Cold Storage Options for MAID in 2017?

I like the look of Armory Offline Addresses, which can be used with Omniwallet. Look, I found this useful page. I don’t know for sure whether or not you can import your private keys with the 10 MAID to Armory offline, but it seems likely. Regardless of this issue, you could play around with Armory (if you have an offline device) using the rest of your coins.

It is possible to get something relatively cheap like an Asus Eee Pad. You can install Ubuntu on it and use Armory Offline. The offline device doesn’t need to have the blockchain downloaded to it because it only signs transactions.

Always test first with small amounts - but you know that because what you’ve done so far is sensible!

By the way, I have the same fear as you with private keys for an old bitcoin address which I hold. I’ve never tested it!

Excellent! Thank you for the help! I will certainly look into the Armory Offline Addresses as well as an Asus Eee Pad. I will play around with that this weekend!

1 Like

You’re welcome. Whichever offline device you choose, disable it’s connectivity as thoroughly as you can if you want maximum security. Never connect to wifi (you can even remove the wifi card for example, depending on the device). I just thought I should mention that for anyone reading. If it touches the internet it’s no longer an offline wallet.

1 Like

I couldn’t be bothered figuring out armory. I just waited until a very old laptop was ready to retire and then loaded up bitaddress, switched off the router and my wifi on the laptop, generated a bunch of keys, printed them off and then turned the laptop off (for good) before turning the router back on. Now I have a bunch of safe key pairs I can pull out of my file if and when I need to use them. That seemed fairly secure to me, but I’m not very tech savvy and happy to be enlightened if I’m wrong?

4 Likes

Not bad. Could also make a flash drive into a bootable Linux for free and use bitaddress on that (and format / delete it after) instead of needing to throw away a laptop or wait for it to retire. Just options

5 Likes

That works fine, particularly for long-term storage. The fact that you generated loads of keys is handy too. It allows you to have many different addresses with various amounts in. Then if you want to bring some out of storage you can select the amount and address you want to use without compromising the others. You know this @Jabba,but maybe it’ll be useful for others. Armory gives you a consolidated wallet with the ability to sign transactions offline and then broadcast them online. There are a few subtle differences in security between the two approaches, but overall maybe it’s more to do with personal preference.

1 Like

You can also run things from a DVD to avoid tampering, and run the system whilst offline.
Then there’s the topic of verifying software by checking signatures and hashes…

Has anyone ever stress tested these different approaches to estimate the relative risk do you know? As an aside, I’d have thought the biggest danger is forgetting where you’ve left your paper wallet, USB stick or whatever, or having someone else ‘tidy’ them away. I speak from experience…

2 Likes

Seems like a good time to add that security doesn’t need to be (and usually shouldn’t be) complex.

To have security it’s important to first understand the risks (ie write them down, not just in your head) then form suitable processes to manage those risks. Once the risks start being rigorously addressed it’s surprising what the main threats to security really are.

Start with the risks, not with the security product.

Please be careful with printing private keys since some printers keep a history of printed documents in their memory. Not all printers, but some.

4 Likes

Send to me and ill store for you for a fee. I am not kidding.

6 Likes

Has anyone successfully secured MAID using Electrum 2factor?

I’m looking for wallets that can hold MAID that don’t require a full Blockchain download.

What are the current options?

There’s a long thread about options here Buying Maidsafecoin & storage - #99 by BIGbtc and elsewhere if you search for ‘omniwallet’. Basically any wallet (online or offline) that can hold BTC can store MAID, but if you want to move them around you need to use one based on the OMNI protocol, such as omniwallet.org.

4 Likes

I said I’d come back with some further explanation on hardware wallets. It’s only taken me 9 days! Please, if you’re reading this don’t rely on what I say without verifying it for yourself!

The issue was to do with using a hardware wallet to store MAID, when the wallet doesn’t natively support MAID transactions on the Omni protocol. When the time comes to move the MAID, will the act of retreiving the private keys compromise the security of any other coins stored on the hardware wallet? I’ve gathered information specifically relating to the Ledger Nano S with the 1.3 update. (@neo - I still haven’t actually tested this on a device, so for the time-being this is just how it is claimed to work).

With some provisos I would say that the desired outcome can be achieved with acceptable security. Here’s a description of the architecture and necessary steps…

  • During setup, the Nano S produces a 24 word BIP39 recovery phrase which you need to record and kept safe.

  • The user needs to set up a 4 to 8 digit PIN to allow subsequent access to the everyday wallet on the device. Entering an incorrect PIN three consecutive times results in the device being restored to factory settings. (You’d then need to restore using the 24 word mnemonic phrase).

