This article is the continuation of the Satochip Electrum series which will show you how to use the Bitcoin Electrum client as well as the Satochip hardware wallet. Today, you will learn how to use the Electrum client with a hardware wallet to safely store your private keys on a dedicated device.
Table of content
- Step 1— Download and install the Electrum Satochip client
- Step 2 — Launch the Electrum Satochip wizard
- Step 3 — Give a name to your wallet
- Step 4 — Create a new wallet
- Step 5 — The keystore
- Step 6 — The PIN code
- Step 7 — Generate and backup your very own seed
- Step 8 — Choose your type of addresses
- Step 9 — Wallet file (.dat) encryption
- Step 10 — Backup your Bitcoin wallet
In our previous article, we explained you how to setup a Bitcoin wallet using the Electrum client. An easy to use step-by-step guide with the following conclusion:
Seed and password can be easily memorized. But the .dat file that contains your private keys must be stored in your personal computer. That’s a major risk because you may have a virus or something similar.
That’s why we strongly encourage you to store your private key in a hardware wallet such the Satochip hardware wallet.
In this article, we will explain how to use the Electrum client to create, use and backup a Bitcoin wallet using a Satochip Bitcoin hardware wallet. The private keys will be stored on the secure chip of your Satochip card.
❗️ Disclaimer ❗: private keys are needed to get acces to your wallet thus your Bitcoins. If you store your private keys on your hardware wallet, you significantly increase the overall security of your wallet.
Step 1 — Download and install the Electrum Satochip client
It’s available on Windows (7 edition and higher),Linux (Ubuntu, Debian, Manjaro…) and MacOS. If you want you can also run it from the sources.
You can download to latest version of the Electrum Satochip client here:
- For Windows user (v.4.4.3–0.12, please always download the latest version)
- For Linux user (v.4.4.3–0.12, please always download the latest version)
- For MacOS user (v.4.4.3–0.12, please always download the latest version)
The installation process is very simple. All you need to do is launch the executable file and follow the installation process. If you try to run the Linux AppImage, you will need to make the file executable using this command in a CLI:
chmod +x YourDownloadedFile.AppImage
Step 2 — Launch the Electrum Satochip wizard
At the first start, the Electrum Satochip client will ask you whether you want to connect automatically to the remote ElectrumX servers or select it manually.
Pros of the auto connect are:
- The client will automatically choose the best server for your needs.
- If a server is down, it will switch automatically to another.
Cons of the auto connect are:
- You need to trust ElectrumX server node operator.
- It learns about your total Bitcoin holdings and past transactions, and can gather all your past Bitcoin addresses.
Step 3 — Give a name to your wallet
The Electrum Satochip client will save several information on a local .dat extension file on your personal computer. This file will contain public keys as well as your transaction history, user labels… The default wallet file is called default_wallet, which is created when you first run the application and is located in the /wallets folder, inside the datadir.
Here, we choose to name our wallet file: Satochip-hardware-wallet
Step 4 — Create a new wallet
Electrum Satochip supports many types of wallet :
- Standard wallet: a deterministic wallet with a single private key behind each address and no extra security option.
- Wallet with two-factor authentication: this is a standard wallet with an extra security option. A remote server acting to co-sign transactions, adding another level of security in the event of your computer being compromised.
- Multi-signature wallet: a common use-case for this is if you want to collaboratively control funds; maybe you and your friend run a company together and certain funds should only be spendable if you both agree. Another one is security; one of the wallets can be on your main machine, while the other one is on a offline machine. That way you make it very hard for an attacker or malware to steal your coins.
- Import Bitcoin addresses or private keys: this option will allow you to retrieve a Bitcoin wallet from private keys or create a “watch-only” wallet if you specify one or more Bitcoin addresses.
To keep it simple we will choose a standard wallet.
Step 5 — The keystore
Note: A seed phrase, seed recovery phrase, backup seed phrase or mnemonic passphrase is an ordered list of words needed to recover Bitcoin funds. Software wallet like Electrum will typically generate a seed phrase and instruct the user to write it down on paper. If the user’s computer breaks or their hard drive becomes corrupted, they can download the same wallet software again and use the paper backup to get their bitcoins back.
