Before providing funds to our hardware wallet Coldcard (CC) It is important to make sure that in the future whatever happens we will be able to recover them.
Over the years many situations can arise whereby we find ourselves in the position of having to recover these funds without having the hardware wallet (hww), such as losing it or it being damaged and not being manufactured anymore, either because that model does not exist or because the company has closed. To this day we do not know which companies will exist and which will not exist in 10 years, and although it was still alive, technology evolves very quickly and within a few years devices that are now in common use may not be available, such as microSD memory cards, microUSB connectors, internal battery…
Therefore it is vitally important to verify that we are going to be able to access the private keys that our hww handles. In this post we will test to recover these private keys from the CC addresses in other wallets from the generated seed and the passphrase that we have put.
There is documentation on this on the Coldcard website on how to carry out this operation, but I think that this is well worth a practical exercise to verify that this is the case. There is also apage walletsrecovery. where they give very valuable information about the compatibility between the different wallets.
- Turn on the Coldcard, for this we connect it to an external USB charger or an adapter connected to a socket, never charge it with the USB connector of the computer we must keep the Coldcard always offline.
- Put the prepin and the pin, you have to write it down because the device will request it whenever you turn it on. Do not save them on any digital medium or on the Internet, you have to minimize the risks.
- Updating the firmware is optional but recommended, we will not go into it.
- Create the wallet
Option: New Wallet
- Add the passphrase and write it down because it is not saved in the hww. Important, it must be entered every time the Coldcard is started and you want to operate with these addresses.
Option: Passphrase → Edit Phrase → APPLY → OK
When you start the HWW it will not warn you that you have to enter it and the menus they have do not help but if you forget to enter it you will end up operating with other different Bitcoin addresses.
Option: Passphrase → A very long explanatory text but that is important because it indicates the problem of not entering it → Edit Phrase, It is not the best text for this option since what you have to do is enter your Passphrase and not edit it and then → APPLY → OK
When choosing the passphrase it is important that it is very difficult to discover on this page “Can BIP-39 passphrase be cracked?” they tell you how secure your password is.
- Visualize your identity.
Option: Advanced → View Identity to ensure that everything has been done correctly, we can check the fingerprint and that the text “BIP30 passphrase is in effect” appears to ensure that we are working with our passphrase.
- Enter a microSD and export master public key (xpub) for the Electrum wallets and Wasabi which is where in the future we could import them.
microSD → Export Wallet → Electrum wallet -> Native Segwit
microSD → Export Wallet → Wasabi wallet
- Saving addresses on the microSD card.
Option: Advanced -> Address Explorer -> 4 -> Select format (1b…) 1
Generate a file addresses.txt in the microSD with 256 addresses.
- Import the xpub in the Electrum wallet.
It is recommended to run it within a Tails and not connect it to the Internet, it is not necessary for what we are going to do.
Take out the microSD card and connect it to the computer where we have installed the Electrum and Wasabi wallets.
- Now we are going to create a wallet in Electrum with the same seed and passphrase that we have introduced in Coldcard.
Option: File → New / Restore
We choose the Standard Wallet option
We open the file addresses.txt exported from the CC to verify that the addresses shown by Electrum and those of Coldcard are the same.
Now we will perform the same check on the wasabi wallet.
- We retrieve in Wasabi the wallet
It is not necessary and it is recommended for this exercise not to have the Wasabi connected to the Internet.
Option: Recover Wallet and introduce the seed and the passphrase
- We load the Wallet
Option: Load Wallet
In the info of the wallet explorer we can verify that the Extended Master Fingerprint that shows wasabi matches the one that appears in Coldcard
- Generate some addresses
Option : Recive
When you restart wasabi it already shows the addresses
AND they actually match.
If initially only the Public Key appeared and not the address, we could perform the conversion to check that they are the same.
Address and Public Key at Electrum.
With this we have verified that from the Coldcard seed and passphrase we can recover the private keys in another wallet.
To summarize what we have to save to ensure recovery would be:
- The seed
- The passphrase
- The type of address that we used in our case Native SegWit (bech32) which is the only one compatible with wasabi
- The derivation paths “m / 84 ‘ / 0 ‘/ 0’ / 0 / XXXX ”
- It is recommended to also save an image of the Operating System together with the software used by Electrum and Wasabi.
Another possible option for recovering private keys from seed and passphrase is to use the iancoleman bip39 web tool that has a downloadable version and works offline.