Coldcard Mk4 Full Step-by-Step Tutorial (w/ Sparrow Wallet Pairing)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

today we are looking at the one the only cold card mark for bitcoin hardware wallet let's go ahead and jump right in [Music] welcome back to another video my name is ian major i'm an entrepreneur bitcoin club and all around raging capitalist and i'm excited to do this video the mark iv is the latest in coin kites cold card line of bitcoin hardware wallets and this is something that many of you have requested and so today we are going to go through the full end to end tutorial everything from setup to basic and more advanced use of the device and we're also going to start off by talking about what's new with the mark iv model and i have to say there is a lot of great stuff so you're not going to want to miss a thing for those returning to the channel welcome back my friends is always this pleasure to have you and for those new to the channel i welcome you as well you like this type of content i invite you to consider subscribing and join us in our growing merry gang and cyberspace i cover all manner of bitcoin related content including a whole slew of tutorials how to acquire bitcoin secure it privacy best practices running your own node and more you want it i cover it and today's video is a great example of that but with all that out of the way let's go ahead and jump in and i want to first talk about what's new with the mark iv all right so there's actually pretty significant updates to the mark iv model for those of you who are curious i have done a full tutorial on the mark 3 which you can check out if you are so curious but the mark iv really does level things up quincy generally ships a new model every couple of years or so and so some of the things that i think are most exciting about the mark iv are number one upgraded secure elements so there's actually dual vendors now two different secure elements that are in this device it's got the same kind of calculator look which is great for opsec it's got a tougher case it also has a better processor and memory and this is actually really good for some of the more complex types of multi-sig transactions that are possible now we've upgraded the main power only cable to usb-c which is i think the way the world is going more and more they have some additional functionality with pins so that you can do like a trick pin which helps in a duress situation you know someone's pointing a gun at your head forcing you to kind of log into your device and send them your bitcoin you've got more tools to pretend like you're doing that when in actuality you're not as they always do coin kite is also very much on top of how the bitcoin network itself has evolved so with one of the latest firmware updates for the mark iv they also have support for paid to tap root script which is very nice there's not a whole lot of usage yet with taproot but we will can we will see more of that as we go forward it can also very interestingly serve as kind of a usb disk drive so this is really nice when dealing with partially signed bitcoin transactions which for those unfamiliar we will talk about in more detail one of the bigger pieces of new functionality is nfc or near field communication compatibility so for those not familiar this is a short range communication method that uses radio waves actually and this is the technology that you're using when you kind of tap to pay like when you put your phone on a you know pos reader and a lot of people said oh my gosh you know isn't this a new attack vector one it's disabled by default so you have to actively turn it on in order to use it in any way shape or form and if you really don't want it at all you can actually kind of scrape a little piece off in the kind of microsd slot which basically removes the functionality entirely which is interesting i think we're going to see more and more with nfc for folks who are familiar with the sats card that's how that works you can kind of load this little payment card up and then it has nfc technology to be able to be used uh at pos card readers and i believe it's also the case that blocks hardware wallet that they're developing for merchants will also operate with nfc technology and in some ways you could argue that it's a more secure superior version than qr codes which necessitate the use of cameras and there can be some privacy considerations related to that i mean these are just basically you know radio waves now it's important to note that the data being transferred is not encrypted that's generally okay because the type of information like addresses or potentially signatures to be applied to partially signed bitcoin transactions we're not going to really be diving into that feature too much today because you need other wallet providers to integrate this technology cold card really is just kind of leading the way in this regard but i do think we're going to see some very interesting stuff on that in the future we can see a more complete comparison of those different pieces that i just rattled off in this handy diagram here we've covered most of this and for folks who might be newer to bitcoin hard wallets maybe you've been inspired by the absolute chaos that we've seen unfold over the last several months with different crypto lenders blowing up right not your keys not your coins there's a reason people say this and that has been a very tough lesson that many have now learned firsthand so i don't know how many times on this channel i've said it but hopefully now if you haven't done so in the past you are more motivated than ever to get your coins off exchanges off third parties and into your secure self custody so if that's you obviously there's other offerings on the market devices like ledger treasure naturally there's a question like why cold card and i would just generally say cult card is vastly ahead of either of those options right not to say that they're bad options i have a ledger i have a trezor i've done videos on both of those as well but they do not compare whatsoever to cold card although it is this kind of interesting lineage cold car did use some of the treasure code but has you know built a lot more things on top of it and the reason for that is cold card is bitcoin only they're focused on bitcoin and they've just thought of so many different kind of threat models security risks and really have a superior product i mean that's just full stop now it will be interesting to do a comparison with the foundation device's passport i've done a whole video on that device as well and they are in the process of shipping their batch2 product which will interestingly compared with a mobile app and so you can see these two different approaches being taken by coin kite and cold card on the one hand and foundation device's passport in relation to making these devices interoperable with mobile wallets that's this is a clear clear trend that we're seeing and so it's pretty interesting to see these different takes again if you're not subscribed i encourage you to do so so you'll be able to see some of those comparisons as a user it's great that we have such competition in the marketplace right so there's probably a lengthier rundown than i had intended but again there's a lot of really cool stuff packed into this that i think folks should be aware of so with that let's go ahead and jump into the unboxing and the setup process first you'd want to come to coinkite.com this is where you can access the store and so you'll see a number of different things here first and foremost you will want the mark iv of course and then you're also going to want to get some method by which to provide the device with power and there's a couple options you can think about one would be this uh usbc for the mark iv so this is a power only cable right there's no data that can be transferred through this and that is key cold card is designed to be used in a way such that it's never transferring data directly via a direct connection with an internet connected device that is really really key and so these power adapters are power