Model for transaction workflow using the Frankenwallet
- Stick to the general “air gap” transaction workflow
- 1. Assembling the transaction details on the host machine
- 2. Building & signing the transaction in the Frankenwallet
- 3. Upload & submit signed Tx, and update records & backups
Stick to the general “air gap” transaction workflow
First, familiarise yourself (if not already familiar) with the page Cardano Developer Portal > Secure Transaction Workflow which outlines this general model for the use of an air gapped machine:
- (insecure) Assemble blockchain data for your transaction from the Internet and live Cardano node
- (secure) Build the transaction and sign it with private keys kept only in secure environment
- (insecure) Upload and execute the signed transaction
The Frankenwallet model will be exactly the same except that it won’t require a “transfer memory stick” to move files between the insecure and secure environments (as introduced on the “What’s unique…” page) because those 2 environments already share a drive: your host computer’s disk itself.
The rest of material below suggests steps you might want to do differently on the Frankenwallet than you would on a traditional “air gap” system with a memory stick transferring your files.
1. Assembling the transaction details on the host machine
Keep a current protocol.json file in your host folder
tip
This habit will ensure you always have an up-to-date
protocol.jsonfile — to avoid transaction building errors, or inaccurately costed transaction, in the “cold” Frankenwallet where you won’t be able to download an updated copy.
Whenever you’re ready to work in the Frankenwallet, get a fresh copy of the protocol file and compare it with the old one to see if it needs to be copied… if so, note it in the file where you’re keeping your transaction details and notes.
This process can be simplified by keeping the previous version of protocol.json and comparing them: if the old & new file differ, copy the new file from your host folder into the Frankenwallet directory where you’re preparing your transactions.
2. Building & signing the transaction in the Frankenwallet
Use your “scratch file” to pass messages between your Frankenwallet & host machine
tip
The “scratch” file doesn’t have to be disposable, only storing data for the current round of transactions… it can have a page or section for each Frankenwallet session, to keep an ongoing record of your account activities, stake pool operations, etc.
Whether you prefer to run cardano-cli commands raw (as recommended in the original Frankenwallet documentation, by keeping “templates” of commonly used commands rather than relying on third party scripts) or use a CLI package of operator tools, you will likely do both these things:
- repeat certain activities: therefore it helps to copy & modify commonly used commands or groups of commands from your own previous work.
- prepare commands before running them in the Frankenwallet: especially when this might be easier with the full software & Internet access of your host machine.
Over time this “scratch” file can become both a log and a workbook for your operations & cryptocurrency records… and since this file will be repeatedly opened on the host machine as well as the Frankenwallet, this extension to the usual “air gap” instructions is especially important:
Unless you are certain your “scratch file” will not contain any compromising data, it should be encrypted from the beginning with your low security password.
3. Upload & submit signed Tx, and update records & backups
(optional) Use the Frankenwallet disk to store files used to build transactions and operations
tip
Each session on the Frankenwallet may generate temporary files: rather than deleting these, you can use the encrypted disk to keep these files without having to encrypt them individually.
While your low security (verification) keys and high security (signing) keys should be kept in separate, dedicated directories, intermediate files can also be kept in different folders on your Frankenwallet disk, including:
- subfolders for particular projects (token mints, smart contract development & testing)
- subfolders for each date of operations (especially for stake pools: e.g. with folders named by ISO date + the activity performed)
… according to whatever scheme suits your operations & crypto resources. The only requirement of course is to keep all of this sensitive but unencrypted data on the Frankenwallet disk and far away from your host folder!