Cold Wallet receive address in config.yaml

[Celt1967]

Probably a daft question but here goes....
If someone managed to change the XCH receive addresses in your config.yaml i assume that any chia you farmed would be sent to their wallet ?
Or as is probably the case am i missing a fundamental concept ?
If not what can be done to protect your config.yaml file ?
Thanks

[room101-dev]

Probably a daft question but here goes....
If someone managed to change the XCH receive addresses in your config.yaml i assume that any chia you farmed would be sent to their wallet ?
Or as is probably the case am i missing a fundamental concept ?
If not what can be done to protect your config.yaml file ?
Thanks

Well its the same problem with your wallet, its in the same ~/.chia/mainnet/config ( ./wallet ) path; Once 'they' have you ~/.chia path, they can do as they wish, re-config your config.yaml, or just grab your wallet file, and get your private-keys, or easiest of all is once they have your IP just issue a RPC call "Chia keys show --show-mneumonic" and they get the crown-jewels, sweep your account and move on.

IMHO the CHIA system was designed to be robbed, and easy for robber's to steal chia.

There are things u can do like only mine (farm) on segregated machines that have no wallet files, that have 'chia keys' task disabled, that have most rpc's disabled. The trouble is the default on the chia gui is 'everything is enabled', including theft mode.

In order to setup a safe chia environment, you need be an expert.

Here's my solution. Use only the 'chia plot create' 1.3 client to make plots, then use HPOOL to farm, then have a cold-wallet made off line using the chia wallet client and make cold-wallet addresses, have your chia from hpool put into those cold addresses.

This is the only safe way to play the game of chia.

...

If you must run the chia server, or full-node, then I would do it on a unique system, on its own router and front end to internet, and disable that system to have access to any place on your local network. All of this is of course too much work.

Like I have said the easy is to use chia to make 'plots', to farm them on HPOOL, to create a cold wallet, and your done.

HPOOL miner has no bugs, all chia sw accept the 1.3 plot-creator is bug ridden, and only gotten worse since 1.3, I quit running the server at 1.5, even 1.6, and 1.7 are worse.

Again the default when you install the GUI and run, is they enable FULL THEFT MODE, I suspect the dev in India did this on purpose, and the chia team in SV doesn't have a clue or don't care, as you all know they ignore all 1300 bugs, and if you do post bugs they'' ban your account ( they have already blocked me many times )

[Celt1967]

Well, that is a worry. I'm only a nano farmer, but still...
I have set up a cold wallet but the public address is set up in config.yaml. My concern was that someone could just modify my file with their own wallet address. I have set up a monitoring tool just in case. Thanks for the response. I will look at hardening my set up further.

[pluto2021]

Here's my solution. Use only the 'chia plot create' 1.3 client to make plots, then use HPOOL to farm, then have a cold-wallet made off line using the chia wallet client and make cold-wallet addresses, have your chia from hpool put into those cold addresses.

Would be great if you could share the step by step guide to create this off line cold wallet and how to transfer coins in/out from it. Having been wondering about this ever since. This guide could be very useful for the community.