Comment by paulpauper
18 hours ago
Cold storage means the coins are stored offline. If the offline computer has malware, it is possible to tamper with the transaction data at the offline stage. Cold storage means signing the transaction offline and then broadcasting it on the online computer. if both are tampered then in theory this is possible by both computers showing erroneous data (where the offline computer tampers with the transaction by signing off to the wrong recipient but showing the correct one). This is hard to pull off as both computers need to be infected. This can be prevented by the super-paranoid by using a 3rd computer e.g. a VPS or sending small amounts.
it is possible to infect the offline computer by infecting a USB drive with stealth malware which then propagates to the offline one.
It could also be an inside job in exchange for an employee getting a kickback from N. Korea . it's not like this has not happened in the past. Imagine being a low-paid employee at an exchange and being enticed by an offer for tens of millions by North Korea to pretend to be hacked and infect one's own computers with the malware supplied by North Korea. This would be easy for an employee to do, who has access to the computers, and then pass it off as a hack.
Coins are not stored offline… that isn’t how blockchains work.
Coins are on the blockchain… what it held offline is the private key giving access to move those coins
There is no concept of "coin storage" in the actual security model of cryptocurrency. The security model of cryptocurrency is about the storage of keys.
"Cold storage" has come to mean that the keys are stored in some offline location. It doesn't necessarily mean that the keys are hard to access or that the money being moved is otherwise hard to get to. That is used to be what it means, but practically, a wallet on a hardware keychain is called "cold" exactly the way a wallet whose keys are split up on slips of paper between 5 different physical vaults is "cold."
Usually you want to boot from a cryptographic-ally verified medium where a checksum can be verified before you execute the system.
The emphasis is on running the correct software. If you have to input cryptographic data every time you boot that's okay because you're offline and should be in a secure room (no internet connected devices).
But yeah, malware attack is still possible if you don't have a secure chain and that's a long one.