Jump to content

Tutorial to create a fully air-gapped, paper wallet?

Troote

By Troote,
in Problem Solving

 Share

Recommended Posts

Troote

Troote

Posted
Posted (edited)

Hi guys,

I had nose into to the database that was stolen from Ledger and it's not looking pretty. Ledger said in July that the information of 9.5k people were compromised. They got it wrong by a factor of 2863. It turns out that the list includes detailed personal information of 272k and the email address of 1M people. The fact that they have discovered the full extent of the hack in the last 48h, almost 6 months after the hack, just adds insult to the injury. I have no trust whatsoever in this company anymore and want nothing to do with them.

I am doing a full security audit, refreshing all my passwords, enabling 2FA and even switching mobile phone providers to protect myself from a SIM swap. I want to move my crypto out of my Ledger wallet.

Can anyone please share a tutorial that explains step by step how to create an air-gapped paper wallet? Command line using the most basic XRP Ledger APIs is fine, I don't want to rely on any third-party's software.

Thanks in advance

Troote

Edited by Troote
Link to comment
Share on other sites
  • Replies 10
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Skippy
Skippy

You do not need to interact with the XRP ledger to create a wallet. You can create public/secret pairs offline. I honestly just used this when I created a paper wallet. Opening in an offline comp

JASCoder
JASCoder

( Re: Generating your own "XRP Vanity address" - aka 'wallet' )  Our very own esteemed overachiever hero Wietse Wind @Wietse once gifted the community a GitHub repo back in 24AUG2019 (see link below

Wietse
Wietse

Thank you for the kind words @JASCoder  Please note that this repo generates X-addresses these days, the r-address generation is on a separate branch: https://github.com/WietseWind/xrp-vanit

Skippy

Skippy

Posted
Posted

You do not need to interact with the XRP ledger to create a wallet. You can create public/secret pairs offline.

I honestly just used this when I created a paper wallet. Opening in an offline computer (which will never connect to the internet anymore) protects from 3rd party threats but you still have to trust the generator that the codes are not pre-generated. https://bithomp.com/paperwallet/ 

 I would like to be able to create my own also seeing the whole code etc "being sure" I can trust the code so the keys are not pre-generated or sent online to some thief.

I recommend interacting with the ledger creating the transaction blobs offline, then broadcasting them with eg. your mobile phone. This way it should be secure. Bithomp tools were my go-to, and still work, but are no longer updated. https://github.com/Bithomp/bithomp-tools . 

  1. Open index.html on an offline computer
  2. Insert secret/mnemonic to your address
  3. Insert what you want to do, eg. payment
  4. Tools will give you a link (QR code) which you open on your online device and you will locate the Sequence Number needed to create the next transaction. This online link also the place where you will insert the next step's blob
  5. Insert the Sequence Number to the tools and it will create a transaction blob QR code. You will copy this from the offline computer with an online device and broadcast it, this blob only works for this very specific transaction you have created.

There are other tools that are updated, perhaps XRP toolkit can do the same or XUMM. Explore and find your own way. 

Link to comment
Share on other sites
Flintstone

Flintstone

Posted
Posted

What Skippy said ^

Or if you fancy it:

On 11/23/2017 at 10:55 AM, JoelKatz said:

If you have access to a machine with npm and node, do this:

1) Create a new directory. Go into it.

2) Create a filed called "coldwallet.js" with the following contents:

3) Type "npm install ripple-keypairs". An error about a missing manifest is normal. Now type "node coldwallet.js" to generate a cold wallet. The output will look like this:

4) Run it a few times and make sure you get different output each time. If paranoid, you can test one of the secrets in an online or desktop wallet to make sure you get the matching Ripple address back. Don't use that one, of course.

 

Link to comment
Share on other sites
Flintstone

Flintstone

Posted
Posted
1 hour ago, Skippy said:

There are other tools that are updated, perhaps XRP toolkit can do the same

I think this is on the roadmap: https://towo.io/

“A new version of the XRP Toolkit will be implemented as a progressive web application, with offline support for Windows, Linux, macOS, Android and iOS.“


I hope so anyways :) 

Link to comment
Share on other sites
JASCoder

JASCoder

Posted
Posted

( Re: Generating your own "XRP Vanity address" - aka 'wallet' ) 
Our very own esteemed overachiever hero Wietse Wind @Wietse once gifted the community a GitHub repo back in 24AUG2019 (see link below).

You can peruse the source code, and run it offline and acquire a special public key you can be proud of and always revel in your mastery of the arcane :)

I did haha - Wietse-san even put in the extra effort to provide excellent hand-holding tutorials too.

Cheers, good luck, and always have a disaster recovery plan !!

Ref: https://github.com/WietseWind/xrp-vanity-generator 

Link to comment
Share on other sites
JASCoder

JASCoder

Posted
Posted (edited)
10 minutes ago, Flintstone said:

4 characters took ages on a RPi :sarcastic:

rotfl - I should have mentioned the computational load issue - I ran this (off line mode) on a pretty beefy quad core system, and had like six CPUs maxed out for about an hour - got about 50 "hits" on a three-character pattern ("JAS"). 

YOMMV (your own mileage may vary) 
:) 

Edit: Re my procedure - I ran the launch script in multiple console windows, watching my resources display app until I decided to cap off the concurrent processes count.

Edited by JASCoder
Clarify my procedure
Link to comment
Share on other sites
SimpleXRPTools

SimpleXRPTools

Posted
Posted

I can't claim they are better than other options, but I think my browser-based tools might be the simplest for individuals to check whether the code is safe or not.

See here: https://github.com/SimpleXRPTools/SimpleXRPTools

Specifically     generate_new_xrp_account.html     and    generate_new_xrp_account_using_entropy.html

Link to comment
Share on other sites
Wietse

Wietse

Posted
Posted
11 hours ago, JASCoder said:

...

Cheers, good luck, and always have a disaster recovery plan !!

Ref: https://github.com/WietseWind/xrp-vanity-generator 

Thank you for the kind words @JASCoder :)

Please note that this repo generates X-addresses these days, the r-address generation is on a separate branch:

https://github.com/WietseWind/xrp-vanity-generator/tree/r-address 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept