Cold Storage Thread

The silly season is coming to an end, and the time to mine-and-sell is nearly over and done.

For the fair-weather miners that means it’s time to flee to pastures new, complaining about how Zcash is a bust, and you’ve sold all your ZEC and bought Monero. So long, friends!

For the rest of us, this is what we’ve been waiting for. Time to mine and actually hold, hedging our bets against the future. There’s just one problem. How do you hold ZEC safely?

And that is why I am creating this fine, upstanding gentleman of a thread.

Having searched the forums and wiki pretty extensively, there is insufficient information on wallet backup, cold storage, and offline signing for my comfort.

If I’m going to hold ZEC, I don’t want to find out I’ve been holding it in a corrupted wallet for two years, or that I’ve only backed up some of the necessary files, or that I’ve leaked all my private keys in a puddle on the floor.

So let’s talk about how to hold ZEC safe and sound. What are the principles? How can we best encrypt? What exactly needs backed up to be guaranteed to be recoverable in future, and in future versions of Zcash. Should we hold in a t-address? Do we trust z-addresses for holding? Does holding in a Z-address sufficiently complicate the offline transactions, that we should avoid? What time is it? Who am I? Why does asparagus make my pee smell?

We should find a consensus on all this and more.


maybe this might help, Ledger Nano S Zcash support soon
that said, good questions you’re asking though.

Use the nano S from ledger.


Good thread. I’ve been trying to research this a little here and there since before launch. I imagine that this approach from bitcoin won’t differ too much (How to set up a secure offline savings wallet - Bitcoin Wiki). Offline zcash building advice given here: Building zcash on airgapped machines is difficult · Issue #1663 · zcash/zcash · GitHub

Would definitely love to see the founder’s reward in action here on zcash specific documentation on this topic with answers to all your zcash-related questions with a painfully clear step-by-step on cold storage as well.

Im with @superresistant on this one. Grab a Ledger Nano S…

It supports BTC/ETH/ETC/Zcash on Friday (and all Ethereum based tokens through myetherwallet.)

1 Like

maybe get keepkey ie from and i bet they will soon add it. you can store LTC BTC DOGE on the wallet rightnow + use shapeshift directly

Also FYI TREZOR supports Zcash. AIUI those with TREZORs can use them for Zcash with after updating their firmware (but might be worth checking with them for details).

What about printing the address and key on a piece of paper, then put it in the safe between the AR-15 and Glock? Or put it in the nightstand under the Beretta 9mm.

Wrote a module last week which used that exact how to and have only been using it for own z-addresses.
Planning on storing in a deposit box, but don’t like the idea of leaving the sk in the clear.
So the QRcodes, addresse(s) and sk’s are going to be embedded in a plain txt file, then encrypted with gpg and ascii armor headers stripped.
Each page then printed and laminated.

For import, OCR would be used to extract the ascii armor, where the BEGIN and END headers are then appended, we decrypt and voila.

So far as t_addr key pairs go, the Zcash protocol uses private keys that are interchangeable with bitcoin - which means that any of the offline methods for generating bitcoin key pairs can be applied for the private portion of a t_addr pair. These resources typically generate WIF strings as well as QR codes which is helpful for people that want to make hard-copies of their keys.

For that matter, Zcash could be installed on an offline computer to safely generate some new addresses and then:

zcash-cli getaddressbyaccount “”

followed by:

zcash-cli dumpprivkey [t_addr from above]

and then (still using the offline computer) import those private key(s) to a bitcoin wallet, such as Electrum, to generate QR code(s). I have no idea if such an approach would be useful for offline signing of messages that can still be verified with zcashd / zcash-cli…

For what it’s worth, for any given private key, the RIPEMD-160 hash portion of a bitcoin address (minus the prefix and the checksum) is the same when that key is used to generate a t_addr.

1 Like

I’m using trezor beta right now and it is working flawlessly.

This program converts a bitcoin address to a Zcash t_address.

1 Like

Ledger Nano S FTW!

Hardware wallet, secure element, secures Bitcoin, Ethereum, ZCash, Litecoin, Dash and Dogecoin.

It works great and is cheaper than a Trezor or Keepkey:


I just added a new source file. This program takes 64 hexadecimal input characters and produces a WIF encoded private key and t_address.


Edit: Just updated the source and signatures. wif_wrangler no longer makes bad assumptions about Bitcoin address length.

I’ve been using this universal paper wallet generator (javascript) GitHub - MichaelMure/

Any chance you could add Zcash?

Sorry, I can’t promise anything as I don’t know java / javascript although I’m looking at this guide GitHub - MichaelMure/

Edit: This wallet generator doesn’t know how to deal with the two byte prefix that Zcash t_addresses use.