Toast Wallet - Install differences and delete IndexDB to delete wallet ?

[Gj81]

HI, 2 questions about Toast wallet on Windows 10 ..

1 - Apart from being portable, is there any benefit using the Windows 10 Installer over the Portable Executable ( or vice versa )?

2 - I've been playing around with uninstalliing/securing Toast Wallet and found that if you move/delete the "IndexedDB" folder in C:\Users\<username>\AppData\Roaming\ToastWallet then the wallet effectively resets.  When you next run the executable, instead of your already set up PIN screen it takes you to the Licence Agreement screen for setting up a new wallet.   Restoring this folder then restores your wallet.  Is it safe to say that hard deleting these files would be all it takes to "uninstall" your actual wallet from a  PC ?  

Reason I'm asking -  I'm looking to create a Veracrypt encrypted archive of my Toast wallet, containing just the portable executable and these IndexedDB files.   This way I can effectively keep my Ripple Wallet offline when not in use as without these files, if someone gains access to my PC and opens Toast they would just get the startup Licence Agreement screen and process for setting up a new Wallet.   Uninstalling Toast does not do this as the "C:\Users\<username>\AppData\Roaming\ToastWallet" files are not deleted when uninstalling. 

And yes I'm aware of the risk of a keylogger getting my Veracrypt password and then somehow opening the archive and copying these files back and cracking my Toast PIN and getting my Ripple, happy to take that risk.    I will also be taking a Toast Wallet backup as per the instructions and locking that away seperately.   

I just need to know if deleting/locking these IndexDB files is enough to prevent access to my Toast wallet. 

Cheers,

Dave

 

 

 

[Guest]

Hi

Yes the "portable exe" is a little bit misleading. Unfortunately that is the standard terminology for an executable that can be run without installation.

We intend to modify it in the future to make it store your data in the directory it is run from as you are requesting. Expect that in the next version.

 

And yes to answer your question: Your appdata\roaming ToastWallet folder contains your ToastWallet data. If you move it to an encrypted location it will be safer. Then you can move it back when you need to use it. Keep in mind it is already encrypted however.

Edited February 6, 2018 by Guest

[Gj81]

Thanks, is it just the files and subfolders under in the "IndexDB" folder, or would the whole "AppData\Roaming\ToastWallet" need to be encrypted/deleted ?

Also thanks for confirming that it's already encrypted, idea behind this is just to add another layer of protection given it's also my main PC.   

[gray]

3 hours ago, ToastWallet said:

Hi

Yes the "portable exe" is a little bit misleading. Unfortunately that is the standard terminology for an executable that can be run without installation.

We intend to modify it in the future to make it store your data in the directory it is run from as you are requesting. Expect that in the next version.

 

And yes to answer your question: Your appdata\roaming ToastWallet folder contains your ToastWallet data. If you move it to an encrypted location it will be safer. Then you can move it back when you need to use it. Keep in mind it is already encrypted however.

It would probably be smart to store this data in a privileged location (on windows at least) rather than a user controlled location so that malware couldn't modify it without escalating to privileged access, no?

I guess ultimately there's not really an attack vector in that way (that I can think of off the top of my head at least) though.

Edited February 7, 2018 by gray

[Gj81]

Not sure if that was for me or Toast, 'fraid I'm not tech savvy enough to know how to do that  if it was for me:-p

My plan is to put these specific files in a Veracrypt container when not in use, that way if someone was to either remote in or break into my house and physically use my PC, they'd see I had Toast Wallet but all account info is hidden in a way that they'd not even know to look for it, let alone what to look for. 

Any crack attempt at the Toast Wallet itself would then simply not work because it doesn't have any account info anyway (even if they could beat the Toast encryption).   For someone/malware to actually get my Ripple, the would have to know the exact file that's actually the Veracrypt Container, the 21 alphanumeric password to unlock it, capability to open it and know where to move the files back to, be able to move the files (my AV Bitdefender has a Folder Locker that prevents programs from altering files in certain folders unless manually approved,), then know my Toast PIN.

The Malware would have to be some sort of Hollywood level super-ware to get past Windows and AV security to install and do all that, or the intruder has a gun to my head. 

Then they can have my $100 worth of Ripple or whatever it's worth currently :-)

[gray]

47 minutes ago, Gj81 said:

Not sure if that was for me or Toast, 'fraid I'm not tech savvy enough to know how to do that  if it was for me:-p

My plan is to put these specific files in a Veracrypt container when not in use, that way if someone was to either remote in or break into my house and physically use my PC, they'd see I had Toast Wallet but all account info is hidden in a way that they'd not even know to look for it, let alone what to look for. 

Any crack attempt at the Toast Wallet itself would then simply not work because it doesn't have any account info anyway (even if they could beat the Toast encryption).   For someone/malware to actually get my Ripple, the would have to know the exact file that's actually the Veracrypt Container, the 21 alphanumeric password to unlock it, capability to open it and know where to move the files back to, be able to move the files (my AV Bitdefender has a Folder Locker that prevents programs from altering files in certain folders unless manually approved,), then know my Toast PIN.

