pull down to refresh
0 sats \ 3 replies \ @_Bubble_2009 OP 28 Apr \ parent \ on: Is it safe to move a hot BTC wallet to a remote VPS? bitcoin
Thank you for the precise answer.
Let's start with the Tor knot.
If you have a full-node, your Internet Provider, you will see that every 10 minutes you will have a peak out towards Tor.
This clearly identifies possession of a full-node.
Therefore having a tower node in the equation, it serves precisely to mask these peaks on a regular basis.
A VPN on a remote VPS, it would be important if I wanted to mask my Internet Provider the fact that I am using Tor, but this is currently not our purpose.
I fully agree, in fact the alternatives were just a new computer at the mother's house, or a VPS. We have never talked about using custodial services.
Here too you are right, but we focus on a VSP that can be rented anonymously and paid for in Sats.
This would be very nice, but it would move the cost needle a lot towards VPS and a small N150 with router and company becomes much cheaper.
These questions are not easy to answer, also because the paranoid in this case is me and not my friend.
Here I don't understand if you are referring to the Tor node or something else.
Here I don't understand if you are referring to the Tor node or something else.
If I am aware, my work also often brands on the design and to get to a proposal, I often have to question my customers.
I thought I had given enough information about my doubt, but now I realize that I have not been quite exhaustive.
Tor does nothing in this context but draw extra attention from your ISP and the intel agencies that use Tor as a honeypot.
The ISP's ability to observe Bitcoin gossip traffic doesn't imply anything about the location of keys or anything else, most nodes are read only. Again, if it was the real concern or there's a need for ingress (Lightning example) its only a few dollar a year problem via a LowEndBox VPS and SSH.
There's absolutely 0 reason to use Tor under any circumstance. Shillfluencers are larp morons that do people a great disservice by recommending it.
a new computer at the mother's house
This is what really doesn't make sense in the context of all this, why a full online node instead of cold storage? What's the point of the N150 at all vs a HWW?
(That's not to say I like HWW's either, just trying to understand the objective for the N150)
VPS that can be rented anonymously and paid for in Sats.
These would be ideal for an SSH tunnel, if necessary. I agree with not storing a single sig key on them for any material amount.
Is there an internet facing service?
Is he running an online store, swap service, Lightning, or other such thing that requires the node to be online and connected to the internet? If not, then this is all pointless. Even if so, those roles should be separated between hot and cold wallets such that the valuable node is not online.
Maybe he's regularly spending from a good stash so the cold wallet is defacto warm? That would be one reason to have an N150 online, but that's even more reason to use the SSH tunnel instead of Tor, to auth and firewall off everything except the jump host and 1-3 gossip peers.
reply
Thanks for your reply,
I've read yesterday but from phone.
Also now I'm away from my computer and I hate write from phone.
I'll replay tobyiu later cause I've some question about your reply.
reply
Tor does nothing in this context but draw extra attention from your ISP and the intel agencies that use Tor as a honeypot. The ISP's ability to observe Bitcoin gossip traffic doesn't imply anything about the location of keys or anything else, most nodes are read only. Again, if it was the real concern or there's a need for ingress (Lightning example) its only a few dollar a year problem via a LowEndBox VPS and SSH. There's absolutely 0 reason to use Tor under any circumstance. Shillfluencers are larp morons that do people a great disservice by recommending it.
Actually, I have had a TOR node at home and one in the office for years. They are middle-relays, not exit-nodes. I have many friends in the East and I believe that helping those who have difficulty accessing information is a social duty. That's why I had several people activate tor nodes.
As for an ISP knowing that I have a known BTC connected, it's not because of the keys, it's just because I don't want my IP to be associated with a BTC node that is full or empty. This is why I disguise myself (and make those I know mask) with the TOR traffic of a node.
a new computer at the mother's houseThis is what really doesn't make sense in the context of all this, why a full online node instead of cold storage? What's the point of the N150 at all vs a HWW? (That's not to say I like HWW's either, just trying to understand the objective for the N150)
The same goes for the TOR node. To help the BTC community, it is right to have as many decentralized nodes as possible, so the correct question is: why not have a BTC node?
VPS that can be rented anonymously and paid for in Sats.These would be ideal for an SSH tunnel, if necessary. I agree with not storing a single sig key on them for any material amount.
I am very happy that at least on this we agree
Is there an internet facing service?Is he running an online store, swap service, Lightning, or other such thing that requires the node to be online and connected to the internet? If not, then this is all pointless. Even if so, those roles should be separated between hot and cold wallets such that the valuable node is not online.
Now I understand. As I explained to you, no, it does not have a BTCpayserver or even an LN node, simply a BTC node with its funds. You're right that he shouldn't keep the funds there and an HWW would be better, but his head tells him otherwise and I can try to convince him, but in the end I comply with his will.
Maybe he's regularly spending from a good stash so the cold wallet is defacto warm? That would be one reason to have an N150 online, but that's even more reason to use the SSH tunnel instead of Tor, to auth and firewall off everything except the jump host and 1-3 gossip peers.
As I said, no, the funds are very rarely touched. The idea of a simple SSH tunnel on a cheap VPS is a good idea that I hadn't thought of. Today I talked to him about it, but he didn't like the idea right away. We will talk about it in more depth in the next few days, for now I am thinking about how to make it, maybe I will make a test and or I play with this one a bit and then in case I give it to him.
Thank you for your answers, you have given me several points to reflect on.
reply