On today’s AMA call, the topic of “what if i don’t trust my phone” came up with regards to key generation.
Here’s a very rough hack to ensure your key stays protected on a mobile device:
- Get an old mobile phone that can run the incognito wallet. (Shout out to Google pixel/Nexus devices for having good software updates.)
- Do the software updates
- Install incognito
- Disable wifi (on some phones you could even remove the wifi antenna)
- Disable 4g and remove the SIM card
- send funds to your public key using the recieve screen
All you should need is that QR code.
Downside: if I understand how incognito works, you’d be unable to check your balances using that QR code / address from a connected device.
Upside: this method eliminates most of the ways your phone could betray you, and when you need to view your balance, you could always connect your cold phone to a very secure WiFi network that is only allowed to talk to incognito.
There are probably other variations on this theme I haven’t considered, also.
Cheers! It was a fun call today, thanks.