only cables or if you're really paranoid and this is what i will be using you can grab their cold power adapter which is really cool and it's this little kind of device that will simply sit on top of a battery lastly assuming you want to use this in a truly air gap fashion you will want to grab a micro sd card this is what we're going to use to pass data back and forth between cold card and a software wallet that we're going to pair the cold card to now you can grab a micro sd from their store here or you could probably find it a little bit cheaper basically any high quality like it could be a sandisk microsd 32 gigs or below is what you want to grab some people like the steel plated uh backups for kind of chiseling their seed word in right because if you simply write it on paper there's a fire you know paper can burn so there's some other bells and whistles that you can get but again the critical pieces you'll want are the mark 4 device a power method and then a micro sd and you'll see there are some kind of basic you know bundles that you can grab as well that kind of make it easy to get different things now if you are going to do this feel free to use my affiliate link that i will provide in the description down below that really does help the channel and it helps me do videos like this as you can obviously see these products i think are well worth the money they are also not cheap their support is always appreciated and there's nothing extra or special you have to do in order to support the channel now beyond those ingredients we will also need a software wallet and if you're brand new to cold card you may say what in the heck do i need yet another for and it is because we are going to pair the cold card with a software wallet because the cold card is specifically designed to not have its own sort of interface for example you might be familiar with like ledger live or whatever the equivalent i forget its name for trezor is where it gives you the kind of interface itself and that is to reduce the attack surface and so as we can see in this list there's quite a number of compatible software that we can pair our cold card with for today we will be using my favorite desktop wallet which is sparrow but there's also a mobile wallet such as blue wallet on this list i won't be covering the full setup of sparrow because i've already done that in another video and so do check that out i will leave that linked in the description down below as well you may be thinking well it sounds like an awful lot of setup but i promise you it is worth it if you're gonna do not your keys not your coins you might as well do it right that's the ingredient list let's go ahead and actually jump into it all right gang let's get into it so here we've got our mark iv device uh secured in this tamper evident packaging we'll talk about some of the pieces to be on the lookout for there i've got my cold power attached to the top of this battery and i've got my micro sd that we're going to use for conducting partially signed bitcoin transactions you'll notice a couple things it will have this id that is unique and we will see that reflected on the device itself shortly this is a factory assigned number make sure it matches here at the top you should see the packaging like this there should be no evidence of kind of you know tampering or anything it has this kind of not really a seal like you can see the seals along the sides but not on the bottom that is another kind of unique feature but let's go ahead and get this open if you do notice any tampering with your packaging contact them at support coinkite.com all right so that is indeed difficult to open which is a good thing but you've got the back all transparent and you've got the mark iv beautiful let's take this kind of outer plastic shell off all right and so there we've got it unsheathed you can see the little directional buttons i mean it looks like you know form factor wise a calculator which is why this is so great for opsec you know you're fleeing your authoritarian country they ask what the hell is this sir can you you know can't you see it's a calculator um so now we're going to get this powered up uh i realized i did need a new 9-volt battery so i've got that and again the cold power little guy will sit nicely on top just like this there we go um quick word of recommendation just as an um sort of amendment to what we were discussing earlier in terms of the ingredients list i would probably go ahead and get the usbc for mk4 power only usbc cable because you're anyways even if you have one of these older cables you're anyways going to need the usbc a little sort of adapter to connect it into the mark iv and so the cold power adapter is then the optional piece if you want to be really paranoid but you you know will want to get this i think either way because again you're going to need this little guy right this little magnetic usbc kind of adapter piece and that is what gets plugged directly into the top of the cold card like so and then the other end of this plugs into the cold power here's the classic usb meme turn around thousands of times uh and then the little switch here is what turns it on and so we can now see cold card booting up for the very first time and the very first thing we're going to do is choose a pin so the pin is super important this is your line of defense if someone were to ever come and get their hands on your device right the pin code is what stops them from getting into the actual device so we're going to go ahead and hit choose pin code and it'll give us a little you know example so there's actually two parts to this there's both a prefix and a suffix that is important it helps make a stronger pin but also the prefix will help inform what are called anti-fishing words and these two words will be words that get presented to you after you put in the first part of the pin right and if you don't recognize those words for whatever reason that means that somehow you know your device has been has been compromised and so that is yet another kind of nice little security feature let's go ahead and hit go it says warning there is absolutely no way to reset the pin or factory reset the cold card if you forget the pin this is super crucial as we will demonstrate in just a moment you can nuke the seed right and then recover the seed phrase to the device but the pin will stay with the device forever so do not forget the pin write it down and that is part of why they give you the handy little card uh to do so but you know use whatever method you feel most comfortable with uh and again it gives us you know more do not forget the pin code actually requires you to press six to prove you read to the end of this message so we'll hit six okay so now we're going to put in the pin prefix both the prefix and the suffix can both be between two and six uh digits for a total of potential 12. again you know you want a strong pin so be thoughtful with this i'm going to put this in off camera and we'll be right back now that i've put my prefix in it has generated these two words and these two words are unique to this device and so there you have it just paper pretty easy so in the future when i power this up and i put in my pin i put in the prefix and then it will display these words if i don't see these words that means something has gone terribly wrong so i'm going to write these down as well and then we're going to enter the rest of the pin so the suffix of the pin all right so let's take a look at the different menu options here so new seed words is what's going to use the inbuilt random number generator within the device to create our seed if you've ever been curious for how that whole process works how that then results in the ability to create addresses what in the heck is your public key how does that differ from your private key i have done a whole video on that so if you'd like to go into some of the gory depth there i'd encourage you to check that out we can also import an existing seed or backup via the second option we are going to test that out in just a little bit and there's a ton of different