Im not sure if this helps… I’m trying to follow your concern. The seed creates a master Key … in HD … the same master key always, and… Then that master key creates a tree of private keys… The same private keys .
Ah yes, I want to ensure that there are no hiccups in that process. It would not be the first time that something that should work doesn’t because of some reason and if something were to go wrong its an expensive hiccup.
That is exactly how Hierarchal Deterministic Deterministic wallets work.
Only thing could go wrong is wrong seed used. But I totally get why your concerned. Smart.
Yes its the results of a failure.
It could be as simple as the algorithm in the h/w wallet being different to the others/standard., or the h/w inverts the seed or a number of other mistakes and/or BUGS.
I thought it would be a simple thing to confirm all is good and well worth the test considering what is at stake.
The reason I don’t advise using a hardware wallet like Ledger Nano S for MAID is because most people will probably store other cryptos on the hardware wallet as well. The key selling point of the hardware wallet is that it always keeps the private keys isolated inside. When you start messing about to retrieve your private keys, this sanctity is broken, and you are left with the same security as if you had used a paper wallet, provided that you did your paper wallet generation offline. If you are using the hardware wallet only for MAID, it is a valid option as it at least takes care of the offline generation and storage aspects for you. Just no offline signing without retrieving your private keys until there is Omni support.
About a month ago, I purchased MAID on poloniex. I created and stored the MAID on Omniwallet.org. To test trial cold storage, because I’m new, I created a bitcoin address. And only sent a small amount of my MAID to cold storage while writing down my address and private keys on a piece of paper (also on another piece of paper in another safe location). The 10 MAID coins I sent to the bitcoin address are still there which is obviously good/expected, but now I’m a little nervous about sending the rest of my MAID coins that are still in my Omniwallet.org only because I’m nervous about the private key (that begins with a 6) not working when I eventually want to move them to a secure wallet. Like if Coinbase ever decides to implement Safecoin down the road (is that the plan?). Should I just test trial sending the 10 MAID coins that are in my bitcoin address now? If so, where should I send them and where would I enter my private key in order to send them?
I agree with your sentiment. Unfortunately I’ve never used one before BUT, I will soon have the opportunity to use one and I fully intend to check the functionality w.r.t. recovery of private keys. I will report back on this thread if nobody else get’s there first (unless you particularly trust my word, then I’ll chime in too! Ha ha).
@drehb - from my research I discovered that the Ledger Nano S is actually very flexible. Surprisingly, it overcomes your concerns mentioned in your post above! I don’t have time right now, but I intend to come back to this thread with an explanation. IIRC it involves BIP39, password salts and using different seed phrases for each device PIN. There’s even the ability to employ a plausible deniability use case.
Other hardware wallets are available!
I like the look of Armory Offline Addresses, which can be used with Omniwallet. Look, I found this useful page. I don’t know for sure whether or not you can import your private keys with the 10 MAID to Armory offline, but it seems likely. Regardless of this issue, you could play around with Armory (if you have an offline device) using the rest of your coins.
It is possible to get something relatively cheap like an Asus Eee Pad. You can install Ubuntu on it and use Armory Offline. The offline device doesn’t need to have the blockchain downloaded to it because it only signs transactions.
Always test first with small amounts - but you know that because what you’ve done so far is sensible!
By the way, I have the same fear as you with private keys for an old bitcoin address which I hold. I’ve never tested it!
Excellent! Thank you for the help! I will certainly look into the Armory Offline Addresses as well as an Asus Eee Pad. I will play around with that this weekend!
You’re welcome. Whichever offline device you choose, disable it’s connectivity as thoroughly as you can if you want maximum security. Never connect to wifi (you can even remove the wifi card for example, depending on the device). I just thought I should mention that for anyone reading. If it touches the internet it’s no longer an offline wallet.
I couldn’t be bothered figuring out armory. I just waited until a very old laptop was ready to retire and then loaded up bitaddress, switched off the router and my wifi on the laptop, generated a bunch of keys, printed them off and then turned the laptop off (for good) before turning the router back on. Now I have a bunch of safe key pairs I can pull out of my file if and when I need to use them. That seemed fairly secure to me, but I’m not very tech savvy and happy to be enlightened if I’m wrong?
Not bad. Could also make a flash drive into a bootable Linux for free and use bitaddress on that (and format / delete it after) instead of needing to throw away a laptop or wait for it to retire. Just options
That works fine, particularly for long-term storage. The fact that you generated loads of keys is handy too. It allows you to have many different addresses with various amounts in. Then if you want to bring some out of storage you can select the amount and address you want to use without compromising the others. You know this @Jabba,but maybe it’ll be useful for others. Armory gives you a consolidated wallet with the ability to sign transactions offline and then broadcast them online. There are a few subtle differences in security between the two approaches, but overall maybe it’s more to do with personal preference.
You can also run things from a DVD to avoid tampering, and run the system whilst offline.
Then there’s the topic of verifying software by checking signatures and hashes…
Has anyone ever stress tested these different approaches to estimate the relative risk do you know? As an aside, I’d have thought the biggest danger is forgetting where you’ve left your paper wallet, USB stick or whatever, or having someone else ‘tidy’ them away. I speak from experience…
Seems like a good time to add that security doesn’t need to be (and usually shouldn’t be) complex.
To have security it’s important to first understand the risks (ie write them down, not just in your head) then form suitable processes to manage those risks. Once the risks start being rigorously addressed it’s surprising what the main threats to security really are.
Start with the risks, not with the security product.
Please be careful with printing private keys since some printers keep a history of printed documents in their memory. Not all printers, but some.
Send to me and ill store for you for a fee. I am not kidding.
Has anyone successfully secured MAID using Electrum 2factor?