Best practices

From Ravencoin Wiki
Revision as of 09:11, 6 May 2018 by MrsDelish (talk | contribs) (wallet guide)
Jump to navigationJump to search

work in progress

The goal here is to educate our self so we can make a hopefully more informed decision. Regardless of how many of these steps one choose to follow, try to be aware of what might be the possible pitfalls.


Wallet

A common practice is to use one wallet for hot storage, and another for cold storage. Read the private key and the wallet on our forum for an understanding of the difference of what a wallet is compared to a private key.


General wallet guide

Note: do not use special chars for the passphrase for encryption of our wallet.

We can download our wallet from Ravencoin Github for our OS.

  • Extract all the compressed files.
  • Start wallet by double click Raven-qt(.exe/.app), allow the Raven-qt to access internet if your windows firewall notification pops up.
  • Choose were to store our data folder, it will contain our wallet.dat, blockchain and other config files. Default option is fine.
  • Assuming this is a hot wallet and we are connected to the internet, our wallet will now start to sync with blockchain.
  • Encrypting our wallet is always recommended, especially on a hot wallet, we can select "Encrypt Wallet" from "Settings" menu, remember to write down our passphrase and store it safely, use the same steps ans detailed in Backups section on this page. Note: do not use special chars for the passphrase for encryption of our wallet.
  • From the "File" menu we can choose "Receiving Addresses.." click "New" give it a label, and click "OK" now we selected the new address and click "Copy" and paste it into our mining bat/sh file, or "Export" a text file with our new public address.
  • Nest step is to backup our wallet, we can do that from "File" menu "Backup Wallet..." select a location and give our backup a meaning full name like "06-05-2018-raven-wallet.dat" follow the steps in Backups to keep our backups safe. We can also make a backup when our raven-qt wallet is completely shut down by copying wallet.dat file from our data folder.
  • Now is a good time to read the rest of this page.

Default data folder locations: 

Windows: %AppData%/Roaming/Raven
Mac: ~/Library/Application\ Support/Raven
Linux: ~/.raven

Note that on mac and linux " ~/ " is the home folder, and is different from " / " root folder


Hot storage

Hot storage is a storage we usually mine to, and keep on a networked computer, a wallet we commonly access and use. It is preferable to have the computer the hot wallet is on as clean as possible, no unneeded software installed. Keep it updated. Have at least two copies(backups) of wallet.dat in two different locations, use dedicated USB sticks, that are marked clearly.

Cold storage

Cold storage is a wallet we create and have on a non-networked computer. This should be a dedicated disk, with a fresh and clean OS installed. To use this wallet we create the transaction, sign it and save it on a dedicated USB stick, then import this signed transaction into our hot wallet and broadcast it. Have at least two copies(backups) of wallet.dat in two different locations, use dedicated USB sticks, that are marked clearly.

Paper wallet

We create a linux liveCD USB-stick on a non-networked computer to make our paper wallets.

  1. Download Ubuntu Latest LTS version is fine
  2. Follow the Guide for our OS to make a bootable USB Ubuntu guide
  3. Download paper wallet generator Paperwallet and put on our USB or a separate USB stick.
  4. Unplug ethernet cable, insert LiveUSB and reboot into Ubuntu Live. Do NOT connect with Wifi or any other means to any network.
  5. Open index.html to start paper wallet generator, and then select Ravencoin. Make our wallet(s)
  6. Connect a Printer that does not have network or reprint capabilities, older cheap inkjets are usually fine, DYOR (Do Your Own Research). Print Wallets in at least two copies.
  7. Laminate the paper wallets to keep them safe from water damage.
  8. Store wallets at two different locations, and keep them safe and secure.

We can make paper wallets from our exported private keys. A good way to achieve this can be to have a copy of our wallet.dat and linux wallet binaries on a USB stick, move the wallet.dat to the ~/.raven location and dump our keys from withing the non-networked LinuxUSB stick, this stick will need to have the dependencies from Ravencoin Github. Once the paper wallet generator is open copy and paste the private key in, check that it generates the corresponding public key, if not try and copy and paste our public key as well.


On a encrypted wallet we can unlock our wallet with the following command: 

walletpassphrase "passphrase" "timeinseconds"

example: 

walletpassphrase very6securE+pasSword 300

Once the wallet is unlock we can dump our key, address is our corresponding public key: 

dumpprivkey "address"

Example: 

dumpprivkey RBjAZ4fgoXfMC1ujzs7XKreMxJAL1r9fhT


Backups

Have at least two copies(backups) of wallet.dat in two different locations, use dedicated USB sticks, that are marked clearly. Do not use these USB stick for anything else, and keep them safe. Get good known named brand USB sticks, this is not the place to save cost. Use different USB sticks for Hot wallet and Cold wallet backups. Especially cold wallet backup should not be plugged into a networked computer.

Some prefer to encrypt the disks or folder, this can be advantageous if you do not have a trusted place to store your USB sticks. Just keep the passphrase to the same standards as the USB sticks, minimum two copies in two different locations.

Consider how relatives and or our children can get access in the future should the worst thing happen.

Private keys

A private key is what control the funds, and make them spendable on its correlating public key. We do not reuse a key pair (public and private key) after the private key has been swiped/imported on a networked computer, ie do not reuse a paper wallet after the private key has been used.

Miners and other apps

  • Only run software from known reputable developers, preferably peer revived and audited code.
  • Download only from the links provided by the developer, preferably from the developers own site.
  • The inherent danger of a malicious miner app is that by design it has already all the tools needed to be very harmful, these include upload and download capabilities, there will not necessarily be anything we can detect immediately, as a malicious miner app can be triggered by something as simple as a specific network block number being reached or other delayed mechanisms.
  • Any computer on our network(subnet) could be a potential treat towards our hot wallet.
  • There is no way to know if our wallet.dat/private keys are compromised, unless we always keep them safe guarded.
  • The above holds true for any software we download and use.

Links, Guides and other helpful tips

https://en.bitcoin.it/wiki/Securing_your_wallet

https://bitcoin.org/en/secure-your-wallet

http://bitcoinsecurity101.com/getting-started/

https://virtopia.ca/crypto-wallet-safety/


Quote from OhGodAPet - Think of it this way - until you DO learn and understand, your only option is to not know what the wallet hides from you...

Retrieved from ‘https://raven.wiki/index.php?title=Best_practices&oldid=1023