Desktop Wallet - Creating cold wallets

[RafOlP]

DEFINITIONS

Cold Storage (cold wallets)

To create a cold wallet, first lets try to use a broadly accepted definition for that: https://en.bitcoin.it/wiki/Cold_storage

Quote

Cold storage in the context of Bitcoin refers to keeping a reserve of Bitcoins offline.

Deep cold storage refers to keeping a reserve of Bitcoins offline, using a method that makes retrieving coins from storage significantly more difficult than sending them there. This could be done for safety's sake, such as to prevent theft or robbery.

Adaptation: In order to keep a reserve of ripple balances offline, I understand that the balances must be held by a key that has never been online and is out of the reach of online thieves.

Wallet or Account

A pair of public and private cryptographic keys that can hold value and create transactions (Master/Regular Key and Public Key).

Wallet File

A file that can be opened by a client which will have access to an account's Master/Regular Key in order to create transactions.

1 - Prepare the environment:

The higher the level, the more secure. There are many levels of paranoia that one can escalate in order to be 100000000% sure nobody can reach the keys, but lets focus in practical everyday usage. The simplest path, ideal for safe computers and for normal amounts is Level 1 or 2. For those who need more certainty, please read the other levels. You can also mix the methods.

• Level 1: If you trust your computer is safe, download the client in your current OS and disconnect from any network.
• Level 2: If you trust your computer is safe, use virtual box to create a VM with a fresh OS (i.e. a clean Ubuntu), open the new OS, update it and download the client in the fresh OS.
• Level 3: If you trust your computer is safe, use virtual box to create a VM with a fresh OS (i.e. a clean Ubuntu), open the new OS, update it and build your own client from the github repo in the fresh OS.
• Level 4: If you trust your computer is safe, create an Ubunutu Live USB or CD, boot your machine using this media for a Live CD session, and download the client in the fresh OS or build your own client from the github repo in the fresh OS.
• Level 5: Buy a new computer meant to be offline forever, turn it on far away from any kind of network connection, download the client (or build it) in another safe computer, disconnect from the internet, copy it to a brand new portable media (i.e. USB) and copy it again to the new computer.
• Level 6: Suggestions accepted

2 - Create the wallet:

1. In the environment you prepared, open the ripple client, go to create new account/create_an_empty_account, choose a place to save the wallet file.
2. - - if the computer you are will go online again, save the file in an external media and remove the media before reconnecting to the internet.
3. Choose a strong password and you will be presented to the option of saving your Secret Key.
4. Write the Secret Key in a paper, or take a picture from it (not with your mobile phone!) or any other safe method to store it.
5. Save the wallet file in several offline medias (USB), and never use them in your online computer, keep them private. You can use encrypted volumes if you want.
6. Save your password too. The password alone can't do any harm, so you can use traditional password managers and you can have many online backups of it.
7. Save your public key to a text file and backup it (you will need it every time you will send money to this account). Double check to see if the text file matches the public key in the client's top right corner.
8. Close the client, remove the external medias, clean the clipboard.

3 - Activate the wallet:

1. Open the text file with the public key in an online computer.
2. Open one of your online accounts with the client.
3. Send some XRP (50) to the cold wallet's public address.
4. Check the address at https://www.ripplecharts.com/#/graph, or any ledger explorer you trust.

DONE!

 

OPTIONAL

Validate the wallet:

Will you send 1MM USD to this account without validating it? There is a risk balancing thinking you must do now.

Offline Validation, by @jn_r, (I wrote a step by step tutorial about creating offline transactions here).

6 hours ago, jn_r said:

You can also validate by sending a transaction offline. You mentioned it did not work yet, but I have tested it - also with your version - and it works for me. You only must first set the correct sequence number (the offline wallet can't get that because it is offline). Presumably you will have to do that only once, if the wallet stays offline. The wallet will remember then the last sequence number you used. But would you create an offline signed transaction and not send that transaction, then you still have to set the sequence number one down. 

You can set the sequence number in the Server Settings / Cold Wallet settings. I have tested it by sending 1 XRP to one of my other accounts. That worked and thereby I validated that my offline wallet is working.

If offline validation doesn't work for you, you may try this:

1. In an offline Ubuntu Live CD session, plug the USB with the wallet file in, open the client and open the cold wallet.
2. Remove the USB.
3. Connect to the internet just for the time necessary for the client to show you the account received 50 XRP.
4. If there is 50 XRP in the account, you are all good and you can send your money there. If there is not, there was an error in the process.
5. Close the client, kill the Live CD session.

Will this procedure invalidate your cold storage? IDK, up to you.

DISCLAIMER

Please, follow this instructions if you want at your own risk, this is not in any way professional advice.

CONTRIBUTIONS

Security experts are invited to step up and improve this method.

Edited April 3, 2016 by RafOlP
Added offline Validation, by jn_r

[OlivierA]

13 hours ago, RafOlP said:

Level 5: Buy a new computer meant to be offline forever, turn it on far away from any kind of network connection, download the client (or build it) in another safe computer, disconnect from the internet, copy it to a brand new portable media (i.e. USB) and copy it again to the new computer.

 

Best option, that's what I do. Don't have to buy a new computer, just format to zero an old one (very cheap) and make sure your USB key is not infected. The Ripple Client doesn't need a big up-to-date computer.

[jn_r]

21 hours ago, RafOlP said:

OPTIONAL

Validate the wallet:

Will you send 1MM USD to this account without validating it? There is a risk balancing thinking you must do now.

If you trust 100% - you triple-checked and there is no doubt, ok, but if you dont, you can do this (notice that this will undermine the certainty about the offline status for this account):

- In an offline Ubuntu Live CD session, plug the USB with the wallet file in, open the client and open the cold wallet.

