command-help-autosign.md


  MMGEN-AUTOSIGN: Auto-sign MMGen transactions, message files and XMR wallet output files
  USAGE:          mmgen-autosign [opts] [operation]
  OPTIONS:
  -h, --help            Print this help message
      --longhelp        Print help message for long options (common options)
  -c, --coins c         Coins to sign for (comma-separated list)
  -I, --no-insert-check Don’t check for device insertion
  -l, --seed-len N      Specify wallet seed length of ‘N’ bits (for setup only)
  -L, --led             Use status LED to signal standby, busy and error
  -m, --mountpoint M    Specify an alternate mountpoint 'M'
                        (default: '/mnt/mmgen_autosign')
  -M, --mnemonic-fmt F  During setup, prompt for mnemonic seed phrase of format
                        'F' (choices: 'mmgen','bip39'; default: 'mmgen')
  -n, --no-summary      Don’t print a transaction summary
  -r, --macos-ramdisk-size S  Set the size (in MB) of the ramdisk used to store
                        the offline signing wallet(s) on macOS machines.  By
                        default, a runtime-calculated value will be used. This
                        option is of interest only for setups with unusually
                        large Monero wallets
  -s, --stealth-led     Stealth LED mode - signal busy and error only, and only
                        after successful authorization.
  -S, --full-summary    Print a full summary of each signed transaction after
                        each autosign run. The default list of non-MMGen outputs
                        will not be printed.
  -q, --quiet           Produce quieter output
  -v, --verbose         Produce more verbose output
  -w, --wallet-dir D    Specify an alternate wallet dir
                        (default: '/dev/shm/autosign')
  -x, --xmrwallets L    Range or list of wallets to be used for XMR autosigning


                                 OPERATIONS

  clean     - clean the removable device of unneeded files, removing only non-
              essential data
  gen_key   - generate the wallet encryption key and copy it to the removable
              device mounted at mountpoint ‘/mnt/mmgen_autosign’ (as currently
              configured)
  setup     - full setup: run ‘gen_key’ and create temporary signing wallet(s)
              for all configured coins
  xmr_setup - set up Monero temporary signing wallet(s).  Not required during
              normal operation: use ‘setup’ with --xmrwallets instead
  macos_ramdisk_setup - set up the ramdisk used for storing the temporary signing
              wallet(s) (macOS only).  Required only when creating the wallet(s)
              manually, without ‘setup’
  macos_ramdisk_delete - delete the macOS ramdisk
  disable_swap - disable disk swap to prevent potentially sensitive data in
              volatile memory from being swapped to disk.  Applicable only when
              creating temporary signing wallet(s) manually, without ‘setup’
  enable_swap - reenable disk swap.  For testing only, should not be invoked in
              a production environment
  wait      - start in loop mode: wait-mount-sign-unmount-wait
  wipe_key  - wipe the wallet encryption key on the removable device, making
              signing transactions or stealing the user’s seed impossible.
              The operation is intended as a ‘kill switch’ and thus performed
              without prompting


                                 USAGE NOTES

  If no operation is specified, this program mounts a removable device
  (typically a USB flash drive) containing unsigned MMGen transactions, message
  files, and/or XMR wallet output files, signs them, unmounts the removable
  device and exits.

  If invoked with ‘wait’, the program waits in a loop, mounting the removable
  device, performing signing operations and unmounting the device every time it
  is inserted.

  On supported platforms (currently Orange Pi, Rock Pi and Raspberry Pi boards),
  the status LED indicates whether the program is busy or in standby mode, i.e.
  ready for device insertion or removal.

  The removable device must have a partition with a filesystem labeled MMGEN_TX
  and a user-writable root directory.  For interoperability between OS-es, it’s
  recommended to use the exFAT file system.

  On both the signing and online machines the mountpoint ‘/mnt/mmgen_autosign’
  (as currently configured) must exist.  Linux (not macOS) machines must have
  an ‘/etc/fstab’ with the following entry:

      LABEL=MMGEN_TX /mnt/mmgen_autosign auto noauto,user 0 0

  Signing is performed with a temporary wallet created in volatile memory in
  the directory ‘/dev/shm/autosign’ (as currently configured).  The wallet is
  encrypted with a 32-byte password saved in the file ‘autosign.key’ in the
  root of the removable device’s filesystem.

  The password and temporary wallet may be created in one operation by invoking
  ‘mmgen-autosign setup’ with the removable device inserted.  In this case, the
  temporary wallet is created from the user’s default wallet, if it exists and
  the user so desires.  If not, the user is prompted to enter a seed phrase.

  Alternatively, the password and temporary wallet may be created separately by
  first invoking ‘mmgen-autosign gen_key’ and then creating and encrypting the
  wallet using the -P (--passwd-file) option:

      $ mmgen-walletconv -iwords -d/dev/shm/autosign -p1 -N -P/mnt/mmgen_autosign/autosign.key -Lfoo

  Note that the hash preset must be ‘1’.  To use a wallet file as the source
  instead of an MMGen seed phrase, omit the ‘-i’ option and add the wallet
  file path to the end of the command line.  Multiple temporary wallets may
  be created in this way and used for signing (note, however, that for XMR
  operations only one wallet is supported).

  Autosigning is currently supported on Linux and macOS only.


                                 SECURITY NOTE

  By placing wallet and password on separate devices, this program creates
  a two-factor authentication setup whereby an attacker must gain physical
  control of both the removable device and signing machine in order to sign
  transactions.  It’s therefore recommended to always keep the removable device
  secure, separated from the signing machine and hidden (in your pocket, for
  example) when not transacting.  In addition, since login access on the
  signing machine is required to steal the user’s seed, it’s good practice
  to lock the signing machine’s screen once the setup process is complete.

  As a last resort, cutting power to the signing machine will destroy the
  volatile memory where the temporary wallet resides and foil any attack,
  even if you’ve lost control of the removable device.

  Always remember to power off the signing machine when your signing session
  is over.

  MMGEN v15.0.0                  September 2024              MMGEN-AUTOSIGN(1)