Frankenwallet live screenshot with overlay from encrypted installation
Frankenwallet live screenshot with overlay from encrypted installation

The Frankenwallet: Secure workflow and Internet privacy for Cardano and other cryptocurrencies

Three years of progress… and what’s coming with Catalyst Fund 11

--

In mid-2020 at the launch of Cardano’s Shelley era — when I felt compelled to create a stake pool by converting my entire life savings to Ada for a pool pledge, leaving it secured only by my own confidence in open source OS tools, applications and encryption procedures — I was terrified.

I’ve worked in computer operations and security since the late 1980’s but I’d never been in such a state of personal vulnerability over security standards before... and I was not the only crypto enthusiast in my technical circle with reservations about the design visibility and ultimate intent of hardware wallets (see here).

So while creating the new stake pool I also built an encrypted, bootable memory stick I called the Frankenwallet (see here for name origin) with everything I would need to:

  • keep my cryptocurrency operations and record-keeping private with respect to my daily computer use;
  • boot an encrypted Linux system having access to all the files on my main computer where it was booted from;
  • run the basic Cardano command line interface (CLI) tools, covering both stake pool operations and key management, in an environment with no Internet access (within an “Air Gap”);
  • encrypt office (LibreOffice) documents with critically secure data (wallet mnemonics & passphrases) and archives of pool & personal key files, using passwords never entered anywhere else;
  • storing and retrieving files on the insecure host for archiving and remote backup.

Over time, I developed my notes into a body of documentation around this alternative “do it yourself” (DIY) security model, effectively supplementing the model of the more streamlined but less flexible hardware wallet, in these stages:

  • publishing the operational outline in January 2021 (web page hidden today to avoid SEO confusion);
  • expanding to web-book form in September 2021, at cosd.com/frankenwallet — with 40+ pages extending these basic security procedures, including optional reading for design rationale & history;
  • writing the standard Air Gap Environment build instructions for the Cardano Foundation’s Developer Portal based on the Frankenwallet procedures;
  • including Frankenwallet with condensed instructions (Get Started with the Frankenwallet) as a community-endorsed operator tool on the Developer Portal.

Q: How come everybody hasn’t heard about the Frankenwallet yet?

As the Catalyst Fund 11 vote approaches, the time has come to turn the Frankenwallet from a useful, privately tested proof-of-concept into a public, community-supported open source project including:

  • a wider range of material supporting security and privacy standards & applications;
  • a more official integration for Cardano’s stake pool operators, with better installation options for users;
  • a polished documentation web site built from community-editable material through content suggestions, technical peer review, and feature requests;
  • transferring the Frankenwallet from my own personal “ownership” to an open-source licensed asset of the Cardano, crypto, and security communities.

Cardano has always needed a standard for a secure operating environment, and so far the Frankenwallet and its companion Air Gap Environment instructions on the Dev Portal have been the only popularly presented candidates. The Frankenwallet only awaits additional time and funding to become a finished product shared with the whole Cardano community (update 2024–02–15: Project Catalyst has approved our funding 🤩).

Beyond what’s already written in the proposal above, as Fund 11 approaches here are some additional points for consideration of Cardano’s security, privacy, and operational requirements and how the Frankenwallet can help:

Crypto privacy and the “cool” vs. the “cold” Frankenwallet

The extent and strictness of the Frankenwallet is up to the user, with the two main classifications being no Internet access and restricted Internet access. An air-gapped environment is indicated for working with “cold” keys, since they’re never supposed to be kept on a “hot” (active, Internet enabled) machine.

I coined the term “cool” environment in the Frankenwallet documentation to indicate an Internet enabled but still sandboxed environment: mainly because it’s “warmed” every once in a while by Internet activity within the sandbox. The setup instructions include a complete list of browser settings to prevent any data being sent to third parties… warning operators never to use the “cool” environment to store, or sign with, their “cold” keys.

The “cool” Frankenwallet workflow indicates that it’s also never supposed to be used in a way that reveals the user’s identity. Otherwise the ubiquitous harvesting of Internet data might profile a user as vulnerable to malware that scans computers for crypto wallets and passphrases.

The “cold” Frankenwallet is kept as a more traditionally secure option for operators who only need to work in highest security with raw blockchain keys: as Cardano stake pool operators would (see Secure Transaction Workflow).

For all other users who want or need the ability to engage in Cardano’s and other blockchains’ huge variety of dApps or development platforms without a hardware wallet, building and using a “cool” Frankenwallet will help them maintain:

Privacy: Without tracking information accumulated in browser histories, IP-tagged communications, web site subscriptions, online shopping, etc., whatever Internet activity may be visible from the “cool” Frankenwallet can remain unassociated with your real world identity.

Security: Third party malware and operating system flaws and back-doors — especially if your main environment is Windows — are not inevitable with the Linux-based Frankenwallet as they would be on conventional desktop systems subjected to routine use on the Internet.

