Idea: Have an operating system boot from a bootable medium completely into RAM. There is no storage attached to this system, so once it boots up and we eject the bootable medium, this system is completely running off RAM & its not capable of leaving a trace anywhere except RAM, contents of which are hard to recover without physical access to the system.
Premises: There is no physical access to this system, which makes a whole set of attacks possible, but lets compile a list of attacks like Cold boot attacks etc, that possess a threat to this setup, and we can assess the severity of each one of them.
Use-case: Using as a vault for cryptocurrency storage & signing transactions.
- Hardware: Raspberry Pi / Old Computer (which may or may not have wifi/bluetooth hardware available, latter preferred obviously)
- Custom Linux OS (Functional Display + Touchscreen drivers + Camera drivers + Absence of WiFi / Bluetooth drivers + Modern Browser + On-screen keyboard)
- Binary (Golang program running a local server & UI accessed via browser)
Things that may or may not matter:
- CPU architecture: x86 / ARM
- Bootable media: USB drive / SD card
Communication medium with air-gap system: QR codes
Since this only requires little information to be passed to & fro, using QR codes to encode/decode JSON payload seems ideal.
Explanation: Boot up the computer & eject bootable medium. Run the program and access UI in a browser by going to
localhost:3000. Generate the keys (Sensitive information) or import if you already have those keys generated in a previous run. Scan QR code to receive the unsigned transaction, show confirmation, sign it and then encode signed transaction as QR code and display it.
The bootable media that’s in use, will never be plugged back into a system connected to the internet as an additional security measure, but with the ability to eject bootable medium after boot up, makes this unnecessary.
Building Custom Linux OS: This is where I want to crowd source knowledge:
- What OS to choose to build upon + what packages to use + what packages to remove?
- What would be a simpler approach to building this OS?
- How to build a lean & minimal distro which can run on a system as low as 512 MB RAM (the less the better), provided the OS footprint is around 100-20 MB of RAM, leaving the rest for the program to use.
- Expose attack vectors in this approach.
End Goal: Present the source-code + instructions and host the distro for download to use as a cryptocurrency vault along with the wallet app that will be open-sourced with the option of choosing a hosted service for that as well. Considering the architecture, people can simply use it without even requiring to trust/verify the system, as long as they can maintain the air-gap of the vault.