5

Requirements:

1) An account created on a raspberry pi that has never been connected to the internet ever. 2) A great private key on this account, that does not rely on any random number generator. 3) The ability to sign transactions on the pi (probably a QR code will be used to get them off the pi).

I found a great solution from Vitalik himself showing how to create the account and even sign a transaction: python_cold_wallet_instructions. The line eth.sendRawTransaction("<output of last line of code here>") is what I would perform on a separate computer. All seems great except one thing:

The line k = os.urandom(32) implies using the random number generator. How can I avoid using the RNG? Isn't this a legit concern?

Improve this question
2

1 Answer 1

Reset to default
3

You can try https://github.com/ConsenSys/icebox - it supports offline generation of key and manual adding of random numbers.

The OS CSPRNG on Linux can be relied upon, as long as the computer has been doing a few things since first installing Linux (e.g. harddrive writes, mouse/keyboard inputs. Linux gathers entropy from such events into it's entropy pool, which is used when os.urandom is called.

Both geth and eth clients use the OS CSPRNG for generating keys, and this is widely considered as good practice as much effort goes into modern operating systems (Linux, Mac, Windows) secure random generators.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.