Lost airgapped/key machine

Ok well it is not the end of the world as it was only a small pledge and was at the cost of my own stupidity for not patching but here is the current scenario.

I had my Airgapped machine and VM hard drives encrypted and safe, Never the less I missed an update for 3 months on my NAS which stored the VM hard drive for the airgapped machine,

Now I still have full access to the BP as the hard drive is stored on my ESXi server it self.

Although not updating my NAS, well we can all guess what happened there, how? I will never know, but ransomware hit the NAS and I lost access to my VMHD for the airgapped machine.

Now I have looked in case I was lazy and kept a payment key on my BP, I did not.

Is there any known ways to generate a new one from the BP? or is the BP pledge as good as gone.

I noticed, i still have most of the files, just not the Cold.* files or Payment.skey.

Is there any way i can de register the BP and retrieve the pledge?

BP version 1.35.3 now

Thanks look forward to any responses.

Did you generic the stake addresses from a mnemonic? (and did you have that mnemonic written down?)

Ultimately, a cold machine is meant to be cold as there is no way to generate the keys without it (otherwise it wouldn’t be very secure would it…?)

(not judging, I agree this is a bad situation for you)

Agree with you 100%, it was not great although the NAS was not facing the public at the time. but never the less it happened, and it was an amount that I was willing to risk, in otherwise not my life savings. Unfortunately the risk bit me this time.

the key was created using CLI. Here is an image of the files I have remaining.

There is a file named payment.skey in your screen cap.

Pay the ransom?

The ransom was well over the cost of the ADA lost. So was not worth the 50% chance I had to recover files. The pledge was only 3000ADA.

But i cant deregister the pool or anything.
and the payment.skey is empty.

Think i have come to the conclusion there is no getting it back even with access. Is there a way to decommission the node?

Stop cardano-node or shut down the VM? Retiring a pool requires payment.skey and node.skey I believe.

Maybe consider the market value of ADA over time?

Live and learn… if you set up another stake pool, maybe the lesson is not to use VMs, especially not for the offline, air-gapped computer. Running an offline VM on a network-connected computer is simply not very secure. The system requirements for the offline, air-gapped computer are minimal:

This was purely me being Lazy and it has been running close on 18 months.

I do Devops/networking for a living, I should know better, but its funny how when you do things for yourself you cut corners. and if i would have stored the the VMHD on ESXI or backed up the hard drives periodically i would have been fine.

Since the attack, i purchased a Mikrotik Firewall and increased logging. Just was purely lazy with patching and backups.

but thought before i spend hours looking into ways to do it, would ask if anyone would point me in the right direction, I also knew the chances were slim to none.

Thanks for your time anyway! :slight_smile:

You cannot retire the stake pool without the cold signing key.

No judgment from me… onwards and upwards :slight_smile:

Oh wow, I misunderstood the purpose of those keys!

Perhaps u have the files stored on an USB?
U must have bkp to bkp


I might have,

Before I decommission the server, I will double check all my physical storage.

But i can’t imagine i had it on any USB, as i used Winscp for all signing of any txs.