PRO Cold Storage
Airgap Best Practices
Airgap Portable APP
Learn about the security of your Guardian Wallet
Your Smart Wallet is not a normal Ethereum address (like MetaMask for instance), it is a smart contract. As such, it is much more flexible, and it has rules and logic baked in, which makes it more user-friendly and secure.
Guardian Details : Ethereum addresses that you name as part of your wallet's “security team”. A guardian can be an address on a hardware wallet you own, a software wallet you own, or an address that a friend or family member controls, or even an institution that exists to provide this service for you.
You can have as many addresses/guardians as you want, using the rules listed below, they become a safety net for your assets – no more seed phrases that can be misplaced or stolen. If you ever lose your wallet, your guardian can help you recover it. You set up your guardian within the app https://ba.net/guardian-wallet/app.html .
This dApp allows you to store your ETH in a smart contract. With the benefit that a guardian can move your funds for you if you lose your keys!
This is semi-trustless, as even if you select a malicious guardian. He has to wait for a grace period (30 days) before he can move the funds. You can see the guardian request on the blockchain and get your funds back if this happens
This is a social recovery wallet. As endorsed by Vitalik because it manifests the “crypto values” — interacting with the blockchain is not an individual endeavor but a communal one. In his blog post, he likens social recovery to the neurological wiring of humans, as brains are more suited to forging relationships than recalling words.
The guardian wallet is deployed to your preferred network, Ethereum Mainnet or any L2. Think ofthe smart contract as a keychain of prtected addresses/guardia\
Whitelist of Addresses
You can enable a whitelist. It enables you to specify a list of addresses that can generate address/guardian pairs.
2. Account Abstraction
“For a new user to interact with the blockchain, they must: create a wallet; store their private keys, purchase and transfer funds, pay gas fees, and sign every single action that they take on a dApp. With such an intimidating user experience for newcomers, something must change.” — Ethereum
The world of blockchain and cryptocurrencies has long promised to revolutionize industries, but for many, the complexities of interacting with this technology have posed a significant barrier to entry. The process of setting up wallets, safeguarding private keys, paying gas fees, and navigating dApps (decentralized applications) has been like learning a new language.
Yet, groundbreaking innovation is on the horizon — Account Abstraction. This new concept, symbolized by the ERC-4337 standard, holds the key to a more user-friendly, efficient, and intuitive blockchain experience. Understanding Account Abstraction and ERC-4337
Account abstraction might sound like a complex term, but it’s quite a game-changer. Imagine if you could have a wallet that’s smarter, more secure, and doesn’t require you to juggle private keys. ERC-4337 brings this vision to life by introducing the idea of “smart accounts,” which transform the way we handle our blockchain interactions. These smart accounts, made possible through account abstraction, are like digital guardians that can think for themselves and make your blockchain journey smoother than ever before.
Let’s lay the groundwork first. Wallets are like digital pockets on the blockchain, where you store your digital money (ether or ETH) and initiate transactions. These accounts come in two flavors: externally-owned accounts (EOAs) and contract accounts.
Externally-Owned Accounts (EOAs)
EOAs are like your personal wallets. They rely on a special key pair—a public key (like your username) and a private key (like your password)—to carry out transactions. Whoever has the private key can access and spend the funds in that account.
Now, contract accounts are more like advanced wallets with superpowers. They can execute actions based on triggers (like you pressing a button), but they need your personal wallet (EOA) to initiate any transaction.
The Birth of Smart Accounts
Account abstraction sweeps in to make things even more exciting. Imagine if your wallet could make its own decisions without constantly relying on you. This is what smart accounts are all about. With ERC-4337, smart accounts are like mini-computers on the blockchain that can think, act, and execute transactions on their own.
So basically, Account abstraction is like giving your wallets brain to make some decisions. This means it can do more than just hold your money — it can also carry out transactions and actions without you having to do everything manually. It’s like having a helper that knows what you want and does it for you, making using blockchain and cryptocurrencies much easier and more convenient for everyone
How it works
Smart accounts use something called UserOperations. Think of UserOperations as sets of instructions, like a recipe for your smart account to follow. These instructions include the type of transaction, the tokens involved, the gas fee (the tiny amount you pay to use the blockchain), and even a signature to validate the transaction, it’s like your digital seal of approval.
