Offline signing (air-gapped device/computer) #2
Comments
|
heya - thrilled to get this question. you can actually send the TX using unruggable through Tails using the Tor network. There is no need to actually export the signed tx to broadcast from somewhere with internet connectivity. I think all you need to do is wrap the sending of the tx in torsocks and it will send. I can assist further if this is the way u want to do it. In regards to the original question - i dont see why not. You will need to generate the signature locally and save the signed signature, convert it QR and then send it. The way i described above works better for sure/easier but what you're aksing is doable. lmk which wat u want to try this and i can help :) tyty for supporting - check out unruggable-go, a pure Go solana wallet which is the evolution of the cli here and which also has an app UI |
|
I will try to write a guide for Tails, if I need help I will ask you. Thanks 😊 🫂 🙏 |
|
As a Bitcoiner I prefer to sign the transaction on Offline Air-gapped Thinkpad X230 (Corebooted with Skulls ; Intel ME disabled (no backdoor) ; Wi-Fi disabled ; Bluetooth disabled; 1x Tails OS USB) then with QR-code I will transfer the information to Online Thinkpad X230 and then I will broadcast the transaction to the network over Tor Network as you said. P.S. Let's do it like Cyberpunks. |
|
i see - and i completely understand the approach. however you will run into one issue with solana with this approach, and ill try and break it down. A solana transaction contains the blockhash/uses it, and remains valid for up to 30 seconds or so. Basically from a blockhash N, you have until something like N+50 blocks to submit the tx otherwise the blockhash expired and you have to resubmit it. For this reason, signing offline and sending the TX via QR code is a bit of a challenge for solana. However to resolve this issue of the blokchash timing out you can use durable nonces with solana. I am happy to report that with the unruggable.sh the solana cli is already preloaded, so you will have to do a bit of manual copy pasting or typing into the terminal but it should wokr pretty simply. I suggest following along with the below article directly from solana which uses the cli. https://solana.com/developers/guides/advanced/introduction-to-durable-nonces I did not implement offline signing in this version of unruggable due to the bootloader restrictions on Apple hardware devices which means you cant run Tails on any modern macbook. This kind of killed off our initial MVP product of a flahs drive with trails and the unruggable code preinstalled. It led to use moving to the creation of an App interface written purely in Go that is cross platform and is used for our hardware wallet redesign which now runs a hardened version of Linux, on a dedicated SBC. You can check out the app here: I hope the above is helpful. I will try to find some time tonight/tomorrow to write an offline signing bash script/add it to the dev cli. Big fan of your opsec, hope you'll try out the app in the upcoming month as we get ready for alpha release! As always anything at all just ask :) |
|
Thank you, mate, for the detailed reply. I really appreciate it. I am a big fan of your work too. |
Can I sign transaction from offline computer (e.g. Tails) and broadcast it with QR-code to online computer ?
The text was updated successfully, but these errors were encountered: