Author

Topic: Taushet USB Monero Cold / Offline Wallet Generator (Read 1039 times)

newbie
Activity: 8
Merit: 0
This is cool.
With it being open source, it should be okay, as long as it actually gets reviewed.
(I am one of those weirdos who runs a checksum for everything I download.)

Appreciate your work and will check this out when I get a chance. I hate the idea of all my Monero being on an exchange/ web wallet.

Thanks! It has already had some review on reddit, with the individual SHA-512 hashes of the individual files found to be identical. That said, it needs more people to audit it, so please do so and post results here!

sr. member
Activity: 434
Merit: 250
This is cool.
With it being open source, it should be okay, as long as it actually gets reviewed.
(I am one of those weirdos who runs a checksum for everything I download.)

Appreciate your work and will check this out when I get a chance. I hate the idea of all my Monero being on an exchange/ web wallet.
legendary
Activity: 2002
Merit: 1051
ICO? Not even once.
Nice, but it still relies on the element of trusting the developer.

Personally, I think that is worse than doing it yourself the old fashioned way, regardless of how trustworthy the person in question is.

Not really, it is a trustless setup. The HTML generator file made by Moneromooo is open source (of course) and you can read it.

In short, this method *is* the best practice method accepted by Monero developers, just packaged into a single zip whose contents has been hash-verified (see the reddit post).

Yes, since it's open source it is trustless. My bad.
newbie
Activity: 8
Merit: 0
Nice, but it still relies on the element of trusting the developer.

Personally, I think that is worse than doing it yourself the old fashioned way, regardless of how trustworthy the person in question is.

Not really, it is a trustless setup. The HTML generator file made by Moneromooo is open source (of course) and you can read it.

In short, this method *is* the best practice method accepted by Monero developers, just packaged into a single zip whose contents has been hash-verified (see the reddit post).
legendary
Activity: 2002
Merit: 1051
ICO? Not even once.
Nice, but it still relies on the element of trusting the developer.

Personally, I think that is worse than doing it yourself the old fashioned way, regardless of how trustworthy the person in question is.
newbie
Activity: 8
Merit: 0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Taushet USB Monero Cold Wallet Generator 0.1 (20161001)
- -----------------
- -----------------
by /u/taushet, tools by moneromooo (Wallet Generator), Pete Batard (Rufus) and PuppyLinux Community

This is a bootable USB disk image with tools that can be used to create cold or offline wallet accounts. Verification requires only one md5 hash. See original reddit discussion here: https://www.reddit.com/r/Monero/comments/55dhkf/taushet_usb_monero_cold_wallet_generator/

What you need:

- - 1 x taushet-USB-wallet-gen.zip
- - 3 x USB thumbdrives
- - 1 x paper
- - 1 x pen
- - 1 x Hash utility (try QuickHash: https://sourceforge.net/projects/quickhash/)

How to use:

1. Download the zip here: https://mega.nz/#!iQ1QwACY!63LgepwldjgfBkH8WaXxyGPQ4f5JOvg54Zd4vhtwQdw.
2. Physically disconnect from the internet.
3. Check that the md5 hash of the file matches this: 7E8923A66F8165B890177A34559B694C using QuickHash (SHA-1 and SHA-512 hash below in the edits)
4. Extract the zip file, which contains: slacko64-6.3.0.iso, Rufus-2.11.exe, monero-wallet-generator-master (dir), and this ReadMe.txt.
5. Make a bootable USB of the ISO using Rufus 2.11. Agree to all the default settings in the dialog boxes.
6. Drag the monero-wallet-generator-master directory to the USB drive.
7. Reboot using the USB into PuppyLinux (hold down F12 during boot to select boot drive)
8. Open the monero-wallet-generator.html file in the directory, generate the wallet seed and keys
9. Save the seed, address and keys to the *second* USB drive. Copy/paste, don't type. This is you digital vault, not to be used until fund extraction.
10. Write down the seed three times on a single sheet of paper. This is your physical vault.
11. Save the address (and maybe viewkey) to the *third* USB drive. This is your address usb, which can be used with relative abandon.
11. Remove *second* and *third* USB drives.
12. Wipe the *first* USB drive (containing the wallet generator and linux), or destroy it.
13. Remove all USB drives.
14. Reboot, reconnect internet.

