Tutorial: set up your own air-gapped wallet for free with AirGap

How to reuse an old device as an air-gapped crypto wallet

About air-gapped crypto wallets

An air-gapped wallet keeps your private key on a separate device that is never connected to the Internet. This makes it (nearly) impossible to steal your private key and thereby your crypto. If you’re wondering why air-gapped wallets are the most secure kind of crypto wallets, check out this article I wrote some time ago: Why air-gapped wallets are the most secure way to manage your crypto.

There are various air-gapped wallet solutions out there, with many companies offering dedicated hardware like ELLIPAL Titan, SafePal and Keystone. These come with a price tag of around US$150–200.

However, it is also possible to reuse an old device you already own and simply keep it disconnected from the Internet. AirGap offers such a solution and this article will show you how to set up an air-gapped wallet solution for free. Besides being the cheapest solution, using AirGap has additional benefits

• You are not giving any private information (like shipping address) to 3rd parties. Such information could be used for targeted attacks.
• AirGap can be installed on a large variety of hardware devices, it is unlikely that your exact device is targeted by an attack (compared to dedicated hardware wallets).
• The code is open source and can be inspected here https://github.com/airgap-it. If you have the technical skills you can even deploy the source code to your device directly.

How does an air-gapped wallet work?

For an air-gapped wallet you need 2 devices, I’ll call these Device A a.k.a. the “Vault” and Device B a.k.a. the “Wallet”.

The basic idea is that your Device A stores the private key and is never connected to the internet or any other device. This makes it (nearly) impossible to steal your private key. You should use Device A only for one single purpose, signing transactions — nothing else.

Device B can be any everyday device you prefer, this can be your smartphone, laptop or desktop computer. On Device B you will keep your Wallet App, but without your private key. This means, you can see your current balance and past transactions on Device B, but you cannot send crypto. If you want to send crypto you will need to sign the transaction with Device A.

transaction flow with an air-gapped wallet

The image above shows how a crypto transaction is done with an air-gapped wallet:

1. You create the transaction on Device B using your Wallet App. You will select the recipient and the amount of crypto to send. After creating the transaction, Device B will show a QR code containing the transaction information.
2. You use Device A to scan the QR code and get the transaction information.
3. Device A asks you to confirm the transaction, e.g. via finger scan or password. Once you confirm the transaction, Device A uses the private key to sign the transaction and shows a QR code containing the signature.
4. You use Device B to scan the QR code and get the signature. Once this is done, the transaction is broadcasted to the network.

As you can see, Device A is never connected to the Internet and your private key is never transferred, making it nearly impossible for your private key to get stolen.

Check out this Video by AirGap to see how this works in action https://www.youtube.com/watch?v=9L04TkMeH0o&ab_channel=AirGap.it

Step-by-step setup guide

What you’ll need

• Device A: an old Android or iOS device with a camera (you should no longer need this device for anything else).
• Device B: an everyday device (smartphone, laptop, desktop) with a camera.
• a secure way to backup your seed phrase, e.g. a Steelwallet

Step 1, prepare Device A

Device A will store your private key and will never be connected to the internet or another device after the initial setup.

You can use any old Android or Apple device, as long as it has a camera and supports the AirGap Vault app (Apple Store, Google Store). But make sure you don’t need this device for anything else in your life. After the setup is done you should only use it for signing transactions.

On your old device (Device A):

• Remove all SIM cards and SD cards from the device
• Factory reset the device — all data will be lost
• Reboot the device
• Connect to wifi
• Install the latest Android/iOS software updates
• Setup a lock screen
• Enable encryption, if your device supports it.
  On Android: Settings → Security & Lock screen → Encryption & Credentials

Step 2, install the Vault app on Device A

Now that Device A is ready, install the Vault App from one of these sources:
Apple Store, Google Store, Android APK.

Step 3, disconnect Device A from the Internet

After installing the Vault App you are no longer going to need an Internet connection.

• Go to your WIFI settings and remove all networks
• On Android, go to the WIFI settings and make sure “Scanning always available” is disabled
• Enable Airplane mode and keep it enabled forever

Step 4, import or create the seed phrase

Now that your device is disconnected from the Internet, it’s safe to import the private key or create a new one using the Vault App.

• Start the Vault App
• When asked for the installation type, select “offline”. Keep in mind to never connect this device to the internet again. If you need to, first do another factory reset deleting all your apps and private data. Of course, make sure to have a backup of the seed phrase in place!

Now you can either import an existing seed phrase (if you want to reuse an existing crypto address) or create a new one. To be on the safe side I recommend generating a new one, and later transferring all the crypto to the new address. If you want to import an existing seed phrase jump to the next step.

To generate a new seed phrase:

• Follow the instructions, this will ask you for access to your camera
• Once the seed phrase is generated, make sure you back it up. If you lose your seed phrase you lose access to your crypto!

To back up the seed phrase you can use a metal storage, e.g. the fire-resistant Steelwallet. Check out this page reviewing various different metal storage options: https://jlopp.github.io/metal-bitcoin-storage-reviews/

Step 5, setup Device B

On your everyday device (Device B), e.g. your smartphone, install the AirGap Wallet App:
App Store, Google Store, Windows, iOS or Linux computer.

Side note: you don’t need to use the AirGap Wallet App. AirGap integrates also with MetaMask and other Wallet Apps: https://airgap.it/supported-wallet.

Step 6, import the Account

Now we need to import the Account created on Device A, into the Wallet App on Device B.

• On Device A, open the Vault App and click on the Account. The App will show a QR code
• On Device B, open the Wallet App and click on “Scan QRs”. Scan the QR code shown on Device A.

This will import the Account into the Wallet App, without transferring the private key. The private key will be kept secure on Device A.

Step 7, wrap up

🍾🍾🍾 That’s it 🍾🍾🍾

You have successfully set up an air-gapped hardware wallet using your own device. Before transferring all your money to the new address I’d recommend caution:

• Make sure you have the seed phrase backed up, so you can recover your account if the device is lost, stolen or breaks.
• Test receiving and sending crypto with a small amount first, before you transfer all your crypto to the new address. This will also make you familiar with the transaction workflow.

Check out this video by AirGap to see how to create a transaction: https://www.youtube.com/watch?v=9L04TkMeH0o&ab_channel=AirGap.it

A final word of warning: It’s important to note that air-gapped wallets are not completely invulnerable to security threats, so it’s still important to take steps to protect your funds, such as using strong passwords and keeping your recovery phrase safe.

Sources & Links:

• A detailed step-by-step guide on how to create a transaction: https://medium.com/airgap-it/airgap-the-step-by-step-guide-c4c3d3fe9a05
• Airgap website: https://airgap.it
• Use Airgap with Metamask: https://medium.com/airgap-it/airgap-now-supports-metamask-mobile-ef8c81b8116b

New to trading? Try crypto trading bots or copy trading

Join Coinmonks Telegram Channel and Youtube Channel get daily Crypto News

Also, Read

• Copy Trading | Crypto Tax Software
• Grid Trading | Crypto Hardware Wallet
• Crypto Telegram Signals | Crypto Trading Bot
• Best Crypto Exchange | Best Crypto Exchange in India
• Best Crypto APIs for Developers
• Best Crypto Lending Platform
• Free Crypto Signals | Crypto Trading Bots
• An ultimate guide to Leveraged Token