How to protect your Bitcoin Cash and Cashtokens without hardware wallets.
In the rapidly evolving landscape of cryptocurrency, protecting your digital assets is of paramount importance. While hardware wallets are a popular choice for securing Bitcoin Cash (BCH) and Cashtokens, this article explores an alternative approach for individuals with a proficient understanding of computer systems.
Before delving into the details, it's advisable to read the previous article, which outlines strategies for safeguarding satoshis and tokens. This guide is not aimed at novice users but rather caters to those with a fair amount of computer knowledge.
Enhancing Security for CashTokens Transactions: Leveraging Samsung Knox Secure Folder.
I employ a unique method, utilizing a dedicated device – a Samsung Galaxy – for storing private keys. Private keys are safeguarded with a strong, personal password. Notably, I leverage the Samsung Knox Secure Folder, enhancing the security of my spare phones.
The process involves updating the phone's firmware, connecting Google and Samsung accounts, once the applications you need are downloaded phone must go offline, and setting the phone offline to prevent USB storage access in developers options. This isolated device, once set up, serves as an offline vault for private keys, akin to a dedicated hardware wallet.
However, the challenge arises when dealing with CashTokens, as they lack support for airgap devices or features. To address this limitation, I propose creating a drive image of Ubuntu using the DD method (as identified by Rufus) on a USB drive. This ensures that only the Ubuntu image is written, guaranteeing a pristine Linux environment.
To transact with pure BCH, I recommend using ElectronCash mobile and employing the QR method for signing and loading transactions. Unfortunately, this approach is not feasible for tokens. The suggested solution involves booting from a separate, offline computer using the USB partition with the clean Linux image. This partition then functions as a dedicated device for loading and signing token transactions.
It's important to note that most CashToken decentralized exchanges (DEXes) require a hot wallet for liquidity provision and trading. I suggest using BIP85 seeds on a primary hardware wallet secured by Samsung Knox and a robust password. Private keys associated with DEX transactions can be loaded onto the USB partition via a secure connection to a private WiFi network.
Emphasizing the security of the Linux USB installation media, I underscore that no files are saved, ensuring a fresh start with every ElectronCash desktop session. Additionally, connecting to the internet during a session does not save any data on the partition.
The significance of using the DD version of Ubuntu is highlighted, preventing the USB from writing any data, especially the Linux kernel. A second USB serves to save the signed transactions, adding an extra layer of security. Using a second device, not connected to the primary computer, eliminates the need to write the signed transaction onto the USB, thereby requiring potential attackers to gain access to multiple devices for a successful breach essentially 2 devices and 1 virtual device.
In conclusion, this unconventional yet meticulously crafted strategy provides a robust framework for safeguarding Bitcoin Cash and Cashtokens without the need for traditional hardware wallets. While it requires a certain level of technical proficiency, the enhanced security measures may offer peace of mind to those seeking advanced protection for their digital assets.