Offline device is a hardware device that runs on a Raspberry OS (Linux based) operating system. It can be built with standard components found in the Internet and all the plastic parts can be printed on a 3D-printer.
The Graphical User Interface is written in Python 3 (GUIApp.py).
Follow on Nostr: npub1srsejseljs22kg580hvcqs3uj3l0fwh8tamhaumdu2gfn3sxs3lskp3chs
- Create strong encryption keys offline (GnuPG)
- Manage your keys and do backups/export or add subkeys etc
- Sign and validate keys and documents in a secure way
- Fully open source (APGLv2)
- Manage your Yubikey 5C, including loading subkeys
- Secure archive of files that can be encrypted and backed-up (RSA encryption acc. to RFC 4880)
- Encrypt and sign files or messages
- Decrypt files or messages and check its signature (GnuPG)
- Backup and restore function including complete system cloning
- Generate Bitcoin keys offline and store/access through graphical interface
- Add Bitcoin wallets created from Jade hardware wallet or others with Air-gapped transaction signing etc (Native Segwit supported, BIP84)
- Create new Bitcoin wallets using the Offline device and with Air-gapped function
- Create Bitcoin wallets with dice throws
- Inheritance package
- Sign Bitcoin transactions offline and Air-gapped (PSBT, according to BIP174)
- Create and manage wallet transactions statements
- Sign Bitcoin wallet messages to prove ovnership of wallet
- Encrypted password storage
- Encrypted bitcoin wallet storage (seed's words, LNURLs etc)
- Generate and manage your own digital ID's (Web of Trust, OpenPGP)
- Generate your own Nostr Keys
- Transfer a Nostr private Key to a Nostr Signing Device
- Export IDs as image or as file (for upload to the "web-of-trust")
- Validate others digital ID's (standard (RFC 4880)
- Store Bolt cards data for accessing load links (lighning Bitcoin), programming and resetting cards
- Read and program Bolt cards with a connected Smart card reader
- Customize your user settings with theme and colors
- Include support for Real Time Clock (battery powered hardware clock)
- Option for strong password generation (also with user entropy) (NEW from version 0.4.2)
Connect the Offline device with cables to a monitor, a keyboard and a mouse. It supports multiple account on the same device. Import or generate GPG keys without being connected to the Internet. During setup a backup USB- device is created. The Offline device facilitates complete privacy and unbreakable encryption for sensitive data and also provides a mechanism for securely send and receive data over the Internet. Others features include Bitcoin wallet generation/storage and transaction signing.
Build the Offline device using common parts. See Getting started guide
Print the plastic parts you need (for the Pi2W version):
- Base part
- Lid for build with camera model 1/2
- Alt. lid for camera model 3 (12 MP and auto focus lens)
- LED guide
See also the folder for other featured 3D- parts (such as for the Pi 4B and Pi 5).
For printing the Docking station (Raspberry Pi Zero 2W) check out the 3D- files here and the build guide for it here.
Download the latest full image and verify it with the corresponding signature. Select the one suitable for your system. Latest update files are found here.
- Raspberry Pi 2 W Image (1,61 gb)
- Raspberry Pi 2 W Signature
- Raspberry Pi 4b Image (1,55 gb)
- Raspberry Pi 4b Signature
- Raspberry Pi 5 Image (2,39 gb)
- Raspberry Pi 5 Signature
Make sure you have the correct public key (see below) imported to your local keychain. Then place the two downloaded files (the signature and the image) in the same directory and run command: gpg --verify signature_files_name.sig image_files_name.img.gz (insert the real name for the files..).
Then burn it to a microSD-card (min 32 gb) with BalenaEtcher (recommended) or the Raspberry Pi Imager. Please note that it might be necessary to restart the device after initial power ON for it to start.
You can choose to install the operating system, programs and libraries yourself. See details in the "Getting started"- document.
There can be multiple accounts on the same device.
Change the look and feel of your account.
The device allows you to create your own keys in a secure (and offline) enviroment. Then use and manage the encryption keys on your device. Adding signatures, signing other keys and documents, encrypting and decrypting etc.
A wallet can be generated by a trusted hardware wallet such as Blockstream Jade and then inported to get air-gapped functionality while the keys are encrypted on the Offline device. Or, you can create your own key (seed words) with randomness from dice throws etc.
A statement for each Bitcoin wallet. Transactions signed by the Offline Device are added automatically. Good for reporting and managing KYC questions. You can interact with each client/employer/exchange etc with an unique wallet (and statement).
Controlling your own digital ID is as important as controlling your own digital money. The Offline device gives an easy way to create IDs and encrypted files that can be uploaded to public keyservers around the word. Including picture ID/key.
For personal use:
Make sure you are running the latest graphical interface, GUIApp.py. Download the latest tar- file from the download section and select "settings -> Update software" on the Offline device.
Using a Raspberry Pi keyboard and mouse supports in getting the Locales (correct layout of keys etc.). Always set the correct time and date before staring to use the device. This is important for encryption key generation and date/time stamps.
All releases and commits as of June 28, 2024 are signed by key BEF873B4691EB2C24E399445FE86F26704C3F74A (offlinedevice@cyb.org).
None.
If you'd like to help us with the cost of running the Offline device project you can send a payment to us via our BTC address bc1qyufesfamy2qvuc0twce3xsqh8nwrs48placp6f.
Thank you.
Distributed under the GNU Affero General Public License (AGPL v2). See LICENSE file.