WAX (Worldwide Asset eXchange) is is a token built on the EOSIO blockchain made for easy development of Dapps, NFTs, and other smart contracts. As with any crypto currency you probably want to keep your assets safe and WAX should be no different. I decided to write a guide to creating a cold wallet for WAX tokens using just your Ledger and an EOS block explorer.
The downside to EOSIO accounts (and WAX is no exception) is that accounts can only be created by an existing account. Additionally every account should have some amount of resources assigned (RAM, CPU, and NET). I won't get into the details of those resources but most users will mainly interact with WAX using the WAX Wallet site, which actually creates a custodial wallet and gives you a small amount of these resources to start off with. We're going to use that wallet to start our own secure wallet.
Why bother with any of this? The WAX Wallet has the same problem that all online wallets and exchanges have: you don't have the private keys. While WAX Wallet does support 2FA I've always gone by the adage "Not your keys, not your coins" (also: not your keys, not your NFTs). By using a Ledger (I won't be covering any other hardware wallets) we can resolve these security concerns.
Assuming you meet the requirements below this process should take 15-30 minutes (or less) and is probably in the beginner to intermediate difficulty range. At a high level we'll be doing these steps:
- Setting our Ledger up
- Extracting the public key
- Sign in to our WAX Wallet account
- Creating a new account
- Logging into our new Ledger WAX account
Before we get started be aware of this caveats:
- Ledger Live (as of May 2021) does not support EOS/WAX meaning you cannot send/receive/view your tokens in the Ledger Live app. You must use an explorer, Scatter, or other wallet application.
- Scatter can also be used to create an account and might even be easier, I've chosen to create one without Scatter by using Bloks.io. After we're done you could still install Scatter and open the wallet there.
- You will be unable to sell NFTs on the AtomicHub and WaxStash marketplaces or play any Dapps (such as Alienworlds) that have not integrated with Ledger (consider my note above about Scatter).
- You can still send your NFTs and tokens back to your WAX Wallet custodial account and sell/use them from there.
- A Ledger - any model
- A Wax Wallet account - used to create a new account for the Ledger
- 1 WAX - recommended, you may be successful with less
- Some amount of unused CPU - explained later
Prepare the Ledger
Let's start by preparing your Ledger. In the Ledger Live program (or phone app) make sure EOS is installed. With your Ledger plugged in and unlocked choose the EOS App and open it - you'll see "Use wallet to view accounts". Scroll down to Settings and select it, then select Arbitrary data, then choose Yes and select. Warning: Enabling Arbitrary data carries certain risks - it allows you to interact with all smart contracts on the EOS blockchain, some which may be scams. Proceed with caution.
Obtain your Public Key
In your browser visit Bloks.io and select Login, Add Account, then Ledger S/X:
On the next window you're being asked to interface with the Ledger so it can read your public keys (you have several). I choose USB on Mozilla but I believe Chromium based browsers (including Edge) can use HID.
You results will likely include multiple Indices, numbered 0, 1, and 2. I show one result here as Bloks.io found the account I've already created. Copy two of them (for use later, you may only end up using one) and set them aside. They are NOT your private keys, which are still safe on the Ledger.
Create Account on explorer
With your public keys in hand you can now create the account. You can use or other explorers but I'm going to stick with Bloks.io. Start by making sure you're logged into your WAX Wallet account and have the recommended 1 WAX and some CPU free.
- New account to create: a 12 character name (exact), a-z, 1-5 only. Case sensitive (i.e. you cannot use A-Z).
- New Accounts Public Owner Key: the public key extracted above
- It tells you it should start with "EOS..." but the PUB format here is interchangeable with the old format.
- New Accounts Public Active Key: either the same key used in Owner or the 2nd key we copied above
- See my Sidebar below on why you may or may not use a 2nd key
- NET/CPU to Stake for New Account: minimum of 0.1
- RAM to buy for New Account: I was successful with 2500, which is just about the minimum. This comes out to about 0.8 WAX at time of writing.
- [ ] Check to transfer the staked resources to new account: In other words should the new account receive these tokens permanently or will your WAX Wallet account retain ownership and 'lend' the resources. I suggest transferring but it's not required.
Sidebar: separating owner/active. While you can enter two separate public keys in these fields (and it is supposed to be more secure) it really won't enhance your security by much. Ledger private keys are stored on the device and can't be separated. The ability to separate these really comes into play when you create two separate private keys on a hot/paper wallet and want to limit the functionality of one key, perhaps for a trust, spouse, etc. I'm open to discussion about why doing this on the Ledger won't matter much, maybe if you had two Ledgers?
When ready click Create Account and your WAX Wallet will prompt you to accept the contract. Note: you will be spending MORE than 0.2 WAX here with the memory purchase required. If RAM prices increase over time you could end up spending more than 1.0 WAX.
If you have enough CPU available on your WAX Wallet you should see the success result. If the blockchain is busy you might run out of RAM and have to wait until later or stake more WAX to CPU.
Logging into your new Ledger WAX account
You can now go back to the steps in Obtain your Public Key, when your Ledger generates the public key known to the application/site it will match up to the account name that now exists on the blockchain (you should have 2 options here instead):
Select one of these options and you can now interact with your account, including sending NFTs and Tokens to other accounts:
You should be able to use EOS Authority if you prefer it. The process should be very similar.
If there are any corrections or better ways to do this please let me know.