Bitcoin Forum

So, I have an idea for a secure, cheap and easy to use "hardware wallet".

It will be a small USB stick with a display and two buttons, as pictured here.

http://kalleguld.dk/hardbit/hardbitsketch.png
Not the final design

Why would I need one of these?

• It's much more secure than doing your transactions on your computer
• It's easier than using an offline computer or a Live CD to sign your transactions, yet just as secure
• You retain total control over your wallets
• If it is lost or stolen, it's still password protected, so you can restore from paper backup and recover your money

Easy, you say? Describe a transaction workflow!

OK, say you want to make a transaction. You fill out four things in the PC client: the wallet to transfer from, the amount of BTC, the destination address and the password for the wallet.
You press OK, and the transaction is sent to the device via USB for signing. On the device you see the amount, wallet and destination, and you press the OK button. The device sends the signed transaction back to the PC, and the PC client publishes the transaction on the 'net.

Why can't I buy this already?


I cannot make this by myself, I need some help.

Specifically, I need:

• A businessman, who will keep track of orders, outsourcing production, making bulletpoints, etc.
• An electrical engineer, who can design a PCB with the needed components.
• A programmer, who can help me in making the PC UI, the µc firmware, auditing etc.

There will be no normal pay, but you will receive a fair share of any profits and a share in the company if we decide to keep it rolling.

What's it called?

Nobody knows yet. If you have a great name for it, write it in this thread (https://bitcointalk.org/index.php?topic=115294.msg1248437#msg1248437) and you may win 3 BTC, as well as eternal bragging rights.

Anything else I should know?
Expected price: USD 12-15
More info: https://bitcointalk.org/index.php?topic=115294

Why do they need you?

He is Jobs reincarnated.

Seriously, i think he is taking the business risk (eg, risk of losing everything invested into this if this dosen't work too well).

For the drawing part.

hmm.. that is kinda cool.

How about  a smartcard with bitcoin wallet?

https://en.wikipedia.org/wiki/Java_Card

edit: with usb smart card reader it's quite close what you suggested

Hehe, they don't. However, I have a few undisclosed ideas left.

You know, someone could probably build the app to do this in C, targeting Linux as the OS, using serial as the interface, and it would probably run on gobs of hardware that's already out there for nearly free.  People could root their old 2nd generation iPod or whatever, and use it as a transaction verifier and be able to get into it for zero hardware cost (or pick one up on eBay).

Sure, but that's a nerd thing.

We are targeting grandma's here.

@op, if you have nothing to offer but a cupple of ideas you better be good at organizing everything and being happy even with a little share. Good luck!

That's an interesting idea. I have a portable digital storage oscilloscope that appears to have been built into an mp3player hardware. Maybe work from the rockbox project.

looks like nice, i like stuff like this.. if it will cost up to 2.5BTC i will buy it ..

Not exactly.  The goal isn't to make it a hobby project for nerds, the goal is to get the hardware cheap.  There is SO MUCH obsolete hardware that could run an application like this that people are throwing in the garbage.  It would be a sustainable business model to pick some old gadget, refurbish and recycle it into a low-cost bitcoin transaction verifier, and sell it on the open market to grandma.  An iPod modified to be a transaction verifier would be very grandma-friendly (if someone else does the modification, of course).

Absolutely possible. The device software will certainly be written in C, and I fully expect to open-source it. The PC part of the software will also be open-sourced, and in the long run will be able to support a lot of different transaction-signers.
Getting it to run on all kinds of strange hardware will be a different project.

I absolutely love this idea, but what if it needs an upgrade for some reason? Is it a flashable eprom? If this is the case then why not just have an external usb drive with your bitcoin data that  you just unplug? If it isn't flashable then would upgrades cost money?

If your transaction signer simply assumed the existence of one standard serial port at /dev/something and was designed to call some other binary to ask user a question and get a response, then someone else could worry about the hardware by creating that other binary.

http://www.safenet-inc.com/software-monetization/sentinel-hasp/ could be used as a secure wallet. Without a screen and buttons though.