You now have a cold wallet!

*Why have I made this?*
- ----------------------

At the moment, the best way of making viably secure cold wallet address for Monero invoves downloading 6 programs, hashing all of them, certifying them, editing a drive and then finally rebooting and making the wallet. The instruction video is 30 minutes long. I came up with the idea of an archive of all the required tools, pre-verified, certified and checksummed as per this guide (https://www.reddit.com/r/Monero/comments/48cgmd/an_extensive_guide_for_securely_generating_an/), and posted about it on reddit. It was quite warmly recieved. So here it is! It should save you considerable time in making cold wallets.

*What are the risks?*
- --------------------

- - I am evil, and have inserted malicious random seeds into the generator and can predict the keys.

This *is* a risk, but it is one that at least is verifiable. The individual files are downloadable and verifiable via checksum from the net. I have encouraged such peer review to be conducted on the reddit post, you *should* read it before using this.

- - Your unzipping utility has inserted malicious code in a man-in-the-middle attack and thus can predict the keys.

Highly unlikely and extremely complex, but still a theoretical risk. For the truly paranoid, you might checksum your unzipper.

- - Man-in-the-middle attack during download

Not a realistic risk. Check the checksum.

- - BIOs keylogger, physical keylogger, RAM explorers

These are on you. Make sure you check your PC for inline loggers. RAM explorers are far above my paygrade. To be super, super secure, make the wallet on a computer that is air-gapped from the net forever.

- - You make an error during transcription of the keys or seed.

This is honestly the biggest risk. Remove distractions, write down the seed multiple times without referring to the previous attempts.

*Troubleshooting*
- -----------------

If you boot into a console screen telling you that x-win cannot load, this just means that PuppyLinux does not have drivers for your graphics card. Welcome to Linux. Just reboot into bios, and change the default graphics boot to your integrated graphics (IGFX, it is usually called). Save the changes, reboot, and move your HDMI/Display cable up to the motherboard.

Thanks! Let me know what you think...
- -----------------

If this has helped you, feel free to throw a few XMR my way:
4BHeoptXyZ4BkqHcyQo6QSA51q7M9uYAKB75bAuCwcbUavsbcjwe6ocJhRDyJCHSTd9Cenq418xq3P2 dZK2J1CVHKbkTjTi

*MoneroMooo Wallet Generator (c) Moneromooo https://github.com/moneromooo-monero/monero-wallet-generator*

*Rufus 2.11 (c) Pete Batard https://rufus.akeo.ie/*

*PuppyLinux  (c) The PuppyLinux Community http://puppylinux.org/*


EDIT 1:

- - SHA-1 Hash added: 1B8648714E81BF0500C6C3137BBF9122ECC9FD77
- - SHA-512 Hash added: 02FA95F0DC7C0AB298B0C5F534A9049E592B8860D9BD918F641010BB5500D90F520DC4A122D6434 92177C812AE1900DC9D9B567BA9DF82647F61C42AE3C64BCF
- - GPG signed.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJX8M19AAoJELFy6ucmRBWwIN8IAI4+5bWsKXy8KvcjSwfkvj8Q
F31oQ0l6beUSiRHwuTpOn1k0wVPx/nBdUS5hjmROxHrhRTBrEU31KfblRQLqlAzV
T8wlhovGILK2jXaIvuBmNg7jZe7uElr/CxT1Lg5I0viFp3LIBR9ahgnuv/sEg3mV
S8E1JEBFC/yqUjuiTJX2IeenvkuEb5zXbF6wG3UrV9FOjx7DiRfFqLpc08DGmANz
MbLMjgySQJncsStsPWtQ/h3eBos5zFTLuGISmwUADuxwCrsnssoWcOJ9Lf+syd89
kE1qlJuUB9WFJnIa8+uxKlWBv8nWAnQKu4QvDMJxnDZBj+vS49V2HXTBmVaS+Jc=
=Uy4V
-----END PGP SIGNATURE-----
Jump to: