the idea with qubes is… we can use “disposable vm” domain. which is deletes all the vm data after use, but i still can’t figure out how to correctly install chia in that disposable vm,
actually even without use of disposable vm, normal qubes domain vm all data stored in the domain is safe since it use hard drive encryption, also, only dom0 and 1 port to communicate with the node can access it. in addition this communication port can be dissabled by removing all data access from the domain vm. that’s makes all domain data in the lvm is dormant.
if you want to give it a try i suggest using othe than your main pc, try to understand how to operate the qubes os.
think for your use case it’s the best.
the logic with normal vm is this. normal OS that used for browsing, farming, plotting may and might be exposed to malware, vurnelivbilities, or data collection so… then using vm inside that kind of host OS isn’t anywhere secure right?
This step takes a lot of time (hours) to sync and you can periodically check status on VirtualMachine with .\chia wallet show until it is synced (number will rise from 0 to 180000+ depended on how high is the wallet chain)
When wallet is synced you can send coins without having full node running on VirtualMachine
To use GUI first stop that wallet on VirtualMachine .\chia stop all
On VirtualMachine start chia GUI application
It will start to sync full node but you kill the processes on VirtualMachine TaskManager: “start_farmer.exe”, “start_full_node.exe” and “start_harvester.exe”. You leave running “start_wallet.exe” and “daemon.exe”
Now your wallet will be running normally on VirtualMachine but nothing else, so you can use this machine only to operate transactions.
When I need to make a transaction from this secure VirtualMachine, I start it, wait a little to be synced and do my transactions etc, then close it and secure it on some stick, disk or wherever.
I did this experiment on Flax fork of Chia but it is the same code and it should be equivalent to Chia. I’m going to do this now with Chia and report if it is not working but I doubt that I will have different result.
Between steps 5 and 6 you can remove internet access from the VM for additional security. LAN only at that point should be fine, or host only if the VM is running on your full node.