advanced pieces and settings that we'll check out near the end but the very first thing we want to do is ensure that we have the very latest and greatest firmware installed on the device so in fact if i go to advanced and tools i will see this second option as upgrade firmware so i click into this i can show the version that we're on so we are on version 5.0.2 you can see the date uh but i know that they're actually on 5.0.4 as you can see i know it's a little bit small we'll switch over to the laptop here in just a moment so basically what we want to do is i'm going to get my micro sd card into my computer and we're going to download and verify the latest firmware onto the microsd and then we're going to get that into the cold card so that we're on the latest and greatest this is a general best practice you don't need to obsess over this once you've kind of done this the first time but would generally recommend doing this maybe a couple times a year just to ensure that you're not missing anything big these can sometimes be bug fixes that are getting pushed out in these different releases so let's go ahead and switch over to the laptop all right so i've got the micro sd plugged into my computer and we are going to grab this latest firmware uh i will link this page there's a couple different ways to get to the latest firmware you can always access it through this user guide where it says upgrade firmware so again i will put this in the description down below and then i also want to call your attention to if you go to the different chapters you'll see this cold card paranoid guide which you can see here this was written by econo alchemist who has a ton of great different tutorials on bitcoin technology i wanted to point this out because it has by far the best verification guide that i have seen for windows i have seen people with windows struggle in a big way to verify cold card firmware now the nice thing is that the device actually won't even run or process firmware that has not been signed by coinkite that is really really nice and so in some ways that dampens the need to do this but again i want to show the full-blown process for those of you who really want to not trust anything and you want to verify for those who are new to this really anything you download from the internet whether it's software or firmware that you're going to later put on a different device you ideally want to cryptographically verify that it is what you think it is and that it hasn't been posted by some malicious actor that somehow took over the website right some of that sounds far-fetched but you just do not want to take chances with this stuff so that's what we're going to do we're going to download the latest firmware and then we are going to ideally verify it and i'm going to take you through the steps but i just wanted to point you to this and i will again also link this in the description down below if we come back to the upgrade firmware so i'm going to click on this to download this so we've got the dfu file in our downloads we can scroll down and there is a portion where we can see the different verification steps i think on mac there are generally less less issues with this whereas on windows i have generally seen more i am using windows i know i know but it is what it is so again i'll be walking through how to do this with windows if you are doing this on windows what you will want to grab is this handy app cleopatra this is what it looks like on the taskbar down below then this is a part of gpg4 win which you can access by going to gpg4win.org i'll link this in the description down below this basically gives you a package of different tools that allow you to cryptographically verify files and data you can sign data and produce your own signatures a lot of different things you can do with this but mainly we want the cleopatra app so i've already downloaded this so again it's pretty simple process you would just download the latest version that you have and a lot of people will say well wait a second how do i you know verify the verifier you can go to this check uh integrity tab and it has some different uh options by which you can check the integrity of these different downloads so back to cold card which is the mission at hand so we're going to confirm two things the hash of the file that we have downloaded as well as verifying the pgp signature that is attached to it so firstly we're going to open this signatures.txt file which we can do in a new tab you will see that this is basically a series of hashes corresponding to various releases so this 5.0.4 is the one that we care about and so we are ultimately going to run a function that will produce a hash and we're going to compare it to what we have here all right so i'm going to come down and i'm going to actually open powershell in this case and what we want to do is grab this text so this is the command we are going to launch now i need to get the actual file name as it is on my computer so i'm going to come over to my downloads here is the file i'm going to go to properties just so i can grab the full file path so i've got this piece there we go okay and then i want the sha256 algorithm so this is i'm basically telling my computer to run the sha-256 algorithm on this file which is a unique set of data and therefore it will produce a unique hash value associated with that data and i'm then going to compare that to what we're just looking at so let's go ahead and run this you can see that i have this hash value and so let's come back and compare it to what we have and as we can see they are indeed exactly the same so that's great that is step one complete we have confirmed the hash associated with the file that we've downloaded is indeed aligned with what they've published in the signatures file but we're not totally locked tight yet and so what we want to also do is verify the pgp signature that has signed the file we just downloaded and so we can see the first step is to actually save that file with this dot asc file extensions this is very important don't save it as a txt which is probably the default that windows will grab and so you can do this by coming over and right clicking saying save as and we'll plop it in our downloads and we can change this to all files and add the dot asc file extension to it all right so go ahead and hit save there we go signatures.asc we will also save this public key that was used to generate the signature so we can open this in a new tab and save it as well as a dot asc file and so we've got lookup dot asc and then we're also going to open up this keybase.io um file so this uh so peter is on the coinkite team so let's boot up cleopatra which again we got from the gpg4 win software package all right so here is cleopatra and what we actually want to do first is come back over to the doc hex page we're going to open up here's the public key so we're actually just going to copy all of this onto our clipboard and then cleopatra has this handy ability to come to tools clipboard certificate import so we're basically importing doc hex's public key so that we can certify it and it says in order to mark the certificate is valid it needs to be certified certified means you check the fingerprint uh and so we're going to be doing this by confirming it on a trusted website do we wish to start this process we do and so we can indeed see there's peter gray peter at queen kite and if we come over and kind of move these around a little bit we can validate that the fingerprint associated with what we've imported indeed aligns with what is publicly listed on the key base website so that looks good let's certify that and i'll put in my password that i set as part of the first time kind of installation and setup of cleopatra and there we go certification successful so now that we've got doc hex's key imported and certified we can now verify that the signed message attached to the firmware that we downloaded was actually signed by doc hex and so to do that what we can do is actually come back to our downloads and we're going to right click on the signatures file and we're