I build my nodes with the CLI method. It works fine, but in retrospect, I wish I had used the mnemonic method so that I could have access to my funds thru the Daedalus application. Is anyone aware of the possibility of moving over to that system once everything is already set up?
Everything is registered and working well and I don’t want to experiment and mess up my certification or invalidate my keys. Just was wondering if anyone has managed to achieve that kind of migration.
IMHO, the best method of generating keys for your pool is through a HW wallet as described here. The reasoning goes something like this…
As soon as you enter your private key seed (i.e. your 24-words) into a piece of software you can never be sure that this software or any of its libraries isn’t compromised and never will be. Who/What is reading your screen, your keyboard, your memory? How is it guaranteed that libraries (which the wallet process uses) cannot access that memory?
A HW wallet guarantees that the private key, which is stored in a special chip, will never be accessible from the outside and will never leave the device. An attacker will have to press the buttons on your device to get at your coin.
I have a HW wallet as well. But it would be ideal to visualize my reward and/or pledge delegation addresses from within Daedalus. That can be linked to my HW wallet.
So has anyone successfully migrated a CLI-created stake pool address to Daedalus?
Unfortunately the secret.key file is a Daedalus construct, and not created as part of the CLI method of making your cold keys. So you cannot directly import a payment.skey or stake.skey into Daedalus. The main way I have seen to better access / protect your pledge is to set up a second owner (perhaps ideally with a hardware wallet) via a new pool.cert. Then, after the 2 epoch wait period, moving your pledge funds from your old CLI payment.addr to new owner on Daedalus or a Hardware wallet.
It’s a bit clunky, and there is a moment when your are generating new payment keys where you need to make sure you are not overwriting your current private keys, so make sure everything is backed up. Also, you will need to sign future changes to your pool with both owners keys, so it complicates things a tad. I have done it on testnet, but have yet to take the step with my mainnet pool.