Secure Storage Of XRP: Issues Regarding Secret Keys

[ObservantOne]

I have been hearing about people having problems with the jatchili client, so I haven't taken that plunge yet. I purchased two ledger nano s wallets, but I haven't set them up because I cannot wrap my head around the 24 word seed needed to secure the Nano S wallet.

If there are 7 wallets on the nano (BTC, ETH, XRP etc.), and each wallet requires it's own unique 24 word seed, how is it that the nano can retrieve ALL of your wallets with one 24 word seed!? This makes me think that the secret keys for all of the wallets on the nano are stored someplace.

If XRP cannot be removed from the ledger, then would that mean that any wallet you use (cold/offline/air-gapped) is just a method of securing the secret key in order to authorize transactions? 

The Jatchili client was suggested. If I understand this correctly, when you create a wallet, you create a specific identity on the ledger with it's own secret/public key. When you "transfer" the xrp on the ledger, you are really authorizing the xrp to be "owned" by the new wallet. Is this correct?

[Chan_Maddanna]

13 minutes ago, ObservantOne said:

I have been hearing about people having problems with the jatchili client, so I haven't taken that plunge yet. I purchased two ledger nano s wallets, but I haven't set them up because I cannot wrap my head around the 24 word seed needed to secure the Nano S wallet.

If there are 7 wallets on the nano (BTC, ETH, XRP etc.), and each wallet requires it's own unique 24 word seed, how is it that the nano can retrieve ALL of your wallets with one 24 word seed!? This makes me think that the secret keys for all of the wallets on the nano are stored someplace.

If XRP cannot be removed from the ledger, then would that mean that any wallet you use (cold/offline/air-gapped) is just a method of securing the secret key in order to authorize transactions? 

The Jatchili client was suggested. If I understand this correctly, when you create a wallet, you create a specific identity on the ledger with it's own secret/public key. When you "transfer" the xrp on the ledger, you are really authorizing the xrp to be "owned" by the new wallet. Is this correct?

hmm i thought you were just asking how the 24 word secret and related data was managed and if it was secure enough. but this is a different question. hope someone more tech helps answer the same. 

btw , for the sake of mention, they are utilizing SJCL for all their needs and seeing their imports below gives some idea what/how they might be doing. if interested browse the bip39 standalone ( used to recover from desktop ) here : https://raw.githubusercontent.com/iancoleman/bip39/master/bip39-standalone.html  

Kindly, R8

Edited July 9, 2017 by R8102V1D2D

[ZIGXRP]

A Ledger only reads the online ledger blockchain for your coin, and the secret key allows for signing transactions.

7 coin wallets on one Ledger do not use 7 different 24 word seeds. The one 24 word seed creates wallet addresses for the various coins with their respective algorithms based on the same list.  

And with more than one Ledger using the same seed, you're not creating multiple wallets of the same coin, rather you're just creating an identical key that reads the same online subset of blockchain data.  

[ObservantOne]

@ZIGXRP

So, in no way, whatsoever, are your secret keys stored anywhere other than the Ledger Nano S?

This 24 word seed just generates the wallets, and the secret keys are stored on the device, and with 2 methods of encryption, the secret key isn't exposed because you only use your PIN/Security method to approve the transaction?

 

Edited July 10, 2017 by ObservantOne

[PONG]

3 minutes ago, ObservantOne said:

@ZIGXRP

So, in no way, whatsoever, are your secret keys stored anywhere other than the Ledger Nano S?

This 24 word seed just generates the wallets, and the secret keys are stored on the device, and with 2 methods of encryption, the secret key isn't exposed because you only use your PIN/Security method to approve the transaction?

 

1

The only thing stored is your root key, wich is made readable as a 24 word seed. Out of this key, it can calculate your private key to your corresponding wallet.

Edited July 10, 2017 by PONG

[ZIGXRP]

6 minutes ago, ObservantOne said:

@ZIGXRP

So, in no way, whatsoever, are your secret keys stored anywhere other than the Ledger Nano S?

This 24 word seed just generates the wallets, and the secret keys are stored on the device, and with 2 methods of encryption, the secret key isn't exposed because you only use your PIN/Security method to approve the transaction?

 

The secret key is never exposed or stored anywhere but securely on the Ledger.

Your physical push of the button authorizes the signing of transactions.

It's a marvellous piece of tech in my opinion....for me one step below a paper wallet but with the ability to do online transactions, even on compromised OS or hardware. 

