Hi. Andy here, one of the developers on the AirGap project.
- How can we securely erase the working data while AirGap Wallet is exiting? Remember that filesystems don't overwrite files in-place so merely writing random data won't work. There must be some kind of package for this. Even better would be some program that makes a temporary, encrypted filesystem before AirGap starts - probably connected by FUSE or something. At least that way, the working directory is scrambled even if the system loses power.
I would recommend using TailsOS because it encrypts the persistent storage by default. Just make sure you use a very strong password.
- How to make it run inside a "network jail" where all networking is disabled or a particular process? I am thinking of something like "seccomp-bpf" that is also used in Bitcoin Core but again, there must already be some kind package for this.
Ideally, you run AirGap Vault on a device that does not have any networking capabilities (eg. a PC without WIFI card).
A while ago, we created an AirGap Vault Linux Distro
https://github.com/airgap-it/airgap-distro, which removes any networking capabilities from the OS. At the time, there was only minimal demand for it, so we discontinued it. But we would be happy to revive the project if there is demand for it again. We'd welcome any PRs that would automate the process of adding the latest AirGap Vault version to the Linux Distribution.
- By the same vein, how can USB, serial/parallel ports, and direct peripheral access be disabled for that particular program?
As others have pointed out, this is a tricky problem to solve because you do need some kind of input device to interact with the application, but in theory, and keyboard or mouse could send malicious inputs.
---
There were a few comments here about running AirGap Vault in an Android Emulator or VM.
The security when running AirGap Vault on a mobile device (Android or iOS) comes from the built in secure element hardware chip. It allows for strong encryption that the user can unlock easily using biometrics or the PIN code. If you run AirGap Vault in an emulator, this secure chip will be emulated, so you don't really gain security.
It kind of depends what you want to protect yourself from. If you run AirGap Vault inside a VM, you are basically trying to create a secure and isolated environment in a potentially insecure environment. If your host OS has internet access and is infected with malware, setting up a "secure" VM on that system doesn't really help you, because the malware on the host can just read the keyboard inputs when you enter the mnemonic, or it can read the storage of the VM / emulator. So I don't really see the point in doing that, because it's not an air-gapped setup if the host has internet access.
The only reason I can see for trying to create such an isolated environment is if you don't trust that AirGap Vault won't try to somehow leak the keys over the network. In this case, it makes sense to run it in a sandbox.
But if you want the full advantages of an air-gapped setup, you should run AirGap Vault on a fully air-gapped system, without any networking capabilities.