Jump to content

Tutorial to create a fully air-gapped, paper wallet?


Recommended Posts

Hi guys,

I had nose into to the database that was stolen from Ledger and it's not looking pretty. Ledger said in July that the information of 9.5k people were compromised. They got it wrong by a factor of 2863. It turns out that the list includes detailed personal information of 272k and the email address of 1M people. The fact that they have discovered the full extent of the hack in the last 48h, almost 6 months after the hack, just adds insult to the injury. I have no trust whatsoever in this company anymore and want nothing to do with them.

I am doing a full security audit, refreshing all my passwords, enabling 2FA and even switching mobile phone providers to protect myself from a SIM swap. I want to move my crypto out of my Ledger wallet.

Can anyone please share a tutorial that explains step by step how to create an air-gapped paper wallet? Command line using the most basic XRP Ledger APIs is fine, I don't want to rely on any third-party's software.

Thanks in advance


Edited by Troote
Link to comment
Share on other sites

You do not need to interact with the XRP ledger to create a wallet. You can create public/secret pairs offline.

I honestly just used this when I created a paper wallet. Opening in an offline computer (which will never connect to the internet anymore) protects from 3rd party threats but you still have to trust the generator that the codes are not pre-generated. https://bithomp.com/paperwallet/ 

 I would like to be able to create my own also seeing the whole code etc "being sure" I can trust the code so the keys are not pre-generated or sent online to some thief.

I recommend interacting with the ledger creating the transaction blobs offline, then broadcasting them with eg. your mobile phone. This way it should be secure. Bithomp tools were my go-to, and still work, but are no longer updated. https://github.com/Bithomp/bithomp-tools . 

  1. Open index.html on an offline computer
  2. Insert secret/mnemonic to your address
  3. Insert what you want to do, eg. payment
  4. Tools will give you a link (QR code) which you open on your online device and you will locate the Sequence Number needed to create the next transaction. This online link also the place where you will insert the next step's blob
  5. Insert the Sequence Number to the tools and it will create a transaction blob QR code. You will copy this from the offline computer with an online device and broadcast it, this blob only works for this very specific transaction you have created.

There are other tools that are updated, perhaps XRP toolkit can do the same or XUMM. Explore and find your own way. 

Link to comment
Share on other sites

What Skippy said ^

Or if you fancy it:

On 11/23/2017 at 10:55 AM, JoelKatz said:

If you have access to a machine with npm and node, do this:

1) Create a new directory. Go into it.

2) Create a filed called "coldwallet.js" with the following contents:

3) Type "npm install ripple-keypairs". An error about a missing manifest is normal. Now type "node coldwallet.js" to generate a cold wallet. The output will look like this:

4) Run it a few times and make sure you get different output each time. If paranoid, you can test one of the secrets in an online or desktop wallet to make sure you get the matching Ripple address back. Don't use that one, of course.


Link to comment
Share on other sites

1 hour ago, Skippy said:

There are other tools that are updated, perhaps XRP toolkit can do the same

I think this is on the roadmap: https://towo.io/

“A new version of the XRP Toolkit will be implemented as a progressive web application, with offline support for Windows, Linux, macOS, Android and iOS.“

I hope so anyways :) 

Link to comment
Share on other sites

( Re: Generating your own "XRP Vanity address" - aka 'wallet' ) 
Our very own esteemed overachiever hero Wietse Wind @Wietse once gifted the community a GitHub repo back in 24AUG2019 (see link below).

You can peruse the source code, and run it offline and acquire a special public key you can be proud of and always revel in your mastery of the arcane :)

I did haha - Wietse-san even put in the extra effort to provide excellent hand-holding tutorials too.

Cheers, good luck, and always have a disaster recovery plan !!

Ref: https://github.com/WietseWind/xrp-vanity-generator 

Link to comment
Share on other sites

10 minutes ago, Flintstone said:

4 characters took ages on a RPi :sarcastic:

rotfl - I should have mentioned the computational load issue - I ran this (off line mode) on a pretty beefy quad core system, and had like six CPUs maxed out for about an hour - got about 50 "hits" on a three-character pattern ("JAS"). 

YOMMV (your own mileage may vary) 

Edit: Re my procedure - I ran the launch script in multiple console windows, watching my resources display app until I decided to cap off the concurrent processes count.

Edited by JASCoder
Clarify my procedure
Link to comment
Share on other sites

I can't claim they are better than other options, but I think my browser-based tools might be the simplest for individuals to check whether the code is safe or not.

See here: https://github.com/SimpleXRPTools/SimpleXRPTools

Specifically     generate_new_xrp_account.html     and    generate_new_xrp_account_using_entropy.html

Link to comment
Share on other sites

11 hours ago, JASCoder said:


Cheers, good luck, and always have a disaster recovery plan !!

Ref: https://github.com/WietseWind/xrp-vanity-generator 

Thank you for the kind words @JASCoder :)

Please note that this repo generates X-addresses these days, the r-address generation is on a separate branch:


Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...