going to go to more gpgx options and we're going to say verify and there we go so cleopatra has indeed confirmed that it is a valid signature by who we thought it was the signature is valid so beautiful there we go uh we have now not only confirmed the hash value associated with the file but we have also verified the signature now again i know that probably feels like a lot but this is an important step to get into the habit of doing for those of you on windows hopefully you can you can simply follow those steps and achieve the same result again if you're on mac linux etc there are other uh instruction sets that should be pretty good again i have seen less issues from folks with mac and linux than i have uh with windows keep in mind like don't pull your hair out on this it is a very good kind of paranoid best practice but again the cold card itself will not run firmware that has not been signed by the appropriate signature so that is a nice kind of fallback plan alrighty so with all that let's come back to our downloads so we're going to simply move the dfu file this is the firmware over into our micro sd file so now that it's on our micro sd card i'm gonna pop the sd card out of the computer and we will be back to the cold card all right so we are back we've turned the cold card back on put our pin in and so now let's actually get the updated firmware in so what i'm going to do is get the micro sd card that has the updated firmware file and i'm going to put it in to the device like so and you should get a nice little click just like that and so it is now in the device and if i come to advanced and tools where we just were and go to upgrade firmware i can now select the from micro sd option it says pick firmware image to use there's only one file to pick so that is right and there is the file that we pulled onto the micro sd and verified and it asks do you want to install this and it's upgrading and you can see the updated uh version there i'll put in my pin all right and just to double triply check that we are all good we can come back down to advanced tools go to upgrade firmware and show the version and there you have it 5.0.4 so we are good we've got our pin set we've got the latest firmware and now my friends it is time to create our seed so we're going to select new seed words what i really like about the cold card is that it allows for user generated entropy so when we hit new seed words we can see that by default it will create a 24 word seed but we also have these options to basically roll dice and input the results of those dice rolls such that we create our sort of own randomness if we don't want to trust the randomness that is within the cold card again cold cards code is open source so there's no reason to not do that but again if you want to be just super ultra paranoid that is a really cool feature we're going to go with the 24 word uh by default and we've got our seed phrase i'm not going to block this out in editing i'm going to just blow this key up before actually using it but it goes without saying you would never ever ever want to share these secret words with anyone and so you would want to write this down on a piece of paper or chisel it into a steel plated backup card either way do something where you know you are not ever going to lose your seed phrase what's also cool is you can scroll all the way to the bottom here and you can still add like a couple dice rolls so the prior options would have required you to roll a lot of different dice rolls and so you can scroll down and hit four to add some dice rolls just to add a bit of extra entropy to the mix let's go ahead and do it and so it says press one through six for each roll so again not best practice but i'm just going to kind of make these up let's say a 2 and a 4 and a 1 and another one and a 5 and a 4 and a 1 and just kind of randomly hitting this okay great we're happy with that entropy we've added let's hit go and so now it has generated a different set of 24 words based on the added entropy that i've added in addition to the random number generator within the device so i'm going to write these down and be sure to do that not just for security purposes but you're also going to be tested on this in just a moment so after you write it down it's then going to quiz you so get through the quiz and then we'll be right back all right and so once you successfully run through the test it says enable nfc slash tap lets you tap your mobile phone on the cold card and transfer data easily via nfc you can change this later by going to settings hardware on and off so that's cool it is not enabled by default as i was alluding to earlier and so you can choose to turn it on now or if you wish you can just say x let's go ahead and just say yes so we've enabled it it's also going to ask if you want to enable your cold card to be this sort of usb drive and so as it says connect your cold card directly as a usb flash drive to your phone or desktop you will be able to drag or drop partially signed bitcoin transaction files like other drives and volumes you can also change this later so that's that's pretty cool but again for our purposes we'll um leave that off for now it says disable usb port if you intend to operate in air gap mode where this cold card is never connected to anything but power then this will disable the usb port that is right that's what we want to do all right so we are in we're ready to provide signatures with our mark4 signing device and so again just to make it really clear particularly for folks who might be a little bit newer to this your private keys are now on this device right the private keys that have been derived from your seed phrase or your master seed those private keys are never going to leave this device the only data that is going to leave this as it relates to your private keys would be the signature right when we sign and that's obviously not your private keys themselves and so that is why we need to pair this with a software wallet such as sparrow which is what we're going to do as part of today but before we do that i want to touch on just two other things the first is this passphrase option and what this is is very crudely you can think of it as a 25th word and so this is just yet another layer of security so for example if i hit passphrase you may add a passphrase in accordance with the bib 39 specification this creates an entirely new wallet for every possible passphrase so it's basically going to add that passphrase to the 24 seed phrase words to create and generate a unique wallet from which you can then create your different private public key pairs i think this is a good move if you have you know just like a ton of funds that you're storing on this but do be careful because if you set a passphrase and then you move a bunch of funds to that well number one if you forget the passphrase obviously that's bad you're never gonna get to your funds again and if you put that passphrase in incorrectly into your cold card you won't produce valid signatures to be able to send funds out of that wallet the flip side of that is that this is actually a really good potential duress tactic right you could have a made-up passphrase where you know if someone accosted you in real life and you you know for some reason had this device on your person you could basically just know in your head that you have this kind of fake passphrase and you put that in and maybe that's associated with a couple sats but you know it's not all that much so that's another interesting way that you might use passphrases by default the cold card will use an empty string as the passphrase and that's what most wallets do and on the next menu you can enter a passphrase by entering all sorts of combinations and stuff so let's actually do let's actually do two things i'm going to come out of that real quick i said cancel and let's go to advanced tools and let's go to view identity and so we have this master key fingerprint okay so take note of this af you know zero one blah blah blah now if we were to come back and put in a passphrase so let's uh let's let's do that let's edit the phrase let's say so you know let's just say something like uh one and then you you move from left to right to make this longer let's just make it you know very very simple let's do one one and one and let's just literally set that as our passphrase and so we've edited the phrase and now if we come and hit apply it's going to apply that passphrase and we now have this completely new master key fingerprint so this is a new wallet it says press x to abort this and keep editing the passphrase or we can hit ok to use the new wallet and so let's hit ok and so again you can come down and go to advanced tools and you will see in the view identity option that we've got that totally new master key fingerprint so again i'm generally of the mind that passphrases are good especially if you have a lot of funds that are going to be uh you know associated with this signing device but at the same time i personally probably wouldn't make it that complex because again you're going to have to enter that every single time you want to do something within the cold card now the other thing we want to do before we do anything before we get any funds associated to this is we want to create some backups so we've got our seed phrase written down that is very good but we can also come down to advanced tools and hit this first backup option i think it keeps getting a little bit blurry so we can hit backup and this backup system option if we hit go will give us a 12 word backup as we can see here so we can write that down as well and so what this is doing is it's creating an encrypted backup file so those 12 words that we just wrote down an additional 12 words serve as the key to get to this backup.7z zip file that has now been written to the microsd card so that's yet another nice way to back everything up again you always want to write down your seed phrase in a safe and secure spot in which no one will ever get it but you can also have this encrypted backup file as well now lastly we're going to do something that i think is a great best practice to get in the habit of for a lot of folks will feel scary but the whole point of doing this is before we put any funds to our wallet and that is totally blowing up the seed wiping this device again remember that the pin will not be wiped but we can wipe the seed entirely from this device and we are then going to restore from our written down seed phrase the way we do that is we can again come down to advanced tools and if we scroll all the way down to danger zone let's go into the danger zone you've got some different things uh some developer options we want to go to seed functions and uh we can view the c word seed words so that is a way to come back to this if we need but we're going to destroy the seed wow it says are you sure shenmark exclamation question mark wiping seed words and reset the wallet all funds will be lost you better have a backup of the seed words yes we are daring are you really sure though this action will certainly cause you to lose all funds associated with this wallet unless you have a backup of the seed words and know how to import them into a new wallet press press four to prove you read to the end of this message and accept all consequences let's hit four boom so we have wiped it so again we're going to put in our pin to re-enter and once we've done that you'll see we are on the new screen again and so to practice importing an existing seed we can go to the second option now in this particular case given that we do have the backup file we could do the restore backup option which would then have you put in those 12 words that are encrypting the backup file so you could do it that way but let's say for whatever reason maybe maybe you not only lost your cold card somewhere right it's at the bottom of the ocean you had a terrible boating accident in actual reality uh and you lost the microsd that had your backup file but fortunately you had the seed written down and so we can go to the 24 words option and so this is a very tedious process but for word one so you know let's go down to s what's nice is the more you do this the more it winnows down because there's only a fixed set of words that can possibly be seed phrases again check out that video i mentioned previously for the whole process on how that actually works uh but we're looking for sp and we've got spoil we've got our first word now i'm going to repeat that for the remainder of the 24 words again seems very tedious but i think it is a great practice to get in the habit of of practicing blowing up your seed again the situation could be you totally lost your device and you bought a new cold card and now you're importing that old seed onto it so i'm gonna do that and we'll be right back all right so just for you i've absolutely painstakingly put the 24 words back in and let's get it applied and again it's going to ask us those same things so we'll say yes to this and no to this all right and we're back and we can verify that we're back by going back to the view identity so i haven't put that passphrase in again and so there is that af 0 1 right which aligns with what we had before and again if i wanted to use a passphrase i can certainly do that and let's put in our highly nuanced uh one one and one boom and let's apply this to the wallet so at this point we haven't even sent funds anywhere but you are a true champion if you have gotten to this point so we've basically out on the cold card for the first time we've chosen a great pin we've got our anti-fishing words we've downloaded the latest firmware and have verified it we've created a seed we practice adding our own entropy we practice adding a optional passphrase and we've even practiced blowing it all up model the situation in which we lose our device and we have restored the seed to the device so that is just jolly i'm actually going to abort this for the rest of this demo so i'm not going to proceed with a passphrase again just for purposes of keeping things a little bit easier so we are now ready for the fun stuff we are going to receive some funds as a first step and this is where a lot of people get confused so again keep in mind your seed and corresponding private keys are stored on this device and they will never leave the device what we'll leave are things like our public keys right our master public key as well as signatures as we will later demonstrate and so we need to pair this up with wallet software that allows us to visualize uh things like our balance that allows us to receive funds etc and so what we're going to do is export the public key of the wallet right so what we can do is come down to advanced tools we already did our backup and we'll hit export wallet it gives us a number of different options so you've got bitcoin core you've got electrum wasabi unchained capitals what we want is the generic json that is going to allow us to import into sparrow and you can also grab the x pub or the extended public key so let's go to the generic json option we will hit yes and this will save a json file with x-pub values that are needed for and in this important for a single signer utxo we are later going to show the process for doing the same thing except for multi-sig so again we're keeping it simple at least initially we're going to export this single sig x pub the file created is sensitive in terms of privacy but should not compromise your funds directly and this means that if someone got their hands on your extended public key they could see information such as your balance right which is public on the blockchain but it's not going to provide or reveal you can't backwards engineer into the private key which would actually allow someone to move the funds themselves so that's all clear so account number is a construct in the kind of hierarchical deterministic wallet construct that most modern wallets use i'm just going to kind of advance this and so here we do see an example of where that nfc comes into play press 3 to share the generic export file over nfc we're not going to do that we are going to just hit ok to proceed normally and so we have written cold card