Securely Transacting FIL

#1

Hi all,

I am trying to create a flow for securely transacting FIL. My threat model requires that I never have my secret key on an internet-connected computer.

As far as I can tell, there is currently no way to create a valid transaction in this setting. If anyone can help, I’m looking for a way to execute the following steps:

  • Generate private key on offline computer
  • Use online computer to create an unsigned transaction
  • Move unsigned transaction to offline computer and sign transaction
  • Move signed transaction to online computer and broadcast to network

Any alternative approach that would allow for creating a valid transaction while keeping the secret key offline would also be welcome.

1 Like
#2

completely agreed this needs to be supported. We need to add a command that lets you submit a manually created and signed message to the network. Currently no command in the api lets you do this, but you could write custom software to connect to the network and do this.

Do you mind opening an issue on the github repo requesting this?

#3

Yep, should be able to get an issue together over the next few days–your work is much appreciated!