New Version of RippleWarpWallet Released with Verifiable Builds

[gray]

Hello all,

I've released a new version of my wallet generator called RippleWarpWallet! You can check out the hosted version here: https://termhn.github.io/ripplewarpwallet and the GitHub repo here: https://github.com/termhn/ripplewarpwallet

What is RippleWarpWallet?  RippleWarpWallet is a fork of the original WarpWallet used for making Ripple wallets instead of bitcoin ones. It is a deterministic Ripple wallet generator. What this means is that you never have to save or store your secret key directly anywhere. Instead, you pick a good passphrase - see the section of the page about choosing a password - and never use it for anything else. Then, whenever you want to access your actual secret key, you put your password back into RippleWarpWallet and it will generate the same address as before as long as the same password was used as input. This is what "deterministic" means. Much like other wallet generators, all of this is done on your computer only; an external server is never contacted after you download the inital page. This has a number of benefits, but also a number of possible weaknesses.

The benefits are that, in theory, you don't have to store your password anywhere but in your own brain. You can use a method like a mnemonic peg to memorize a password very thoroughly. However, even if you do store your password, you'll be guarded against the most common malware that tries to specifically steal crypto wallets since your password will not be in the form that they are looking for. This allows you to disguise your crypto password in ways that make it look quite innocuous unless someone is targeting you specifically, which is quite unlikely unless you have a ridiculous sum that you regularly advertise online.

The weaknesses are that, if you choose a bad password, an attacker could very easily take your coins, since the only thing they need to be able to generate your secret key (and therefore take control of your wallet) is your password. WarpWallet adds two improvements over the traditional brainwallet to try to mitigate these weaknesses:

(1) WarpWallet uses scrypt to make address generation both memory and time-intensive. This means that it takes a matter of several seconds to run a password through the algorithm and get the resulting private and public key, rather than a matter of a fraction of a millisecond like with a traditional brainwallet generator.
(2) you can "salt" your passphrase with your email address. Though salting is optional, we recommend it. Any attacker of WarpWallet addresses would have to target you individually, rather than netting you in a wider, generic attack, since they would need to add your email address together with your password. And your email is trivial to remember, so why not?

However, even with these safegaurds, it's not infallible. If you use a bad password, even with a salt, your coins are still easily stolen. This is why I have a whole section on the tool dedicated to how to choose a good password.

The main thing that I added in this version of the tool is the ability to verify that the code in the GitHub repository is the same code that is compiled and hosted on the live web version. What does this mean for you as far as security?

• If you trust the code in the repository, then you can trust the code on the web version
• You are able to verify that I'm not adding any back doors to the web hosted version that aren't present in the uncompiled source code (this kind of vulnerability in "open source" wallets has been used to great, or awful, effect with other cryptocurrencies).

The uncompiled source code is actually quite short and easy to understand, so it's much easier for community members that know javascript (or even yourself) to analyze it. It also uses directly other open source libraries for all the cryptographic and ripple-specific functions, only tying them together into an easy to use interface. This means that, again, the actual code itself is quite easy to understand and verify.

In order to verify this for yourself, head over to the github page: https://github.com/termhn/ripplewarpwallet and follow the instructions there.

It would be awesome for some community members to do this, and for anyone willing to inspect the code as well and post their results and any concerns they have. That's how open source programs can start to be trusted and where the security comes from: when many eyes are looking at something, it's a lot harder for bugs or intentional security loopholes to sneak through.

If you're a programmer and want to implement WarpWallet yourself, here is the algorithm used. Ripple-specific functions are part of the ripple-keypairs npm package, which is a sub-package used directly by the official ripple-lib npm package.

s1               =     scrypt(key=(passphrase||0x1), salt=(salt||0x1), N=218, r=8, p=1, dkLen=32)
s2               =     pbkdf2(key=(passphrase||0x2), salt=(salt||0x2), c=216, dkLen=32, prf=HMAC_SHA256)
secret        =     generateSeed(s1 ⊕ s2)
keypair      =     deriveKeypair(secret)
address     =     deriveAddress(keypair.publicKey)

Edited January 31, 2018 by gray

[zenkert]

So it can only be used at Github @gray ?

[gray]

5 minutes ago, zenkert said:

So it can only be used at Github @gray ?

Nope, it can be used anywhere. You can download the page directly (right click -> save page as) and save it as a self contained HTML file that will work completely offline (double click to open/use it). You can also download the GitHub repo and build it yourself then use that version (which should be identical to downloading the page as described before) directly completely offline as well.