When you want your smart account to perform an action — say, swapping one token for another — you send it a UserOperation. This operation goes into a waiting area (like a queue) where it waits for its turn to be processed. Just like in a supermarket checkout, UserOperations wait for their turn to be processed.
But here’s the genius part, Instead of handling each operation separately, smart accounts can bundle multiple operations together. It’s like doing all your shopping at once rather than making multiple trips. This “bundling” not only saves time but also reduces the gas fees you need to pay.
Benefits of Account Abstraction
Wallet Recovery Made Simple: No more sleepless nights worrying about losing your private key. With smart accounts, you can assign guardians (people or devices) who can help you recover your account if something goes wrong.
One-Click Batch Transactions: Swapping tokens or interacting with dApps used to be a multi-step process. Smart accounts make it as easy as a single click, just like adding items to your online shopping cart.
Share and Secure: Want to share access to your wallet without giving away everything? Smart accounts let you customize access levels. You can have team wallets with multiple users, each with specific permissions.
Automated Ease: Remember manually signing transactions? Smart accounts automate the process based on rules you set. It’s like having a personal assistant handling your blockchain chores.
The Path Ahead: A Brighter Web3 Experience
Account abstraction isn’t just about solving problems; it’s about creating a friendlier blockchain ecosystem. Developers can build wallets that anyone can use, no technical jargon is required. While it doesn’t directly solve scalability issues, account abstraction sets the stage for a more inclusive, user-centric web3 era.
3. Account Abstraction Summary
Account abstraction, heralded by ERC-4337, marks a pivotal moment in the blockchain’s evolution. It’s not just about making things easier; it’s about transforming the way we interact with the blockchain. Just as smartphones made communication effortless, smart accounts are poised to make blockchain interactions as simple as a conversation. As this concept takes root, the once-daunting world of blockchain is on its way to becoming accessible, intuitive, and user-friendly.
UNIQUE ETHEREUM ADDRESSES
5.1 BITCOIN ADDRESSES
Bitcoins are ‘stored’ in something called bitcoin addresses - they look something like
this: 1j2m5TakK99HvJUTfg2b2b8EGWQenmdTh. There are two parts to a bitcoin address – the public key (commonly just called the address) and the private key – the important part that lets you spend the bitcoins on its corresponding public key. Bitcoin is an example of public key encryption, as you can give out the public key freely but you must keep the private key to yourself.
To send bitcoins to an address, a message is broadcast from the owner of the sending address to the network that X amount of coins from that address now belong to the new address. This operation is authorized by the sender’s private key, and if he doesn’t have the private key he can’t spend the coins, plain and simple.
Bitcoin addresses are created by first picking a random number (for the all important key) and creating an ECDSA (Elliptic Curve Digital Signature Algorithm) public / private key pair with them. This operation alone generates the private key – but Bitcoin addresses are not simply public keys, but rather modified versions of them. The generated public key is then put through several SHA-256 and RIPEMD-160 operations, until eventually being converted into a format called Base- 58. Base 58 is an encoding that removes the possibility of similar looking characters, such as lowercase L and uppcase I, as well as 0 and O. Finally an identifying number is added to the beginning of the address – for most bitcoin addresses, this is generally 1, indicating it is a public bitcoin network address.
It is infeasible though technically possible that two different people could generate the same bitcoin address. In such a case, both would be able to spend the coins on that particular address. The odds of this
happening are however so small that it is not going to happen in the next couple million years. If you’re skeptical, read Why is 2^256 Secure for a stern talking to regarding the security and wonders of exponential growth.
5.2 Whyis 2^256 Secure
There’s always a lot of talk about the security of modern cryptographic hash functions, mainly SHA-256. This is a hash function used to verify a lot of important stuff – modern website logins are hashed with it, and Bitcoin relies on it almost entirely. There’s always a lot of confusion regarding the safety of the function – as we know in the past things are found to be insecure after being declared ‘absolutely secure’ a few years prior to them being broken. Why is this particular iteration of hash functions so perfect?
