Creating a Monero Cold Wallet

By lab | December 22, 2017

The decentralized nature of cryptocurrencies makes them super resilient. The same cannot be said for individual wallets if not cared for properly. In a previous post we covered the different types of Monero wallets and the potential use cases for each. Here, we will discuss the methods for creating a Cold Wallet for Monero.

A cold wallet is nothing more than a Monero wallet which isn’t connected to the internet. As of the time of writing, no hardware wallets support Monero, so your only options for cold wallet storage are creating one yourself.

TLDR;

Use a Live Linux USB, several encrypted thumb drives, and the Monero CLI wallet to create a Monero cold wallet.

Digital Cold Wallet

Using an offline computer to create a cold wallet is surprisingly simple, and can be very secure if done correctly. It’s scalable enough to meet most threat models.

Grab some USB sticks

In some way, shape, or form, procure four or more USB sticks. One will need to be 4GB or more. The other can be small if necessary.

Encrypt three USB sticks

Linux makes encrypting USB sticks super simple. cryptsetup is a super cool open-source project that enables you to make LUKS encrypted drives easily.

Install cryptsetup on your box

sudo dnf install cryptsetup-luks

Check which device you need to encrypt.

Double check this!

sudo fdisk -l

Let’s say your USB is named /dev/sdX

  1. Get into fdisk to format your disk
  2. Delete any existing partitions using the d command
  3. Create a new partition using the n command (and accept defaults)
  4. Write using the w command.
sudo fdisk /dev/sdaX
d
n
w

Run cryptsetup to create a LUKS encrypted partition.

You will be prompted for a passphrase. - Make sure to maintain this. - Make sure the passphrase is reasonably complex.

If you forget the passphrase, the encrypted data is unrecoverable.

cryptsetup -y -v luksFormat /dev/sdX

Create a device mapping between the USB partition and your filesystem. Here, I chose the name PRIVWALLET. Choose an appropriate name. E.g. VIEWWALLET, MONEROSW, etc.

cryptsetup luksOpen /dev/sdX PRIVWALLET

Format the filesystem.

mkfs.ext4 /dev/mapper/PRIVWALLET

Mounting this drive will now require your passphrase. Linux desktop environments like Gnome will prompt you for it automatically.

Repeat

Do this for three of your USB sticks. It’s probably not necessary to encrypt the USB stick used to transfer the wallet software, but encryption by default is a great way to operate.

Build a “Live CD”

Linux is awesome and one of those reasons is “Live CDs”. These are USB sticks (the “CD” is a misnomer) which contain a bootable Linux ISO. Linux is loaded into memory and run entirely from there. You get the full functionality of Linux, in a temporary medium.

Most of your favorite distros include these, along with instructions on how to create one - Fedora - Ubuntu - Tails

Use the Monero wallet

Preferably the CLI wallet. It makes things super simple.

On your internet connected host, download the Monero CLI wallet. Make sure you validate the hash.

Copy the .tar file to a LUKS encrypted USB (MONEROSW)from the earlier step.

Boot into your Live USB

If you are running this on a device with Wifi, make sure it’s disabled. Feel free to disable the kernel module via GRUB, hardware switch, or settings.

Create a new wallet

Plug in the MONEROSW encrypted USB and copy the .tar file.

cp /run/media/LiveUser/monero-linux-x64-v0.11.1.0.tar.bz2 ~/

Untar the file.

cd ~
tar -xjf monero-linux-x64-v*.tar.bz2
ls ~/monero-v*

The wallet-cli requires the Monerod daemon to be running in the background. We will run it, though it won’t be connecting to anything.

cd ~/monero-v*
./monerod --detach

Generate a new address.

cd ~/monero-v*
./monero-wallet-cli
Monero 'Helium Hydra' (v0.11.1.0-release)
Logging to ./monero-wallet-cli.log
Specify wallet file name (e.g., MyWallet). If the wallet doesn't exist, it will be created.
Wallet file name (or Ctrl-C to quit): coldwallet
No wallet found with that name. Confirm creation of new wallet named: coldwallet
(Y/Yes/N/No): Y
Generating new wallet...
Enter new wallet password: 
Confirm Password: 
List of available languages for your wallet's seed:
0 : Deutsch
1 : English
2 : Español
3 : Français
4 : Italiano
5 : Nederlands
6 : Português
7 : русский язык
8 : 日本語
9 : 简体中文 (中国)
10 : Esperanto
Enter the number corresponding to the language of your choice: 1
Generated new wallet: 49vv9PjspPV3fNuEiCS3FfTxNsh9Wbj67Pii9XRZfwTCHPeZRqreRusaWHsmmHAZVVPW68Cc9Sm8pccFGqrtdELK1A8dwUG
View key: 2430570f76865f432d00c1721056fe3b15439601a782f0e256680cd163b21e09

Your wallet has been generated!
To start synchronizing with the daemon, use "refresh" command.
Use "help" command to see the list of available commands.
Always use "exit" command when closing monero-wallet-cli to save your
current session's state. Otherwise, you might need to synchronize 
your wallet again (your wallet keys are NOT at risk in any case).


