Jump to content

ToastWallet

Verified
  • Content Count

    106
  • Joined

  • Last visited

About ToastWallet

  • Rank
    Regular

Contact Methods

  • Website URL
    https://toastwallet.com

Profile Information

  • Gender
    Not Telling
  • Country
    New Zealand

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Just because the door is open doesn't mean people want their house to be an open home
  2. Yes, this list is only for nodes that anyone can connect to
  3. Hi guys We're building a list of publicly available XRP nodes serving public requests. https://xrp.onl First two servers on the list have been provided by alloy.ee thanks! We're unsure if anyone else is currently running public nodes for general benefit of the public, if you are please contact us and we'll add you to the page.
  4. Toast only decrypts your keys for a split second when you actually need to sign a transaction. This is the reason you need to put your passphrase in to send a transaction. To answer your question: it depends on almost too many factors to count. I'll address a couple of scenarios below: If you are using a PC / laptop as your offline device then a skilled adversary with repeat physical access to the device could probably install a keylogger or other monitoring software on your device which, in combination with taking a copy of your wallet data from the disk could expose your keys. This would likely require them to have physical access to the disk. I.e. pull the disk out and patch the OS etc. However if your scenario is a snatch-and-grab where someone steals your offline device, be it a hardware wallet or a PC or phone running Toast then I couldn't pick a winner, I suspect they would all be impossible to crack provided you used a sufficiently strong passphrase. An old iPhone with iOS 11 is probably the most secure offline device you could use Toast Wallet on due to the high barrier to installing third party software or patches via any means. These are also notoriously difficult to log in to when booted after power down, especially if you use an alphanumeric passcode for the lockscreen. In my view the majority of theft risk comes from malware installed on Internet connected devices. Any sort of air gap is sufficient to thwart that. The great thing about public key cryptography is you can submit a signed transaction via the most infected PC imaginable and never compromise the security of the wallet that signed it.
  5. Toast Wallet has an offline air-gap transaction signing and submission system for those who want to use it. Simply install or run Toast on an offline device and create a transaction as normal then follow the prompts to submit the transaction to the network via a QR code. Using Toast in this way (i.e. with a dedicated offline device such as an old phone or laptop that you never connect to the internet) mimics a hardware wallet in most respects. It's worth pointing out that air-gaped transactions are technically more secure than connecting a hardware wallet to an online device via USB.
  6. 2FA doesn't work that way. There no remote server to authenticate you using two factors of authentication. Your phone/device stores your encrypted wallet. You decrypt it using your passphrase in order to send XRP. An attacker logging your keystrokes would also need a copy of your wallet backup or wallet data to break into your wallet. The closest we could get to 2FA is adding multi-sign. This would add significant complexity, requiring two copies of Toast on different devices with different wallet data in each. We have already added offline transactions in February. Simply turn off Internet on your device and send a payment from Toast. You complete the payment via an airgapped QR code with an online version of Toast (without a wallet installed.) Almost no one uses this offline functionality, so we're not convinced any greater number of people would use a multi-sig function if we added it.
  7. The agreed facts in the settlement with prejudice can't be contradicted in a later case. It's not a matter of whether or not the SEC is bound by the settlement, it's a matter of whether or not their evidence would be admissible given the already settled criminal case that was settled with prejudice.
  8. Funds in XRPL accounts with lost keys just remain in those accounts forever, no one will be able to access them unfortunately.
  9. You have your phrases which are the keys to decrypt your wallet but you are missing a wallet to decrypt (this is what the backup code is). If you have a whole-phone backup or cloud backup of your device this can often be used to restore your wallet.
  10. I wonder if you've read all the code you currently trust with your Ripple secret/mnemonic. For example -- I'm guessing you have a Ledger -- do you know what is in each of the firmwares running on it right now?
  11. You can actually use Toast in offline mode. It generates QR codes you can feed into an online copy of Toast for airgapped transactions. The answer to your question depends what you mean by 'hardware wallet.' Technically the Ledger is a software wallet that runs on dedicated hardware. If that's your definition then this would fall under that definition.
  12. To recover with only a recovery phrase requires either all your wallets to be deterministically generated from a single seed -- which means you wouldn't be able to import addresses into Toast -- or an upload of your wallet data to an external server which you can retrieve using your recovery phrase. We don't like either of these options and neither do our users so unfortunately you're stuck managing your own backup codes. It's not that complicated to be honest. If you want a wallet where you don't have to manage anything yourself just keep your XRP on an exchange.
  13. Check if you have an iCloud backup
×
×
  • Create New...