All Credits to Claudio Atilano | Original Post -https://goo.gl/UcHRVk
If you have IOTA, you understand the importance of security when it comes to this cryptocurrency. The current wallets don’t have a seed generator feature and people assume that a Google search will help them find out how to generate seeds to use the IOTA wallet.
What is a Seed?
In IOTA a seed is a phrase of characters that consist of letters in the latin alphabet and the number 9 . It can be up to 81 characters long. For security purposes, we suggest you use the 81 characters maximum limit . The seed is in trytes due to IOTA being based off trinary technology.
Let’s randomly generate a seed from a Mac’s terminal to use it as an example.
If you’re wondering how to make this in your computer, you can use the following scripts on your Linux or Mac terminal.
Now, the seed is able to create a set of public and private key pairs in order for you to receive and sign transactions. IOTA is extremely secure because it uses the Winternitz One-Time Signature Scheme. This means that after you sign your transactions, you change your current public/private key pair for a new set of keys according to your seed. (This is why we Attach to Tangle after we send a transaction)
It is important to make sure your seed is secure because if someone has access to your seed then they’ll have access to your funds. You wouldn’t tell a stranger your banking login username/password; similarly don’t let anyone have access to your seed.
IOTA Wallets Hacked by Online Seed Generators
IOTA users created seeds using online seed generators. Sure, this makes it easy to generate seeds for those users that are not technically inclined but those that did not take security as an important measure had their funds stolen.
“If its on the Internet it’s sitting on a server that can be attacked”
The online seed generators gave the hackers the seeds that users placed their funds in. It’s similar to asking a stranger to create your banking login information because you don’t know how to create a good username/password. About $4 million of IOTA was stolen from this attack, giving IOTA a lot of FUD to its security.
The IOTA Encrypted USB Wallet
At iMarkett Co. we wanted to help solve this issue by giving non-technical users:
- A simple user experience.
- Secure seed storage.
- Secure offline seed generation.
- Instructions on using the IOTA wallet.
That is how we designed our IOTA Encrypted USB Wallets to work.
Upon purchase you will be prompted the password that you want to encrypt the USB with. The USB will contain your offline Seed Generator & the Official IOTA Wallet (Currently 2.5.7). This is a simple product that is meant to alleviate security issues.
This product is not as expensive as a Ledger Nano S but it is a great secure alternative that won’t break the bank, similar to OpenDime. There is currently a team developing the Ledger application that will be even more secure than this product. Their progress is phenomenal and we are big fans of them. Check out their progress here.
Due to the recent frenzy with seed generators, we have decided to open source the seed generator for the public to audit. If you would like to audit the code yourself check it out here!