Parity Signer v2.0 Beta: New features and improved security
Product Communication Manager @ Parity Technologies
October 11, 2018 in
2 min read
Somebody recently asked us, "Wouldn't it be cool if there was an app that could turn an old phone into a hardware wallet?"
Already available on the iOS App Store and Google Play Store, the newly redesigned Parity Signer lets you generate, store, and safely sign transactions with your private key on devices that never connect to the internet.
Parity Signer v2.0 Beta has a new interface to make the experience of safely storing private keys offline even easier.
v2.0 Beta’s new features
- The brand new design gives Parity Signer a fresh look and an easy-to-read layout, making it easier to verify and sign your transactions. Version 2.0 Beta is designed by Brennan Novak.
- Multiple network selection including Ethereum, Ethereum Classic, and Kovan, and Ropsten Testnets enhances the app’s security by preventing users to mistakenly sign transactions for another network.
- Parity Signer now includes an always-on security notification that lets you know if your device is offline or not. If at any point you see that your device is “Not secure,” you should avoid sending funds to it and repeat the setup process shown above.
- Recovery phrase auto-completion makes the recovery experience smooth and secure by preventing the user from making mistakes and speeding up the recovery process.
How to install securely
Parity Signer is designed to run on a dedicated, offline device that will never connect to the internet once the app has been downloaded and installed. Since we cannot guarantee the safety of your mobile phone, it is very important that you follow the instructions carefully in order to use Parity Signer as intended:
1. Get a mobile device that can remain offline (i.e., don’t use your everyday phone).
2. Factory reset the device.
3. Enable full-disk encryption on the device, with a reasonable password (might not be on by default, for example for older Android devices).
4. Do not use any kind of biometrics such as fingerprint or face recognition for device decryption/unlocking, as those may be less secure than regular passwords.
5. Once the App has been installed, enable airplane mode and make sure to switch off Wifi, Bluetooth or any connection ability of the device.
6. Only charge the phone on a power outlet that is never connected to the internet. Only charge the phone with the manufacturer’s charging adapter. Do not charge the phone on public USB chargers.
How to use with MyCrypto
An experimental approach, so handle with care
While we believe the design makes this one of the most secure ways to store your Ethereum assets, we recommend to use Parity Signer with caution by following the official instructions, and only storing small amounts on it. The cryptographic library used in Parity Signer was part of the Trail of Bits audit, but the application has not yet been fully audited. Parity Signer is completely open source and any developer willing to help us find bugs is encouraged to check out our Bug Bounty Program and submit your findings to us for a reward.
Current users of Parity Signer should ensure they have backed up their private keys or send funds to another safe address before upgrading.
More features coming soon
Parity Technologies is building the first implementation of Polkadot, the interoperability platform of public/private app-specific blockchains, and we plan on releasing an update to Parity Signer to include support for the Ed25519 signing algorithm and Substrate-specific transaction format. Polkadot is built on Substrate, a powerful framework for building next-generation custom blockchains, and many Substrate blockchains using the default Blake2b hashing algorithm will be supported.