6
0
I have a cold storage wallet that I periodically move funds into. I want to be able to send funds out of the wallet quickly. Right now, I have to keep a clean VM up with the full blockchain, then import the key, send my funds, and basically revert my VM. While it's manageable, i'm curious if there is a more elegant solution.
9
Basically what Murch said. You have to use the private key to sign the transaction.
There is a point I want to add, however. It is possible to send coins without importing the private key into a computer which is connected to the Internet. In fact, this is how a properly run exchange or online wallet service ought to maintain its cold storage. Normally, funds are just sent to the public address of the cold storage. When it comes time to send coins out of cold storage, the private key is imported into an offline computer, the transaction is generated and signed, and the signed transaction is then broadcast using a different computer (which is connected to the network). This increases security as it prevents malicious attackers from gaining access to the private key because they simply have no way of connecting to the offline computer on which it is stored.
2 Excellent point about generating the signature in an offline computer and then transferring only the signature (never the private key) to an online computer for sending. This can be done with freely available open source software, for example Armory.
3
Since you need the private key in order to sign the transaction, you cannot send a transaction without touching your private key at some point.
However, you could use a thin client such as MultiBit instead of Bitcoin-Qt in order to get around syncing the full blockchain.
Don't think a clean VM protects you against all attacks. The host (hypervisor) needs to be clean too, as it can access anything inside the VM too and do keylogging etc. Malware may not be sophisticated enough YET but I'm sure it will be sooner than later. – Jannes – 2014-03-21T22:19:15.453