Cold Wallet

How does it sync if it is on an airgapped computer? Would it have to be periodically connected to the internet?

I used to use Armory with Bitcoin, it would be great to see something similar for Zcash

There are two components, one installed on an online computer and one installed on an air-gapped computer. The transaction is created on the online computer, copied to a thumb drive, transferred to the offline computer, signed, and then transferred back to the online computer for broadcast.

For more details, take a look at the second post of this thread, where @hanh walks through the process.

5 Likes

Thanks for the explanation! It makes sense to have such tool.

Hi @Souptacular
Thanks for your interest. Regarding your questions.

a) I have a long experience in software development. If youā€™d like, I can PM you a resume. Also, this is my github hhanh00 Ā· GitHub. I also wrote GitHub - bitcoinfs/bitcoinfs.

b) I completely understand your concerns about auditing wallet code. May I ask your team to arrange the security audit? I lack the proper contacts and it would be counterproductive for both of us.

The timeline is short because most of the logic comes from librustzcash and tonic.

Best regards,
ā€“h

8 Likes

We will try our best to work with you to find someone! I will be DMing you so we can move to a chat medium privately. Thanks!

3 Likes

Attention readers: We are looking for security auditorā€™s for this project. Please reply if you have any recommendations for people or organizations that would do an audit like this. Thanks!

1 Like

I think we should not let auditing be a blocker to approving funding on this project.

ZOMG already has a running project to figure out how to support projects in this way. Iā€™ve been leading that but havenā€™t been able to make enough time for it.

Iā€™ll keep pushing on that broader effort, and when it starts coming together we can circle back with hanh and the Cold Wallet project.

5 Likes

Hi @hanh ! Iā€™m pleased to inform you that your proposal has been approved by ZOMG! :zcash: :shield:

As @holmesworcester mentioned we donā€™t want to hold up your work on this waiting for a auditor to be chosen. So we ask that you do a few things to help facilitate the process:

  • Once you have finished the code to an extent that you feel is ready for an audit please ping us and we will help you contact auditors to review the repo and provide quotes.

  • In the meantime ensure the repo warns that the code has not been audited and should be used for experimental purposes only.

  • Once we have the quotes for the audit we will request that you submit a second grant application to perform the audit.

  • During/after the audit you communicate with the audit team and change code where/if needed.

  • Once the audit is certified the warning can be removed from the repo.

  • As mentioned in your application, post a demo of how to use it properly.

You should receive an email soon from the Zcash Foundation regarding final paperwork and receiving funds. Again, congratulations and we look forward to working with you on this and possible future projects :slightly_smiling_face:

6 Likes

Looks like great work from @hanh on this project: GitHub - hhanh00/zcash-cold-wallet

ZOMG is in the process of doing some quick test runs and will follow up with the next steps, thank you!

2 Likes

Hi Shawn, the project is completed as of last week. Is there anything I need to do to get the funds paid out?

Thanks

Hi @hanh We are just trying to find a couple users to do test runs for verification.

I will work on getting you paid out asap, nothing else you need to do on your end, thank you for your patience.

Thanks. I forgot to mention that I made a companion app too. Demo : ZCash offline signer (cold wallet) - YouTube

7 Likes

Nice!!! @hanh

Hey @hanh Can you please point me to the binaries?

For which software & platform?

Either Linux or Mac would do. I couldnā€™t find the binaries per the instructions in the Readme here GitHub - hhanh00/zcash-cold-wallet

Weird - the autobuilder didnā€™t make them earlier. Anyway, it is out now.

Hey @hanh,

I see in the description on github:

Experimental Warning Notice

The code has not been audited and should be used for experimental purposes only.

Release Binaries are for TESTNET coins only.

Is that still the case? It seems you use a cold wallet with your Zwallet app.

I put this notice per request from ZOMG. The code is still not audited therefore the notice should stay.

Zwallet comes with its own offine signer when you build from source. The rest of the functionalities, account management, preparing unsigned transactions and broadcasting signed transactions are performed by zwallet directly.

2 Likes