Difference between revisions of "Best practices"

work in progress

Wallet

A common practice is to use one wallet for hot storage, and another for cold storage. Read the private key and the wallet on our forum for an understanding of the difference of what a wallet is compared to a private key.

Hot storage

Hot storage is a storage we usually mine to, and keep on a networked computer, a wallet we commonly access and use. It is preferable to have the computer the hot wallet is on as clean as possible, no unneeded software installed. Keep it updated. Have at least two copies(backups) of wallet.dat in two different locations, use dedicated USB sticks, that are marked clearly.

Cold storage

Cold storage is a wallet we create and have on a non networked computer. This should be a dedicated disk, with a fresh and clean OS installed. To use this wallet we create the transaction, sign it and save it on a dedicated USB stick, then import this signed transaction into our hot wallet and broadcast it. Have at least two copies(backups) of wallet.dat in two different locations, use dedicated USB sticks, that are marked clearly.

Paper wallet

we create a linux liveCD USB-stick

1. Download Ubuntu Latest LTS version is fine
2. Follow the Guide for our OS to make a bootable USB Ubuntu guide
3. Download paper wallet generator Paperwallet and put on our USB or a separate USB stick.
4. Unplug ethernet cable, insert LiveUSB and reboot into Ubuntu Live. Do NOT connect with Wifi or any other means to any network.
5. Open index.html to start papwer wallet generator, and then select Ravencoin. Make our wallet(s)
6. Connect a Printer that does not have network or reprint capabilities, older cheap injets are usually fine, DYOR (Do Your Own Research). Print Wallets in at least duplicates.
7. Laminate the paper wallets to keep them safe from water damage.
8. Store wallets at two different locations, and keep them safe and secure.

Private keys

A private key is what control the funds, and make them spendable on its correlating public key.

Miners and other apps

• Only run software from known reputable developers, preferably peer revived and audited code.
• Download only from the links provided by the developer, preferably from the developers own site.
• The inherent danger of a malicious miner app is that by design it has already all the tools needed to be very harmful, these include upload and download capabilities, there will not necessarily be anything we can detect immediately, as a malicious miner app can be triggered by something as simple as a specific network block number being reached or other delayed mechanisms.
• Any computer on our network(subnet) could be a potential treat towards our hot wallet.
• There is no way to know if our wallet.dat/private keys are compromised, unless we always keep them safe guarded.
• The above holds true for any software we download and use.