dash export dot json on the micro sd card so we are now going to pop out the micro sd card and we're going to get it back into the computer and i'm going to fire up sparrow wallet and we will pair up our cold card device with sparrow and we're then going to receive some funds so i've booted up sparrow wallet again i've done a whole video on sparrow wallet as well including connecting it to my own umbral node and so if that is of interest to you do check it out inherently when you do anything related to the cold card you naturally do need to know a little bit about the wallet software that you're pairing it with and so you will see a lot of sparrow today but in terms of that very very initial installation process and connecting it to your own node if you wish you can check that other video out for how to do that i've also got my micro sd card plugged back into the computer and you can see the cold card dash export file that is what we just created don't be thrown off by the fact that the date modified is going to be associated with the date i believe probably the firmware maybe in any case don't be thrown off by that and then indeed there is the backup zip file that we also took a download of earlier so great we've got our cold card export file that we just did let's come back over to sparrow and we are going to create a new wallet we are going to name it the mark iv demo beautiful and so it's going to present us with some initial settings uh do we want single or multi-sig in this case we want single i'll come back and do a multi-sig setup in just a moment we are good to leave this as native segwit although as you will see they have also integrated taproot as well which is cool to see and then it provides us with a couple different options so there could be a connected hardware wallet this would be something like a trezor that you would plug directly into your computer or it could be a air-gapped hardware wallet such as a cold card that we're doing in our case if you wanted to just play around with sparrow a bit independent of your cold card you could also just do a new software wallet that option would allow you to just create a essentially hot wallet within sparrow so we're doing air gapped hardware wallet and we are going to import the file for the cold card and we'll come over here here's our cold card export we'll hit open and indeed we can see the same exact master fingerprint that we would expect we've got our imported x-pub or extended public key and we are all good so let's go ahead and apply this it gives us the option to add a password to the wallet so this is going to encrypt the wallet data that is being stored locally on your computer you absolutely definitely want to put a password in for this not to be confused with the pass phrase which is a bitcoin native concept again this password is in relation to sparrow data on your computer uh for now just because this is a demo and i'm going to throw all this away afterwards i'm just going to hit no password but definitely put one in if you're doing this for real all right so now we can move on to some of the other parts of sparrow so we can come to our transactions view this is where we're going to see our different transactions the send option is where you can craft a transaction to send out we are going to receive some funds we will see in just a moment and we also have our little address explorer and this is actually a really important step that you want to do before receiving any funds we want to actually verify that indeed we have the same addresses linked up and shown in our cold card so i'll throw up the colt card just so we can compare in real time and i'll go down to address explorer i'll hit check and again it says the following menu lists common formats for addresses and this is all fine oh i guess i have to verify something that i read it warning please understand that exhibiting the gap limit of your wallet or choosing the wrong address on the next screen may make it very difficult to recover your funds okay fair enough so press four to start or six to hide this message forever so i'll hit four to start and so as you can see it's presenting me with different script type addresses so the first one is legacy format the second is nested segway the third is native segwit and so on and so forth and so what i want to do is come down because i've created a because i've imported this as a native segwit wallet into sparrow i want to compare this one and as we can see it is indeed aligned and so that is great sparrow is showing the same first address in my list of addresses as is being displayed on the cold card that is very good if you wanted to you could click um ok here and you could actually save this off into a file where you could then verify a broader or longer list of addresses if you really wanted to we're not too too worried about that given that the first address aligned and so that is all good but we can see that full address here for us to verify and indeed it aligns exactly with what's being displayed in sparrow so we have successfully paired the cold card with sparrow so it is finally time to receive some funds so all you need to do is go to the receive tab to display either the address that you can copy to a clipboard or it also presents the qr code that you can scan using another wallet and that is indeed what i'm going to do i'm going to use i'm in my blue wallet application here on my phone this is a great option for a mobile wallet and so i'm going to come into my uh on-chain bitcoin wallet and i'm going to send some funds and i'm going to scan the qr code and boom there you go let's change this to sats maybe we send something like i don't know 100 000 sats and we'll go ahead and hit next and i'm going to go ahead and send the bitcoin that has now been broadcasted from my blue wallet and indeed i see i've got a new mempool transaction that is pending and so i can come over to my transactions and i can see i've got this unconfirmed transaction of a hundred thousand sats so let's give this just a moment to confirm on the blockchain and we will be right back right so we are in business we have got a confirmation on our 100 000 sats and so again i'm trying to reach a pretty wide range of folks with this video so if you are a little bit newer to uh bitcoin it's important to understand that you know these 100 000 sats like they're not stored on any particular device right so if i go to my addresses this address is now holding 100 000 sats and that that's on the blockchain that is on the shared distributed ledger that nodes around the world can look at and you can go to a block explorer and you know see anyone can look this address up and see ah you know there's a hundred thousand sats that are associated with it that hundred thousand sats is not really stored in any particular device it is on the blockchain it's on the data structure that is the blockchain but in order to move these 100 000 sats we need to prove our ownership of the private keys that generated the public key which generated this address right so it is our ownership of our private keys which are stored on a device our cold card that will allow us to move this if anyone else were to gain access to our private keys they could also move our funds within sparrow you also have this utxo tab so utxo stands for unspent transaction output given the transaction structure and sort of accounting structure of bitcoin you have inputs that come into transactions and then unspent transaction outputs and so this is important for things like coin control which is to say if i were to have you know three other individuals send me bitcoin i would see each of those pieces separately and particularly when it comes to things like coin join or collaborative transactions that help obfuscate ownership of coins it's a you know privacy technique in practice that becomes important what's really cool about sparrow is it's got a samurai wallet's whirlpool coin joint implementation built in although you have to do that on a hot wall you can't do that on a cold wall but i just wanted to mention the utxos tab coin control