The main problem with this idea is how poorly the human mind can understand the exponential function. Our brains can wrap around the concepts of addition and multiplication fine – but when we get to exponents our minds have trouble wrapping our heads around how quickly numbers get unimaginably big.
So what exactly is 2^256? Well, if we’re being technical...
So – for all those doubting the security of 2^256 collision chances, there’s the number: There is a 1 in over 115 quattuorvigintillion (that’s a 78 digit number) chance of finding a collision. Note: In practice it’s actually SLIGHTLY higher than that, due to something called the birthday problem, however the difference is so abysmal that it’s hardly worth accounting for.
It’s a freaking huge number. This number is bigger than the number of atoms in the perceivable universe. And not by just a little bit either. Exponentially bigger. This number is so big that the human mind can’t comprehend how big it is. It’s just really big. Huge. I can not overstate this enough. This is a very big number. Your financial and cryptographic transactions are secure because of how big this is. Only a fool would attempt to brute force this many possible combinations.
So why is this particular number now big enough to be secure for the significant future? Well, it’s partly because we’ve simply increased the exponent to the point where the numbers get ridiculous, whereas before (with hash functions such as MD5, we were being a little cautious with a ‘just enough’ approach to exponential security. A brute force attack on with this many combinations is infeasible to a crazy degree. Does that mean it’s impossible for someone to find the same hash as someone else? No. It’s not mathematically impossible. It never will be – that’s how numbers work. If a number exists, anyone can find it. However, at this point it’s no longer worth peoples time trying – because it would take hundreds of millions of years to MAYBE get a result. That doesn’t even guarantee the result they’re looking for, just A result.
Is it technically, for the sake of mathematics, possible? Yes. Will we ever witness it in a meaningful way? Absolutely not going to happen. Probably.
We use an open-source client-side keypair/wallet generators. The code is open and audited by the community. Heavily tested and trusted versions are included in the apps releases for local execution.
The code includes several sources of entropy from the users’s computer, and from mouse movement input, and keyboard input.
The apps also provide the option of using Dice. An important part of creating a Bitcoin wallet is ensuring the random numbers used to create the wallet are truly random.
Physical randomness is better than computer generated pseudo- randomness. The easiest way to generate physical randomness is with dice. To create a Bitcoin private key you only need one six sided die which you roll 99 times. Stopping each time to record the value of the die. When recording the values follow these rules: 1=1, 2=2, 3=3, 4=4, 5=5, 6=0. By doing this you are recording the big random number, your private key, in B6 or base 6 format.
You can then enter the 99 character base 6 private key into the text field above and click View Details. You will then see the Bitcoin address associated with your private key. You should also make note of your private key in WIF format since it is more widely used.
This private key generator requires two dice or any other randomizing method. Roll the two six sided dice 64 times. Right down the numbers like this: If the number is 0-9 right now the number. If the number is 10-12 right now a-c. Do this with each roll of the dice and you will get a valid hex private key, such as:
A9873C79B6D870 A01B615778633389B4453213303A A6 1C 20 CC 67 2C 23 36 B3 32 62
This is a valid bitcoin private key. Note that this does not use all the hex characters, and as such can not generate all possible private keys, but its easy to do with just two dice.
You could also buy a 16 sided dice or something and use 0-F which would be more proper. If you do it this way, the max address you can
use is FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141
BITCOIN OFFLINE VAULT WALLET – BA.NET
6 BITCOIN COLD STORAGE
Cold storage – the storage of valuables, specifically bitcoins, in such a way that they are significantly harder to steal than normal, though at the admitted cost of delay in access times. There are a number of popular methods for performing such bitcoin storage, but to use most of them you still have to wade knee-deep into cryptography jargon and it seems like you need an advanced degree just to keep your coins safe. On this chapter you will find a simple introduction.
One of the bigger benefits Bitcoin has is its cash-like nature. People are used to cash, they understand cash much better than most digital payment systems, so let’s make an analogy with cash. You take a million dollars cash to a bank and deposit it.
