When holding cryptocurrencies like Bitcoin, many people suggest doing it on hardware wallets like Ledger or Trezor. However, there is a very simple and safe solution, using only two regular pen / flash drives, connected via USB.

tl;dr: Boot from a Debian live, run AtomicWallet (or any other with an .AppImage distribution) and let its config be saved (and later read) on/from a second pen drive.

Prerequisites

  • A computer with two USB slots (or any other option to have them connected at the same time)
  • 2 USB flash drives:
    • 1 called LinuxDrive, with >4GB storage space
    • 1 called CoinDrive

Create the wallet

  • Install a Debian live, for example the XFCE image on LinuxDrive. On OSX, this can be done with balenaEtcher.
  • Boot the machine from LinuxDrive.
  • Having booted and Debian running, insert CoinDrive and mount it (click on its icon on the desktop).
  • Open the Terminal and execute
    • ls /media/user/ – this will show the name that CoinDrive was formatted with. Let's assume it is CoinDrive
    • mkdir /media/user/CoinDrive/atomic/ – creates a directory where the wallet's data will be stored
    • ln -s /media/user/CoinDrive/atomic/ ~/.config/atomic – creates a symbolic link from the home directory to CoinDrive
  • In a browser, download the AppImage of AtomicWallet: Click on Downloads and then pick Ubuntu (not Debian).
  • Again in the Terminal, execute
    • chmod u+x Downloads/atomicwallet.Appimage – to make the file executable
    • Downloads/atomicwallet.Appimage --no-sandbox – to run the wallet
  • In Atomic wallet, create the wallet: set a password, remember the paper seed and the public addresses of the coins you want to use. (You might scan their QR codes with a phone.)
  • Shutdown / reboot.

Fill the wallet

To send money to the wallet, you of course only need its public addresses. No need to touch LinuxDrive or CoinDrive.

Spend from the wallet

  • Boot Debian from LinuxDrive.
  • Download again the AppImage of AtomicWallet
  • In the Terminal, execute again:
    • ln -s /media/user/CoinDrive/atomic ~/.config/atomic
    • chmod u+x Downloads/atomicwallet.Appimage
    • Downloads/atomicwallet.Appimage --no-sandbox
  • Send money from the open wallet.

Backup the wallet

Atomic Wallet has stored your wallet data in a directory atomic/ on the pen drive, encrypted with a passphrase. Therefore, to back it up, you might copy that folder anywhere else as a backup.

Compared to a commercial hardware wallet

Convenience

A hardware wallet can be created and spent from without rebooting the machine.

This is different with this DIY wallet, where every spending action needs a reboot and execution of a few Terminal commands.

However, if ones aim is to mainly "hodl", this might be enough.

Security

With a hardware wallet, you only need to trust its manufacturer. Even if the hardware and software of your machine is compromised, the private wallet keys will probably not be leaked.

The DIY wallet should work safely even if your operating system is compromised – as it reboots from Debian, a popular and widespread Linux distribution. It can however not save you from compromised hardware, e.g. if your machine has a secret key logger.

Atomic Wallet's configuration on CoinDrive is encrypted by Atomic itself, so the drive should not leak data without your password. However, if you want to add security, you can format it with LUKS first.

Conlusion

The DIY wallet is simple (and free) alternative to a commercial hardware wallet. Instead of trusting a wallet manufacturer, here you need to trust the Debian and Atomic developers, plus the hardware of your machine.

New Comment
2 comments, sorted by Click to highlight new comments since:

You can also do the same thing with just one debian thumbdrive and enable a persistent partition. The easiest is to use Rufus when creating the live thumbdrive: https://www.linuxuprising.com/2019/08/rufus-creating-persistent-storage-live.html Then you can run debian (eg. Ubuntu) and all your changes will be saved on the same stick.

Yeah, this would be the ideal situation! Couldn't try it with Rufus, due to a lack of a Windows machine.

For OSX, I tried with Unetbootin, but AFAIR the stick didn't boot on my MacBook..

Anyhow, if some finds such a setup working, with an actual crypto wallet running on it, let me know!