I am trying to create a flow for securely transacting Nervos. My threat model requires that I never have my secret key on an internet-connected computer.
As far as I can tell, there is currently no way to create a valid transaction in this setting. If anyone can help, I’m looking for a way to execute the following steps:
Generate private key on offline computer
Use online computer to create an unsigned transaction
Move unsigned transaction to offline computer and sign transaction
Move signed transaction to online computer and broadcast to network
Any alternative approach that would allow for creating a valid transaction while keeping the secret key offline would also be welcome.
Although some of the SDK functions needed by this process are not fully available at this moment, so you might had a hard time on doing in this in practice, I think it’s totally feasible to do this work flow with Nervos.
The fact that generating transactions without signing is quite easy.
The signing messages are placed in input.unlock and the flow of generating transaction likes this, you can put arbitrary unlock script in the input and replace it with the correct one in your offline wallet.