What is this?
A zip file that contains the open sourced files that you need to create a secure Masari cold wallet on a fresh Linux OS free of malware.
This idea came from taushet's Monero USB Cold Wallet Generator.
Why should I use this?
A fresh OS and hash check is NOT required when making a cold wallet, but is best practice to make sure that your private keys are completely secure. Rather than researching what files are needed and checking the individual hashes, new users can save considerable time by downloading this one zip file and following the included instructions, where only one hash check is needed.
What you need:
- USB drives (only 1 is required, but 3 is helpful)
- Hash utility. I used the built in Windows 10 utility. A well known GUI utility is QuickHash.
You can find the latest releases and contained files on GitHub under Releases.
- Download the zip.
- Physically disconnect from the internet.
- Check that the SHA256 sum on GitHub under Releases matches.
- Extract the zip file.
- Make a bootable USB of the ISO using Rufus (this is now your first USB drive). Agree to all the default settings in the dialog boxes.
- Drag the masari-wallet-generator-master directory to the first USB drive.
- Reboot using the USB into PuppyLinux (hold down F12 during boot to select boot drive).
- Open masari-wallet-generator.html in the directory. Generate the wallet seed and keys.
- Save the seed, address and keys to the second USB drive. Copy/paste, don’t type. This is your digital vault, not to be used until fund extraction.
- Write down the seed three times on a single sheet of paper. This is your physical vault.
- Save the address and viewkey to the third USB drive. This is your address vault, which can be used with relative abandon. You can also use this to create a view-only wallet later.
- Remove second and third USB drives.
- Shut down the computer.
- Remove first USB drive (one used to boot into linux). Wipe it, or even better destroy it.
- Reboot and reconnect to the internet.
You now have a secure cold wallet!
- I have inserted malicious random seeds into the generator and can predict the keys.
- Checksum the zip file and individual files. I have encouraged a community review to be conducted on the Masari subreddit.
- Your unzipping utility has inserted malicious code in a man-in-the-middle attack and thus can predict the keys.
- Highley unlikley and extremley complex. Checksum your unzipper.
- Man-in-the-middle attack during download.
- Not a realistic risk. Checksum the download.
- BIOS keylogger, physical keylogger, RAM explorers.
- Check your PC for inline loggers. RAM explorers are far above my paygrade. For the truly paranoid, make the wallet on a computer that is and always will be air-gapped.
- An error is made during transcription of the keys or seed.
- This is really the greatest risk. Remove distractions, write down the seed multiple times without referring to previous attempts.