If you use a normal USB drive to hold your bitcoin wallet, a well-written virus could simply steal that file when you connect it.
With this thing, once you put your wallet on it, you can't get it off again (so keep a paper backup).
There is a chance that the bitcoin network changes some day, and that could make this product obsolete. I chose this approach because:

• It's the most secure. There is no chance that you load a malicious firmware that could expose the wallet.
• It's simpler. The simpler, the lower the price. The simpler, the faster to market.
• It's a pretty low cost thing anyway, at USD 12-15. A bit cynical maybe, but if you can afford one, you can afford two.
• if the bitcoin network changes, it's quite possible that the hardware in this thing need to be replaced anyway.

The Send-To address is changed by malware to another address before being sent to hardware wallet for signing. Hardware signs the transaction.

You cannot get any security on compromised computer! It is only a question how sophisticated is the malware.

I don't see how. That product is when the computer software doesn't trust the user (to have the right license).
This product is for when the user can't trust the software on the computer (to do as he says).

That's why the destination address is displayed on the hardware display.

And how many people will be comparing them? We are talking about people with IQ consisting of only two digits who infect their own computers with malware and still operate them.

Generate addresses that have matching few first digits like 1dice for every starting digits and have the malware to select address with matching start digits to display on LCD.

I can do many things, but I can't fix stupid.

It should be pronounced for blind users.

What about the deaf-blind? two metal handles that would shock you in Morse code? :)

no need to build a device just use a USB stick MP3 player such as
http://www.1topstore.com/en-gbp/2gb-lcd-mp3-player-usb-flash-drive-built-in-fm-radio-p8840.html (http://www.1topstore.com/en-gbp/2gb-lcd-mp3-player-usb-flash-drive-built-in-fm-radio-p8840.html) and just change the firmware..

or secondly if your just trying to prevent someone from just using your pc to hack coins by requiring a USB stick to confirm payments..then just use a plain usb stick. make it so the new client wont transmit payment unless a USB stick is inserted containing the wallet or even a special file which the client references. then just dont plug it in untill u need to send payments.

or thirdly why even need a extra usb stick hanging off your keyring.. phones have bluetooth and wifi these days so transmitting a transaction does not require a USB stick insertion into a PC and if u were thinking of using it to plug into merchants POS terminal at stores. it saves risks of some savvy merchant adding a trojan to their POS terminal to clone wallets plugged in.

Many people try to do just that. Wallet encryption in original Bitcoin client is just that. How many trojan horses don't came with a keylogger?What should the wallet do for retarded users? Make a USB-powered lobotomy?

Yes, but that would be more expensive.
That wouldn't work. A skilled malware writer could modify the client so the client didn't need the USB stick, or sent the money to the wrong account.

First of all, this thing isn't for POS terminals. It's designed to keep you secure if your own computer gets malware.
Second, even if you inserted this into a malicious terminal, it can't extract the wallet. The device only knows a very limited set of commands: "install this wallet" and "sign his transaction", so you can't clone a wallet from it.

good idea on securing the display and not trusting the PC OS. But I think your bill of materials (BoM) cost will be closer to $12-15 - so at your potential volumes you might need to retail at more like $40-50 in order to cover your development, production, tooling, and distribution costs and make a dollar per device for yourself. Just a heads up. Also if you open source your software the only intellectual property you've got left is in adding the display to the device nicely (which usb stick providers don't do because it would make the product too expensive), so watch out for competition too...

He can remove buttons to make it $2 cheaper. Instead of pressing NO a user can just plug the device out.

Why TrueCrypt does not even attempt to stop malware from compromising encrypted data? Read the TrueCrypt manuals if You don't want to listen what I say. The same with Bitcoins.

What You can do with computer malware can do too!

You would really only need one button held in while the bitcoin amount goes up. Press twice and the amount goes down while held.

A touchscreen replaces buttons.

More expensive and awkward solution replaces cheaper solutions. And there is no need for up/down buttons as the amount is planned to be entered by software.

I was going to say something about using a hashed protocol, however if malware is on the computer it doesn't matter. The idea here is golden, as it does not involve a computer. This is for receiving only if I understand correctly.

