Jump to content

Beginners Guide: Creating a Cold Ripple Wallet (3.0)


Mercury
 Share

Recommended Posts

19 hours ago, Mercury said:

A raspberry pi or other micro computers are cheaper :)

I don't know these things. Can you buy them online? Or do I have to build and program it myself? My knowledge about computers is very very limited. :(

Link to comment
Share on other sites

On 6/27/2017 at 2:34 AM, kimchee said:

I don't know these things. Can you buy them online? Or do I have to build and program it myself? My knowledge about computers is very very limited. :(

Raspberry pi's are available to buy for very cheap online. https://www.amazon.com/Raspberry-Model-A1-2GHz-64-bit-quad-core/dp/B01CD5VC92 You just plug them into a monitor and plug in a mouse and keyboard and they work like a normal computer. They run a custom verison of Linux by default instead of windows so it may be slightly unfamiliar (the interface is slightly different but overall quite similar), but if you can't figure something out, post here or send me a message and I'd be happy help. 

Link to comment
Share on other sites

20 hours ago, gray said:

Raspberry pi's are available to buy for very cheap online. https://www.amazon.com/Raspberry-Model-A1-2GHz-64-bit-quad-core/dp/B01CD5VC92 You just plug them into a monitor and plug in a mouse and keyboard and they work like a normal computer. They run a custom verison of Linux by default instead of windows so it may be slightly unfamiliar (the interface is slightly different but overall quite similar), but if you can't figure something out, post here or send me a message and I'd be happy help. 

Thank you. I'll check it out. I'll definitely pm you if I decide to buy it. Thanks for offering to help. I appreciate it. May your tribe increase :)

Link to comment
Share on other sites

On 6/26/2017 at 7:54 AM, dr_gonzo said:

I know the chances are slim to none, but whats to stop the offline generator creating an address that already exists ? And i then send my XRP to some one else ?

On 6/26/2017 at 8:16 AM, Xilobyte said:

That would be interesting but impossible. To prevent those things, micro time is often used to calculate in addition to other variables. This includes the current date and time down to the millisecond. So never two of those :)

Not necessarily true. Because there's not one singular wallet generator and you can, in theory, use any source of entropy you want to generate the seed (or hand craft one yourself as long as it's valid, though that's obviously not advisable), someone could already own the wallet it generates. It's probably a good idea to at least check on bithomp or another blockchain explorer to make sure the wallet hasn't been activated. However, the likelihood of this happening is very very slim. A ripple secret is a 33 character long, base 58 encoded string. That means there's a key space of 58^33 or 1.56 * 10^58 (156 plus 56 0's at the end), so the likelihood of running into a collision assuming the generator has proper entropy is very low. 

 

 

Link to comment
Share on other sites

20 hours ago, gray said:

Raspberry pi's are available to buy for very cheap online. https://www.amazon.com/Raspberry-Model-A1-2GHz-64-bit-quad-core/dp/B01CD5VC92 You just plug them into a monitor and plug in a mouse and keyboard and they work like a normal computer. They run a custom verison of Linux by default instead of windows so it may be slightly unfamiliar (the interface is slightly different but overall quite similar), but if you can't figure something out, post here or send me a message and I'd be happy help. 

I've just checked it out. It is really cheap! I have a wireless mouse and keyboard which works via bluetooth. will it work? And can I just use my laptop monitor. Or do I need a pc monitor? Ugh! I wish I had taken a computer course in college. Sorry for all these "silly" questions.

Link to comment
Share on other sites

Just now, kimchee said:

I've just checked it out. It is really cheap! I have a wireless mouse and keyboard which works via bluetooth. will it work? And can I just use my laptop monitor. Or do I need a pc monitor? Ugh! I wish I had taken a computer course in college. Sorry for all these "silly" questions.

If the mouse + keyboard have dongles that you plug in via USB then they'd work. If they're pure bluetooth then you'd need to pick up at least a cheap USB keyboard to be able to configure bluetooth to pair with your other mouse and keyboard. You'd also need a pc monitor, most laptops don't support video passthrough to the monitor. 

If you already have a laptop that's relatively recent and you don't have the required peripherals to support it (mouse, kb, monitor), a better option than buying a separate raspberry pi might be to buy a couple of cheap 8-32gb usb3.0 flash drives and using them to install Tails on one. You can then use your existing laptop to boot into Tails and, as long as you install it properly, be reasonably sure (by this I mean for anything less than life-threatening circumstances) that there's no malware. Disable wifi and then you have your secure air-gapped computer to generate your wallets on. Tails is amnesiac, meaning that it will not leave any trace of you having used it on your computer once you shut down and unplug the usb key. It doesn't touch your hard drive at all. In addition, every time you re-boot, Tails resets itself, deleting any changes that were incurred during the last use, meaning that it's very hard for malware to be introduced or stick when using tails. 

