Cold storage option

I’ve been thinking about the most secure way to store grin long term and want to know if this would work technically.

My idea is to set up an offline pc and install grin-wallet. Then if I could set up a web cam and text reading software and use that to transfer slatepack data from a hot wallet. As I understand the receiving wallet (the offline PC) doesn’t need a connection to a node and therefore can remain offline indefinitely.

Does this work?

Grin needs some thing like this but grin-developers unable to do things like this https://airgap.it/

All of your bitching aside this is a good idea. I just like the idea of using hardware that I have full control of. I know my PC would be truly offline if there is no wifi chip onboard and no LAN cable connected. With a mobile you just don’t know what the hardware is doing unless you break down the OS. I don’t think you can even boot up a fresh iOS install without connecting to the internet.

After installation second smartphone never will see internet connection it don’t need it.
By Quar cod and camera Air Gap work

But the smartphone would still have a wifi chip in it and could find a way to connect without you knowing so that adds an unnecessary attack vector IMO. If you’re gonna go out of your way to air gap, may as well do it right.

@Cryptised I think your idea for cold offline storage in principle works.

You can separate some of the problems and take a look on each in particular.

1. online PC with a working grin wallet.

[I leave this point open]

2. offline PC with a grin wallet.

Think of all the potential data attack vectors. Like:

  • unknown wi-fi chips.
  • Unknown key-loggers in keyboards, cables or main-board bios.
  • The display device could have attack vectors like memory’s or antennas too.
  • The room could be surveilled, or a verysmartphone can social engineer you to let it inside the room.
  • The random number generator for the seed could be weak.

3. secure way to transport data over the air gap.

  • easy but probably unsafe are USB-Sticks. They have a bunch of attack vectors from hidden memory over simulating keyboards…

  • for CDs and DVDs read only devices exist. DVD-RAM could be used to copy the blockchain to the Offline PC. But I think most wallets don’t need the blockchain to receive funds.

  • floppy discs with write protection existed in the last century before grin.

  • unidirectional controlled serial links could be quite easy constructed. But are not common I think.

  • web cam and QR-Code could be possible but might also have attack vectors.

How about putting your coins on a new wallet, export master seed of that wallet and use Shamir Secret Sharing approach to split it into N pieces of information in a way that the seed reconstruction requires at least M out of them.

In a similar way the Trezor hardware wallet works, it allows you to generate for instance 16 keys and reconstructing seed requires 12 out of them et cetera.

Once you have your N pieces of information you can distribute them in a various safe location of which only you are aware.

1 Like

This is the safest method imo. :vulcan_salute:

Indeed Shamir Secret Sharing (SSS) is a nice way. Best thing is, you can use any secret as input, so it is independent of the currency you use it on. I have tested a few home made implementations of SSS and found most to leak information. To my knowledge Trezor’s SLIP00039 (SLIP39) is the only safe implementation out there.

Regarding a nice ofline wallet, I think a raspberry pi with screen or a Pine phone (pro) with Linux would be ideal for cold storage. You only need to pipe the slatepack message into a QR code generator to show on the screen and scan the QR of the slatepack message, for example using Grin++ on your main phone.

I also found this one

https://developers.yubico.com/YubiHSM2/Usage_Guides/YubiHSM2_for_ADCS_Guide/Key_Splitting_and_Key_Custodians.html

The Yubico HSM2 device seem to support it. But you could not simply copy your wallet there. You would need to generate a 32 byte long key using HSM2, then on your computer initialize the wallet from it as a master seed entropy (for instance, using my library mimblewimble-py by setting like this. Then you can export it to an ecrypted seed like this and restore it using a regular CLI wallet. Then you receive your funds and do your Shamir SSS backup using Yubico HSM2 and destroy local wallet.

1 Like

I own a Yubikey 5C. It always irritated me it is read only for many things (horrible if you want to make backup keys) and that no mnemonic can be used as a root key. It is the best 2F@ key out there to my knowledge but it is still rather limited IMO. Still cool they support SSS, I did not know that yet😎.

Thanks for making a short overview/tutorial on how to use SSS with Grin. I was planning to make a tutorial but I can copy this info to Grin hub. We also need a non yubico tutorial.

1 Like

Is this already possible:

  1. Online computer syncs chain

  2. Take computer offline

  3. Generate new private key and record physically

  4. Sign transaction by manual slatepack entry

  5. Erase computer, leaving only a recovery phrase that has never existed online

Is it possible? Is step 1 necessary to do it?

I guess that you would not be online to verify that the transaction was posted to the chain. But if you were also the sender to yourself from an online wallet then you could be confident that it was.

Step 1 is needed since your wallet needs to scan for the to be received outputs it signs for, to see if they exist. If you are lasy you just copy the blockchain folder to your cold storage using an usb, no need to ever go online.
Would be usefull to have a setting for cold storage to just sign without checking the blockchain.

1 Like