To skip to the actual guide, click here.
What is an ethereum wallet?
An ethereum wallet is where you store your ether and ERC20 tokens.
It’s not a physical thing. It’s not stored on any single server or location. The best way to think of it is as a way of accessing information.
It essentially consists of two parts: a public key and a private key.
Anyone can send tokens to the public key. But only someone with the private key can access these tokens or transfer them.
I often see people saying things like “I store my tokens on MEW” – but this doesn’t really make sense. MyEtherWallet (MEW) is just one of many ways to interact with the ethereum blockchain. If you originally generated your wallet using MEW you could use that same public and private key to send and receive tokens via another website or client.
Wallets are generated mathematically. This means it is possible to generate an ethereum wallet offline.
Why generate an offline ethereum wallet?
Security. People are paranoid someone might steal their wallet’s private key and with it their ether and tokens.
If your PC is infected with malware and you store your private key in a .txt file, say, a hacker with remote access could gain access to your wallet. It’s never a good idea to store your private key on a computer that’s connected to the internet. Write it down on a piece of paper or store it on a USB stick.
Another potential security risk comes from using websites like MEW to generate your wallet. MEW is pretty much as safe as you can get when it comes to an online ethereum interface but since the information you provide goes through their servers, it’s theoretically possible they could access your wallet. A more likely scenario is a phishing attack – a website that looks just like MEW that tricks you into handing over your private key.
If you generate your wallet on an offline, air-gapped computer, then these kinds of attacks aren’t possible.
Generating an ethereum wallet offline is a bit more complicated but if you’re storing thousands of dollars worth of tokens it’s probably worthwhile.
Generate an offline Ethereum wallet via MyEtherWallet
This is by far the easiest way to generate an offline ethereum wallet.
MyEtherWallet.com (MEW) is a web-based interface for generating ethereum wallets and interacting with the ethereum blockchain.
It’s also open source. This means you can download the site and use it offline to generate wallets and even make transactions.
First, download the latest version of MyEtherWallet from here.
THIS IS WHERE YOU DISCONNECT FROM THE INTERNET.
Unzip the files and find index.htm.
This will open in your default browser.
Enter a password as prompted and write it down somewhere. This password is used to decrypt the Keystore/UTC/JSON file that contains your private key.
Click ‘Create New Wallet’.
Next, you will be prompted to download your keystore file. It will be called something like ‘UTC–…’
This file is written in JSON format. It contains your public key and your private key. However, the latter is encrypted using the password you entered previously.
You have to download this file before you can continue.
Next, you will be shown your unencrypted private key. If you save this then you technically don’t really need the keystore file anymore.
You can also choose the option to ‘Print Paper Wallet’. This is a good way to store your ethereum wallet details offline.
A paper wallet looks something like this:
When you generate yours, the private key will be visible.
A paper wallet is basically just a fancy way of presenting your public and private keys. If you really wanted you could write these out yourself with a pen. Just make sure you get it exactly right – they are case sensitive!
Once you’ve saved your private key/printed your paper wallet, you will be prompted to unlock your wallet. You can do this using either your private key or a combination of the keystore file + password.
Once your wallet is unlocked, scroll down to see your wallet information.
You will have another chance to print a paper wallet. Clicking the button circled below reveals your private key.
Before reconnecting to the internet, make sure your private key isn’t stored anywhere on your PC – otherwise this defeats the whole purpose of generating your wallet offline in the first place.
If you want to be really secure, you could remove or format your hard drive after all this to rule out the possibility of a program being able to record your offline activities and transmit the details once you reconnect to the internet.
Storing your private key
There are numerous ways to store your private key.
The most secure way is to memorize your private key. This way it can’t be stolen or hacked but unless you’re Rain Man you’ll probably forget it. Don’t do this.
A paper wallet can’t be hacked but it can be stolen. If you leave your paper wallet lying around someone only has to take the piece of paper or make a copy of it and your tokens are theirs.
Another risk is that you lose the paper wallet or someone throws it away without realizing how valuable it is. Unless you keep it in a locked safe, it’s not a bad idea to create a backup copy.
If you use a USB stick or other storage device to store your ethereum wallet details, it’s a good idea to store the UTC/JSON file rather than the unencrypted private key. This way, if someone does steal the USB, they can’t steal your tokens. Again, it’s a good idea to store this file on multiple storage devices in case one gets stolen or corrupted. Just don’t forget the password used to encrypt the file.
Sending ether and tokens offline
It’s possible to interact with the ethereum blockchain (i.e. send ether and tokens) from an air-gapped device. You generate the transaction details offline then copy these details to the ethereum blockchain online later.
If you generated your wallet offline and want to ensure your private key remains private, this is the way to go.
First, if you haven’t already, download MyEtherWallet (see above).
MAKE SURE YOU ARE DISCONNECTED FROM THE INTERNET HERE.
Open index.htm and click ‘Send Offline’.
Scroll down to ‘Step 2: Generate Transaction (Offline Computer)’.
Here, you enter the details of the transaction. These are:
- To Address: the public key of the wallet you want to send ether/tokens to
- Value/Amount to Send: how much ether to send to this address
- Gas Limit: leave this as default (21000)
- Gas Price: leave this as default (0)
- Nonce: leave this as default (0)
- Data: only applies if you’re sending tokens, otherwise leave blank
Then scroll down and enter the details to access your wallet (private key or UTC file + password).
Once you have accessed your wallet, double check the details of the transaction are correct. Then click ‘Generate Transaction’.
Copy the hex string in the ‘Signed Transaction’ box and save it to a text file.
Close MyEtherWallet and remove the USB device with your private key if applicable.
Reconnect to the internet and visit the MyEtherWallet website. Always double check the URL.
Click ‘Send Offline’ again but this time scroll down to ‘Step 3: Send / Publish Transaction (Online Computer)’
Paste the signed transaction you copied earlier and click ‘Send Transaction’.