The Malware would have to be some sort of Hollywood level super-ware to get past Windows and AV security to install and do all that, or the intruder has a gun to my head. 

Then they can have my $100 worth of Ripple or whatever it's worth currently :-)

It was for toast haha. Anyway, what you're describing is true for a standard attack vector you're thinking about, but may not for another creative attack vector. For example, I don't know exactly how Toast holds keys in memory while in use, nor how Veracrypt holds things it decrypts in memory... in theory you could have malware that just scalps things that look like they could be cryptocurrency keys from memory and then send them back to a remote server for processing.

Windows Defender and any other Antivirus are basically useless against targeted or new malware--they're good for malware once that malware has been identified and you can put its signature in the program, but depending how that malware works and how it is written, you could definitely still get some.

Yes, this is quite paranoid, but ultimately, having your keys ever in memory on an internet connected computer that could possibly have malware on it is just about as dangerous as just storing them in plain text on that computer permanently.

[Gj81]

True, haven't thought about RAM and no idea if any of it's encrypted when in memory (maybe ToastWallet can help there) so good call out. 

However it still remains that the malware would have to get on myPC first.   Ideally I'd prefer a ledger/trezor , but they are all out of stock and will be for the next month or 2 and buying  a second hand security device is of course as unsafe as you can get.  

For me though, here's the process as I see it that  Malware would need to take to get to my Crypto ( feel free to correct any of this or point out flaws, I'm definitely no IT pro )

1 - It actually has to come from somewhere.    So just by staying away from the shodiest parts of the net and don't open SPAM emails and don't download cracked software then risk is already very small.    Ad-Blockers and the like can also help here I believe just by preventing web page code to run.

2 - It has to install and run somehow.   To do this it has to get past browser sandboxing, Windows inbuilt security like UAC which I have at full level,   professional and consistently top rated AV Suite Bitdefender's AV and heuristic engine. 

3 - It has to be actively running when I open Toast Wallet and/or Veracrypt which I don't plan on doing often as they are for long term storage, and that's only if all the keys and info are in RAM and unencrypted .

4 - It then has to call home, getting past Bitdefender's 2 way firewall.  

All within the very short timeframe it takes for the security suites to be updated when new malware is found, and all the while fooling heuristic engines that monitor program behaviour to catch day 0 threats. 

All that I would hope would be sufficient to ensure that my wallet is safe.  

I hope :-p

 

 

 

[gray]

22 hours ago, Gj81 said:

True, haven't thought about RAM and no idea if any of it's encrypted when in memory (maybe ToastWallet can help there) so good call out. 

However it still remains that the malware would have to get on myPC first.   Ideally I'd prefer a ledger/trezor , but they are all out of stock and will be for the next month or 2 and buying  a second hand security device is of course as unsafe as you can get.  

For me though, here's the process as I see it that  Malware would need to take to get to my Crypto ( feel free to correct any of this or point out flaws, I'm definitely no IT pro )

1 - It actually has to come from somewhere.    So just by staying away from the shodiest parts of the net and don't open SPAM emails and don't download cracked software then risk is already very small.    Ad-Blockers and the like can also help here I believe just by preventing web page code to run.

2 - It has to install and run somehow.   To do this it has to get past browser sandboxing, Windows inbuilt security like UAC which I have at full level,   professional and consistently top rated AV Suite Bitdefender's AV and heuristic engine. 

3 - It has to be actively running when I open Toast Wallet and/or Veracrypt which I don't plan on doing often as they are for long term storage, and that's only if all the keys and info are in RAM and unencrypted .

4 - It then has to call home, getting past Bitdefender's 2 way firewall.  

All within the very short timeframe it takes for the security suites to be updated when new malware is found, and all the while fooling heuristic engines that monitor program behaviour to catch day 0 threats. 

All that I would hope would be sufficient to ensure that my wallet is safe.  

I hope :-p

In theory that sounds all well and good, but there's definitely holes. Browser sandboxing only does so much, windows inbuilt security like UAC is pretty awful and there's been a 0-day on it that still has not been fixed since the days of Vista, and there's other exploits as well. Consumer antivirus is pretty much useless except against the widest-net malware, not if you're at all being targeted (which ripple is a small enough community that could easily be targeted as such). Once someone gets a shell/code execution, there's may ways to escalate privileges and get administrator on your system, at which point they can do whatever they want and get past any firewall or whatever without you knowing. And all of this can happen from a phishing email that's indistinguishable from a real one because it was engineered by someone who is actually smart about it and makes one that looks totally legit.

 

[Gj81]

Agreed, but I also think that if you go too hard at this security stuff then you'd end up living in a bricked up building surround by gun nests with no connection to the outside world :-).

e.g. Trezor and Ledger were supposed to be the best, but there's already exploits being found.  And at the end of the day, if someone broke into my house, found my easily identifiable security device, put a knife to my wife's throat, well they'd be getting all my Crypto anyway.    Sure you could lock it in a bank, but what happens if the bank gets robbed, goes bust, or a disgruntled bank employee nicks it and you forget 1 word of your 24 word memnomic because you sure as hell can't write that down anywhere.  You could print it and put it in a safe buried in concrete, but what happens if the ink fades ?

