警告:您可能成为了企图假冒本网站内容的目标。 我们检测到该网站被IFRAME包裹,这意味着与EOS Canada无关的人试图向您展示他们的内容与我们的内容相关,可能为了让您相信他们与EOS Canada有关。 我们与任何试图这样做的组织都没有联系,它也没有受到我们的认可



WARNING: you may have been the target of an attempt to misrepresent the content of this site. We detected that the site was wrapped in an IFRAME, which means that someone else, not associated with EOS Canada, attempted to show you their content combined in some way with ours, possibly to make you believe they are associated with EOS Canada. We are not associated with, and do not endorse, any organization attempting to do this.
background-flotant-top-right-01

Blog: EOS Block Producer Tips & News

background-flotant-top-left-01

How to Use eosc as a Cold Wallet with Offline Signing

September 13, 2018 / by Josh Kauffman

Security is at the forefront of many crypto-enthusiasts’ minds. Securing your private keys and maintaining that security is no easy feat. EOS Canada’s multi-functional tool `eosc` has the ability to sign transactions offline from a cold wallet, making strong security accessible to all.

 We at EOS Canada have made a step-by-step walkthrough showing how to use these capabilities so that anyone can follow along. A few things that you will need: 2 computers (one of which is not connected to the Internet, known as an “air gapped” computer) and a USB key (or any other means of transferring a file from one computer to the other). That’s it!

This works for all transaction types -- so you can use it not just to move EOS or tokens, but also to vote or execute a smart contract, all from a fully offline cold wallet.

The main question that a user may have is “Why is this a useful capability?” The answer is that this technique enables you to avoid ever exposing your private keys to the Internet. Since your keys remain on the air gapped computer, you are protected from hackers trying to exploit vulnerabilities over the Internet, e.g. by injecting malware such as keyloggers, screen-capture agents or one that extracts the private key directly from memory.

Another question that we have received is “I have a hardware wallet, why would I want to use offline signing?” While hardware wallets are great to protect against key extraction by a bad actor, they don’t cover all cases of malware based attacks or phishing attempts. An example would be a targeted malware or an active bad actor watching for when a user is crafting a new transaction, who then pushes a rogue substitute transaction to your hardware wallet that you are tricked into signing instead of the transaction that you created. The hardware wallet screen may not be able to display enough metadata about the transaction for you to positively confirm that it is indeed the one you were about to push. In cases of simple transfers, this is generally safe, but since EOS allows you to sign transactions to complex smart contracts, this is a threat to consider.

If you have questions or run into any issues, please join us in the EOS Canada Telegram channel. If you have any feature requests for `eosc`, or want to propose a modification, feel free to open up an issue or a pull request at the `eosc` GitHub repository.

 

Topics: Security, Education, eosc, EOS Vault, How to Vote

Josh Kauffman

Written by Josh Kauffman

Josh wants to educate those around him. Understanding systems, from the simplest to the most complex, is a passion of his. Since trying to wrap his head around cryptocurrency a couple years back, he’s become a missionary -- urging those around him to understand this technology that will underpin tomorrow’s world. He’s a jack of all trades, having worked on designing home building systems, fine woodworking, and running restaurants. His latest passion is the crypto space, and is looking to be part of those who lead this change, bringing one of the most complex and far reaching systems that have the ability to touch every industry.