT9L0A8NPCIZetCkTcvgyQQ5CrNyR2UWw > nedk+L2zvzwNQxbZXXVmGSR3gczEkWYfn/ZT+OAFmo72qWPJmLwtmZg/q9zbm6Vw > Bd7ne4mbnOyLshrQ6ZFVui0ZnDfQn4QLauMEQEwS2xNEU88qjIjlNt4klpwtFPVN > 5AWniVUYJXpjwvKiJeSx > =OMbs > -----END PGP SIGNATURE----- > > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPzH-qAAHdbVz9LkTTENM-f1_%2BPhhG7HHezOv%2B%3DcMHvpVs4pRg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
