Jump to content

Steps to generate a cold wallet


Recommended Posts

So having read a lot on this in the last couple of days here are the steps I believe to create a cold wallet and to verify your private keys. Please correct me if I am wrong on this...

1. Generate a paper wallet by going to one of the two sites (do not use Safari)

https://bithomp.com/paperwallet/

http://www.ripplepaperwallet.com 

Go offline, use a private window, generate a couple of pairs ( do not use the first set of pairs)

2. Write down the pair, close the window

3. Go to https://www.theworldexchange.net go offline

4. Enter your secret key, leave the account address blank click log-in

5. You can then verify that the pair you generated above is valid. I believe no xrp needs to be transferred for this check to occur

6. Once you have validated that the pair is valid you can then go and activate your wallet

 

Let me know if the above makes sense, thanks!

 

Link to comment
Share on other sites

You can use toast/rippex wallets offline to "check" if the generated pair is valid. I guess your worldexchange method works too, but these two can easily check the same offline (I think..)

Theoretically there is no reason NOT to use the first pair you generate. Because if there was ANY chance they could generate already used keypairs... no thanks :D

Also, you can check the public key in eg. https://bithomp.com/   to see it is not already activated. Which probability is zero anyway.

 

Link to comment
Share on other sites

1 hour ago, alexisonsmith said:

So having read a lot on this in the last couple of days here are the steps I believe to create a cold wallet and to verify your private keys. Please correct me if I am wrong on this...

Your steps are a valid way of generating a cold wallet, but I would add to the end of the list:

7. After activation, send a small transaction from the new wallet as a final verification step (using offline wallet software), before sending all of your funds to the wallet. Just in case you get hit by an unknown bug in the key generation/verification sites. Some people disagree with this step; I think it's a good idea as long as you don't risk exposure of your secret key in the process.

8. Make sure to create a second copy of the secret key and store it in whatever way you think is safe.

 

And if you want to be more secure, don't run the key generation tools on a PC that will ever be online again. Copy the website code to a fully offline PC before running it, and then wipe the PC when you're done, or keep it offline forever and use it for all of your crypto offline signing needs.

 

30 minutes ago, Skippy said:

Because if there was ANY chance they could generate already used keypairs... no thanks :D

Well, let's be pedantic, there's ALWAYS an infinitesimally small chance you'll get a keypair that someone else has... ? And there's no way to check it, just because a wallet isn't activated doesn't mean no-one else has the keys. But no-one should lose any sleep over that possibility, as long as you're taking as many steps as possible to stop third-party interference or spying on the key generation process.

Link to comment
Share on other sites

7 minutes ago, alexisonsmith said:

Thanks all, if I am on a MAC could I just clear my cache and then use a private browser go offline to generate the pair? I do not have a PC

You could, and it's better than nothing, but if you had malware running that's watching what you do, it could capture the keys and send them back to its owner when you go back online.

Unlikely maybe, but possible. It's a question of how safe do you think your Mac is vs how valuable your XRP wallet will be.

You can boot Linux off a USB key onto a Mac, you could look at that as an offline option if you have no other physical machine.

Link to comment
Share on other sites

26 minutes ago, at3n said:

You could, and it's better than nothing, but if you had malware running that's watching what you do, it could capture the keys and send them back to its owner when you go back online.

Unlikely maybe, but possible. It's a question of how safe do you think your Mac is vs how valuable your XRP wallet will be.

You can boot Linux off a USB key onto a Mac, you could look at that as an offline option if you have no other physical machine.

BAsed on your comments I am thinking a ledger will be safer....what are your thoughts?

Link to comment
Share on other sites

1 hour ago, alexisonsmith said:

BAsed on your comments I am thinking a ledger will be safer....what are your thoughts?

I like Ledgers. If you're not comfortable that your environment is safe enough to be using a cold wallet, then a Ledger (or other hardware wallet) would probably be a better alternative.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...