Appreciate the technical response though, please don't think I'm being rude, just making light of the level of paranoia that crypto instills in us.  I've not talked to anyone who doesn't have some sort of complicated security process :-)

I genuinely do appreciate it and will be looking into some of the exploits you mentioned to see how I can make my stash more secure.

Cheers,
Dave

 

[Guest]

On 2/7/2018 at 7:52 PM, Gj81 said:

True, haven't thought about RAM and no idea if any of it's encrypted when in memory (maybe ToastWallet can help there) so good call out. 

However it still remains that the malware would have to get on myPC first.   Ideally I'd prefer a ledger/trezor , but they are all out of stock and will be for the next month or 2 and buying  a second hand security device is of course as unsafe as you can get.  

For me though, here's the process as I see it that  Malware would need to take to get to my Crypto ( feel free to correct any of this or point out flaws, I'm definitely no IT pro )

1 - It actually has to come from somewhere.    So just by staying away from the shodiest parts of the net and don't open SPAM emails and don't download cracked software then risk is already very small.    Ad-Blockers and the like can also help here I believe just by preventing web page code to run.

2 - It has to install and run somehow.   To do this it has to get past browser sandboxing, Windows inbuilt security like UAC which I have at full level,   professional and consistently top rated AV Suite Bitdefender's AV and heuristic engine. 

3 - It has to be actively running when I open Toast Wallet and/or Veracrypt which I don't plan on doing often as they are for long term storage, and that's only if all the keys and info are in RAM and unencrypted .

4 - It then has to call home, getting past Bitdefender's 2 way firewall.  

All within the very short timeframe it takes for the security suites to be updated when new malware is found, and all the while fooling heuristic engines that monitor program behaviour to catch day 0 threats. 

All that I would hope would be sufficient to ensure that my wallet is safe.  

I hope :-p

 

 

 

Toast Wallet does not hold unencrypted keys in memory. When a key is required to sign a transaction it is decrypted at the last possible moment, used to sign the transaction, then promptly erased from ram. During ordinary use (login, check balance etc.) your keys remain encrypted at all times.

On windows the appx installer will place the app data into a protected location.

For the best possible security with Toast we recommend installing it on an offline-only device and using the offline transaction functionality when you need to make a payment.

Also: if you're going to use third party encryption over the app's user data files we suggest encrypting the whole folder.

Edited February 8, 2018 by Guest

[Gj81]

Champion, thanks.  Whole app folder is less than 2mb so that's no problem. 

Good to know about the RAM usage, will have a look into the Offline Transaction functionality. 

 

[gray]

On 2/8/2018 at 12:05 AM, Gj81 said:

Agreed, but I also think that if you go too hard at this security stuff then you'd end up living in a bricked up building surround by gun nests with no connection to the outside world :-).

Ha, indeed.

On 2/8/2018 at 12:05 AM, Gj81 said:

Trezor and Ledger were supposed to be the best, but there's already exploits being found.

There's no known attack vectors on the ledger/trezor that don't involve physical access to the device itself, and even then it's INSANELY difficult.

On 2/8/2018 at 12:05 AM, Gj81 said:

 And at the end of the day, if someone broke into my house, found my easily identifiable security device, put a knife to my wife's throat, well they'd be getting all my Crypto anyway.  

True haha. Hopefully it wouldn't be that easy and if you have a significant amout enough to warrant that then you won't be advertising it anyway ;p

On 2/8/2018 at 12:05 AM, Gj81 said:

Sure you could lock it in a bank, but what happens if the bank gets robbed, goes bust, or a disgruntled bank employee nicks it and you forget 1 word of your 24 word memnomic because you sure as hell can't write that down anywhere.  You could print it and put it in a safe buried in concrete, but what happens if the ink fades ?

Shared secrets. Ripple actually has a built in multi-sign function that you can use for this. If you're really super paranoid. You can create multiple cold wallets (could be multiple trezor/ledger or just multiple paper wallets) and then set the primary account your funds are in so that multiple of those (but not all) are required to actually sign a transaction. Then you distribute them to various places. One on your person, one with a lawyer, one in a local bank, a couple in banks around the world, etc. This way you have redundancy if one gets destroyed, one getting stolen doesn't matter unless a majority get stolen by the same person at the same time, and none of them individually are able to sign something so you have deniability to threats of your person like you described before (at least in a limited capacity).

 

[Gj81]

Thanks again Gray, appreciate the very detailed responses :-).  

Wish I had the amount of Ripple that would justify that level of use.  Sadly I didn't jump on the crypto bandwagon early enough, so no Ferrari for me any time soon :-p.

 

[Stellamaris]

Hello pls how do I delete past transactions on my wallet?