The magic of combining limited Internet access with secure record keeping

Continuous encryption for wallet passphrases

As a constant traveller who works with other “road warriors” I would be equally uncomfortable either leaving a printed copy of a wallet passphrase behind anywhere or taking such a backup with me. Therefore my only assurance that wallet balances remain accessible, and that wallets can be reconstituted anywhere, is to both:

  • record all wallet seed phrases into a LibreOffice AES-encrypted file;
  • create regular off-site backups of this file (since my computer might also be lost at any time).

The problem for many users who already do this — by default, using document encryption on their “daily driver” machine — is:

A machine with constant exposure to the Internet and downloadable software must be assumed compromised by malware which can read passwords from its keyboard and passphrases / mnemonics from its clipboard: even though LibreOffice password entry is assumed secure and its AES encryption is assumed unbreakable.

Since light wallet software generally requires Internet access at the time a wallet is created, following this usual wallet workflow in the “cool” Frankenwallet allows the user to immediately place the recovery passphrases, with other confidential details, in a file encrypted with a password which has never been used on a machine with routine access to the Internet.

This security model cannot duplicate the security assurance of a hardware wallet (unless a closed source design offers a “back door”)… yet the Frankenwallet security risk is limited to that of:

  • highly trusted open-source software: Ubuntu, Brave / Firefox browser, LibreOffice, and native encryption utilities like LUKS, 7z & aespipe
  • software wallets themselves: whose user communities have already provided abundant real-world testing and in some cases open-source verification.

Completely flexible support for emergent dApps, command line utilities, and developer deployments

During Cardano’s development period I’ve encountered a few dApps for which hardware wallet support for smart contract interaction and support for certain types of transactions came relatively late.

These days, commercial dApps as offered from popular web sites will generally support hardware wallets from Day 1. But other applications on the development edge may require a more flexible means of access that hasn’t accommodated the hardware wallet yet:

1) This may happen particularly for key derivation paths and types that aren’t yet supported in the hardware wallet. For instance, Cardano governance (coming soon) will provide a greatly expanded range of these keys to implement procedures for voters, representatives, and delegation between them. In case these emergent applications aren’t immediately supported by hardware wallets: users, testnet participants, and providers will have the Frankenwallet ready as an alternative platform.

2) Another case would be Catalyst voting registration for a bare Cardano payment address (outside of a wallet), which requires simultaneous access to a stake address private key and the Internet. Without an environment like the “cool” Frankenwallet, the registrant would have temporarily store their private key in cleartext on a machine fully exposed to the Internet. 😰

3) If the bandwidth to the “cool” Frankenwallet drive is fast enough (like a SATA SSD cabled into a USB 3.0 port), operators and developers will be able to run a full Cardano node in the Frankenwallet, allowing them to:

  • submit cardano transaction build commands (not having to pre-calculate transaction fees)
  • mint tokens / NFTs and deploy smart contracts with complex transactions assembled from the developer’s notes on the host machine… without exposing these activities, raw data, or private keys to a Cardano node as typically connected to the Internet.

Example for secure record-keeping: Last Will & Testament

A typical crypto investor’s instructions to extract and consolidate all their cryptocurrency resources in the event of their demise would be both:

  1. uniquely complicated: requiring complete inventories of private keys, wallet mnemonics and passwords to extract and consolidate one’s crypto assets across any number of software packages and platforms;
  2. uniquely vulnerable: since such a complete description of an inheritance would also mean the investor’s crypto devastation if the decrypted contents ever fell into the wrong hands.

Considering therefore how much there would be to lose — not just for my inheritors, but while I am still alive & well — I could not imagine preparing such a document outside a sandbox like the Frankenwallet… encrypting it with a known password somehow delivered after my confirmed incapacitation, to be combined with the encrypted file held by my inheritors in the meantime.

Optical drive backups for crypto account data, passwords and keys

A side benefit of using all your regular computer’s hardware with your connected Frankenwallet is that not only the hard disk drives but also the optical drive is accessible. This addresses a common reservation of cryptocurrency key backups, for those who don’t trust their strongly encrypted files to be transferred over the Internet: the short life of memory sticks.

Encrypted files and archives storing private keys, passphrases and password hints can be written to an optical drive directly from the Frankenwallet with the usual Linux disc writing tools… without ever having to trust the regularly booted computer not to copy or modify the encrypted data before it’s written to the disc.

Q: “Before we go any further, how does this all LOOK?”

Functionally and aesthetically, it looks as if your system were booted from a Linux installation image (current recommendation = Ubuntu). This 1440p monitor desktop layout shows several windows open to follow previously scripted commands while simultaneously accessing cleartext signing keys on the Frankenwallet drive and their encrypted backups on the host drive:

Working with files and Cardano CLI on both secure & insecure partitions, with scripted commands in encrypted file (enlarge window to see more detail)

Why I want a Trezor Safe 3 but STILL will need a Frankenwallet…

In the Frankenwallet early development period there was a huge scandal about Ledger leaking the identities of its subscribers (I won’t link this again since hardware wallet advocates have often said they’re sick of hearing it).

But upon learning in late 2023 about the open-source software and hardware design of the Trezor Safe 3, I was relieved that there was at least one Cardano-compatible hardware wallet provider taking open source design and user expectations of an open platform very seriously.

