Transfer cold storage data to paper

Make a suggestion Improve this page

In this section, you’ll move the cold storage data you generated in Section I from the quarantined computing environments onto physical paper. This will be done using a combination hand transcription and QR codes.

Each signatory will need to do the following:

  1. Transfer the BIP39 Mnemonic to paper.
    1. Write the 24-word BIP39 Mnemonic on a piece of TerraSlate paper.
      1. Do not write anything else on the paper unless specifically instructed (such as “Bitcoin”, “CryptoGlacier”, “private key”, etc.) In the event the key is seen by someone untrustworthy or stolen by a random thief, such clues help them understand the significance of the key and give them an incentive to plot further thefts or attacks.
      2. Transcribe by hand. Do not use QR codes or any other method to transfer.
      3. Seed phrases are not case-sensitive.
      4. Write clearly.
        1. Use care to distinguish between “l” (lower-case “L”) and “I” (upper case “i”)
        2. Use care to distinguish between “u” and “v”
        3. Use care to distinguish between “U” and “v”
    2. Double-check that you transcribed all 24 words in the BIP39 Mnemonic correctly. If you make a mistake, you’ll have to redo a lot of work.
    3. Manually count that you have transcribed 24 words.
    4. Label each page with:
      1. Today’s date
      2. Your initials
      3. The version of CryptoGlacier used (listed on the front page of this document) Do not write “CryptoGlacier”, simply the version of CryptoGlacier used (e.g. 0.94.1)
      4. Write down the chosen M-of-N configuration

  2. Visually hide all critically sensitive data.

    We’ll be using a smartphone with a live Internet connection to read QR codes from the quarantined computer screens. Any malware (or a malicious QR reader app) could steal sensitive data if it is not visually hidden.

    This step is important. Failing to execute it properly creates a substantial security risk.

    1. Put your handwritten BIP39 Mnemonic out of sight (don’t just turn them face down; paper is not completely opaque). This prevents a smartphone camera from accidentally seeing them.
    2. Delete all text from the Quarantined Scratchpad on the Q1 and Q2 computers.
    3. On the Q1 computer Quarantined Scratchpad:
      1. Copy-paste the following items from the node script’s terminal window output:
        • Bitcoin Master Public Key
        • Litecoin Master Public Key
        • Bitcoin Cash Master Public Key
        • Ethereum Address
        • Ripple Address
      2. Double check that only the items above are included in the Scratchpad.
      3. No really, triple check that.
      4. Enable line wrapping so the entire contents can be seen.
        1. With the Quarantined Scratchpad window active, go to the menu bar at the top of the screen.
        2. Select Edit.
        3. Select Preferences.
        4. Select the View tab.
        5. Uncheck “Do not split words over two lines”.
    4. On the Q2 computer close Firefox.
    5. Clear the terminal windows on the Q1 and Q2 computers. 
      $ clear
  3. QR reader setup
    1. Remove a smartphone from the Faraday bag and turn it on.
    2. If the smartphone doesn’t already have a QR code reader on it, install one.

    Any reader is fine as long as it can read all types of QR codes, but here are recommendations we’ve tested with Glacier: iOS, Android.

  4. Transfer the Bitcoin Master Public Key to a non-quarantined computer.
    1. On the Q1 computer, display the Bitcoin Master Public Key as a QR code on the screen: 
      $ cd ~/cryptoglacier
$ eog bitcoin_master_public_key.png
    2. Use the smartphone’s QR code reader to read the QR code. When the QR code is successfully read, the smartphone should display the text version of the Bitcoin Master Public Key.

    3. Verify the Bitcoin Master Public Key address on the smartphone matches the Bitcoin Master Public Key in the Quarantined Scratchpad.

      If it does not match, do not proceed. Try using a different QR reader application or restarting the Deposit Protocol. Seek assistance if discrepancies persist.