etc and so let's now send it so we've received some sats and we can now send some sats and so on the send tab of sparrow we've got a couple different pieces here we're going to put an address in the pay2 we can give it a label that's just for our own kind of record keeping and we will specify the amount as well now let's see if i can get this camera to work okay so i did get it again that's just a receive address that i'm presenting from my blue wallet i'm just going to do a quick verification to ensure it is exactly right and it is and so again you know just call this demo if we want to add a label to it uh and we can send the max amount so there's the the sats that we have less the fee that we are going to pay in order to get this confirmed on the blockchain and you can drag and drop this around right to higher lower priority and then you get the anatomy of the transaction that's going to be happening so so you have the amount that's being sent to my uh blue wall in this case and then you have the fee now we're spending everything out of our wallet here if we were only spending a partial amount you would also have a change amount that gets returned back to the wallet so this all looks good let's go ahead and create the transaction and so again we can see that anatomy replayed back let's go ahead and hit finalize transaction for signing we've got the correct signing wallet of our mk4 demo and now is where things get interesting so because we're using our cold card in a fully air gapped fashion we basically have to export the transaction details from sparrow and then import that via our micro sd card into our cold card where we will apply our signature so what i'm going to do is go to save transaction and i'm going to save this to our microsd and let's go ahead and hit save and so what that's done is it has saved what's called a partially signed bitcoin transaction which is simply a bit of data that contains the details of the transaction which will allow my cold card to interpret what it is sending all right so i have got my microsd out of the computer i'm putting it back into the cold card and so let's go ahead and say ready to sign so we are now going to use our private keys they're on the cold card to apply a signature to this partially signed bitcoin transaction data file so let's go to ready to sign reading validating and it has correctly read in the details of the transaction now if there were multiple partially signed bitcoin transaction files it would present the menu of options that you can choose from but since i only have one partially signed bitcoin transaction file on the microsd it has correctly plucked that right in and i see that indeed i'm trying to send 97 000 and some changed sats to this address which looks exactly right i've got the network fee that i'm paying and so we can go ahead and hit ok to approve this transaction and it is signing and so now we have a signed file as well as a finalized transaction ready for broadcast demo dash final dot txn so that is great we can now take the micro sd back out of the cold card and get it back into the computer alright so we're in the final stages of getting this transaction finalized so again just as a recap we used sparrow to construct a transaction we exported it and got it into our cold card to apply our signature and now we can load that signed transaction from our usb drive or from our micro sd card and there is that demo dash final signed transaction and so as we can see we've correctly applied the signature and we can go ahead and broadcast the transaction to the bitcoin network and there we go we've got an outbound uh transaction of 100 000 sats that is unconfirmed and if we come back to our wallet we can indeed see that that is going uh going out so we have done the full cycle of a single sig wallet receiving bitcoin sending it using partially signed bitcoin transactions now i want to talk through a multi-sig setup multi-sig standing for multi-signature and that is simply a wallet that requires multiple signing devices in order to spend funds and so today we are going to set up a two of two multi-sig with our cold card as well as our trezor device so first and foremost we need to similar to how we exported the cold card wallet at the start we're going to do that same thing except this time for multisig so i've got the microsd back into my cold card and i'm going to come down to settings in this case and i'm going to go to multi-sig wallets and so as we can see it correctly says none set up yet now we will be importing something in just a moment but for now we're going to export our extended public key you may say well i thought we just did that but this is an extended public key for multi-sig so your same wallet your same device is capable of producing public and private keys for all these different types of use cases so let's go ahead and hit export x-pub this feature creates a small file containing the extended public keys you would need to join a multi-sig wallet and that looks great again we've got the account number we can just proceed and again you're seeing i'm not explicitly covering the nfc piece but you've seen in various situations where there's some data to be shared it's kind of prompting you with the option to use nfc if you wish so again that's that's nice okay so we've got the multi-sig x pub written to cc xp af0 blah blah blah dot json so that is good so now now let's take the micro sd out and put it back into the computer right so we've got the micro sd back into the computer and so now we want to come and create a new wallet let's say multi-sig demo mk4 and trezor something like that so we'll hit create wallet and instead of single signature we are going to of course do multi-sig we'll leave the script type as is and you can see this little kind of uh scaling tool where you can configure the type of sig so it's expressed in m of n terms meaning there are m required signers of n total signers right and so you know defaults to two of three in our case we're just going to do a simple two of two so we're going to require two signers for the multi-sig and now we're going to populate the two stores so in one case we're going to go ahead and import our air gapped hardware wallet so i'll come to cold card multi-sig and i've got i've got this file right that was the multi-sig x-pub so i'll open that indeed it's got the fingerprint i would expect and it's got the extended public key with the correct derivation path that all looks good so this is cold card now let's flip over to the second and we are going to connect my trezor device and i am now going to click connected hardware wallet and i'm going to hit scan and it has correctly identified my trezor 1 i'm going to say unlock and i'm going to input my pin and verifying the pin there we go um it's asking for my passphrase i do not have one so i'm just going to set it there i guess i need to toggle this off sure all right there we go so i'm going to import the key store so in the case of cold card given that it's fully air gapped we needed the data file to do this in this case my treasurer one is simply connected so the sparrow wallet is reading that indirectly and there we go i've got my treasurer one expo as well and now i can hit apply i'm going to leave no password for now but again as discussed earlier you would definitely want to add one in reality so i'll say no password and so there we go so same deal right we've got all the same kind of uh you know options that we saw earlier but we're going to do one final thing as part of the setup so if we come back to settings the trezor given that it's directly connected to this right it can pass information back and forth kind of immediately but we need to inform the cold card of the multi-sig setup that has been created and so if i come to this bottom left option where it says export i can hit export and here is the cold card multi-sig option so i'm going to export this file and save it onto my micro sd card and so i've now exported that which contains the details including the other x pub for the other cosign again this is just required for the cold