For receiving not even electronic device is needed to generate private key and address. Or the wallet can be generated on offline computer never connected to network. You can get a old used Pentium3 class computer for as little as 8 USD just for this purpose. And it is much harder to accidentally lose an ATX-size tower and for thief also it is much more physical work to do to steal a system block instead of small dongle.

Wouldn't it be kind of difficult to enter exact amounts with only 2 buttons? Not difficult I mean tedious...

Here is another way to go about this:

Look on eBay for the "VeriFone VX510" credit card machine.  This machine is obsolete and consistently under 50 bucks used, and it can download software at least three ways: 1) RS232 through a win32 command-line loader 2) through its dialup modem (same protocol as RS232 loader) 3) it can copy the programming from another terminal using a crossover serial cable. 

I can compile for this platform, and it also has a printer so it can spit out e.g. paper wallets and transaction logs.  I have already demonstrated the printer can print QR codes.

These things have tiny amounts of memory... if someone had written the verification code in C where its dependencies were minimal (e.g. relevant crypto code clipped out of openssl so it didn't depend on any external libs, and of course it can and should talk to a serial port) I could easily compile for this thing.

You don't need to enter any amount on this thing, you enter it on the PC.

No need for an entire credit card machine. And $50 is way more than this thing costs.

Also, the thing about this machine is it's supposed to be easy. No need for rs232, command lines or reflashing old hardware. If you want to install the software on a credit card machine, be my guest, it's just not where I'm headed.

So you need a client on your PC to communicate with it, i.e send the ammount? Isn't this then just basically keeping your wallet on a USB drive?

Why do you need the buttons or a screen?

I'm confused.

TrueCrypt doesn't run on dedicated hardware. This runs on a microprocessor that's a computer in its own right. And that microprocessor can only do one thing (there is a fuse inside it, and when that is burned, you can't reprogram it).
Also, TrueCrypt and this are very different things.

Not, it's not the same thing. On a USB drive, you (or a piece of malware) can extract the wallet. On this thing, you can only write the wallet, not read it again. Instead, it takes care of that one crucial step in any bitcoin transaction: signing the transaction. That's why it needs a display, so you can confirm that it signs the right transaction.

The payment address selection are still performed on computer before being sent to hardware wallet DERP!

Truecrypt and Bitcoin are different, but they both can be compromised with malware on computers they operate. The only way to protect the computer is - don't run any malicious or insecure code on it!

Kalleguld, I think is a great idea and I would order one for sure! Will you produce it??

So what stores will my grandma be using this at?

SilkRoad I guess  ;D

Yes, that's why there is a display on the hardware wallet, so you have a chance to discover the error before you sign the transaction.

Absolutely correct. That's why the crucial step - signing a transaction - is run on a microprocessor that no malware can reprogram

Heh :)

By the way, this is about the fiftieth time this idea has been posted.  But at least there's a nice drawing this time.  Maybe someday somebody will actually sell these things, but if they were marketed as a way to store your BTC I'm not sure I'd trust them.

In the meantime you can buy a USB stick with an AVR, flash memory, and two buttons on it for about $10.  That's probably the easier route, and since they're sold mainly for non-bitcoin applications you don't have to worry quite as much about being trojaned.

Yep.  That's exactly why you should only buy one of these things if it specifically isn't marketed as a bitcoin-related device.  Catch-22.

What's wrong with blockchain app from the app store? Besides the fact that not everyone has a device that can support it.

Yeah, those threads are fun to watch. This one was started by a pure wannabe. The previous ones were started by various pretenders, for example the pretend-programmer that proposed BitClip:

https://bitcointalk.org/index.php?topic=24852.msg308635#msg308635
https://bitcointalk.org/index.php?topic=24852.msg643656#msg643656

Now if there was a way to mine the deposits of comedy gold that are hidden in BitcoinTalk we would all be rich.

