This is a tutorial on creating a Bitcoin cold wallet that does not rely on transporting USB flash drives between the two devices, which might create a security hazard in case a bad-usb attack is deployed against you.

This tutorial covers Bitcoin using the Electrum wallet (electrum.org), but the same procedure can be used for Bitcoin cash using the Electron Cash wallet (electroncash.org).

In this tutorial, I will use a cheap Android phone for my air-gapped wallet, and a PC for the connected wallet. If you prefer, you can use two PCs, or two phones: the procedure is quite similar.

The basic idea behind an air-gapped set-up is that the connected wallet knows the amounts in the wallet but is not able to spend, because it does not have the private keys. The air-gapped wallet, on the other hand, has the private keys but does not know the amounts, as those are in the blockchain and would require a connection. To spend, you need to use both wallets and transfer some information between them.

This is often done via USB drives, but for a greater isolation we’ll use just QR codes.

A — Setting up the air-gapped phone

An air-gapped device is a device (computer, or in this case, a phone) that is never connected to the Internet or any other device.

This ensures a very good security, as no bug/hack/exploit can result in someone accessing the data on the device. In this case, the precious data are the private keys (and the seed) that control your bitcoins.

A first connection will be done to the Internet in order to set up the device, but before the sensitive information is stored on the device, the device will be disconnected for ever. No updates, nothing!

I will be using a cheap Chinese Android Phone as the air-gapped device. You can use any oldish or used device, as long as it is able to run Electrum.

I recommend resetting the phone to its factory devices before starting, and of course the phone must not have a SIM card.

When you setup the phone, the phone must be connected to a Wi-Fi. I suggest that you (temporarily) change the password of your Wi-Fi, use it to setup the phone, and then change the Wi-Fi password back to the usual. This will make it impossible for the phone to ever connect again to that Wi-Fi (in case you are really paranoid and you don’t trust the “forget password” function of your phone).

Also, consider that you can use the same phone for securing both Bitcoin and Bitcoin Cash, but (very important) the two apps (Electrum and Electron Cash) must be installed at the same time, in order to avoid the need to later re-connect the phone to the Internet.

I suggest installing both apps, even if at the moment you are only interested in one of the two. By doing this, if in the future you want the other app you’ll have it already installed.

Let’s start! Initialize your new phone, or reset it to its factory settings (the procedure varies from model to model). During the process, only connect it to the Wi-Fi with the temporary password:

Once the setup is completed and the phone has started, install the Electrum Bitcoin Wallet app and/or the Electron Cash app (from the Google Play app). During setup, it will request permission to access files and the camera. Accept and proceed.

As I was saying, repeat the installation for the Electron Cash app.

Once installed, DO NOT OPEN THE APPs: first disconnect the phone from the Wi-Fi, and use the “Forget” function to remove the password from the phone’s memory.

If (being paranoid) you changed the Wi-Fi password, this is the moment to change it back to the orginal.

From now on, the phone is air-gapped and will NEVER be connected to anything: no SIM, no Wi-Fi, no USB cable. When recharging, use a wall adapter, not your PC’s USB.

This ensures that the phone will not be prone to attacks.

B — Setting up the air-gapped wallet

Only now, open the Electrum App. This will start the creation of the new wallet.

Select “Standard Wallet”, and then “Create a new seed”.

When prompted if you want “Standard” or “Segwit” addresses, select the type of wallet you prefer. At the moment, the bech32 Segwit addresses generated by Electrum aren’t recognized by many wallets, so I’d suggest “Standard”. YMMV.

You will be presented with the seed, 12 words that control your Bitcoin.

I assume you know the importance of the seed, but to be safe, I’ll repeat: write the seed down and keep it safe, it’s the only thing that will allow you to recover your money if the phone stops functioning or is destroyed/lost.

On the other hand, remember: anybody who has the seed can get your money! Do not take a picture of the screen, to not send the seed by email, and do not put it into any electronic device. That would make the whole “air-gapped” idea rather pointless.

For verification, you’ll have to re-enter the seed and then select a PIN. Use a reasonably hard PIN, in case someone gets your phone.

You now have the wallet ready.

It will say “Disconnected” with an amount of 0 Bitcoin (or rather, 0 millibitcoin). Remember: even after sending money to this wallet, it will say “0 mBTC” because it’s disconnected and does not know how much money it has. This is normal.

C — Setting up the on-line wallet

This is the wallet I will use in the PC. It does not require a very secure environment, as it is not able to spend money. It does not require a rigorous backup policy, because even if it breaks down you can re-install it as explained in the following steps.

Go to electrum.org (or electroncash.org) and download Electrum (or Electron Cash). Install the program and run it. It will prompt you for the name of a new wallet. I’ll call it “Online”

It will then ask what kind of wallet you want to create. Select “Standard Wallet”.

On the next page, it will ask “Do you want to create a new seed, or to restore a wallet using an existing seed?” Select “Use a master key”

A form will open requesting to enter a master public key:

Click on the small QR code and the camera will open. We will use the web-cam to read the master key from the cellphone (the master public key is a bit of information that allows the on-line wallet to know the amounts in the air-gapped wallet, but not to spend the money)

On the phone, run Electrum. Tap on the name of the wallet (default_wallet) in the top of the screen. You will be shown the master public key (a string of text beginning with xpub…)

Tap on the master public key string, and a message will appear, saying “Text copied to clipboard. Tap again to display it as QR code”. Tap again, and you will have the QR code of the master public key.

Read this code with the web-cam of the PC:

It will be transferred into the Electrum program:

Click “Next” and you will be prompted with a password. Even if this wallet does not constitute a theft risk, it’s anyway a good idea to enter a password, for example to protect your privacy.

You will be welcome with the following message:

The setup in now complete and you can use your wallet.

Sending money to the wallet

To have money sent to your wallet, use the on-line wallet as you would do with any normal wallet.

This is a bit counter-intuitive, as it seems that you’ll be sending money to the on-line wallet, which is vulnerable!

Remember: this is not a risk factor because the on-line wallet only knows the addresses, does not know the private keys, and is therefore not able to spend.

On the other hand, the on-line wallet has the same addresses of the air-gapped wallet, so sending money to those addresses will be like sending money to the air-gapped wallet.

Spending money

Spending money is a bit more complex, and requires the use of both wallets.

You start with the on-line wallet, by clicking on “Send” and entering the information (address and amount). You can also scan a QR code that would be provided by the payee. In this example, I will be sending 0.1 mBTC to the address 1BREXE….

As you can see, this window does not have a “Send” button, because the wallet does not have the private keys needed to sign the transaction.

In order to sign the transaction, we’ll have to bring it over to the phone, where the private keys are. Click on the “Preview” button to see the unsigned transaction:

In the bottom left, click on the QR code, in order to have the transaction shown as a QR code:

Now move to the phone and tap on “Send”. You will see the “send” page:

In this screen, tap on the “Camera” icon.

This will open the QR scanner. Read the QR code on the PC’s screen:

You will be shown the following screen, displaying the unsigned transaction (you’ll see the 0.1mBTC being sent to to 1BREXE…)

The air-gapped wallet is able to sign the transaction, as it has the keys. Tap on the “Sign” button.

You will be prompted for your PIN, and after some calculations you will see that the transaction is now signed:

We now need to broadcast the transaction to the Bitcoin network, but you cannot do this using the “Broadcast” button you see in the previous screen, as this phone is not connected.

We’ll have to transfer the transaction back to the on-line wallet, again using QR codes.

Tap on the QR code button in the previous screen, and you’ll be shown a QR code with the “Raw Transaction”:

Move back to the PC, and from the menu select Tools — Load Transaction — From QR code:

Using the web-cam, scan the QR code that is on you phone:

Once the QR code is read, you’ll see the signed transaction:

You can now broadcast it clicking on the “Broadcast” button.

The on-line wallet will transmit the transaction to the network, and the money will be sent

This is it! As you can see, the procedure is not much more complex than using USB thumb-drives to transmit the transaction between the two devices, but gives you the extra security of never having to physically connect anything to your off-line device.