Here you have four options:
- Create a new seed : this will generate a new mnemotechnic passphrase (BIP32 and BIP173 compliant) for you. Note : new seed generated by the Electrum client does NOT support BIP39 (you can import an existing BIP39 seed but you cannot generate a new one).
- I already have a seed: choose this option if you already have a mnemotechnic passphrase and want to use it.
- Use a master key: choose this option to create a “watch-only” wallet or configure a multi-signatures wallet.
- Use a hardware device: choose this option if you want to store your private keys in a secure, offline, trusted device called a hardware wallet.
As said, we will choose to store our privates keys (and thus the keystore) on a physical and dedicated device called “the hardware wallet”. Here, our hardware wallet is a Satochip Bitcoin card. The keystore will be saved within the secure chip.
All you need to do is to plug your Satochip card in your card reader.
Step 6 — The PIN code
The Satochip hardware wallet comes with an extra security feature: the PIN code; just like your bank card. Access to private keys (creation, derivation and signature) is enforced through the use of the PIN code (up to 16 char). This access control is needed every time you want to use the wallet. If a wrong PIN code is entered multiple time, the chip card get bricked. Even if you card is lost or stolen, your funds remain safe!
Step 7 — Generate and backup your very own seed
This is an important step while creating a new Bitcoin wallet: the seed. ❗️Please pay attention❗️
Disclaimer: The seed is a mnemotechnic passphrase that will allow you to open your wallet, spend and retreive your funds. If you loose this phrase, you may loose your Bitcoins !
Now that we have specified our hardware wallet as recipient for our keystore, we will generate a new seed and our public and private keys will be derived from that passphrase and stored within the chip card.
This is you very own and secret seed (or mnemotechnic passphrase). This is the only time the seed is shown to you ! Carefully write it down and store it in a safe place ! Along with the PIN code of your Satochip card, the seed is the only thing you need in order to retrieve your Bitcoin wallet.
Because your seed is the most important thing, the Electrum Satochip client will ask you to type it twice (copy-paste does not work).
Step 8 — Choose your type of addresses
The type of addresses used by your wallet will depend on your seed (previously mentionned as the mnemotechnic passphrase). Using the Electrum Satochip client, addresses can be from three type:
- Segwit (p2sh or native) : the most recent and supported Bitcoin address format implemented with the BIP141.
- Legacy : the original address format.
Segwit address format should be privileged but a lack of compatibility with older Bitcoin client or wallet might suggest you to use the legacy format.
Here we decided to use the new Segwit address format thus we choose the “Native Segwit Seed type”.
Derivation path can be left as default. We will explain what is the derivation path and how to use it in a following article.
Step 9 — Wallet file (.dat) encryption
As said in the step 3, some sensitive data is stored in your .dat wallet file (here, our wallet file is Satochip-hardware-wallet.dat).
For security reason, the wallet file may be encrypted on disk. Note that the wallet information will remain unencrypted in the memory of your computer for the duration of your session.
Et voilà ! You have now a fully functional, easy to use and open-source Bitcoin wallet thanks to the Electrum Satochip client.
Icing on the cake: your private keys are now safely isolated in an secure chip within your Satochip hardware wallet.
Now, you own your keys so you own your coins !
Step 10 — Backup your Bitcoin wallet
At the end, what do you really need to backup in order not to loose your precious Bitcoin or restore your wallet to another personal computer or use another Satochip card ?
Here is the perfect backup list :
- Your seed as shown in the step 7. You can write it on a sheet of paper and store it on a secure physical vault.
And that’s all ! Easy right ?
Regarding your Satochip hardware wallet, if you lose it don’t worry. Just grab a new Bitcoin Satochip card and follow the steps 1 to 6. In the step 7, please select the “I already have a seed” option and put your existing seed. Follow the Electrum Satochip client wizard to the end and your done. You will get your Bitcoin wallet back 😎.
More information about Electrum
Electrum provide a very helpful documentation where you can learn more about this incredible software wallet ! The official Electrum Read The Docs website is the one stop shop to know more about Electrum, ElectrumX, seeds, wallet encryption, multisignatures and so on.