We made a mistake. We have been doing lots of digging since morning on how this could have happened. We knew this isn't a hardware issue as we never connect any of our hardware to internet. Plus, we have no backups so this isn't a personnel issue.
How we created the keys were we connected the computer via lab cable to the internet to download the client side side site from walletgenerator and the disconnected the cable
No hardware (printer) was connected to wifi.
First of all, we are not judging you here. We are not asking questions to understand if you made a small or a big mistake, to convict/"crucify" you later on.
We are all making mistakes. Being here answering questions & trying to find solutions is really appreciated.
What is important here, is that we need to understand exactly how this leak happened.
Was it a mistake by your side (ie you used a compromised key gen and mistakenly the airgap computer was connected to the internet and the generated key pairs were leaked) OR you actually use the key gen in a proper way -airgap computer, compiled the key gen from github source code in you airgap computer etc. etc.- and still the priv keys were leaked? If it was the first case, then fair enough. However, if it is the second case, we REALLY need to know all the details to protect others from creating compromised key pairs.
I am not technical enough (there are many highly technical individuals here, hence please correct me if I am wrong), however the only way I can think of -in the second case- that the priv keys could be leaked from an airgap computer, is if the entropy used for generating the key pair was not random. Hence, if someone knows the exact entropy used, they could probably generate the same key pairs.
My question here is: Did you compile the key gen (on the air gaped computer) from the github source code OR you used a pre-compiled file (from the github or eleswere). If the second, could you please indicate what exactly you used?
Again, we are not asking questions to turn the answers against you. Since (as you are saying too) this has probably affected many others - even outside of the collectibles community- we just want to protect others from falling into the same mistake. And in order to protect them, we need to work out exactly how the priv keys were leaked. (and your collaboration on that would be of crucial importance)
Lastly (and here my above quotes apply) if I understand this correctly the term "airgap" refers to hardware never connected to the internet. Hence if you connected the hardware to the internet (even for 1 second) then the term "airgap" might not still apply.
I am just trying to help here, no negativity whatsoever