Setting up a cold wallet using two computers with Anchor Wallet

If you are managing high-value private keys, the next best thing to a hardware wallet is utilizing an air gapped setup with two computers using Anchor. This allows you to use one computer that is online and connected to the blockchain to create and broadcast transactions, combined with another computer that is offline (air gapped) which will do the signing.

To achieve this, you’ll need the following:

  • A computer connected to the internet, with Anchor installed. This is known as your Watch Wallet.
  • A computer not connected to the internet, with Anchor installed. This is known as your Cold Wallet.
  • A portable storage medium to move files between them, like a thumb drive.

Setting up the Watch Wallet

This setup should be done on the computer that IS connected to the internet.

Once you have Anchor installed and have selected which blockchain you’d like to use, you’ll choose to import an existing account. The next step prompts you for how you’d like to import that existing account, and you’ll find an option to setup a “Watch Wallet”.

Once selected, you’ll just need to enter the account name you’d like to setup and import it. This watch wallet is essentially an empty wallet (no keys) which can be used to monitor an account and to create transactions for use within a “Cold Wallet”.

Setting up the Cold Wallet

This setup should be done on the computer that IS NOT connected to the internet.

To install Anchor on the offline computer, you can download the appropriate installer and save it to your thumbdrive or other portable media. Once it’s installed, you’ll be greeted with the setup screen and you’ll want to select “Setup Cold Wallet”.

By selecting this option, you’re telling Anchor that it’s not going to have an internet connection - and that it should disable most of the user interface and operate only in the mode where it’s allowed to sign transactions. You will need to select which blockchains you plan on using, and then manually setup your accounts by entering:

  • The account name.
  • The name of the permission you’re using (active or owner typically).
  • The private key that controls that account/permission.

The details can be put in after selecting a blockchain and will look similar to this:

Once your account is imported, you’ll be greeted by this screen:

The cold wallet is now setup and ready to use.

Starting a transaction on the Watch Wallet

Back to the computer which IS connected to the internet.

You can use Anchor now with this Watch Wallet to perform transactions, but instead of immediately signing them and broadcasting them to the blockchain (like a normal wallet would), it will instead prompt you to export the transaction, with a few options.

For the purposes of this tutorial and for use in a Cold Wallet, you’ll want to use the “Save as File” option.

You can name this file whatever you’d like so it’s recognizable, and you’ll want to save this file to your thumbdrive or portable media. This file contains the transaction you just tried to perform in the Watch Wallet, but since the Watch Wallet doesn’t have your private keys, it cannot sign and authorize the transaction.

Sign the transaction on the Cold Wallet

Switch back to the computer which IS NOT connected to the internet.

By saving it to the thumbdrive, you can now move that file to the offline computer running the Cold Wallet. Mount the drive if needed, and then click the “Load Unsigned Transaction” button located in the middle of the screen. You’ll be prompted to find the file, so navigate to the thumbdrive and select the file you created.

Once the file is selected, you’ll be presented with a screen to sign the transaction.

This will display the number of transactions to perform, the number of actions, and how long until the transaction expires. It’s important to note that each transaction done in this way will expire within 1 hour.

Scrolling further down you’ll also find the raw details of the transaction you’re about to sign.

Once you’re ready, click the orange “Sign this Transaction” button. Once the transaction is signed, Anchor will automatically prompt you to save a new file - this time it will be a copy of the transaction that has been signed and authorized by the private key loaded in the Cold Wallet. Once again, save this file to your thumbdrive or portable media.

Broadcasting the transaction to the blockchain

Switch back to the computer which IS connected to the internet.

Now with the newly saved signed transaction on your thumbdrive, move it back to the computer connected to the internet. Do what you need to do to mount the thumbdrive within the operating system and then open Anchor. There is a small wifi looking symbol in the lower left of the screen for broadcasting transactions.

You’ll want to select that option and then import the signed transaction file from your thumbdrive.

Once the file is loaded you’ll be presented to review the transaction once more, and then be able to click the purple “Broadcast Transaction” button to submit the transaction to the blockchain.

The transaction will be submitted like any other - but during the entire process you managed to keep your private keys on a computer that was never connected to the internet. It’s essentially a DIY hardware wallet using multiple computers. You can repeat this process as many times as you’d like and perform all the transactions you need to.

Cool I will try with one of my old macbooks that I will keep off line. For this cold wallet can I import accounts from a saved Anchor backup?

This actually reminds of a cold wallet/watch wallet with the TokenPocket mobile App. Using to mobile phones. I love using Anchor mobile authenticator, so for me I think it would be great if I had an Anchor Watch wallet on my desktop and a non connected mobile phone for the cold wallet? And instead of using thumb drives it uses QR codes to capture the transaction with the mobile like the authenticator but it is off line but send back the signing authentication from the offline phone by bluetooth or even a QR code on the phone that can be read by the desktop camera? I feel this would be much easier than moving usb thumb drives back and forth computers. So basically the hardware cold storage wallet is an old mobile that is not connected to the internet. And to make it even more secure have biometric authentication on the mobile that is offline.
TLDR: have a version of the mobile Authenticator that is not connected to the to the internet.

Unfortunately no, but that’d be a cool feature to have at some point.

We could potentially do something like that, but I feel as if it’d be a pretty underutilized feature, especially compared to the amount of effort it would take to build. It’s definitely something we consider in the future, but would likely be more of a passion project than something we’d be able to devote a lot of effort into.

It’d breathe some life into some old retired mobile devices for sure though!

I think honestly I’d still just use an old mobile device as the signer and just have it connected to wifi. The secure enclave is pretty invulnerable unless you have physical access to the device, so if it was always at home and in a secure place, being on wifi doesn’t present much of a risk.

On top of that, it’d already work today. If you notice in one of those screenshots for the watch wallet, it’d already got the QR code :wink:

Yes you bring up a great point here to use the Anchor authenticator on an old mobile and you can store that offline and just turn on the wi-fi when you want to approve transactions.
Thanks Aaron!