[nvok]

Just adding to what everyone said.

Keep your 24-word seed safe. You can use it to access your wallets even if Ledger Nano S becomes inaccessible.

 

BIP39 Mnemonic Code Converter

download

https://raw.githubusercontent.com/iancoleman/bip39/master/bip39-standalone.html

or open in browser

https://iancoleman.github.io/bip39

 

XRP recovery tool

https://github.com/LedgerHQ/ripple-recovery-tool

[ZIGXRP]

And... only write down your 24 word list, never digitally kept anywhere. Then the only way your wallets can be stolen is by physical theft of that list. 

[ObservantOne]

You can even add a 25th word, allowing you to create a "safe" wallet, incase of a $5 wrench attack:

Someone holding you hostage, beating you with a $5 wrench to get you to reveal your account. You give them the fake credentials to a wallet that holds a small amount of whatever is stored.

Then again, they might just be smart enough to know this, and still beat you until you give in. 

I find it hard to believe that any of us would withhold this information if our loved ones where threatened. 

So, the best security would probably be to not tell anyone you have invested.

It is good to know about the 24 word algorithm. I believe you good people have cleared this up.

edit: changed anyone to any

Edited July 10, 2017 by ObservantOne

[gray]

To get a little more technical in case you're interested:

As listed here: http://support.ledgerwallet.com/knowledge_base/topics/what-is-the-list-of-bips-implemented-into-the-ledger-wallet they implement BIP 32, 39, and 44. BIP 39 is a standard for creating mnemonic pass phrases of varying bits of entropoy. The 24 word passphrase has 256 bits of entropy, which, as you can read in Applied Cryptography, is more than enough:

Quote

Longer key lengths are better, but only up to a point. AES will have 128-bit, 192-bit, and 256-bit key lengths. This is far longer than needed for the foreseeable future. In fact, we cannot even imagine a world where 256-bit brute force searches are possible. It requires some fundamental breakthroughs in physics and our understanding of the universe.

One of the consequences of the second law of thermodynamics is that a certain amount of energy is necessary to represent information. To record a single bit by changing the state of a system requires an amount of energy no less than kT, where T is the absolute temperature of the system and k is the Boltzman constant. (Stick with me; the physics lesson is almost over.)

Given that k = 1.38 × 10−16 erg/K, and that the ambient temperature of the universe is 3.2 Kelvin, an ideal computer running at 3.2 K would consume 4.4 × 10−16 ergs every time it set or cleared a bit. To run a computer any colder than the cosmic background radiation would require extra energy to run a heat pump.

Now, the annual energy output of our sun is about 1.21 × 1041 ergs. This is enough to power about 2.7 × 1056 single bit changes on our ideal computer; enough state changes to put a 187-bit counter through all its values. If we built a Dyson sphere around the sun and captured all its energy for 32 years, without any loss, we could power a computer to count up to 2192. Of course, it wouldn't have the energy left over to perform any useful calculations with this counter.

But that's just one star, and a measly one at that. A typical supernova releases something like 1051 ergs. (About a hundred times as much energy would be released in the form of neutrinos, but let them go for now.) If all of this energy could be channeled into a single orgy of computation, a 219-bit counter could be cycled through all of its states.

These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space.

Now, what are BIP 32 and BIP 44? BIP 32 is a standard for what are called hierarchical deterministic wallets. These are wallets that are "seeded" from one root number (in this case a bip39 passphrase), and are then able to derive an unlimited amount of "child" key pairs. If you have the original seed, you are able to derive all the possible child keys. You can think of this as a tree, like so:

There is a notation to write this, which is a number separated by slashes to designate different tree levels. A lowercase m to start designates private keys and an upper case M designates public keys. For example, m/0/1/2 would be the private key that is the third child of the second child of the first child of the master private key. BIP44 is simply a specific way to structure this tree. It goes like this (the ' designates hardened keys, which basically means this level is secure against attacks to reverse-engineer the tree)

m / purpose' / coin_type' / account' / change / address_index

Purpose is simply a constant set at 44 which designates the tree below it uses the bip44 scheme. As you can see, the next piece is the coin type, which comes from a list of registered coins. If you want to know exactly how this works, check out the documentation for it here: https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki

Basically what you need to know is that using it you can store any number of wallets for any number of keys, which is what the Ledger is doing. 

Edited July 11, 2017 by gray