Link to comment
Share on other sites

1 minute ago, Mercury said:

Wireless mouse/ keyboard via a single USB receiver is perfect. I would use a separate PC monitor/ or TV that can use a mini hdmi cable

 

True! A tv that supports hdmi would work perfectly as well.

Link to comment
Share on other sites

22 minutes ago, Mercury said:

Wireless mouse/ keyboard via a single USB receiver is perfect. I would use a separate PC monitor/ or TV that can use a mini hdmi cable

 

 

21 minutes ago, gray said:

If the mouse + keyboard have dongles that you plug in via USB then they'd work. If they're pure bluetooth then you'd need to pick up at least a cheap USB keyboard to be able to configure bluetooth to pair with your other mouse and keyboard. You'd also need a pc monitor, most laptops don't support video passthrough to the monitor. 

If you already have a laptop that's relatively recent and you don't have the required peripherals to support it (mouse, kb, monitor), a better option than buying a separate raspberry pi might be to buy a couple of cheap 8-32gb usb3.0 flash drives and using them to install Tails on one. You can then use your existing laptop to boot into Tails and, as long as you install it properly, be reasonably sure (by this I mean for anything less than life-threatening circumstances) that there's no malware. Disable wifi and then you have your secure air-gapped computer to generate your wallets on. Tails is amnesiac, meaning that it will not leave any trace of you having used it on your computer once you shut down and unplug the usb key. It doesn't touch your hard drive at all. In addition, every time you re-boot, Tails resets itself, deleting any changes that were incurred during the last use, meaning that it's very hard for malware to be introduced or stick when using tails. 

Alright, I have no pc monitor but I do have an HDMI-enabled tv. but I don't think a mini cable will fit into it. So, I'll probably need to but this mini cable. Now, someone told me that an old laptop will do if you just use the recovery disc. You know, the discs that re-sets the laptop all the way back to the factory setting. Maybe I'll just do that. I need to buy a new one, anyway. And then create the cold wallet in it. And just NEVER use that laptop ONLINE. EVER. But you see, it's been over a year that my laptop has no anti-virus or anti-malware. So if I do re-format it to factory settings, do I need to install an anti-virus or anti-malware before the reformatting or after or do I need it at all. My questions never end......:)

Link to comment
Share on other sites

3 minutes ago, kimchee said:

 

Alright, I have no pc monitor but I do have an HDMI-enabled tv. but I don't think a mini cable will fit into it. So, I'll probably need to but this mini cable. Now, someone told me that an old laptop will do if you just use the recovery disc. You know, the discs that re-sets the laptop all the way back to the factory setting. Maybe I'll just do that. I need to buy a new one, anyway. And then create the cold wallet in it. And just NEVER use that laptop ONLINE. EVER. But you see, it's been over a year that my laptop has no anti-virus or anti-malware. So if I do re-format it to factory settings, do I need to install an anti-virus or anti-malware before the reformatting or after or do I need it at all. My questions never end......:)

Actually, the Pi 3 B (the one I linked) uses a full size hdmi port so you shouldn't need a new cable.

An old laptop will do with or without recovery disk if you use Tails, which is a completely separate OS that will not care if your current one is infected with malware or not. A recovery disk for a laptop re-installs the OS as it originally came on the computer, which was probably some version of Windows. The OS, also called Operating System, is sort of the base layer of software that runs on your computer's hardware. It is technically possible for the computer's hardware to be infected (one kind of hardware-based attack is an Evil Maid attack), but that is very rare unless you are being specifically targeted by a powerful cyber security organization or hacker, which is very unlikely. The malware that could be on your computer would be stored as part of the OS, which is saved on the hard drive. Tails is an OS, but instead of installing it on your computer's hard drive, you install it onto an external hard drive or USB flash drive. You then tell the computer to boot from that external drive instead of the one inside it. Since Tails never touches your computer's hard drive unless you tell it to, you know that any malware that may have infected your base OS (Windows) won't affect your computer when it's running Tails off the external USB stick.

