Finally. A crypto wallet that forces all users OFFLINE.

Just a quick note: This article is aimed primarily at individuals who like to have exclusive control over their cryptocurrency. If you find the idea of saving wallet files, memorizing pass-phrases, & basic computer security daunting — that’s okay. This article just may not be for you.

Get a grip on your hard earned cryptocurrency.

The background: Frost Wallet

For those of you that have been actively following me; you may have come across my IOTA cold wallet: Frost (http://frostwallet.info). I developed the wallet for my own personal use when I was unable to find a secure way to store IOTA for long periods. Since we’re visual creatures, extra care was placed on making the UI attractive and easy to use.

Code monkey? Developer? Fan of ultra strange literature? The full source is available on GitHub: https://github.com/zachalam/frost

Sharing Frost with the Internet.

Lots of time went into creating Frost. So, like any proud parent, I decided to share it with the world by posting it on a couple sites *cough*reddit*cough*. As one can imagine, I received lots of feedback questioning the security and safeness. In complete fairness, these comments are 100% justified. I can’t blame (or rather, encourage enough) an individual for needing to trust any type of App or software before they store REAL assets on it.

One comment, in particular, really got my attention:

Comment about Frost — Source: Reddit

Right off the bat, the impulsive part of me thought:

“It’s a cryptocurrency wallet, isn’t it obvious you should disconnect from the Internet?”

Well, actually it’s not. It’s only obvious to the individuals out there who have been using cryptocurrencies for a while. A lot of the newcomers to the technology haven’t had to learn this. After thinking about the comment some more, I came up with an idea.


Let’s force ALL users offline.

Starting today the IOTA cold wallet, Frost, will make it inconvenient for users to generate and access cold wallets while they are connected to the Internet. This is done by hiding wallet functionality when an Internet connection is detected on the client’s device.

Frost Wallet UI — Connected to Internet

Only after a user has gone through the process of disconnecting from the Internet will the wallet expose the “New Wallet” and “Unlock” buttons.

Frost Wallet UI — Disconnected from Internet

How do I send tokens out of Frost?

Frost should be used exclusively as a cold wallet (ie: The private key/seed are NEVER exposed to the Internet). At some time in the future you’ll want to spend funds. Here’s how to do to that:

  1. Disconnect from the Internet, then click “Unlock”.
  2. Import your wallet & decrypt with your passphrase.
  3. Visit the “Seed (Private)” tab and click “I Understand, Show Seed”.
  4. The displayed seed can be imported into any compatible IOTA wallet where you can access your funds.
Frost keeps your IOTA seed offline.

Side note: I have full plans to develop a “hot” IOTA wallet that will support the importing of your Frost wallet. The hot wallet will be able to do the attach to tangle & sending proof of work.


Why aren’t other software wallets doing this?

It’s hard to say, and it’s likely a combination of reasons. I believe one of the stronger points comes down to user adoption. When any user interface adds extra steps (ie: forcing the user to go offline) user adoption drops. As a result, apps that have been optimized for growth are unlikely to implement these bonus security features.

As an ethical developer the last thing I want is for people to inadvertently compromise their assets (even when it’s not Frost’s fault). If I can add measures to prevent this from happening I will.

Like what you read? Give Zach Alam a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.