Would you be surprised at all if you returned to the bank a few months later and were told you’d have to wait a few days to withdraw your million dollars? Probably not. It’s well-understood that your branch probably doesn’t have enough cash on hand to cash out your million and still do business – they don’t feel comfortable holding that kind of money in the same place they hold the smaller amount of cash they transact their daily business with – they have most of their money somewhere much more secure. Even the convenience store on the corner keeps a small amount of cash in the register and the majority of their money in a safe. Cold storage is the Bitcoin version of a safe.
The one tiny bit of terminology you need to understand to fully comprehend the basic concept of cold storage is what techies mean when they refer to systems, databases and other things as “hot” or “cold.” A “hot” system is one that’s live, running, connected. A “cold” system is powered-down, stopped, offline. To this end what we really mean when we say “cold storage” is that we’re storing Bitcoins somewhere that’s not connected to the Bitcoin network or, in most cases, even connected to the Internet or even on a computer at all.
There are a multitude of ways to do this, and we’ll explore a few in detail, but it all boils down to the very basic principle that if your data isn’t on a computer that’s connected to internet then someone has to
physically gain access to it to compromise it, and it’s way easier to secure things physically than digitally.
So how do you ensure the safety of your coins? Most of the options people list fall (often incorrectly) into one of three categories:
6.1 PAPER WALLETS
Paper wallets are one of the most popular methods for storing bitcoins offline. A program of some kind generates the public and private halves of a Bitcoin address (or several). There are usually handy little barcodes that you can scan with your phone, so you don’t have to type those monstrously long things in by hand when the time comes to use your coins. You print off what you’ve generated and send coins to that address.
You have just printed your very own paper money and it can be stored securely in exactly the same ways that cash can.
Update: It is worth noting that there are problems surrounding proper paper wallet use which, since the original publication of this article has led me to no longer categorize them as cold storage.
They are safer than most alternatives and so they remain in this article, but technically, they’re not actually cold storage. Also, there’s been an improvement called “BIP38′′ that means you can now make paper wallets with encrypted private keys. Should you choose any storage system involving paper wallets, you should absolutely choose to encrypt your private key.
12 Words is a deterministic bitcoin address generator. Store bitcoin by writing down your 12 words and salt on a piece of paper. Address generation takes place in app, offline. No information is ever sent to the Internet.
It is preferable to write down the 12 words and salt rather than using a printer. Store your paper in a secure safe. For
larger amounts make several paper copies on separate locations.
Disclaimer: Use at your own risk. Brainwallets can be dangerous if you don't use a strong passphrase or take security precautions.
Use a long, unique passphrase that is never used in any song, literature, or media. If you use a weak passphrase, you are at risk of having your bitcoin stolen. We recommend a minimum of 12 random words. Click the "random" button to have a secure 12-word passphrase generated for you. If you forget your passphrase, your bitcoin will be lost forever.
Your salts are used as additional inputs to the cryptographic function that generates your brainwallet. This information never gets sent to the Internet, and is only used to strengthen your passphrase. There is no recovery process, so don't forget what you enter.
12 Words uses the scrypt key derivation function to generate bitcoin addresses. Your salt inputs are concatenated and used as the salt for the scrypt function.
The process is as follows (pseudocode):
· key = scrypt(passphrase, salt, N=2 , r=8, p=1, dkLen=32)
· keypair = generate_bitcoin_keypair(sha256(key))
Scrypt is a memory-intensive function that is deliberately slow to frustrate brute-force attacks. Performance may vary depending on your hardware, and in some cases may not work at all. If you run into problems, try a different web browser or use a newer computer. We can't sacrifice security for legacy support.
By using 12 Words, you are agreeing to the following terms and conditions.
The service is provided on an "as is" basis, without any warranties.
We are not responsible for any losses in bitcoin that you may incur for any reason.
6.4 COLD STORAGE / HARDWARE WALLETS
While the above are often called “cold storage” they’re technically just offline key storage, which means they’re only safe when used properly – and since they’re basically never used properly, this is problematic. Since this article was first written, however, a new option has become available: True cold storage via hardware wallets.