  • Don’t use the default ‘everyday’ wallet for your most valuable funds. Treat it as a hot wallet (or as a decoy if an attacker is trying to coerce you to give them access).

  • The way the Nano S gives you the necessary flexibility is by allowing you to use BIP39 passphrases in order to create/open/manage wallets. The device allows passphrases to be up to 100 characters, and for proper security they need to be long (this is one of the provisos I mentioned).

  • When you use a BIP39 passphrase it is combined with the 24 word recovery phrase to generate a root key. This is the key which is used to generate your public and private key pairs deterministically. The passphrase acts as a salt for the hashing of the recovery phrase during root key generation. Because of the way that hashing functions work, the slightest change in the salt (your passphrase) results in a completely different root key being generated.

  • The Nano S allows you to create and access as many wallets as you wish by using different “temporary passphrases”. You can, however, only access one wallet at a time in any given session, thus the word “temporary”. Each time you turn on the Nano S (beginning a new session), if you wanted to access a wallet created with a “temporary passphrase”, you would have to enter the long passhrase again.

  • It’s important to note that there is another convenient function called “passphrase attached to a PIN”. You already have your main PIN which gives you access to the ‘everyday’ wallet, but you can setup a second PIN. You have to attach a passphrase to this PIN, thus achieving a wallet with a different root key from the ‘everyday’ wallet. You can then easily access this second (‘hidden’) wallet by using the second PIN (no need to enter the long passphrase).

If you’re having trouble visualising all of this, try playing around with a BIP39 tool such as this coinomi one.

Is this secure? What are the provisos? When the time comes to move your MAID, assuming support has not been added to the Nano S by then, you may need to use a BIP39 tool to get your private keys for the wallet on which you’ve stored your coins. This should definitely be done OFFLINE. You would have to input your 24 word BIP39 recovery phrase, which is not ideal (it risks exposing your ‘everyday wallet’ to a bad actor for starters). Assuming your recovery phrase was compromised during this step, the security of the rest of your wallets would hinge entirely on the strength of your passphrases. If you used very long passphrases WITH GOOD ENTROPY (i.e. RANDOM) and kept the passphrases safe (offline), the other wallets can in my opinion be considered secure. To put it in perspective the maximum passphrase length of 100 characters, for example, is I think longer than the length of the variable portion of a BIP32 root key!

I intend to get my hands on a Ledger Nano S hardware wallet to test the operations I’ve described above. I need more time!

Comments, criticisms and corrections welcome!

5 Likes

I’ve also read about this feature in the last 9 days and agree with your assessment.
FYI, NanoS is backordered until end of July. Trezor is in stock, but not sure how this feature works on it.

1 Like

I’m curious about recovery from losing your hardware key and the advantages of using a hardware wallet in general.

I’m a bit confused because looking at the nano FAQ it says if you lose you nano, you can restore your wallet to another nano or any BIP39 software wallet.

In which case, what’s the point of your nano? How does it differ from using an equivalent software wallet?

  • Is it just that you can use a PIN for the ‘everyday’ wallet?

  • Or to do with the password access to ‘temporary’ wallets? BTW Am I alone in thinking ‘temporary’ is misleading?!

With a paper wallet everything hinges on safely backing up the private key. With nano hardware wallet or a similar software wallet everything hinges on backing up the ‘seed’. So little practical difference there?

So what are the particular advantages of the nano? Is it that you can use it safely on a machine that is not secure (eg entering the pin directly into the nano) or is there something else?

Thanks.

Yes, it’s exactly that. There’s a chip in the nano that they claim makes the wallet secure, even if your pc is compromised.

2 Likes

In HW wallets the Private Key has never seen the internet and signs transactions offline. Spend directly from a hardware wallet for convenience. Bit IMO a hardware wallet should not be a hot-wallet. Storage only. Move monthly spend allowance to hot-wallet from cold storage.

The Ledger team reckon it’s safe to buy from Amazon, saying that the device is tamper proof, so people could look at other vendors:

Why isn’t it any anti-tampering sticker on the Nano S box?

Ledger is using cryptographic attestation to make sure that the devices you receive are genuine; A cryptographic procedure checks the integrity of the hardware wallet’s internal software each time it is powered on. The Secure Element chip prevents any interception or physical replacement attemps.

Anti-tampering stickers are security theater: any attacker capable of reproducing a device can print new shiny stickers. Ledger’s products are engineered to be natively tamper-proof and cannot be counterfeited.

I would say that realistically, for average people, it its easily safe enough to buy from other sources such as Amazon.

I did look at Trezor at one point, and I’m pretty sure private keys can be obtained from that in a similar way. I don’t recall how it competes in terms of other features though. I know it’s significantly more expensive.

1 Like