In the long term, as a human being & investor and not just as an educator & standards developer, I would place the highest importance on the safety of my funds and therefore whether I could ultimately place more trust in:

  1. Trezor: with open source implementations from a single company and a smaller set of users & expert reviewers of its published software and hardware design; or
  2. Linux + apps, LibreOffice, and software wallets: the OS and common applications, with a massive number of observers and security reviewers, plus the security design of whatever light wallet(s) I choose to use.

I have to be prepared that the Trezor might seem a better option someday. If it does, my use of it would have to preserve the most important thing for me: the secure reproducibility of the wallet… as I admit, the opposite of other security models in which the hardware wallet must be the one & only key to an account that will ever exist (i.e., according to my expectations, something guaranteed to be lost or destroyed 😅).

So, given that I would still have to export a Trezor hardware wallet key, I would still need a sandboxed environment secure enough to transfer the recovery phrase into a file or archive encrypted with a password that’s never touched a machine with live Internet access.

This can, and I believe should, be done in a “cold” Frankenwallet to be absolutely sure no browser activity, software wallet extension, or potentially compromised system software could ever intercept either the typed recovery phrase or the password used to encrypt the file that stores it.

What’s on the way… with your vote for Frankenwallet in Catalyst Fund 11:

For a full list of proposed features and the timeline for delivery (completion by end of 2024), please see & share the full proposal (Frankenwallet: DIY boot drive for privacy, security & SPO) or follow the buttons near the beginning & at the end of this article. Here are the highlights:

Building into a user friendly web site with community input & collaboration

So far the Frankenwallet documentation consists of about a half-dozen web pages to guide the installer gradually through the steps of a Linux installation which is much like installing Linux for “dual boot” from a Windows-based PC. The optional remainder of the 40+ pages are to present the workflow and security model, then to help the user prepare for the installation and use a Frankenwallet safely and effectively.

The Fund 11 improvements will move this material into an open source GitHub repository which will allow contribution from any user, with a framework to build this material into an attractive & functional web site. This is the same model used by:

For a couple years I’ve been a key contributor to both of these repositories and I have seen first-hand the miraculous growth that can happen when teams of people open up their documentation & procedures to community input.

GitHub has a well-defined framework to submit “issues” for fixes and improvements, and even submit contributions directly (“pull requests”). When this becomes available for the Frankenwallet content, it will allow any user to request clarification or elaboration on any documentation issue that seems unclear or unworkable, as well as to request additional use cases.

A nine-month plan for content building under the oversight of the Cardano community is detailed in the Frankenwallet proposal. Personally I can hardly wait to see what emerges when this eventually hardened, peer-reviewed material is presented with an attractive theme at a publicly recognisable location (already arranged for frankenwallet.com) to become part of Cardano’s ongoing equity.

Challenge & response to security assertions, with more potential use cases

As with any trade-off between security and convenience, security experts from different backgrounds are bound to challenge each other over whether approaches should be considered “safe” and which approaches are best for given use cases.

This where community input will become vital… anyone reading the above security model, or having evaluated Frankenwallet in the past, will have an opportunity to submit a GitHub issue for public commentary if they think any application of the Frankenwallet presents or encourages a security weakness.

From a point about 6 months into the project (end of Q3 2024), feedback — from users, developers, operators, and anyone with a sincere interest in cryptocurrency security — will be incorporated into the growing web site, and will further qualify the security expectations for the Frankenwallet’s use cases… and will almost certainly include some new uses & procedures based on popular demand.

Integration with Cardano’s existing operator tools

The intermediate stages of this plan will present the Frankenwallet to Cardano’s Stake Pool Operator (SPO) community who have long been expected to improvise their own “air gap” machines and arrange, with little guidance, a platform from which to run the widely used SPO Scripts.

Documentation and tested installation instructions to include the SPO Scripts in the Frankenwallet will enable many operators (not just stake pool operators) to securely use scripts in “offline” mode without needing a second machine… and will help isolate their Cardano operations in “online” mode when running on the “cool” Frankenwallet.

My own Frankenwallet development and testing has proven that both the “cool” and the “cold” Frankenwallets can effectively secure any command-line Cardano operations, since I’ve always felt comfortable managing a stake pool and submitting registrations / transactions at a detailed technical level using the Cardano native “CLI” by itself.

Adding the SPO Scripts as part of a standard installation procedure will ensure a greater body of operators and SPOs can perform higher-level functions safely and efficiently… and this Catalyst funding round will ensure a long testing period for operators to give feedback about any improvements that will make the Frankenwallet a standard, robust part of their workflow which promotes the security and value of the Cardano blockchain itself.

“That sounds awesome! How can I get involved?”

First, bookmark the Frankenwallet GitHub repository where forthcoming material will be posted in the months following our Catalyst funding approval: github.com/rphair/frankenwallet

And to support our work in cryptocurrency standards for security and governance, including Cardano Improvement Proposals (CIPs), please delegate to COSD stake pool in your Cardano wallet and follow us on Twitter for related announcements: 🙏

Delegate to COSD Pool
Follow us on Twitter: @COSDpool

--

--

Robert Phair

Writing & design for crypto standards and online security / self-determination. Supporting rogue investors, creatives, rebels, nomads, and the parallel economy.