PLEASE NOTE: the following 25 words can be used to recover access to your wallet. Please write them down and store them somewhere safe and secure. Please do not store them in your email or on file storage services outside of your immediate control.

cider jerseys oasis axes wizard unusual lawsuit vampire
lazy artistic powder waking vulture onion meeting algebra
uptight kennel bowling efficient sizes inexact gumball humid kennel

Pull out the private spend key


Wallet password: 
secret: 1da42027b542c8edb274878e7fbe024725c4e8ea671e648c4346da8aae5eeb09
public: db358957c8da640fe9c4ee4200be12a126ef5ac33c043087d42bba1c27d0f761

Insert the encrypted-wallet encrypted USB drive and create a file to save the information.

vim /run/media/LiveUser/PRIVWALLET/cold-wallet.txt

Copy in the relevant information.

Address: 49vv9PjspPV3fNuEiCS3FfTxNsh9Wbj67Pii9XRZfwTCHPeZRqreRusaWHsmmHAZVVPW68Cc9Sm8pccFGqrtdELK1A8dwUG

Private spend key: 1da42027b542c8edb274878e7fbe024725c4e8ea671e648c4346da8aae5eeb09

Private view key: 2430570f76865f432d00c1721056fe3b15439601a782f0e256680cd163b21e09

Seed: 
cider jerseys oasis axes wizard unusual lawsuit vampire
lazy artistic powder waking vulture onion meeting algebra
uptight kennel bowling efficient sizes inexact gumball humid kennel

Remove the drive.

umount /run/media/LiveUser/PRIVWALLET

Insert the VIEWWALLET USB drive and create a file to save the information.

vim /run/media/LiveUser/VIEWWALLET/view-wallet.txt

Copy in the relevant information. DO NOT COPY THE PRIVATE SPEND KEY OR SEED This drive will be connected to computers which are connected to the internet.

Address: 49vv9PjspPV3fNuEiCS3FfTxNsh9Wbj67Pii9XRZfwTCHPeZRqreRusaWHsmmHAZVVPW68Cc9Sm8pccFGqrtdELK1A8dwUG

Private view key: 2430570f76865f432d00c1721056fe3b15439601a782f0e256680cd163b21e09

Repeat these steps as necessary for backups.

Backing up your USB

Loss of your PRIVWALLET USB means the loss of your funds. Loss of the passphrase used to encrypt the PRIVWALLET USB means the loss of your funds.

Maintaining several backups is a good idea. The drives are encrypted, so the potential disclosure of your keys to someone in possession of your drive is minimal (assuming your passphrase is reasonably complex). Take your threat model into account when making this decision.

Storing your USB

Most USB drives are not even remotely fire resistant, nor water resistant. Store them in a fire-resistant safe, and preferably, within a fire-resistant bag or canister within the safe.

Paper Wallet

The “paper” in Paper Wallet means that your keys are stored on paper, rather than on a computer. This removes any possibility of digital theft or digital accidental disclosure.

Example: use the Monero CLI wallet to generate a new address and keypairs. Write the seed on a piece of paper and toss it in your safe.

Pros: - No possibility of someone hacking your computer and stealing your keys

Cons: - Potential loss of keys due to fire, water, or other damage. (Slightly less resilient than a USB stick) - Potential loss due to (non-crypto related) theft or loss. (E.g. your safe is stolen for the cash stored there) - A bit of extra work to verify cold wallet balance or transfer from cold wallet. (E.g. you have to manually type in your seed or private key) - If you key is unencrypted and is stolen, your XMR is as good as gone.

Using a paper wallet is easy, but not the best solution. There isn’t any value added versus storing your keys using an encrypted USB, but some additional negatives.

Use the following mitigations if a paper wallet is necessary.

Use a fireproof bag, canister, or safe

Preferably use multiple of these. I.e. paper inside bag, inside safe. They don’t work perfectly.

Encrypt your seed

Monero Core developer Luigi, has an awesome tool which allows you to encrypt your seed into a pattern that appears to be another seed.

This DOES require you to remember a password. If you lose your password, you lose your keys

The gist of it is: 1. Enter a key (think password) 1. Hash the key using Cryptonight 1. Interpret the result as a private key/scalar 1. Add it to the hex seed (private wallet key)

Store multiple copies

Take your threat model into account. Do you trust your bank to store your encrypted key? If so, store another copy in a bank deposit box. Do you trust friends/family to store your encrypted key? If so, store a copy of your encrypted seed in their safe. Whatever you do, just ensure that a fire or random burglary doesn’t result in the loss of all of your crypto.

Brain Wallets

Brain wallets sound awesome in theory.

  1. Create a random passphrase that you can easily remember. (E.g. “correct horse battery staple”)
  2. Hash it to create your private key.
  3. Use the same fancy maths to generate your seed and remaining keys.

But they aren’t awesome.

Humans are stupid and terrible sources of entropy. There are numerous instances of people hacking brain wallets and accumulating large sums of cryptocurrency.

In a few instances, they may be necessary (review your threat model), but avoid them otherwise.

Go create your cold wallet

Whichever method you choose, keep it secured, encrypted, and backed up. You are the only one responsible for your wallet.