Aug 16, 2019
By: Sharon Halevi
Part IV: Using a Hardware Wallet
How do I use a Ledger wallet with my Algorand account?
In Part I, we described ways to manage keys securely, explained how run a node on an offline machine, and outlined how to recover accounts on different machines. In Part II we showed how to create and transact from a single-key account. Then, in Part III we showed how to create and transact from a multisignature account. Now, we will introduce an alternative to the online/offline method for account security using a hardware wallet.
What is a hardware wallet?
Hardware wallets are small devices that house an account. The account public key is displayed on the screen, and the secret key is stored in a secure chip in the device. Hardware wallets allow users to keep accounts online without exposing the account secret key to a network. The main advantage of a hardware wallet over the previously described online/offline method for account security is the increased convenience and usability of a hardware wallet.
It is important to note, however, that a hardware wallet account is only as secure as the device itself. Hardware wallets are a relatively new technology, and more research is required to determine the security level of these devices.
How do I connect a hardware wallet to the Algorand blockchain?
In this tutorial, we will show how to use a Ledger Nano S hardware wallet.
To learn how to set up your Ledger Nano S, visit Ledger’s website and follow the setup instructions here.
Once you have connected your Ledger Nano S to the Ledger Live app and allowed Ledger Manager, find Algorand in the app catalog and install it to your ledger device. This app creates an account for you and allows you to generate and sign transactions easily online.
The primary way to interact with the account stored in the ledger device is through the goal tool in kmd. We will show how to perform operations like transaction generation and signing on an online machine with kmd. In your node, type
./goal wallet list -d <path to data directory>
This should show you the list of wallets currently in the node. You should see a wallet called Ledger Nano S. If you do not see this wallet immediately, make sure you are connected to the Algorand app on the Ledger device and try again. It can take some time to appear in your wallet list, so you may just have to wait a few minutes and check again.
Note that the device can only store a single-key account. However, it can be used as an associated account to a multisignature account. This means that when creating a multisignature account, one of the associated public keys can be the Ledger account. Further, when signing a transaction from a multisignature account, the Ledger can be used to provide one of the necessary signatures to reach the threshold.
Follow the tutorials below to learn how to utilize your Ledger hardware wallet as a single-key account first, and then as an associated account in a multisignature transaction.
Generating, Signing, and Sending Single-Key Transactions
The process of generating, signing, and sending a transaction from a single-key account requires only one command. Simply type
./goal clerk send -a <amount> -f <from ledger account> -t <to account> --note "" -d <path to data directory>
Now, the transaction should be generated and you should see instructions on your ledger device to sign the transaction. Once you have scrolled through the transaction information and signed the transaction by pressing the button on your Ledger device, it will automatically be submitted.
Generating, Signing, and Sending Multisignature Transactions
To generate a transaction from a multisignature account with associated Ledger accounts, enter the command
./goal clerk send -a <amount> -f <multisignature account> -t <receiving account> -w <wallet containing multisig account> -o <transaction-filename.tx> --note "" -d <path to data directory>
To sign from a Ledger account, type
./goal clerk multisig sign -t <transaction-filename.tx> -a <Ledger account address> -w "<name of Ledger wallet>" -d <path to data directory>
The name of your Ledger wallet should be entered as it appears in the wallet list. Now, you should be able to sign the transaction from your ledger device. To check that the signature went through and that the transaction has not been altered, type
./goal clerk inspect <transaction-filename.tx>
Under the account address, there should be a field “s” with a signature under it.
Repeat the signing and verification step for each associated ledger account, or follow the signing and verification steps from Part III for each associated non-ledger account until the threshold for the multisignature transaction is reached.
If you have consecutively signed the same transaction file with all of the necessary signatures, you can then submit the transaction. If you have distributed the original transaction file to multiple signers and now have multiple partially-signed transaction files, you can merge these partially-signed files using the command
./goal clerk multisig merge -o <merged-file.tx> <partially signed filenames> -d <path to data directory>
To submit this transaction enter the command
./goal clerk rawsend -f <signed-transaction-filename.tx> -d <path to data directory>
Now you know how to use a Ledger device to securely generate and sign transactions on the Algorand blockchain. If you want some background on accounts and wallets, read Part I of this blog series. If you want to learn to use accounts without a hardware wallet, refer back to Part II and Part III to learn to use single-key accounts and multisignature accounts without a hardware wallet.