Superceding paper with Nano S

[at3n]

@Tinyaccount Fair enough, all those checks reduce the likelihood of the wallet being malicious, and you can do exactly the same with a hardware wallet, so as I said, similar levels of trust required, which was the main point of my point no. 2.

I'm still not sure where I said that you need to bring a cold wallet online, I certainly didn't mean to say it. If you can tell me where it is, I'll amend it because I don't want to mislead people.

Maybe you're referring to point 3, where I said:

11 hours ago, at3n said:

A paper wallet requires you to temporarily expose the secret to a potentially insecure environment (physically) every time you use it.

By this I mean that you need to remove the piece of paper from e.g. a safe in order to type it into the offline computer. While it's outside the safe, it's more vulnerable to physical threats. But with hardware you never move the secret from its secure storage (secure chip on the hardware device).

If my original wording isn't clear enough then I'll change it.

Thanks for the constructive feedback.

[at3n]

1 hour ago, Badger said:

I'm cautious down to the trust in the original paper wallet key production.

If you have any programming experience, you could look at implementing ripple-lib yourself https://github.com/ripple/ripple-lib to generate key pairs on an offline computer. The code for that is publicly auditable, so you can verify it if you'd like. I did it myself recently as an exercise in creating a paper wallet and doing the whole offline signing/online submitting process. I'm not experienced in javascript, which is what you need to use it, but it only took me a couple of hours to work it out from the examples and instructions. Just generating the key pair is very simple code, that would take less time, but of course you'd want to verify it with a test transaction.

[ZX81_1k]

You're right, I could code it myself and I've almost certainly got the skill to do it  but realistically I just don't have the time although I'd like to at some point to satisfy curiosity. However, I'd need to repeat the exercise for each of the coins I've got which adds to the potential for a c*ck-up. 

The Nano makes sense for limiting the the failure points to a manageable number. I've ordered it... awaiting delivery.

[Guest]

10 hours ago, at3n said:

Maybe you're referring to point 3

Yep that was me perhaps misunderstanding your point. 

In any case I think you guys are doing good work carefully laying out the details so others reading all this can make informed decisions. 

Like I say...   Nano is good but not the only option.  Probably gives more peace of mind to those that want some of the details taken care of by the company rather than DIY.  But you still need to keep a paper backup safe.  With Nano it's the phrase with paper wallet it's the secret key. 

[ZX81_1k]

Although the Nano has an 8 digit PIN with a 3-failure self-destruct. Paper doesn't offer that.

I like their Ledger Cryptosteel too; fire and water damage prevention for the recovery key. 

When you've 5, 6 or 7 digit sums held in crypto, a degree of paranoia is a healthy thing. Spread and mitigate all risks between coins, exchanges, paper and hardware wallets. Wealthy people do it with fiat and so it should be with crypto.

[at3n]

@Tinyaccount no problem, I know that sometimes I'm not as clear as I should be, it helps when that's pointed out.

Yeah, I think the most challenging part of having a hardware wallet is keeping the recovery phrase securely backed up, in fact I think it's more important than keeping the Nano safe.

[ZX81_1k]

Just now, at3n said:

@Tinyaccount no problem, I know that sometimes I'm not as clear as I should be, it helps when that's pointed out.

Yeah, I think the most challenging part of having a hardware wallet is keeping the recovery phrase securely backed up, in fact I think it's more important than keeping the Nano safe.

https://www.ledgerwallet.com/products/ledger-cryptosteel

[at3n]

Ah, I didn't realise Ledger did one of those now. Looks solid, still the problem of where to keep it of course, which will be different for everyone.

Everyone buying a hardware wallet should consider everything as closely as @Badger, but I doubt they do. I wonder in 10 years how many hardware wallet owners will have lost their funds due to not taking enough care of their recovery phrase.

[Guest]

1 hour ago, at3n said:

I wonder in 10 years how many hardware wallet owners will have lost their funds due to not taking enough care of their recovery phrase.

Yes I agree it's a possibility.  I have been in IT since it was called EDP.  

In that time I must have had at least a dozen drives, devices and other things fail.  I guess that's why I trust paper best.  If you have your secret key recorded on paper in a personal code form (theft protection) with at least two people knowing how to read the code.  (Alzehiemers protection). Paper stored in at least two physical locations and hidden.  (Fire protection)

If you do that you are as protected as any device and hardware won't fail.  

So take note:   if you don't take simular precautions with your nano phrase, or use that cryptosteel thing, you might find a dead unrecoverable device when you finally want your coin.  I think it's likely most devices will be fine indefinitely though....   I don't envision a high failure rate.  

[Teva]

On 17/12/2017 at 11:44 PM, Jackdarippler said:

After configuring a new wallet , and clearly noting down the recovery words(24 words in order). You should definitely check the integrity of the recovery words. Wipe the wallet clean by using the wrong pin thrice You wallet will get erased, now use the reconfigure your wallet. It should work, if it doesn't work after two attempts make a new wallet and then again recheck the integrity of the recovery. If it works download ripple into the nano s , download the ripple desktop app from ledger web-page, transfer XRP 20.50 to activate you wallet then transfer all your XRP. You are good to go.!!

