I am Will. I am relatively new to the world of decentralization, blockchain and crypto. The more I learn about Cardano the more I like it. I am a big fan of learning new things and right now I am falling down the rabbit hole . I really appreciate any helpful advice/links/education resources for developing my knowledge in all areas of decentralization, blockchain, crypto and especially Cardano .
I am a Project Manager and have my training, education and knowledge in the field to offer/share. I am always open to discussing/problem solving issues related to the topic of project management . If I can help in this way please let me.
I am excited to be on this journey with all of you.
I have seen the Tedtalk but not the whiteboard video. The whiteboard video is very helpful. As far as my general knowledge I am pretty confident I understand the significance of Bitcoin and Ethereum
(1)Now I am trying to figure out best practices and good general digital hygiene especially in relation to crypto. I understand cold vs hot storage, private vs public keys etc…
On a different note I am also (2) very interested in learning about the potential and logistics of using blockchain for supply chain and other uses outside of DeFi . Also, (3) I just like imaging or attempting to think up novel uses for blockchain but lack the tech chops to know if I am just having a pipe dream or heading in a realistic direction
Check out the IOHK youtube channel if you haven’t already:
Regarding best practices I’m a fan of having a dedicated Crypto PC that has a fresh installation of the OS of your choice. Ledger or Trezor are good ideas. I’m thinking about proposing an air-gapped solution when the Cardano improvement proposals come on line.
This is all very helpful information. Thank you.
I like the sound of an air-gapped solution. Also, I have been wondering about using a dedicated PC for all the actual holding and transacting of crypto. It is nice to be affirmed in my line of thinking . Air gaps certainly seem to be the most effective solution. I would like to hear more about what the solution you are considering proposing. I have not made the connection between using air-gaps as a personal practice and proposing an air-gapped solution for improvement proposals.
I reached out to Vacuum Labs (maker of the Adalite wallet) to see if they wanted to make an air-gapped version of Adalite. Once we have that we can run it on a Raspberry Pi 2b (it does not have built in wifi). I want to see if they are willing to make it and what it will cost and put together a proposal for it’s implementation. In the Ethereum world you can do it with MEW (My Ether Wallet) now. https://www.myetherwallet.com/
Ledger and Trezor are good and useful devices but airgapped functionality is I think an important part of a suite of solutions to meet peoples various needs.
In this post are some links to a device we have been fooling around with to give you some ideas as well as a link to one of 2 videos Charles made on the topic of security:
Air-gapping is probably the gold standard for security. the goal is to make it cheap and easy to implement and use for a wide variety of people.
I saw that video…I believe you posted from Charles about adopting a security mindset and how to set up basically a sandbox using a usb. I liked it a lot!
Bc my technical skills/knowledge is limited I apologize if I am putting my ignorance on full display when I try to track what you are getting at with the Adalite air-gapped wallet. If I am tracking with you Vaccum Labs could create a version of Adalite which functions as a software wallet preloaded on a Raspbtery Pi 2b? So, rather than logging into Adalite.io you just purchase the Raspberry Pi with an Adalite version already on it?
I might not know enough about air-gapped functionally to fully track. Right now I understand Trezor and Ledger to be able to provide a way to air-gap a wallet/private keys. I appreciate you taking the time to chat through what are likely relatively basic concepts for you.
Check out this video with a very early version of an air-gapped device we made.
Basically you have a completely offline wallet which you use to generate a private key. You can actually create your own key by using converting coin flips to hexidecimal numbers to make sure you have a completely randomly generated private key. Then you use the wallet to use the private key to create a public key. (BTW you don’t have to use coin flips to make the key we have a true random number generator on there but if you want to be the safest flip the coins) More on that concept here:
Once you have that set up you generate QR codes that you use to send transactions to the blockchain. So you need a wallet app on the air-gapped device that can generate transactions and receive send to wallet addresses in QR code form. These QR codes are signed by your private key so the blockchain knows they are legit. On the otherside you need an app on a PC or phone that can read the QR code generated by the air-gapped device and broadcast the transaction to the blockchain.
At this point there are a number of air-gapped hardware type of devices on the market but none that I know of work with Cardano yet. Trezor and Ledger are solid products as well but air-gapping gives one greater control in my opinion. Especially if you have the option to build it yourself from scratch. I think it would be a very useful option for people in the developing world as as well. The device we are looking at can be used to sign transactions of all kinds with the private key. So you could message people with it among other things.
Here is more on airgapping:
And some other air-gapped wallet products:
BTW we figured out how to completely encrypt the micro SD card in the Pi as well so you can use it to store all kinds of private information and make multiple copies.
Also I personally don’t like the idea of using a phone as the air-gapped device because I think there are to many ways to hack them. I like the Raspberry Pi 2b because I know it has no wireless capability at all.
Further thoughts… Air-gapping and hardware devices like ledger and Trezor are designed to prevent hackers from getting access to your private key by keeping it behind a wall of some kind. There are other kinds of physical attacks and phishing schemes that are designed to get your key so you need to think about those as well. At the same time if you make it to complicated to get your key you start to run the risk of locking yourself out. All this stuff needs to be considered. Ledger and Trezor do hit the sweet spot of security and ease of use for a lot of people but there is no perfect device which is why I like to have as many options as possible. If we can make air-gapping easier I think it will be a solid option for a lot of newcomers.
Here is more on one the evil maid attack:
This is why a lot of air-gapped devices have some sort of anti tampering aspect. Our thought was if you have an encrypted micro SD you can always build a new device easily. Also why we designed a clear case so you could see if there was any tampering:
I was thinking of reaching out to this guy to help with a design:
All the videos and information you shared were great. It took me a hot minute to make my way through them. They def helped give me a better understanding of air-gapping. Again so many cool and very helpful things to be done. Seeing the video of the Ellipal Titan and DIY Private Key Vault sent my mind spinning. I like the Ellipal they are obviousy onto something there. It is an elegant design but does not work for Cardano. Cardano def needs an air-gap solution.
I think one of the biggest draw backs for new users is the knowledge gap combined with responsibility. Knowledge requires responsibility and most the time people are happy to remain ignorant in order to allow someone else to take responsibility. Boy, I feel the weight of responsibility right now as I am racing to close the knowledge gap. Thanks for the help.
So… do you have prototype? I remember you said you reached out to vacuum labs about software. Right now is the big hang up software? If you think of ways a person like me could help…other than $ let me know.