Popular Post Kakoyla Posted May 13, 2017 Popular Post Share Posted May 13, 2017 (edited) Intro If you follow this, you will be able to: create an new wallet address and secret key test that you have the correct address and secret key on paper before sending a payment activate wallet use offline signing to make sure your wallet is able to send out before moving all of your intended holdings over to it Send XRP from your Cold Wallet without ever entering your secret key on an online computer create raw transaction on offline computer sign transaction on offline computer easily move the signed transaction blob over from the offline computer to an online computer using a QR code submit signed transaction blob to a ripple server I haven’t audited the code on @ripplerm ’s wallet because I do not know how, so trusting it is up to you. I think his wallet is great, it is easy to install, pretty easy to use and it has a lot of great options. The QR code for the transaction blob is extremely helpful for offline signing (if you don't know what i am talking about this is for you). I did the following on a raspberry pi B+ with raspbian installed via noobs (https://www.raspberrypi.org/downloads/noobs/). There is no on-board wifi on this model, so I didn’t have to worry about shutting it off. I bought a 16gb micro sd card just because it was on sale for $8, you can use 8gb without a problem. You can also get them with noobs already installed on amazon if you want to go the raspberry pi route but this will work with whatever computer you use. It’s just up to you to make sure whatever you are using won’t go online again. This is why I think pi’s are perfect, you can take the sd card out and your whole OS is gone. You could also go the linux on a usb stick road but you will have to ask google about that. The rest will assume you have both an offline computer ready to go and an online computer ready to go, preferably in the same room. Useful Links Hosted Wallet Check out the wallet or practice without downloading anything (don't use this hosted version for sending any real transactions, i.e. DON'T put your secret key in): http://ripplerm.github.io/ripple-wallet/ You can practice by switching network to test (top left). You can use this test-net account for practice: ADDRESS :r479Q1f3xm4VfAxNLoXAVKhSN1E8FArztD SECRET: saUxhRNFjsa9H45VfFeDxSYYRUbhD If someone ruins it for everyone else and uses all the XRP, you can generate new test accounts which include 10,000xrp here: https://ripple.com/build/ripple-test-net/ Download Wallet To download wallet, open below link , click green clone or download, click download zip https://github.com/ripplerm/ripple-wallet Setup First download the wallet(https://github.com/ripplerm/ripple-wallet). Put the contents of the zip file on a usb stick, bring that stick to your offline computer and drop the folder onto the desktop or somewhere good for you. There should be three files in the folder: index.html, package.json, readme.md Open index.html, this will open the wallet and you are ready to proceed Create Wallet Address/Secret Key First you need to create a new wallet address and secret key. Since we already have ripplerm wallet on an offline pc, we will use it. Open the wallet and go to the Tools Tab, then within that tab go to the Account-Generator tab(middle one) and click the Random button I am a level lower than noob when it comes to cryptography, but I have read on this forum that the longer you let your computer run before doing this the more entropy (lack of order or predictability; gradual decline into disorder). After clicking Random you will be able to see your secret key (seed/secret -under SEED) which begins with a small “s” and also your wallet address (Address: - under ACCOUNT) which begins with a small “r” Write your secret key on a piece of paper, underline any CAPITAL letters to help avoid confusion later. Double check each digit one by one. Follow the same process as above for your Wallet Address but on a separate sheet of paper. Test that you have written the address and secret key down correctly We will now check to see if you wrote them on your paper correctly. You should still be on the tools tab, click the RAW TXN tab Fill out the following Fields: *Account: enter your wallet address here *Sequence: 1 ( it is important to enter correct sequence number normally, but we are just checking your written info) *fee: 12 **see above Under Transaction Types: Choose the payment tab Fill out the following Fields: *Destination: enter your wallet address here (you can just copy it from above this time) *Amount: 1 As you scroll down you will see a blue button with a “sign” label. Hover your mouse cursor over it, you will see the cursor change from an arrow to a blocked hand - it is not available, this is because not all required fields are filled out correctly or they are not filled out at all. In this case we still have to enter the wallet secret key. Right above the blue “sign” button is the SIGNING area, enter your secret key into the “secret:” box If you have entered the correct secret, when you move your mouse over the “sign” button you will see it lights up and you are able to click it. If you are not able to click the button, it means you entered one of the above entries wrong. First check the easy stuff, then check your secret to your paper and finally your wallet to the paper. If all of these match, you probably wrote either the secret or wallet address wrong. Luckily if you click back to the Account- Generator tab they will both still be there so you can see where you went wrong. Once you are able to click the sign button, go ahead and click so you can see what it will look like, if you were successful you will see a tx blob and QR code for that blob. Now that we know you have a your secret and wallet address written correctly, it will be up to you where you store it and how many copies of them you make. You can put your wallet address on your online computer, but never put the secret key on any online computer (this is a cold wallet, just keep it on paper). Activate your newly create wallet address Keep your offline computer running, but move to a separate online computer to: Activate the new address you just created by sending 21 XRP to it from another account, you do not need a destination tag. Check to see if your address has been credited using