I’m not sure on the question of how to get a true 1:1 test – it might not be possible to do without needing to run through the IBD again (even if you skip testnet testing) which can take a very long time when you don’t have a lot of RAM and a fast file IO for your datadir, such as NVMe). It does depend on your own risk analysis how much time/money it is worth. If running through the IBD again is not a good option, I suppose you could skip testing the conversion part, but still test the transfer process between the airgapped and online systems. There could be some value in at least that part.
Note that the conversion step is not destructive, as long as you keep a backup of the original wallet file and only modify a copy (you can always go back and start with a new copy of the original if something goes wrong)
Im just going to migrate the file and see what happens, I will be doing this in the offline laptop anyway, so no chance funds are moved. The only paranoid thing here is that the migration gets something wrong, and then something goes wrong when I try to move funds.
Something I don’t like about this is how when you have an offline laptop, it says 0.00 BTC. It would be cool to be able to see your funds in the offline laptop but that’s the point of it being offline I guess. You have to trust the watch-only wallet is keeping up with the offline laptop…
You said that generating a new address on the offline computer and then in the online computer (or vice versa) should match each other. Could you explain how this happens? is it because they use the same seed or something? But isn’t having this seed on the online wallet dangerous? it’s a piece of information that spawns addresses, the same as you get in the offline wallet. But only the public key part of this is generated, because you disabled private keys when you create the watch-only wallet… so this must be some of that crypto magic I don’t get. Just from intuition, it makes me think of stuff like, derivation attacks or something.
Isn’t the old format were each private key, had it’s own public key without any seed safer? Sure it was more annoying to maintain, since I assume you would need to manually export and import in whichever correct way the public part of the key that would allow you to broadcast the transaction (im saying this because back then there were no descriptor wallets, but I remember people using the 2 laptop setup). The problem is, this does not allow PSBT files, so it would reintroduce risk when crafting a transaction. I think it was called raw transaction, and it was rather convoluted, you may screw up when manually editing it. No Coin Control to assist you with selecting what UTXO’s you want to use, so you had to do it in the console by manually entering each address and fee, then get a QR code for this (since it was either saving a txt file, or get a QR code with a safe device to scan and read QR codes) and then get it done like this… so PSBT files sound much more convenient than this old fashioned method, but im just wondering what is going on with this HD magic thing, specially with quantum computers being a potential threat eventually you know, I just think that you may be at bigger risk than if they had to figure out each private key for each public key separately, im not sure if I like this idea of having all addresses belonging to this same seed phrase, but it’s supposedly to be safe… Hope this makes sense.
–EDIT-- I mentioned xpub, but on these older formats, it isn’t actually an xpub. See my next post below.
There is technically a trade-off here. If someone gains access to your xpub, they will be able to follow all of your bitcoin across all addresses generated by that wallet. They won’t be able to move your bitcoin, though (that would still require the private key). Most people feel this trade-off is worth it, for the other functionalities that it opens up.
I think I have been confusing different wallet types here, sorry. You probably can’t generate addresses deterministically here, so that isn’t a good sanity check.
I think the way to sanity check with this wallet type will be to take a known address from the offline wallet and verify on the online wallet:
But if I use the migration tool, doesn’t it convert it to an HD-wallet , meaning that generated addresses should match on both watch-only and cold wallet?
I haven’t tried yet but I was looking at this video, and this person uses listdescriptors without the false tag, why is that?
And he also used listdestriptors true to show the xpub key. Looks like a different workflow going on here with Electrum or something.
Btw according to a Core developer, they are working in a PR to do this with the GUI and actually export a .json file ready to be imported. And he also said that you can copy paste the things inside [ … ] without modifying anything. Im just not sure about the listdescriptors false thing.
Another problem would be that apparently I would get no labels exported, so when I import this .json file it will no contain any labels. By labels I mean what appears on the “Labels” row in Coin Control. This is a problem since if I don’t see the the labels then I don’t know what im even selecting at in Coin Control, so it’s pretty useless. How would one solve this?
