Jump to content

ripple cold wallet


Intro

Recommended Posts

Hello there,

Concerning about security I am interested to create a secure cold wallet to keep my ripples safe. I keep in Bitstamp but as I intent to keep for longer time I thought would be better to keep offline.

I need to know how I could make an offline Ripple wallet in order to keep save all my ripples . There are several webs but I do not know which is secure.

 

Waiting for advices

Link to comment
Share on other sites

*removed the horrible long instructions of one of my fellow forum zerper*

I do believe the answer below is slightly shorter. Not so sure if the man knows what he is talking about :P.

Edited by Ripplezzzz
Link to comment
Share on other sites

If you have access to a machine with npm and node, do this:

1) Create a new directory. Go into it.

2) Create a filed called "coldwallet.js" with the following contents:

Quote

#!/usr/bin/node
var keypairs = require('ripple-keypairs');
var seed = (process.argv.length==3) ? process.argv[2] : keypairs.generateSeed();
var keypair = keypairs.deriveKeypair(seed);
console.log("Ripple-address: " + keypairs.deriveAddress(keypair.publicKey));
console.log("Ripple-secret:  " + seed);
 

3) Type "npm install ripple-keypairs". An error about a missing manifest is normal. Now type "node coldwallet.js" to generate a cold wallet. The output will look like this:

Quote

Ripple-address: rPJuxyGFbfg2Mjgq9dfgRaKBmftbcJ3tG2
Ripple-secret:  spjqeT8sxY1LfoM8BJpxxbqXawZuY
 

4) Run it a few times and make sure you get different output each time. If paranoid, you can test one of the secrets in an online or desktop wallet to make sure you get the matching Ripple address back. Don't use that one, of course.

Link to comment
Share on other sites

2 minutes ago, JoelKatz said:

If you have access to a machine with npm and node, do this:

1) Create a new directory. Go into it.

2) Create a filed called "coldwallet.js" with the following contents:

3) Type "npm install ripple-keypairs". An error about a missing manifest is normal. Now type "node coldwallet.js" to generate a cold wallet. The output will look like this:

4) Run it a few times and make sure you get different output each time. If paranoid, you can test one of the secrets in an online or desktop wallet to make sure you get the matching Ripple address back. Don't use that one, of course.

Thank you Mr Katz! 

Link to comment
Share on other sites

Just ignore this request if there are proprietary or other reasons against it....  but David @JoelKatz have you ever seen Theworldexchange.net?

Is it possible for you or Nik or someone to (as a private individual) look at the code and say what you think?

As much as it's wonderful what you have just done here, there are many folk who would not be able to do even this amount of JavaScript usage.  It's easy to forget how daunting it all is when you haven't spent mega hours neck deep in code.

Having said that...   you have made a real contribution here and I and many others no doubt really appreciate it.   Thanks.

Link to comment
Share on other sites

1 hour ago, Intro said:

It looks complicated, what is any simple form, so from bitstamp to sent to offline account or wallet ,,, if anyone knows which is ,, all is about ripple

The whole reason it is 'complicated' is that you are doing everything yourself on the basis that you are not putting your trust in any other provider or system (other than Ripple). If you are less paranoid and happy to trust 3rd parties, then bithomp have a wallet address/secret generator at:

https://bithomp.com/create

But many would argue that that defeats the point of generating a 'cold' wallet, in that the main purpose of a cold wallet is to be as secure as possible by being generated in the most secure way possible. Of course all of this is a moot point, if, for example, your PC is infected with spyware, or similar.

-Matt

Link to comment
Share on other sites

1 hour ago, itcdominic said:

Why not use a hardware wallet like Ledger Nano S?

You could, but they are an additional expense and then require you to trust a piece of hardware.

I'm sure the Nano S is great, and I have no reason not to trust it. I am considering getting one myself.

The one advantage they have over just creating a software cold wallet is that the secret key never leaves the hardware wallet itself. The transactions are sent to the hardware wallet, signed in the hardware then sent back out again.

But for me, I'm just not that paranoid (rightly or wrongly so). As I am mainly hodling for long term, I'm not actually making many transactions with my cold wallet. In an ideal world I'd not be making any at all! Only one in a few years time to the yacht broker ;)

-Matt

Link to comment
Share on other sites

On 23.11.2017 at 11:55 PM, JoelKatz said:

If you have access to a machine with npm and node, do this:

1) Create a new directory. Go into it.

2) Create a filed called "coldwallet.js" with the following contents:

3) Type "npm install ripple-keypairs". An error about a missing manifest is normal. Now type "node coldwallet.js" to generate a cold wallet. The output will look like this:

4) Run it a few times and make sure you get different output each time. If paranoid, you can test one of the secrets in an online or desktop wallet to make sure you get the matching Ripple address back. Don't use that one, of course.

 

All we need is a good video tutorial to folow the install process and security guidelines  how to setup npm and node . 

 This will benfit all of xrp holders whan the hacks on the exchange will come. 

Give as non tech the tools to protect our investment. 

 

Edited by joy
Link to comment
Share on other sites

  • 2 weeks later...

@JoelKatz

I got this from ripple website

Do i need to install the ripple-lib and use the yarn command to create key pairs?

"Installation

Install Node.js and Yarn. Most Linux distros have a package for Node.js; check that it's the version you want.

Use yarn to install RippleAPI: yarn install ripple-lib"

Edited by joy
Link to comment
Share on other sites

From all the options to create cold wallet is  the node js ripple-keypairs the safest? 

Why not add this to the "links and resources" (wallets)

Is there something i am missing ?

 

 

Edited by joy
Link to comment
Share on other sites

  • 2 months later...

@JoelKatz

Just wanted to clarify: 

deriveKeypair() returns a private key and public key, in hex encoding.

In order to sign transactions, do you have to know the ripple "secret" (the Base-58 encoded string starting with "s")? 

Can the privateKey field (a long hex-encoded number) of the returned keypair be used to sign transactions? 

If not, what is the privateKey used for, if anything?

Thanks,

Adam 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...