Generating stake and payment keys locally

I am following cardano staking pool setup instructions. In the step 2. Is it actually more secure to generate those keys on my local computer?

I know they are needed later to register the pool. But is it possible to generate all the keys locally? And also register the staking pool locally and later just transfer files needed to execute a command running a pool?

If that’s possible that way, may I just withdraw later my rewards just using my local computer?

Hello,

Yes, it is both possible and recommended to generate keys not just locally, but on an airgapped cold machine. You can accomplish this by installing cardano-node, cardano-cli and libsodium binaries on your cold machine. You do not need to actually run the node there, and will be able to access cardano-cli functions once setup properly.

When this approach is taken, you will then be able to build and sign all transactions on your cold airgapped machine, and then move those signed transaction files to your hot node for submission to the chain. This process takes a bit more care, but will protect your keys from ever being on an internet-connected machine.

Your friend, FROG

3 Likes

I am not currently aware of a guide for this process. When you sign transactions, an output file is created - typically called something like “tx.signed” (you decide the name). You then move this file to your hot node, and then use that file when submitting it to the chain. This will become more clear once you have familiarizes yourself with the transaction building, signing and submission process.

Your friend, FROG

1 Like

I just wanted to send kudos to you @ADAfrog, your answers to a lot of the questions on this forum are really helpful.

3 Likes

Thanks, Adam. I appreciate that.

Your friend, FROG

2 Likes