- Remove the USB.

- Connect to the internet just for the time necessary for the client to show you the account received 50 XRP.

- If there is 50 XRP in the account, you are all good and you can send your money there. If there is not, there was an error in the process.

- Close the client, kill the Live CD session.

Will this procedure invalidate your cold storage? IDK, up to you.

You can also validate by sending a transaction offline. You mentioned it did not work yet, but I have tested it - also with your version - and it works for me. You only must first set the correct sequence number (the offline wallet can't get that because it is offline). Presumably you will have to do that only once, if the wallet stays offline. The wallet will remember then the last sequence number you used. But would you create an offline signed transaction and not send that transaction, then you still have to set the sequence number one down. 

You can set the sequence number in the Server Settings / Cold Wallet settings. I have tested it by sending 1 XRP to one of my other accounts. That worked and thereby I validated that my offline wallet is working.

Edited April 3, 2016 by jn_r

[RafOlP]

2 hours ago, jn_r said:

You can also validate by sending a transaction offline. You mentioned it did not work yet, but I have tested it - also with your version - and it works for me. You only must first set the correct sequence number (the offline wallet can't get that because it is offline). Presumably you will have to do that only once, if the wallet stays offline. The wallet will remember then the last sequence number you used. But would you create an offline signed transaction and not send that transaction, then you still have to set the sequence number one down. 

You can set the sequence number in the Server Settings / Cold Wallet settings. I have tested it by sending 1 XRP to one of my other accounts. That worked and thereby I validated that my offline wallet is working.

This is very good to know!

I added your description to the OP, its very helpful.

I can confirm it works. Awesome, thank you.

Edited April 3, 2016 by RafOlP
Added my testing results

[dizzle]

@RafOlP  Hey there - I'm having a bit of an issue with the ripple client.  Wondering if you could give me a hand. 

 

I've been able to put XRP into my wallet, however when attempting to withdraw it, it doesn't give me the option to withdraw with a XRP denomination, the button grays out. Instead, I've been able to take out XRP and the app converts it to bitcoin.  Nothing particularly wrong with that, would just like some more control if possible.   Any idea what I'm missing?

[dizzle]

Another question:   If I use a service like this that just generates a address and a secret key: https://ripply.eu/coldwallet.html

I am able to send to it easily, but how to I take ripple out of it? Is there a service or a place I plug these in

Thanks again!!

[RafOlP]

3 minutes ago, dizzle said:

@RafOlP  Hey there - I'm having a bit of an issue with the ripple client.  Wondering if you could give me a hand. 

 

I've been able to put XRP into my wallet, however when attempting to withdraw it, it doesn't give me the option to withdraw with a XRP denomination, the button grays out. Instead, I've been able to take out XRP and the app converts it to bitcoin.  Nothing particularly wrong with that, would just like some more control if possible.   Any idea what I'm missing?

Hi there, would you mind describing exactly what you are trying to do? If you have privacy issues you can PM me.

It doesn't sound like a client issue.

2 minutes ago, dizzle said:

Another question:   If I use a service like this that just generates a address and a secret key: https://ripply.eu/coldwallet.html

I am able to send to it easily, but how to I take ripple out of it? Is there a service or a place I plug these in

Thanks again!!

IDK ripply.eu so be careful.

Assuming they are well intentioned and create really random private secret keys, than any ripple client should be able to give access to your funds.

Please take a look at this thread:

 

[dizzle]

Thanks @RafOlP !

hmm very odd.  I x'd out and returned and adding my secret key, and it seems to be working now. I'm now able to transfer coin from the wallet to gatehub.  Thanks!

[RafOlP]

Great to hear it worked.

Remember that the button only becomes blue after the amount is inserted.

[kimchee]

On 03/04/2016 at 3:25 AM, OlivierA said:

Best option, that's what I do. Don't have to buy a new computer, just format to zero an old one (very cheap) and make sure your USB key is not infected. The Ripple Client doesn't need a big up-to-date computer.

Hello.when you say format old computer to zero, does it mean that you just basically re-set it to the original state using the formatting disc that came with it when you bought it? I have an old toshiba laptop that has these discs. Sorry for my ignorance, but I am new in cryptocurrencies, and I am not a techie at all. I know basically nothing about computers apart from surfing the net and using Microsoft Office. I just bought a few thousand xrps last week,  and I have my wallet set-up in gatehub. But, apparently, it's an exchange and not a real cold wallet and can be subjected to hackers. I would really like to store it in a cold wallet. Please, help me.

[pucksterpete]

Hello, NB here, just created my ripple wallet, sent some XRP to it, received it no problem, but wanted to test the send feature, after inputting the address, Destination tag and amount, I hit the send button and all i get is 'sending transaction to the ripple network' and the spinning dashed circle.

It never finishes sending   see image

the ripple desktop wallet is connected online

any ideas

tnx

Pete

[RafOlP]

@pucksterpete, I have seen this happen before, but in spite of the eternal spinning, that transactions were always sent to the ripple network. Check your history please.

[pucksterpete]

thanx for the reply back, nope, still the same balance and no sent record

is there a minimum balance to be able to send?

I have over 20 in the reserve for the account.

tnx  Pete

note, tried just a now a third time, this time it went through, not sure what the hang up before was.

Edited January 15, 2017 by pucksterpete
adding info

[RafOlP]

6 minutes ago, pucksterpete said:

note, tried just a now a third time, this time it went through, not sure what the hang up before was.

Maybe it was queued and exceeded the max ledger.

[pucksterpete]

tnx for your help, I have been looking for a cold storage option. glad to have found this forum.

Pete