Today I completed my dummy disaster recovery experiment that I started and blogged about one week ago. I managed to learn even more today and feel both incrementally more prepared for something to go wrong and confident in my ability to handle a crypto-cataclysm.
Jaxx.io
I'll share my findings for today shortly but first I'd like to recap my motivations for those who missed or have forgotten my original post. Here's a snippet for context.
For some time the insecurity of having all of my cryptos in my phone has nagged at me. It's convenient, sure, but the inevitable will one day happen.... so before we sit down to our Sunday night movie, I decided I'd try out the process of recovering my funds on another device.
- The phone will die
- The phone will get stolen
- The data will become corrupt or the app will irrecoverably crash (this scenario was recently covered by SGT Report)
Some context first. I run two wallets on my phone, blockchain.io and Jaxx. The former is the oldest and was basically one I chose on @dollarvigilante's recommendation. The Jaxx wallet I chose based on good reviews and was born of my desire to expand into multi coin wallets.
It seemed sensible then to search for the Jaxx windows application on my laptop. I wanted to go with an application because as far as I understand, that gives me the best chance that the private keys stay local to the device. Although without monitoring the network traffic (and even then it may be difficult) it's hard to determine that this is the case. Surely any web based wallet however necessarily requires the server side to access the private key to encrypt transactions meaning that the key leaves your local device, something I'd like to avoid.
I searched my laptop for the 12 word recovery passphrase that I'd written down when setting up the wallet. The installation was a breeze on windows and the setup was easy to follow.
I ended up recovering my funds using this recovery phrase fine, but found that I'd inadvertently entered the phrase for a different wallet that I have. This left me in a situation where my Jaxx wallet on my phone didn't represent the content of the Jaxx wallet running on my computer and I found this confusing.
It did provide a learning opportunity however as I wanted to know how to "disassociate" a phrase with a wallet. I did some searching thinking that perhaps Jaxx supported multiple wallets. Not that I'm advocating that as a good solution but it would allow me the chance to add my real recovery phrase. This isn't supported by Jaxx. As the software isn't really "installed" and is just run rather from an extracted zip archive, there was no uninstall option either.
I even tried re-extracting the archive to a different location on the file system thinking that any cache would say within the original folder structure but when I fired up Jaxx from the new location, the wallet still showed my balance. I was wondering whether I was stuck with this phrase/wallet mapping when I discovered that the data associated with the recovery phrase on Windows is stored under the AppData folder, typically found under C:\Users\<username>\AppData\Roaming
. I renamed that folder, fired up Jaxx and sure enough, I was presented with the friendly startup screen that prompted me to recover a wallet or create a new one.
I then entered the correct phrase associated with the Jaxx wallet on my phone and hey presto, the correct BTC & ETH balances were displayed. I've had a brief sniff at the data contained in the AppData folder as @valer7 made a really interesting contribution to the original wallet recovery post of mine saying that it's quite likely that Jaxx stores private keys in plain text, at least on Android. There was nothing obvious after my brief sniff of a few files, but that's not to say that this isn't the Jaxx implementation. I'm not sure whether I'd expect to see a standard PGP private key begin and end marker in the file or whether the wallet keys are implemented differently. Something more to learn I suppose.
Anyway, that rounds out my wallet recovery. As I mentioned in my first post, I'm looking at exploring hardware wallets but am a little concerned that gaining security will cost me flexibility. I like the idea that I can transport my recovery phrase only on a plane, boat or car if I need to leave a disagreeable situation. Gold and silver suffer from their own advantage in this way, they are physical and need to be physically transported. Physical assets (especially electronic ones) can be damaged, broken, lost, confiscated. I'm yet to wrap my head around that but perhaps dipping a toe in the hardware wallet water just for the education would be worth it alone.
Thanks for your interest as always and I hope this has been helpful.
我的帖子上的声音
I like my Ledger Nano S.
Hi @g-dubs thanks that's one I'll be checking out.
Upvoted and also resteemed!
Thanks for the support @insiders 😉
This post has received a 0.63 % upvote from @drotto thanks to: @banjo.
Thx for sharing this. Very interesting
Thank you @cryptotrader2017
我的帖子上的声音