Offline Transaction Signing¶
Warning
This is NOT necessarily the recommended cold storage setup, due to high complexity, large room for errors and employing a general purpose computer for transaction signing (even if offline).
Published for educational purposes only to understand "what would it take to sign offline".
It is generally better to use a hardware wallet like Trezor or Ledger.
Opinions may vary.
Note
This is a guest tutorial contributed by crocket.
Offline transaction signing involves:
- Creating an unsigned transaction on an online, view-only wallet
- Moving the unsigned transaction to an offline machine
- Signing the unsigned transaction on an offline machine
- Moving the signed transaction back to online, view-only wallet
- Broadcasting the transaction
Creating a new offline wallet¶
Constructing a new offline wallet is done by executing:
monero-wallet-cli --generate-new-wallet /path/to/wallet-file
on an offline machine. Record the seed on paper by executing seed on the offline wallet.
Creating a new offline wallet with seed offset passphrase¶
Seed and seed offset passphrase combine to create a new seed. You can store seed and seed offset passphrase in separate places so that a thief can't steal your fund without stealing seed and seed offset passphrase. I recommend 6 to 8 (english) words as a seed offset passphrase as one english word has 11 bits of entropy on average and 8 words have 88 bits of entropy. With seed passphrase, you can also create decoy wallets that contain a little bit of money and can protect you from torturers or blackmailers who demand money from you.
If you want to create an offline wallet with seed and seed passphrase, create an offline wallet, record the seed on paper, delete the wallet file, generate seed offset passphrase, record seed offset passphrase on paper, and execute
monero-wallet-cli --generate-new-wallet /path/to/wallet-file \
---restore-deterministic-wallet
to restore from seed and seed offset passphrase. When you restore from seed, you can enter seed offset passphrase.
Generate seed offset passphrase on an offline machine or with diceware because humans are bad at creating random passphrases.
If you want to reconstruct an existing offline wallet that received or sent transactions, you need extra steps. Refer to Restoring offline wallet.
Creating a new view-only wallet¶
To create a view-only wallet, copy primary address and secret view key from an offline wallet to an online machine where a view-only wallet is going to be created. You can get primary address by executing address on an offline wallet and secret view key by executing viewkey on the offline wallet.
You can use a microSD card and two USB microSD card readers to exchange data between an offline wallet and a view-only wallet. You can also use a USB flash drive.
To create a view-only wallet on an online machine, execute
monero-wallet-cli --generate-from-view-key /path/to/wallet-file \
--daemon-address remote-node-address:port
If you want to reconstruct an existing view-only wallet that received or sent transactions, refer to Restoring view-only wallet.
Launching offline wallet¶
Execute
monero-wallet-cli --wallet-file /path/to/wallet-file
Launching a view-only wallet¶
Execute
monero-wallet-cli --wallet-file /path/to/wallet-file \
--daemon-address remote-node-address:port
It's safe to sync your wallet over clearnet. If you want to broadcast a transaction without revealing your IP address, execute
monero-wallet-cli --wallet-file /path/to/wallet-file \
--daemon-address tor-or-i2p-remote-node-address:port \
--proxy 127.0.0.1:tor-or-i2p-port
Synchronizing wallet over clearnet is a lot faster than doing it on tor or i2p. Thus, consider synchronizing over clearnet even if you broadcast transactions over tor or i2p.
Offline transaction signing¶
Execute any wallet command that transfers monero to any address. For example,
transfer xmr-address amount-of-xmr-to-send
Any transfer command on a view-only wallet creates unsigned_monero_tx in the current working directory.
Move unsigned_monero_tx to an offline machine that has an offline wallet. Execute
sign_transfer
on the offline wallet in the directory with unsigned_monero_tx. signed_monero_tx file is created in the current working directory. Move signed_monero_tx to the online machine with a view-only wallet. In the directory with signed_monero_tx, launch the view-only wallet, and execute
submit_transfer
Because a view-only wallet doesn't have key images, it can't see outgoing transactions. To make a view-only wallet see outgoing transactions, it has to export new outputs created by submit_transfer to an offline wallet which creates key images out of new outputs.
Execute
export_outputs outputs
on a view-only wallet. Move outputs file to the offline machine with an offline wallet. Launch the offline wallet, and execute
import_outputs /path/to/outputs
Export key images derived from new outputs by executing
export_key_images key_images
on an offline wallet. Move key_images file to the machine with a view-only wallet. Launch the view-only wallet, and execute
import_key_images /path/to/key_images
Updating wallet software on an offline signing machine¶
When you update an offline machine with offline wallets, you can't just connect the machine to the internet and update wallet software because doing so exposes offline wallets to the internet.
Instead, boot OS installation media, wipe filesystems, and then connect to the internet, and install everything from scratch again.
If your root filesystem is encrypted, OS installation media can connect to the internet from the beginning because encrypted data are safe until they are decrypted.
Restoring offline wallet¶
After updating wallet software on an offline signing machine by wiping it out and reinstalling everything, you have to restore offline wallet.
Restore an offline wallet from seed (and seed offset passphrase) by executing
monero-wallet-cli --generate-new-wallet wallet-file --restore-deterministic-wallet
The new offline wallet can't sign new transactions because it doesn't have all trasaction outputs that precede a new unsigned transaction. Thus, it first has to import all outputs from a view-only wallet.
On a view-only wallet that was derived from the offline wallet, execute
export_outputs all all_outputs
all is important because export_outputs exports only new outputs that weren't exported before, but
export_outputs all
exports all outputs. Move all_outputs file to the offline machine with the offline wallet. Execute
import_outputs /path/to/all_outputs
on the new offline wallet.
Restoring view-only wallet¶
If you reconstruct view-only wallet, because it doesn't have key images, it can't see outgoing transactions. If it can't see outgoing transactions, it reports wrong account balances. Thus, it has to import all key images from its corresponding offline wallet.
On the offline wallet, execute
export_key_images all all_key_images
export_key_images doesn't work because it exports only new key images that weren't exported before.
export_key_images all
exports all key images. Move all_key_images file to the machine with the view-only wallet. Execute
import_key_images /path/to/all_key_images