card given that it's air gapped and it can't otherwise get that information and so we've got the micro sd back in our cold card and we can now go to import from file okay fun fact i realized part of this wasn't recording so a couple things make sure i was i was getting an issue with the length of the file name so i think it can only be up to 20 characters is what i was saying so i basically just renamed the file from sparrow to something shorter also ensure that the file is saved as a text file otherwise the cold card won't pick it up and then you would go to import from file and again choose the appropriate file in this case this one and that's that's basically all i did again just neglected to have the the second camera running so we can now see the two of two multi-sig instead of the none setup which was previously uh what we saw and so we are now good so in similar fashion we are going to receive some funds to our multi-sig wallet and so similar to what i was doing earlier i'm just going to use my blue wallet again and scan to the address i'm going to double check the address to make sure it is all good and it looks good sig demo uh and let's again do a hundred thousand sets there we go and let's crank this up just to make sure this is a crazy i guess the mempool is a little bit busy today but whatever that's fine so go ahead and hit next and send the bitcoin and in a similar fashion we see the new mempool transaction so we've got the hundred thousand sats that is now pending awaiting confirmation and so let's give that a little bit of time and we will be right back all right as we can see we've got our first confirmation on our transaction of 100 000 sats that has been received to our multi-sig wallet and same as last time we want to now send those sats out so again i'm going to turn this camera option on and there we go i'm going to verify that this is all indeed good and it is a little label and let's again send all the sats let's go ahead and create the transaction and this looks good can finalize transaction for signing and so this is where things get fun now we've got to apply both signatures as we know and so let's first hit sign and we've got our unlocked trezor one so we can go ahead and apply the signature there and as you can see and it's a little bit tough see if we can get this in focus but anyway we can see indeed the details of the transaction that we are looking to send from the multisig so let's go ahead and hit confirm there's lock time that's fine it says really send from your wallet fees included yes we like it and as we can see we've got the trezor one signature that has been applied and so now you guessed it to get the cold card signature we need to once again save the transaction and so this should be fine multi-sig demo it's going to save that as a partially signed bitcoin transaction and so i'm going to get this back into my cold card all right so we'll get this back into the device and i'm going to come back and say ready to sign so it has correctly identified that there are now two files so we need to pick the right one and there's our multi-sig demo reading validating and it is playing back the correct details address looks good network fee looks good and so it is now applying the appropriate signature for a multi-sig transaction and so we've got it updated we've got the uh in this case partially signed it doesn't actually know that the trezor has already signed but that's that's okay so that's great let's go ahead and get this out and back into the computer all right and as we did last time we'll go to load transaction uh we'll get our file that we just did so this is the multi-sig demo partially signed transaction we'll open that up and there is the cold card signature that has been applied we'll go ahead and hit broadcast and there we have it we have successfully received and now sent by applying two signatures from two separate signing devices for our multi-sig wallet and we can see that outbound uh transaction is now in the process of getting confirmed on the blockchain so there you go my friends i mean if you followed along here you are on a totally different planet when it comes to bitcoin security versus the vast vast majority of people who are only walking this earth so congratulations there again take this stuff in stride take it step by step there are a couple of different advanced features that we didn't yet cover so i just want to quickly kind of talk about a couple things address explorer we covered secure logout is just to kind of log the device out in a secure way before you know and i mean you can just yank the power but i guess secure logout is a slightly better practice some of the other advanced tools we didn't necessarily look at we talked through these first couple you've got some pretty interesting things here uh including things like paper wallet so this can this can let you create another seed that you you know would just not necessarily have on the device but um you know that you could have as a as a paper wallet we talked about the danger zone there's some user management now which is very cool and then in the settings option you can do different things recall that the hardware on off is where you can go in to toggle some of the settings related to the nfc uh features we talked about multisig wallets you can change the units of how you know bitcoin or sats are displayed when you're looking at the different transaction data you can set max network fees and different things like that you can clean some things up with the partially signed bitcoin transactions and even then there's a few bells and whistles that we haven't that we haven't quite discussed but i think that is probably more than enough uh for one day so to recap we went over how to set up the cold card mark iv from scratch including downloading and verifying the latest firmware setting a robust pin creating our seed adding manual entropy adding an optional pass phrase we blew up the seed and re-imported it to the wallet we took a look at receiving and sending funds both in a single sig and multi-sig setup and so again my friends you are in an absolutely elite group if you are using these practices for your self-custody with that let's go ahead and close today's video out there you have it as alluded to at the outset the mark iv is indeed a beast it preserves a lot of the great design elements from the mark iii and but it really does meaningfully add in terms of security as well as usabil usability i'm really really curious to see how the nfc stuff continues to develop but as always quincy demonstrating that they are among the very very best in the business curiosity here what are your thoughts what do you think of the mark iv have you used one have you used a prior model like the mark iii are there other hardware wallets that you actually prefer let me know in the comments down below i hope you found this valuable and instructive if you did you already know what to do give this video a like share it out that really does help with the algorithm and it helps get this in front of more people again i think there's still far too many folks who have left their coins on exchanges and other third parties and as we have seen that can pose massive issues be sure to subscribe if you haven't already because i'm going to be covering some exciting things here in the new near future but for now we'll go ahead and leave this here as a reminder every sat counts especially if it's locked deep deep in cold storage and until next time i'll see you then [Music] you

Info

Channel: Ian Major | All Things Bitcoin

Views: 19,421

Rating: undefined out of 5

Keywords: coldcard, coldcard multisig, btc sessions, coldcard hardware wallet, nvk, coldcard wallet setup, coldcard mk4, best bitcoin wallet, cold storage, bitcoin cold storage, bitcoin hardware wallet, cold wallet, coldcard wallet, bitcoin hard wallet, sparrow wallet, coldcard sparrow, best bitcoin hardware wallet, best hardware wallet 2022, ledger nano x, cobo vault, coldcard mk3

Id: 7dNGdkeQ7ew

Channel Id: undefined

Length: 74min 21sec (4461 seconds)

Published: Mon Jul 18 2022