How can we prepare a HD wallet to be stored securely and easily imported in an offline device?

Please note that this is not a suggestion, it’s just a simple explain on how to do in case you want to hand copy a mnemonic as qr-code to use with an airgapped signature device. It’s up to you if this is ok on your threat model and you are comfortable with it.

First of all backup your mnemnic both in words and in QR-Code. For example you can generate the mnemonic with dices please see this article where we wrote about it. Then you can use an offline device (or hardware wallet) to get the 24th checksum word and the QR-Code. For copying the code by hand you can use:

https://github.com/SeedSigner/seedsigner#seedqr-printable-templates

Infact the important is that you should never print the QR-Code containing the mnemonic, nor write in a file or photograph. The best is just copy by hand the QR-Code, without the help of any electronic device or support. You can use the templates on the link above.

Then you can print the extended public key only in a printer or use QR-Code command to create it as a QR-Code. The extended public key is needed for having a “watch only wallet” which makes possible to get addresses where to receive new funds and calculate/update the total balances managed by your wallet.

Then you are done. You can for example use it with seed signer, specter DIY or tails in offline run.

For such signature devices, infact, the seed phrase must be imported each time needed. Please see what Specter DIY says about that:

Secure element integration is not there yet - at the moment secrets are also stored on the main MCU. But you can use the wallet without storing the secret - you need to enter your recovery phrase every time. Why to remember long passphrase if you can remember the whole mnemonic?

Device uses external flash to store some files (QSPI), but all user files are signed by the wallet and checked when loaded.

QR scanning functionality is on a separate microcontroller so all image processing happens outside of security-critical MCU. At the moment USB and SD card are still managed by the main MCU, so don't use SD card and USB if you want to reduce attack surface.

Same is said by the Seedsigner team:

SeedSigner is an open source, DIY, fully-airgapped Bitcoin hardware wallet that wipes all private data from memory each time it's turned off. That means users need to re-enter their Bitcoin private key each time they use it.

To speed up this key entry process we have defined a way to encode a private key as a QR code that can be instantly scanned into a SeedSigner or potentially any other Bitcoin hardware wallet that has a camera.