You can now simply buy a device that stores its own keys and does its own message signing all without every touching a potentially-compromised computer system. This is now the preferred method and should be used whenever it is an option since it doesn’t require you to know or follow any kind of “best practices” for securing funds. Just use the device and you’re good.
It’s important to note that, under most circumstances, you generate these addresses, use them for storage once and then never use them again. In order to use the funds in a paper wallet, you have to use the account on an online (hot) computer, which lowers the security of whatever account you just used. Under most circumstances, such addresses should be considered to be single-use addresses only. Which way you should go is up to you, but I’ll give you a few tools you can use either way.
First, iancoleman.io/bip39 is an excellent and accessible tool. Despite looking like a normal web page, the whole thing is written in such a way that once it’s loaded it never needs internet access again. You can go to the page, completely disconnect your computer from the net and it will still work. You can even save a copy of the page to your hard disk and it’ll still work locally – As a matter of fact, that’s the way the most paranoid among us suggest you do this. iancoleman.io/bip39 is also fairly unique in that they offer a huge amount of functionality: they can generate paper wallets one address at a time or in bulk, they do brain wallets too and they even have a special “bulk wallet” function for people who want to accept payments on their web site without actually storing their coins on some scarily-insecure web server.
They even have a method for performing transactions with paper wallet addresses that doesn’t “burn” the address – at least not as badly as any other method of spending from such wallets (they prompt you to enter they key and then use it once, never actually storing it).
4. Ethereum Offline Transactions
4.1 Why Offline Ethereum ?
Computer security is hard. Physical security is much easier to accomplish.
Using Offline Ethereum allows you to store your wealth securely in an offline vault. Your own vault that you control physically.
You can transfer needed amounts to online wallets on your phone or computer. Ethereum is just like cash, you should only carry around spending money.
4.2 WHAT IS AN OFFLINE Ethereum Transaction ?
An offline Ethereum transaction is created with a computer that is not connected to the internet (or any network). Assuming the installation process was secure the computer can not be reached by hackers.
To create a Ethereum payment the offline machine can create a Ethereum transaction which can then be carried by an USB key. This information can then be copied to a machine that is online, and the transaction can be broadcast.
Your private key never touches the Internet. Maximum Security.
4.2 HOW DO I CREATE AN OFFLINE TRANSACTION ?
Use the PRO Ethereum Wallet and Vault BA.net App.
4.4 CREATE YOUR TRANSACTION ON YOUR OFFLINE MACHINE
Use the button Offline Generate.
To do this you will need the private key of the address you want to
send from, destination address and the amount you want to send.
Cut and Paste the values into the form and generate a transaction. Cut and the paste the generated transaction RAW HEX from the form field into a text file and place it on your USB key.
4.5 SUBMIT THE TRANSACTION TO THE Ethereum NETWORK Use the button Offline Send.
At no point in this process is the private key data exposed through the transaction data. Your private key never touches the internet, for maximum security.
The biggest threat to an offline wallet is an USB-key virus that executes when plugged in. However, such viruses would have to be highly targeted, and can be mostly mitigated by disabling USB-auto- run on the offline computer.
Alternatively, you can transfer this information using the new QR Code Generator Option. No networking of any kind needed.
4.6 TAKE TIME TO GET FAMILIAR WITH THE PROCESS
It is normal to be uneasy using new software to store your savings, especially with advanced features. Make a few offline transactions with new addresses/keys and small amounts of ethereum.
After a couple of offline transactions you will be doing them in less than a minute. You will be able to say that you are your own bank!
3. PRO Guardian Wallet Mainet ETH or L2s
Get the peace of mind of a Guardian
Get an extra layer of privacy
You can use it for opening multiple sub-wallets
each one with its own guardian addr
You can select the grace period (default 30 days)
Verified Source Code Contract
Smart Contract Ownership Transfered to You
Lifetime cost of $99.00
4. Cold Storage - Offline Signature Tools
Airgap best practices PDF
Better than a hardware wallet
Use your own device
Dedicated rPI, linux computer or mobile
Offline sign tx UI
Offline sign guardian wallet UI
Lifetime cost of $149.00