either of the following: https://bithomp.com/explorer/ or https://charts.ripple.com/#/graph If it’s not there I don’t know where you went wrong, up to you to find out (hint exchange accounts take longer for sending, as an example Polo takes about 5 mins during the week and 30 on the weekend). Preparation for signing tx and sending tx blob You should already have the ripplerm wallet on your online pc, open the index.html file so you have the wallet opened and ready for later. Get on your phone and install a QR code reader app, I don’t have any recommendations, anyone should work. Before sending your whole stash over to your cold wallet, lets make absolutely sure that you have the correct info written by sending a small payment out - might be overkill, but you can see how to use offline signing, and you don’t want to have a billion dollars that you can’t get out. Create and sign payment on offline computer Go back to your offline computer. Go back to the Raw Txn tab under TOOLS Your address should already be in there if it is not re-enter it. Sequence number: 1 This is 1 because this the first tx you have processed for this account, next time it will be 2. If you ever forget where you left off you can put your address (do not enter secret) into this wallet on the online computer, and go to the info tab. You will see a “Next Sequence:” field which tells you what your sequence should be. Fee: this depends on what the fee is when you are doing this. This is entered in DROPS (1XRP = 1,000,000 drops) You can see at the top of the wallet screen in the middle next to “Server S1.ripple.com” there is “Fee:##” You will need to look at what the wallet on your online computer shows for the fee, as your offline computer will not be updated. If there is a lot of action, you might have to go pretty high, or you can wait for things to calm down. As I am typing this the fee is jumping from 12 up to 8000+, 8000 is equal to 0.008000 XRP. Whatever the fee is at that time is what you will need to put as a minimum, you probably want to go a bit above the current fee, because it will take a few minutes for you to get to submitting it and the fee will most likely change during that time Under Transaction Types: Choose the payment tab Fill out the following Fields: *Destination: enter the address you had originally sent the 21XRP from to activate your new cold wallet, we are going to send a little back *Amount: 400000 (4 hundred thousand) This is in drops and equal to 0.4XRP (1XRP = 1,000,000 drops). For more info see: https://ripple.com/build/rippled-apis/#specifying-currency-amounts In the SIGNING area, enter your secret key into the “secret:” box Click the blue “sign” button By doing this you are signing the transaction offline. This will generate a blob of text and an QR code representing that text which can then be moved to an online computer and submitted safely. Move signed tx blob to online computer Either Scroll down so only the QR code is showing and your secret key is no longer visible on the screen, or just clear out the secret field so it is empty (you don't want to take a picture of it by accident). Get out your phone and open the QR code app, scan the code, it should convert it back into your tx blob. Copy the blob, email it to yourself or use any other method you can think of to get that blob from your phone to your online computer without having to manually key it in (I use google keep). **EDIT: or as @ripplerm mentions below (much easier) you can simply submit the signed-transaction with the mobile-phone... via https://ripplerm.github.io/ripple-wallet/ Once you have the blob on your online computer, go to the Tools tab and the Submit tab below. Paste the blob you created into the tx_blob box, and hit submit. Check the address you are sending to, to verify that you received the 0.4 XRP. If it is there you are good to go, you can proceed to sending the rest of your XRP over to your cold wallet as you were able to receive into and send out of it and know you have the correct key and address info written down. Why is this safe? I had questioned why is this blob is safe to send, and how could it be accepted by a rippleD server without exposing my secret key, I assumed it was some kind of encryption magic but @mDuo13 help me understand with the following : Actually the blob itself isn't encrypted or hashed. It's easy (well, relatively speaking) to take a binary transaction blob and turn it back into a JSON format with transaction instructions and a signature. But don't worry. The real answer to your original question is that a "signed" transaction doesn't have your secret, just your signature. It's the power of digital signatures! The basic idea of digital signatures uses the same principle as hashes and other cryptography, that some calculations are easy to do but hard to reverse. In the case signatures, you use your secret key and a message to create a signature. Anyone with your public key and a message (which is also attached to the signed transaction) can verify that the signature is legit and it's for the exact message in question, but they can't figure out what your secret key is or make signatures for any other, even slightly different, message. In this case, the transaction instructions are the message. So "offline" signing is less a question of whether you're actually "online" or "offline" when you make the signature; it's a matter of who does the calculations to create the signature. "Online" signing means giving your secret to a rippled server (probably hosted on someone else's computer) so it can calculate the signature for you; "offline" signing means doing the signature yourself without sending your secret to another computer. In either case, the resulting signature can only be used once. The problem with online signing is that if you send someone your secret, they (or anyone who intercepted the message with your secret in it) could remember it and use it to create new signatures for any message/transaction they want. Hopefully this helps someone, if you see any errors please let me know so i can fix them Edited August 12, 2017 by Kakoyla Clean Up Flintstone, Mercury, T8493 and 11 others 12 2 Link to comment Share on other sites More sharing options...
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!Register a new account
Already have an account? Sign in here.Sign In Now