I’ve been thinking about the most secure way to store grin long term and want to know if this would work technically.
My idea is to set up an offline pc and install grin-wallet. Then if I could set up a web cam and text reading software and use that to transfer slatepack data from a hot wallet. As I understand the receiving wallet (the offline PC) doesn’t need a connection to a node and therefore can remain offline indefinitely.
Does this work?
Grin needs some thing like this but grin-developers unable to do things like this https://airgap.it/
All of your bitching aside this is a good idea. I just like the idea of using hardware that I have full control of. I know my PC would be truly offline if there is no wifi chip onboard and no LAN cable connected. With a mobile you just don’t know what the hardware is doing unless you break down the OS. I don’t think you can even boot up a fresh iOS install without connecting to the internet.
After installation second smartphone never will see internet connection it don’t need it.
By Quar cod and camera Air Gap work
But the smartphone would still have a wifi chip in it and could find a way to connect without you knowing so that adds an unnecessary attack vector IMO. If you’re gonna go out of your way to air gap, may as well do it right.
@Cryptised I think your idea for cold offline storage in principle works.
You can separate some of the problems and take a look on each in particular.
1. online PC with a working grin wallet.
[I leave this point open]
2. offline PC with a grin wallet.
Think of all the potential data attack vectors. Like:
3. secure way to transport data over the air gap.
easy but probably unsafe are USB-Sticks. They have a bunch of attack vectors from hidden memory over simulating keyboards…
for CDs and DVDs read only devices exist. DVD-RAM could be used to copy the blockchain to the Offline PC. But I think most wallets don’t need the blockchain to receive funds.
floppy discs with write protection existed in the last century before grin.
unidirectional controlled serial links could be quite easy constructed. But are not common I think.
web cam and QR-Code could be possible but might also have attack vectors.
How about putting your coins on a new wallet, export master seed of that wallet and use Shamir Secret Sharing approach to split it into N pieces of information in a way that the seed reconstruction requires at least M out of them.
In a similar way the Trezor hardware wallet works, it allows you to generate for instance 16 keys and reconstructing seed requires 12 out of them et cetera.
Once you have your N pieces of information you can distribute them in a various safe location of which only you are aware.
This is the safest method imo. 
Indeed Shamir Secret Sharing (SSS) is a nice way. Best thing is, you can use any secret as input, so it is independent of the currency you use it on. I have tested a few home made implementations of SSS and found most to leak information. To my knowledge Trezor’s SLIP00039 (SLIP39) is the only safe implementation out there.
Regarding a nice ofline wallet, I think a raspberry pi with screen or a Pine phone (pro) with Linux would be ideal for cold storage. You only need to pipe the slatepack message into a QR code generator to show on the screen and scan the QR of the slatepack message, for example using Grin++ on your main phone.
I also found this one
The Yubico HSM2 device seem to support it. But you could not simply copy your wallet there. You would need to generate a 32 byte long key using HSM2, then on your computer initialize the wallet from it as a master seed entropy (for instance, using my library mimblewimble-py by setting like this. Then you can export it to an ecrypted seed like this and restore it using a regular CLI wallet. Then you receive your funds and do your Shamir SSS backup using Yubico HSM2 and destroy local wallet.
I own a Yubikey 5C. It always irritated me it is read only for many things (horrible if you want to make backup keys) and that no mnemonic can be used as a root key. It is the best 2F@ key out there to my knowledge but it is still rather limited IMO. Still cool they support SSS, I did not know that yet😎.
Thanks for making a short overview/tutorial on how to use SSS with Grin. I was planning to make a tutorial but I can copy this info to Grin hub. We also need a non yubico tutorial.
Is this already possible:
Online computer syncs chain
Take computer offline
Generate new private key and record physically
Sign transaction by manual slatepack entry
Erase computer, leaving only a recovery phrase that has never existed online
Is it possible? Is step 1 necessary to do it?
I guess that you would not be online to verify that the transaction was posted to the chain. But if you were also the sender to yourself from an online wallet then you could be confident that it was.
Step 1 is needed since your wallet needs to scan for the to be received outputs it signs for, to see if they exist. If you are lasy you just copy the blockchain folder to your cold storage using an usb, no need to ever go online.
Would be usefull to have a setting for cold storage to just sign without checking the blockchain.
Use QubesOS. No need to have different pc, laptops or smartphones. Qubes is one of the safest systems to work online and offline in different VMs. I was more than 3 years in Qubes and run nodes in different VMs. Each VMs had different network configuration from the other. You can choose whonix network debian network fedora network or no network. Test what you want in QubesOS.
If you want max security/anonymity create a qube VM, configure vm network to Whonix. Download and run a grin node create a wallet. Write down 24 words. Receive your grins. Then change network to no network. When you want to receive or send again change the network.
If you are paranoid create a disposable VM( A disposable os a qube that can be created quickly and will self-destruct when closed). Configure network over tor download and run a grin node. Create a wallet. Write down 24 words. Receive your grins. Close VM. But be careful. No come back after that.
Otherwise create 2 qubes. The first one whonix network and the second one no network. There is a guide on how to copy paste text and how to transfer files between qubes. Copy grin folder to offline VM and copy paste the slates.
Adding to this thread since it seems to be more about Shamir’s Secret Sharing than the other one is:
In addition to what I wrote there, I’d like to drop a few more links.
An explainer for how SSS works by walking through how to implement it: Horcrux: Implementing Shamir's Secret Sharing in Rust (part 1) | Blog | Guillaume Endignoux
This library is for doing SSS on any file. Specifically the use case seems to be splitting up the “horcruxes” and putting them on USB drives and hiding those around in various places: GitHub - jesseduffield/horcrux: Split your file into encrypted fragments so that you don't need to remember a passcode
I use a Trezor model T using for Grin cold storage using the MWC standalone HTML wallet that has Grin and Trezor support. Works great with slatepacks, but does not have the same addressing scheme or sending function as grin-wallet since it uses HTTP transfers instead.
The Trezor python command line tool for SSS is open source.
GitHub - trezor/python-shamir-mnemonic
I can make it work to generate a SSS Grin wallet. Perhaps I can include it in the wallet tool I am building.
I see, I got it wrong. Trezors SSS python tool follows https://slips.readthedocs.io/en/latest/slip-0039/ works for any secret, like a mnemonic. I can be used for both new and existing secrets, like the mnemonic of a Grin wallet that is already created.
So basically there is not need for an additional tool. I could add some code to generate a wallet file, but using a mnemonic to restore a wallet is more convenient. So I a am cancelling this little project. At some point in the future it could be useful to integrate in grin-wallet, or other wallets to make it more user friendly.