Link to comment
Share on other sites

23 hours ago, gray said:

Not necessarily true. Because there's not one singular wallet generator and you can, in theory, use any source of entropy you want to generate the seed (or hand craft one yourself as long as it's valid, though that's obviously not advisable), someone could already own the wallet it generates. It's probably a good idea to at least check on bithomp or another blockchain explorer to make sure the wallet hasn't been activated. However, the likelihood of this happening is very very slim. A ripple secret is a 33 character long, base 58 encoded string. That means there's a key space of 58^33 or 1.56 * 10^58 (156 plus 56 0's at the end), so the likelihood of running into a collision assuming the generator has proper entropy is very low. 

 

 

You just literally said nothing. Why did you bother to.quote me and then attempt to argue against me trying to sound intelligent when your are both possibility as if it is something to worry about and then go on to try to reasure that "it is low?"

it is not possible dude. Regardless of the number of generation methods. If it were then the entire industry would crash. I can prove that no matter how many generating methids there are, that any standard which uses the 33 characters combined with microtime is impossible to create a duplicate. Why don't you prove otherwise then and then if you can't don't try to advise the new guys whom are trying to learn about the technology, incorrectly.

Link to comment
Share on other sites

16 minutes ago, Xilobyte said:

You just literally said nothing. Why did you bother to.quote me and then attempt to argue against me trying to sound intelligent when your are both possibility as if it is something to worry about and then go on to try to reasure that "it is low?"

it is not possible dude. Regardless of the number of generation methods. If it were then the entire industry would crash. I can prove that no matter how many generating methids there are, that any standard which uses the 33 characters combined with microtime is impossible to create a duplicate. Why don't you prove otherwise then and then if you can't don't try to advise the new guys whom are trying to learn about the technology, incorrectly.

What? Please, attempt to prove that it's impossible to generate the same number twice using different methods.... ????

Link to comment
Share on other sites

9 minutes ago, gray said:

What? Please, attempt to prove that it's impossible to generate the same number twice using different methods.... ????

You chose to argue there smarty pants. Go ahead and prove you are correct. I will bet that there would be some crypto criminals that would pay you a butt load of money to do it. I am sure there are criminals all over the world right now sitting in their little smarty pant caves creating duplicate wallet secret keys right this very second. On the flip side there are cryto engineers right this very second looking to pay you good money to protect them from the duplicate key problem. So go ahead and spring sum dat smarty pant stuff on us :)

Edited by Xilobyte
Link to comment
Share on other sites

@gray there are software engineers, military commanders, crypto scientists and devs if all sorts sitting is this forum. Most of us have written small books to help out the new guys and best instruct them to protect themselves. Most of us are twice your age. There is nothing wrong with stating something intelligent and which you are more experienced in but be sure that you are before you do it. Then pick a positive or negative arguement but don't pick them both. Spend some time and put out some good quality and factual advice. If you don't then us other smarty pants guys will happily correct you.

Link to comment
Share on other sites

7 hours ago, Xilobyte said:

You chose to argue there smarty pants. Go agead and prove you are correct. I will bet that there would be some crypto criminals that would pay you a butt load of money to do it. I am sure there are criminals all over the world right now sitting in their little smarty pant caves creating duplicate wallet secret keys right this very second. On the flip side there are cryto engineers right this very second looking to pay you good money to protect them from the duplicate key problem. So go ahead and spring sum dat smarty pant stuff on us :)

I don't understand why you're being hostile or why you think I'm trying to prove I'm smart or something. All I did was correct misinformation. Also, you were the one who said you could prove that it was impossible... It IS possible to generate the same private key twice. Otherwise, deterministic wallets wouldn't exist. Even if you don't have deterministic wallets, it's still possible to generate the same private key twice. A private key is literally just a number encoded in a specific way with some extra flag bits in the front and back, and all a wallet "generator" is doing is supplying a source of "randomness" (by default, most use a CSPRNG or cryptographically-secure pseudorandom number generator), but these sources of randomness are not perfect and the hash functions used to make sure they are all the same length have collisions. Here, read this: https://www.miguelmoreno.net/bitcoin-address-collision/

Like I said before, it's *highly unlikely,* but still *possible.*

And no, the industry won't fall apart, because these things are so unlikely that they can be used as secure. This is the whole basis of modern cryptography. It's just like, when brute force attacking a password or private key, you *could* get lucky and get it right on the first try, no matter how "good" the password is. HOWEVER, that is VERY unlikely, and on average it would take as many attempts as half the key-space for it to occur.

Edited by gray
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.