How to securely set up the official IOTA wallet

Now that you’ve purchased some IOTA (if you haven’t, check out my guide on purchasing), you may wonder what the best way to store it is. Some might say it’s OK to keep it in the exchange, and this is true if you plan to do any kind of day trading with it. However, let’s not forget what happened on MtGox and more recently NiceHash. The hard facts are, storing your IOTA (or really any crypto) in an exchange leaves it vulnerable to theft. The best way to minimize your risk is to set up a personal wallet, so this guide will walk you through setting up the official IOTA wallet that is maintained and developed by the people behind the IOTA project.

To my knowledge, this wallet is the only wallet supported by the IOTA team, and is the only wallet I will be covering. I don’t recommend using any third party wallets, especially mobile wallets, and can’t advise on using anything besides the official wallet. Additionally I don’t recommend using any seed generators for your IOTA wallet, and have detailed a cryptographically secure way you can generate a seed on your own computer. You are using the IOTA wallet at your own risk, so it’s important to educate yourself about its shortcomings, and do your due diligence before sending any IOTA to your wallet.

Download the wallet

The wallet is available from the IOTA team’s Github. We’re currently on v2.5.4 at the time of writing, and you’ll want to regularly check for updates to the wallet. Download the relevant wallet for your operating system, and open it once finished

Side rant about Snapshots

This may also be a good time to subscribe to the IOTA team’s blog, and consider subscribing to r/iota so you can stay up to date on what’s happening. While these guides are designed for people that are new to cryptos, it’s important to understand what you’re investing in. This is especially true of IOTA, as you need to be aware of when the team is taking Snapshots and if there are any tasks you need to complete to secure your balance. You can do more research into what a Snapshot is on your own, but the basics of it is that the Tangle get’s larger and larger as time goes on. A Snapshot saves all the current balances at a specific point in time, and trims off any transaction history to reduce the total size. When these Snapshots happen, there can be a re-claim process to restore the balance of your IOTA. Ideally this won’t happen in the future, but it’s a possibility you need to be aware of.

Setup your wallet

Now that you’ve downloaded your wallet, setup is relatively simple. In this tutorial we’ll be running a Light Node, as it’s the more simple of the two options. A Light Node references Full Nodes that are run by community members. These Full Nodes are the backbone of the Tangle, so if you’re savvy enough to run one it’s highly encouraged :D.

For the general public though, the Light Node is a secure way to store your IOTA, and gives you the ability to easily send and receive IOTA. The first step is selecting your Host, and there isn’t necessarily one that’s better than the other. Basically, as long as you are able to connect you’re good to go. If you’re feeling adventurous, you can visit http://iota.dance/nodes and pick one based on Ping (this may require you to use the “Custom” option at the end of the list).

If you’re able to connect to the node you selected, you should see something like this. It should be noted that some Nodes have scheduled downtime, or may become overloaded due to exchange volume (this is what’s happening at the moment with exchanges and long processing times). If you ever get a “Connection Refused” error, you can click Tools > Edit Node Configuration to change to a different Node.

Generate your Seed

Now we come to the biggest “issue” that people have with the current version of the IOTA wallet, which is Seed Generation. At the time of writing, the IOTA wallet will not generate a seed for you. This leaves you with the task of creating a cryptographically secure seed, and for crypto noobies this means a huge potential for malicious tools.

What’s a seed you ask?

A seed is basically a super long and complex password which you use to access your wallet. If you’re familiar with Bitcoin and Ethereum, you may be used to hearing “Private Key”, but the function is more or less the same for our purposes. Obviously the more secure your seed (password) is the more secure your funds are, so you want to minimize the number of people that could access your seed!

As I mentioned earlier, I wouldn’t recommend using any online seed generation services. Instead, I’ve worked with a few buddies who are far better versed in programming and cryptography to come up with a command line string that will use your own computer to locally generate a seed (basically it’s secure). The only caveat is if you have a Windows machine, as Powershell has been demonstrated to be insecure. I know I just got done telling you not to use a seed generation tool, but unfortunately if you’re a Windows user and don’t have access to a Linux or MacOS machine it’s your only option (apart from opening a Word doc and mashing out 81 characters [please don’t do this]).

My advice is largely referenced from Mathew Winston Johnson’s IOTA FAQ, with one change for added security (you can also find a seed generator there if you want to ignore all the advice above). In his guide, he recommends using urandom, but this command has actually been shown to be less secure in some very fringe cases. As such, I’ve replaced urandom with just plain old random to get the following commands:

MacOS: cat /dev/random |LC_ALL=C tr -dc ‘A-Z9’ | fold -w 81 | head -n 1

Linux: cat /dev/random |tr -dc A-Z9|head -c${1:-81}

You should see something like this (obviously don’t use the seed listed here)

You may even consider disabling your WiFi when generating your seed, as a last layer of security.

Once you have your seed generated and saved in a secure place (seriously don’t lose this, it is the ONLY way to access your funds), you’ll want to clear your .bash history as the seed will be saved there if you don’t. To do this, type “history -c” before closing the Terminal window. If you want to be really thorough, you can open your .bash_history file, and double check that the line with your seed was removed (more info here). After doing that you can enter you seed into the IOTA Wallet!

When you type your seed in, a 3-digit checksum shows next to your seed. This should be the same every time you enter your seed, and is one final layer of confirmation that you’re entering the same seed every time.

Once you’re logged in, you can generate a Receive address, and send your funds to your wallet! The final thing to note in regards to security is to NEVER re-use an address after sending from it. I find it’s good practice to generate a new address for every Send and Receive transaction so I don’t have to remember, but that’s just me. You can read more about it by opening up the Help area in the wallet, and reading the section on “Can I reuse an address”.

Did you find this guide helpful? Feel free to send me a donation!

EAEPLNYLCACAWEXUBZ99XEGFW9ILWBSOJVJTOBOQAKMLVTBPBGACZIJLNZAGVPCIBQRQNMDQEEKGOJBRWESQYOIWZ9

Although it should be obvious — I am not a fiduciary, nor am I a financial advisor. I am not responsible for any losses incurred.