ICP custody with seed phrase and air-gapped machine

From Internet Computer Wiki
Revision as of 04:33, 10 November 2021 by Diego.prats (talk | contribs)
Jump to: navigation, search

The Risks involved

There are various artifacts that can be derived from your seed phrase. The diagram below explains which are derived and the risks from each artifact.

Template:IMAGE

Red Boxes

If you lose both of these, you lose access to your ICP. If you have your seed phrase you can regenerate your private key. If someone gets these, they may take your ICP.

Yellow Boxes

  • public key
  • principal
  • neuron id
  • account id
  • neuron account

If you lose these, you can regenerate them from your seed phrase. If someone gets these, they can see how much ICP you have or your transactions. Knowledge of these artifacts does not give you control over the ICP.


Where to store your seed phrase

Do NOT store your seed phrase electronically. We recommend you store in any of the following options:

a. Paper

b. Steel wallet like Billfodl

These solutions protect you against key loss if e.g. your air-gapped computer breaks. If you are also concerned about the risk of theft, you may take additional precautions such as keeping your seed phrase in a safe or bank vault or use secret sharing to split your seed phrase into multiple shares that can be stored in different locations.


Setup necessary if you choose to self-custody your ICP

Air gapped computer + networked phone


Getting your hardware and software ready

What you will need:

  1. air-gapped computer (not connected to the internet)
  2. networked smartphone

You will need to install the following into your air-gapped computer:

  1. keysmith
    1. https://github.com/dfinity/keysmith keysmith
    2. You will use this to generate important artifacts like seed phrase and private key.
  2. openSSSL
    1. https://wiki.openssl.org/index.php/Binaries
    2. required by quill`
  3. quill
    1. https://github.com/dfinity/quill
    2. you will use this to craft messages like "create neuron" for the Internet Computer
    3. You can install it by downloading the binary for your operating system or by cloning and compiling the code
    4. note that once installed, the command to execute is `target/release/quill`
  4. qrencode
    1. https://github.com/fukuchi/libqrencode
    2. Generates QR codes for bridging the air gap
    3. Tip: if you have Homebrew, you can install via `brew install qrencode`
  5. jq
    1. https://github.com/stedolan/jq
    2. Required for creating multiple QR codes
    3. Tip: if you have Homebrew, you can install via `brew install jq`
  6. Copy and paste the following bash script into a file named `quill-qr.sh`:

Warning: Only tested on MacOSX and Linux.


   #!/usr/bin/env bash
   URL=https://p5deo-6aaaa-aaaab-aaaxq-cai.raw.ic0.app
   IFS=$'\n' read -r -d  -a messages < <( cat - | jq -M 'if . | type != "array" then [.] else . end' | jq -rcM .[] && printf '\0' )
   for message in "${messages[@]}"
   do
       echo "$URL/?msg=$(echo "$message" | gzip -c | base64 | tr -d '\n' | sed -e 's/+/%2B/g' -e 's/\//%2F/g' -e 's/=/%3D/g')" | qrencode > qr.png
       open qr.png
       echo ENTER TO CONTINUE...
       read < /dev/tty
       clear
   done


Because an air-gapped computer is not connected to the internet, it can be a bit awkward to install these. The most common way to do it is to download them to a networked computer and transfer the files to the air-gapped computer via CD or USB drive. Others install these on a networked computer *and then* air-gap it.

Generate seed phrase and private key

Everything in this section occurs within your air-gapped computer.

air gapped computer


Once you have `keysmith` and `quill` installed air-gapped computer ready, you are ready to start.


Use keysmith to generate a seed phrase

On the air-gapped computer:


   $ keysmith generate -o seed.txt

Use `keysmith` to create a private key and store it in `private.pem` file

On the air-gapped computer:

   $ keysmith private-key -o private.pem

Generate a ledger account number

Use `keysmith` to display a `ledger account number`

This command will display a long string which is your `ledger account number`. Below, I provide an example of what this may look like.

On the air-gapped computer:


   $ keysmith account
   > 77b5eb9a465f4ce6f4da494ee2bfedeefe0b52d106e0272556c1ad991f99e3da 


You should write the `ledger account number`

Secure your seed phrase properly

Properly store seed phrase

Now that you have generated your seed phrase and your keys, you need to write down and store your seed phrase so that you could recover your private key in case you lost it.

To properly store your seed phrase see options to store seed phrases.


NOTE: Do not go to next step until you properly store it.

Remove your seed phrase from your air-gapped computer

Now that the seed phrase is properly stored. You should delete it from your computer before moving forward so no one can use it to recreate your private key.

Remove it with the following command:

On the air-gapped computer:


   $ rm -vf seed.txt

Outcome

In this section, we did a few things, so let’s recap what we did and where we should be before moving forward.

If you do not end up with a table that looks like the one below, do not continue. Try again.

Artifact Example Security Final outcome Storage
seed phrase stove reject elder top dentist car suit license grid uncle ape wash If someone has this, they can take your tokens. If you lose it, you can lose access to your ICP. You must store it in a safe and secure place in order to be able to regenerate your private key You created this via keysmith in this section. You will have created and properly stored a backup. on paper or Billfodl, possibly kept in a safe
private key BEGIN EC PARAMETERS----- (and continues…) If someone has this, they can take your tokens. If you lose it, you can recreate it from the seed phrase You created this via keysmith in this section. Can remain on air-gapped computer or be deleted after use.
ledger account number 77b5eb9a465f4ce6f4da494ee2bfedeefe0b52d106e0272556c1ad991f99e3da If someone has this, they can view your token balance. If you lose it, you can do step 4.1.3 to get it back with your private key. You generate this in this section. This can be stored anywhere. wherever you like