Can I Use a Quantum-Resistant Wallet Offline?

Quantum-resistant wallets support offline operation for enhanced security, commonly called "cold storage" or "air-gapped" usage. This involves generating and storing keys on a device never connected to the internet, with only unsigned transactions transferred to the offline device for signing.

Offline wallet operation separates the signing environment from network exposure. The private keys—including Kyber-768 key pairs and SPHINCS+ signing keys—exist only on the air-gapped device. This eliminates remote attack vectors entirely, as the keys cannot be extracted through network-based exploits.

The workflow involves three steps. First, create an unsigned transaction on an online (watch-only) wallet that contains only public keys. Second, transfer this unsigned transaction to the offline device via QR code, USB drive, or SD card. Third, sign the transaction with the offline wallet's private keys and transfer the signed transaction back for broadcast.

SPHINCS+ signatures generated offline are particularly well-suited for cold storage because the algorithm is stateless. Unlike some signature schemes requiring state management between signatures, SPHINCS+ can sign transactions without tracking counters, reducing complexity in air-gapped environments.

Hardware requirements for offline quantum-resistant wallets include sufficient processing power for SPHINCS+ signature generation (any modern computer suffices) and secure storage for the recovery phrase. Dedicated devices such as repurposed laptops with network hardware physically removed provide strong isolation.

SynX supports offline signing workflows using Kyber-768 and SPHINCS+ algorithms. Watch-only wallets can monitor balances and create unsigned transactions, while air-gapped devices perform signing operations. This architecture provides maximum security for significant holdings while maintaining practical usability.