 

Do check the recovery integrity of the wallet, you do not want to transfer funds without doing this in advance.

 

In case you loose your nano s, or do not wish to use the nano s. You can still recover your ripple wallet using the recovery phrase on another wallet in the future.

 

And absolutely do not share your Recovery sheet with anyone except your pets. Just make sure they dont eat it.

Hello @Jackdarippler, 

I wish I saw your post a couple of hours ago.

I just finished configuring for the 1st time my Nano S, installed the Ledger Manager and then the Ledger Ripple Wallet, and proceeded to the withdrawal of 20 XRP (as a test) from Bitstamp.   I received the confirmation email, clicked on the link, logged back into Bitstamp in order to complete the verification, and then: nothing happened. I have the same balance as before, BUT I have 20 XRP less in my "available XRP". I don't really understand, I though the "wire" would have been instantaneous.

So here are my 2 questions:

- How long does it take for the withdrawal to be processed usually ?

- What happens with my 20XRP if, in the meantime, I follow the steps you recommended in your quoted post ?

 Thanks

Edited December 19, 2017 by Teva

[Pluto]

I think you did not deposit XRP 20.50 .. you need a minimum 20 xrp as a first deposit to activate any ripple wallet, this should be the amount that gets deposited after the transaction fee.. I believe the transaction had failed. I had a similar transaction longtime back with a wallet, opened a ticket with the exchange for the reversal of XRP. They haven't got back to me or the funds will never return.

 

Sorry that this happened to you.

[Xilobyte]

On 12/17/2017 at 11:15 PM, zenkert said:

Paranoia - - - sorry, but I think so.

He is not paranoid. He is correct to think this way. 'Dem hacker have got nothing better to do than to sit around in their tighty whities and create an exploit that will collect this data for them. They can insert it into a **** site, pirate site or where ever they like and then deposit it into your computer. It is not such an issue now but as the world comes to accept crypto, it will be the next level of security disasters.

The Ledger is supported by the Chrome Browser which disgusts me with the idea that connecting anything crpyto related to a browser is safe. For one, the 25 word seed likely only links to your account on Ledger. That  is why when they go down, you go down. Next, the browsers on most Winblows computers are the most infected element of the entire system. Likely it is only a hash which is transmitted to the Ledger systems that authorize a sync to your accounts. My small minded guess is that the pincode unlocks the hardware on the device so that this hash can be transmitted to Ledger. There they have the terabytes of data required to maintain the blockchains for all of those coins. The browser apps are only interfaces but are still communicating with the hardware and exchanging keys and hashes. The real problem is that your coins belong to Ledger in reality. You 25 word seed will not recover a XRP wallet if Ledger is not alive any more.

Hence, I do not like Ledger nor would I trust it to my own customers. It does not mean that they are not trustworthy. There is no data suggesting otherwise. I do not trust the computer browser and I certainly do not trust Chrome.

[Xilobyte]

On 12/17/2017 at 11:51 PM, XRP_FER_ME said:

I'm an IT engineer and I concur with how IBM has fallen apart.

Well I am not an IT ENgineer, but I did sleep in a Holiday Inn Express and I have never liked anything IBM.

[Xilobyte]

2 hours ago, Teva said:

Hello @Jackdarippler, 

I wish I saw your post a couple of hours ago.

I just finished configuring for the 1st time my Nano S, installed the Ledger Manager and then the Ledger Ripple Wallet, and proceeded to the withdrawal of 20 XRP (as a test) from Bitstamp.   I received the confirmation email, clicked on the link, logged back into Bitstamp in order to complete the verification, and then: nothing happened. I have the same balance as before, BUT I have 20 XRP less in my "available XRP". I don't really understand, I though the "wire" would have been instantaneous.

So here are my 2 questions:

- How long does it take for the withdrawal to be processed usually ?

- What happens with my 20XRP if, in the meantime, I follow the steps you recommended in your quoted post ?

 Thanks

Actually you can look up the transaction using the address on the chain. What you are looking for is that the 20.5 leaves BS and enters your Nano S address. The final line is a End balance that indicates that it is in your wallet. If it is there, then the interface at BS is no matter. What happens with them is that you submit the transaction and it is immediately subtracted from your wallet to prevent a User from sending multiple transactions beyond the balance of their wallet. If the transaction failed, it should bounce back to BS. All you should be waiting on is for them to review their own logs and credit it back to your account. That will take a while, but does not mean the coins are still not yours. It only means that their interface has not caught up.

[Teva]

1 hour ago, Jackdarippler said:

I think you did not deposit XRP 20.50 .. you need a minimum 20 xrp as a first deposit to activate any ripple wallet, this should be the amount that gets deposited after the transaction fee.. I believe the transaction had failed. I had a similar transaction longtime back with a wallet, opened a ticket with the exchange for the reversal of XRP. They haven't got back to me or the funds will never return.

 

Sorry that this happened to you.

I just checked if there was any update. Turns out the transaction just failed (status:"cancelled"). I have no idea why, but at least I still got my 20XRP.