reply on: Is it safe to move a hot BTC wallet to a remote VPS? \ stacker news ~bitcoin

pull down to refresh

0 sats \ 2 replies \ @justin_shocknet 28 Apr \ parent \ on: Is it safe to move a hot BTC wallet to a remote VPS? bitcoin

Tor does nothing in this context but draw extra attention from your ISP and the intel agencies that use Tor as a honeypot.

The ISP's ability to observe Bitcoin gossip traffic doesn't imply anything about the location of keys or anything else, most nodes are read only. Again, if it was the real concern or there's a need for ingress (Lightning example) its only a few dollar a year problem via a LowEndBox VPS and SSH.

There's absolutely 0 reason to use Tor under any circumstance. Shillfluencers are larp morons that do people a great disservice by recommending it.

a new computer at the mother's house

This is what really doesn't make sense in the context of all this, why a full online node instead of cold storage? What's the point of the N150 at all vs a HWW?

(That's not to say I like HWW's either, just trying to understand the objective for the N150)

VPS that can be rented anonymously and paid for in Sats.

These would be ideal for an SSH tunnel, if necessary. I agree with not storing a single sig key on them for any material amount.

Is there an internet facing service?

Is he running an online store, swap service, Lightning, or other such thing that requires the node to be online and connected to the internet? If not, then this is all pointless. Even if so, those roles should be separated between hot and cold wallets such that the valuable node is not online.

Maybe he's regularly spending from a good stash so the cold wallet is defacto warm? That would be one reason to have an N150 online, but that's even more reason to use the SSH tunnel instead of Tor, to auth and firewall off everything except the jump host and 1-3 gossip peers.

17 sats \ 0 replies \ @_Bubble_2009 OP 10h

Thanks for your reply, I've read yesterday but from phone. Also now I'm away from my computer and I hate write from phone. I'll replay tobyiu later cause I've some question about your reply.

0 sats \ 0 replies \ @_Bubble_2009 OP 12m

Tor does nothing in this context but draw extra attention from your ISP and the intel agencies that use Tor as a honeypot. The ISP's ability to observe Bitcoin gossip traffic doesn't imply anything about the location of keys or anything else, most nodes are read only. Again, if it was the real concern or there's a need for ingress (Lightning example) its only a few dollar a year problem via a LowEndBox VPS and SSH. There's absolutely 0 reason to use Tor under any circumstance. Shillfluencers are larp morons that do people a great disservice by recommending it.

Actually, I have had a TOR node at home and one in the office for years. They are middle-relays, not exit-nodes. I have many friends in the East and I believe that helping those who have difficulty accessing information is a social duty. That's why I had several people activate tor nodes. As for an ISP knowing that I have a known BTC connected, it's not because of the keys, it's just because I don't want my IP to be associated with a BTC node that is full or empty. This is why I disguise myself (and make those I know mask) with the TOR traffic of a node.

a new computer at the mother's house
This is what really doesn't make sense in the context of all this, why a full online node instead of cold storage? What's the point of the N150 at all vs a HWW? (That's not to say I like HWW's either, just trying to understand the objective for the N150)

The same goes for the TOR node. To help the BTC community, it is right to have as many decentralized nodes as possible, so the correct question is: why not have a BTC node?

VPS that can be rented anonymously and paid for in Sats.
These would be ideal for an SSH tunnel, if necessary. I agree with not storing a single sig key on them for any material amount.

I am very happy that at least on this we agree

Is there an internet facing service?
Is he running an online store, swap service, Lightning, or other such thing that requires the node to be online and connected to the internet? If not, then this is all pointless. Even if so, those roles should be separated between hot and cold wallets such that the valuable node is not online.

Now I understand. As I explained to you, no, it does not have a BTCpayserver or even an LN node, simply a BTC node with its funds. You're right that he shouldn't keep the funds there and an HWW would be better, but his head tells him otherwise and I can try to convince him, but in the end I comply with his will.

Maybe he's regularly spending from a good stash so the cold wallet is defacto warm? That would be one reason to have an N150 online, but that's even more reason to use the SSH tunnel instead of Tor, to auth and firewall off everything except the jump host and 1-3 gossip peers.

As I said, no, the funds are very rarely touched. The idea of a simple SSH tunnel on a cheap VPS is a good idea that I hadn't thought of. Today I talked to him about it, but he didn't like the idea right away. We will talk about it in more depth in the next few days, for now I am thinking about how to make it, maybe I will make a test and or I play with this one a bit and then in case I give it to him.

Thank you for your answers, you have given me several points to reflect on.