    4. Use the smartphone to send the Bitcoin Master Public Key to yourself using a messaging app which you’ll be able to access from a laptop (e.g. Whatsapp, Slack, etc..). When sending the message, add “B” as an identifier to the message. This is an indication that the Public Key belongs to Bitcoin. (E-mail is not recommended for security reasons.)
    5. Take a picture of the QR Code
    6. Use the smartphone to send the QR Code picture to yourself using a messaging app which you’ll be able to access from a laptop. Also use the identifier “B”. (E-mail is not recommended for security reasons.)
    7. Close the program displaying the QR code (click on the top left x)
  5. Repeat the previous step for the following:
    • Litecoin Master Public Key, stored in “litecoin_master_public_key.png”, with identifier “L”.
    • Bitcoin Cash Master Public Key, stored in “bitcoincash_master_public_key.png”, with identifier “BC”.
    • Ethereum Address, stored in “ethereum_address.png”, with identifier “E”.
    • Ripple Address, stored in “ripple_address.png”, with identifier “X”
  6. Power down the smartphone and return it to the Faraday bag.
  7. Shut down both quarantined computers entirely. As a precaution against side channel attacks, the quarantined computers should not be active except when they absolutely need to be. 
     $ sudo shutdown now

    The recommended Acer laptop may require you to hold down the power button for several seconds to complete the shutdown.

  8. Create your Signatory Information Packet.

    Using your setup (Internet-connected) computer:

    1. Access the material you sent yourself from your smartphone previously. In total you should have 10 pieces of information:
      • Bitcoin Master Public Key (message “B”)
      • Bitcoin Master Public Key QR Code (message “B”)
      • Litecoin Master Public Key (message “L”)
      • Litecoin Master Public Key QR Code (message “L”)
      • Bitcoin Cash Master Public Key (message “BC”)
      • Bitcoin Cash Master Public Key QR Code (message “BC”)
      • Ethereum Address (message “E”)
      • Ethereum Address QR Code (message “E”)
      • Ripple Address (message “X”)
      • Ripple Address QR Code (message “X”)
    2. Open an empty document in any word processing application (Word, Pages, etc…) This will be used to create the Signatory Information Packet.
    3. Put the following information into the document:
      1. Paste each message code followed by its corresponding QR-code and clear-text version
      2. On the header:
        • Type today’s date
        • Your initials
        • Type the version of CryptoGlacier used (listed on the first page of this document)
        • Write down the chosen M-of-N configuration
    4. Do not put anything else in the document (such as “Bitcoin”, “CryptoGlacier”, “private key”, etc.)
    5. Print a copy of the Signatory Information Packet.
    6. Share the contents of the Signatory Information Packet:
      1. Save the document as a PDF.
      2. GPG encrypt the PDF file using your keys and the keys of every other signatory (TODO: expand this).
      3. Electronically send the gpg-encrypted file to the other signatories
      4. You can also save an electronic copy of the PDF in a “conventionally secure” location of your choosing. Most password managers include a way to securely store files. Because the Signatory Information Packet contains moderately-sensitive data, there are some privacy considerations with keeping an electronic copy of it. See the Sensitive Data subsection for details.
      5. Delete the unencrypted PDF from your computer
    7. Shut down the computer. (It has a camera, and you will be working with critically sensitive data in a moment.)
  9. Prepare the temporary version of your Cold Storage Information Packet:
    1. Put the handwritten BIP39 Mnemonic page along with one Signatory Information Packet in its own opaque envelope. While this obviously won’t deter a determined thief, it makes it quite difficult for a thief to steal a key without leaving evidence they have done so – and noticing theft of a single key gives you a chance to move your funds away before the thief can steal a second key.
    2. Your Cold Storage Information Packet is incomplete because you still need to go through the Multisig Account Creation Protocol
    3. Once complete, each set of pages will be referred to as a Cold Storage Information Packet.
  10. Immediate storage of Cold Storage Information Packet:
    1. While the other signatories finish the Key Generation Protocol, we need to temporarily store the Cold Storage Information Packet
    2. Double-check to make sure the envelope contains a handwritten BIP39 Mnemonic page and your Signatory Information Packet.
    3. Seal the envelope
    4. Use tamper-resistant seals in addition to the envelope’s normal adhesive to seal it.
    5. Immediately put the Cold Storage Information Packet in the safest possible location in your home or office that is immediately accessible.
    6. No, really. Like right now. That’s basically one of the keys to a huge pile of cash you have just sitting there in envelopes on your desk.
  11. Hardware storage
    1. Put tamper-resistant seals on the ends of all USB drives.
    2. Close the quarantined laptops, and seal the screen shut with a tamper-resistant seal.
    3. Store the hardware somewhere where it is unlikely to be used by accident.
  12. It’s crucial that only a small amount of time goes by (e.g. a few days) between the execution of the Key Generation Protocol and the Multisig Account Creation Protocol. Each of the signatory’s Cold Storage Information Packet will go into long-term storage after the Multisig Account Creation Protocol is executed.