EOS Ledger Guide

Hi fellow Guardians of Effect Network

I am writing this guide to help you increase your online (crypto) security and decrease the odds of getting scammed and / or losing your funds. Bree supported me by providing feedback and including background information on EOS. For any remainder questions feel free to contact me at on Telegram on @Dutchmikel.

The guide is made because of a successful proposal on the effect DAO. This document is my creation, and no rights can be to the Effect network or anybody on their team.

Have fun!

Mikel

Contents

Why Use a Ledger? 1

Background information on EOS by Bree 2

Step-by-step Guide on How to Configure your Ledger as the Active Key for EOS 3

Preparing your Ledger for EOS 3

Anchor Wallet Preparation for EOS 3

Configuring your Ledger in Anchor Wallet 3

Setting up your Ledger as the Active Key in Anchor Wallet 3

Using Ledger for Binance Smart Chain with Metamask 4

About Binance Smart Chain (BSC) 4

Preparing your Ledger 4

Wallet Preparation 4

Using your Ledger with Metamask 4

Why Use a Ledger?

Due to a variety of reasons, especially with the rise in user friendly applications and an increase in exchange usage custodial services, not everyone is familiar with how cryptocurrencies (coins) are registered on the blockchain, or network. Coins stored on the blockchain belong to a specific address. This address is identified as a hash, which is a long string of alpha/numeric combinations. Think of this address as a safety deposit box with a pair of keys that have different roles. Or an account with a public address and a private key to make actions in the account.

In order to access the account, the account address consists of a public key and a private key, known as a key pair. The public key is your deposit address and can be shared freely with the world. The public key, or the location hash on the blockchain, is used to tell the sender where to send the coins. The private key on the other hand should NEVER be shared with anybody. NEVER. The private key is the key that opens the safety deposit box and has authority over the account attached to that specific address. In other words, the private key gives access to authorize transactions and thereby access to your funds.

In order to sign transactions, you need to validate that you have the private key. In other words, proof is required that permission is yours to give. So you can see that if the private key were to get into the hands of a thief/scammer the coins would be accessible to the thief. The best practice is to not have your private key easily available.

The procedure of how a wallet functions can vary, depending upon the wallet / (web) interface being used. Web 3.0 wallets (Metamask etc.) store the private key in the application, native wallets (Scatter, Anchor) store them on your computer / via a keystore file (json, etc.) While the security of these applications and offline wallets is to be trusted, a hack or the loss of coins to scammers could happen.

A Ledger (or other hardware wallet) has the major advantage in that the private key never leaves the device, as the device itself is the private key. This means that private keys are not stored “online” and transactions are signed safely without worry of the private key being leaked or stolen. In fact, a transaction cannot be authorized without physically interacting with the device, making this the most secure means of interacting with the account.

• Never purchase a Ledger second hand.

• Protect your seed phrase for the Ledger as you would your signed access into your retirement savings.

About Your Keys on EOS (by Bree)

Generally, blockchains have one key pair per account. When Effect Network runs on Binance Smart Chain understanding how accounts with one key pair function will be sufficient. However, as Effect DAO and DAO staking will remain on EOSIO for the foreseeable future, the Effect Network will run dual chained and it is important to understand that EOS is different in that there are two sets of key pairs for each EOS account. There is an active key pair and an owner key pair. The active key pair performs exactly as previously described, there is a public active key and a private active key. The private active key must be protected and never NEVER given to anyone. The owner key pair has all the same abilities as the active key pair, with one exception. The owner key pair can change the active keys. Making the owner key pair even more crucial to keep secure, as it can override the active key pair. The active key pair is the keys that you use. The owner key pair should be off-line, written down, and kept in a secure safe, to be used in emergency only.

While this two key pair system can be confusing for people new to EOS, or even not so new, should a scammer manage to access the private active key, the owner key pair can be used to change the active key pair to lock the scammer out. The scammer may steal the coins in the account during the time it takes to make the change, however all staked coins would be saved.

It is important to note that when creating an EOS account by default the keys generated for the active and owner key pairs are the same. This does not take advantage of the layered security EOS provides. It is highly recommended that the active key is not the same as the owner key. This can be done by generating a new key pair and changing the active keys. The best way to do this is to change the active private key to the Ledger, and to keep your owner private key off-line, written down in a safe. I have my owner private key written on the cards that have my Ledger seed phrase written on and located in two different safes. The experience I went through to learn this was brutal, I hope this guide will help to avoid what I went through.

Most blockchain accounts have two parts: 1. The public key; 2. The private key.

EOSIO blockchain accounts have five parts: 1. The account name – the public identifier, a short 12 alpha/numeric address of the account; 2. The public active key; 3. The private active key; 4. The public owner key; 5. The private owner key.

The ultimate private key security, regardless of which blockchain, is to use a hardware device such as a Ledger or Trezor (or to use a cold wallet system, which is a different guide). Ledger has the most support. For EOSIO use the Ledger for the active key and write down the owner keys, placing copies the written down owner keys into multiple SAFE locations.

And NEVER show, tell, give, or entre into urls your private keys or seed or recovery phrase.

Step-by-step Guide on How to Configure your Ledger as the Active Key for EOS

Preparing your Ledger for EOS

First, you will need to install the EOS app on your Ledger using the Ledger live program. Follow the instructions provided with your new Ledger.

Now you can open the EOS app before opening the Anchor wallet.

Anchor Wallet Preparation for EOS

I assume that you have your EOS account working in Anchor wallet. If not, please import your account into Anchor first. If you do not know how to do this, please follow this guide from the Greymass team:

Configuring your Ledger in Anchor Wallet

1. If you click the “Tools” tab in the Anchor wallet you are prompted with several sub-menus.

2. If you click on “Ledger” under the “Hardware Wallet Support” the Ledger screen pops up.

   1. You can enable the Ledger Service, and if you still have your Ledger connected and the EOS app opened, Anchor will discover your device.

   2. As discussed before a Ledger has multiple paths and corresponding keys, so you can insert a small number to “Specify an index”.

   3. I will continue the guide as if we leave it at 0, which I also recommend.

3. If you hit the “Load public Key [0]” button the Anchor wallet receives the public key from that Ledger path and displays it in the “Public Key at Index 0” prompt.

   1. For extra security you can verify that the keys match by pressing the “Confirm Public Key using Device” button, looking if they key matches the one displayed on your ledger screen and confirming it.

4. The Ledger path has now been set and validated.

Setting up your Ledger as the Active Key in Anchor Wallet

1. To assign the active key to this key we now open the “Permissions” from the “Security” sub-menu. You are now prompted with all account permissions set, which will most likely be an active and owner permission.

   1. We want to change the active permission into the Ledger key for use online and keep the owner key locked away (Can also be done with Ledger if you want).

   2. To do this click the “Modify” button for the active permission, paste the public key from the Ledger path (the one you confirmed with your Ledger in the “Ledger” tab) and confirm using your Ledger.

      • Anchor might pop a warning message, this is fine and you can accept

   3. Make sure to have CPU, Anchor seems to automatically have Fuel engaged when signing for free resources. Also http://eospowerup.io can be utilized for free.

2. The transaction has now been broadcasted to the network and you are all set to use your Ledger to sign any transactions with your Ledger on the active permission key!

Using Ledger for Binance Smart Chain with Metamask

About Binance Smart Chain (BSC)

The Binance Smart Chain (BSC) is a fork from the Ethereum network. BSC has 21 validators instead of the decentralized consensus system of Ethereum. The BSC network uses BNB as its native token instead of ETH and the gas fees are hence also paid in BNB. For the rest, the chains are very much alike; ERC20 tokens on Ethereum are BEP20 tokens on the BSC. The good thing about this fork, however, is that your private key will result in the same public address on both chains, meaning, when you have a wallet where you control the private key (desktop wallet / hardware wallet) you can use the same public addresses

Preparing your Ledger

Similar to EOS, first, you will need to install the Ethereum app on your Ledger using the Ledger Live program.

Follow the instructions provided with your new Ledger.

Now you can open the Ethereum app on your Ledger before connecting to your wallet.

Wallet Preparation

BSC supports many Web 3.0 wallets, and they all function about the same. I will teach you how to use Metamask (which is the same as the Brave native wallet). Metamask can be downloaded as an extension in Chromium based browsers. Don’t worry about your Ledger during the Metamask install yet!

If you don’t know how to install Metamask or how to add the Binance Smart Chain network you can follow this guide published by Binance:

If you have Metamask installed already and want to add BSC:

1. Open Metamask

2. Click on the profile right top (round thing) to open settings

3. Click Networks

4. Add Network

   1. Name

      1. Binance Smart Chain

   2. New RPC URL

      1. https://bsc-dataseed.binance.org/

   3. Chain ID

      1. 0x38

   4. Symbol

      1. BNB

   5. Explorer

      1. https://bscscan.com/

Using your Ledger with Metamask

Because Metamask is only an interface to access your address on the Ledger you can configure it very easily, please have your ledger connected with the Ethereum app open:

1. Open Metamask

2. Click on the profile (round thing right top) to open settings

3. Click “Connect Hardware Wallet”

4. Click Ledger and Connect

5. Select the Legacy (MEW/ MyCrypto)

6. You are displayed with a number (5) of addresses, you can select any of these to use with Metamask -> All these keys/ addresses are stored on your Ledger!

   1. Pick the one you like to connect and hit Unlock

7. Your Ledger is now connected to your Metamask!