Edit:

Poking fun is too easy. Here's the link for some hardware wallet device proposal from somebody with an actual skill:

https://bitcointalk.org/index.php?topic=94119.0

my earlier post about using an USB mp3 player at the cost of £8 ~ $13 is far cheaper then the OP's suggestion..
http://www.1topstore.com/en-gbp/2gb-lcd-mp3-player-usb-flash-drive-built-in-fm-radio-p8840.html (http://www.1topstore.com/en-gbp/2gb-lcd-mp3-player-usb-flash-drive-built-in-fm-radio-p8840.html)

the link is just one example. theres many more i seen with a couple buttons and a screen for under $6.

the costs of a small business to produce circuit boards with labour time added far exceeds that of existent larger businesses that use machines that churn out products by the second.

plus the example i used has more then 2 buttons.. use the fastforward button to increase amount, rewind button to decrease the amounts, the play button to accept payment and the stop button to cancel payment.

all you need is someone with firmware experience to reprogram it and your complete. no soldering/ special machinary required.

If you want to build one of these I'd suggest getting in touch with Austria Micro Systems (http://www.ams.com/eng/Products/Mobile-Entertainment/Analog-Integrated-Microcontrollers/AS3524) and see how much it would cost for a previous gen ARM chip like they used in the Sansa Fuze or Sansa Clip.

These devices are supported by Rockbox and so you have a wealth of ready to use open source code and ready to go dev tools. The clip already has a minimal display but in either case you would reduce the device to just the chip, one line display and button. No battery, no wheel or sound or other stuff. Just chip, usb connector, display, button on a pcb. Your main cost is the AMS chip and I don't know what the volume price on those is but I'm sure it's capable enough to do the needed crypto functions, unlike the cheap 8 bit PICS and AVRs etc. One line LCD display can be very cheap. I bought mobile phone LCD displays for $2-3 and they were multi-line like on Nokia phones.

You might also look at some of the Broadcom chips available like they use in the Raspberry PI, though you could get by with one much less capable than they use for that. I don't know what the cheapest ARM chips on the market - you should search for the lowest priced one as you don't need much more than cpu+usb+some flash memory.

The nice thing about using the AMS chips is you can buy a second hand Fuze off ebay and do all the dev work and hack in a display and test it fully before you even make a PCB and order anything. So you could do a prototype for almost nothing and look for funding to do a real production run.

BTW I contributed to the Rockbox project and did dev work on my Fuze so I know all this to be doable quite easily. Heck, you could probably just market the open source Sansa Fuze/Clip compatible code to make this thing work with the millions of Clips/Fuzes kicking around now. It's pretty easy for an average user to upgrade the firmware too and it can become a Bitcoin wallet device.

RockCoin ... Bitcoin Wallet for Rockbox. Solid Like A Rock. Or CoinBox sounds better.

Fuzes with broken display are dumped on ebay for like $5-10 or so. Or they were, I haven't checked recently.

Edit: Just saw on AMS web site 1k qty chip is $9 each. A bit high but maybe they have a lower end chip available. USB conn stk#10019 from4uconnector.com about 0.13 each, PCB 0.5"x2" from China low qty about 0.50 each. May need a volt reg if not already on chip, 5V > 3.3V likely.

Would you trust your bank if the gave you a secondhand device, that they had reconfigured? Would you trust me if I gave you one?
Here, safewallet for you my friend, only 2,5 Btc ;)

To get to grandma and avarage joe, it has to be something that is comes in a plastic package and can be bought in stores.

The best way to start doing this without putting the cart before the horse would be to write the C code that will run on all this magical dream hardware.

Once there's a Linux-based program and a well-defined serial protocol that can serve as the proof-of-concept (even if the program runs on another whole computer), then the hardware discussion will be much more fruitful I think... (and the serial protocol can be adapted to run over USB, TCP, etc.)

Whether a piece of hardware has been secretly backdoored is relatively moot, because the only action the hardware could take would be to sign a transaction it wasn't supposed to sign, which would only be possible if the same person who provided the backdoored hardware also happens to have control over the host computer.

Surely you mean cheaper, not easier.

Can I assume that you also make your own OS and bitcoin client?

Hi, could you link me to this hardware?

It would be interesting for other projects i have, non bitcoin related.

Thank you!

I've been working on a Hardware Bitcoin Wallet for a few weeks now.

It's going to use MICROCHIP PIC32.
I was able to get ECDSA working and prove the concept on the hardware chosen, but the firmware/software is still seriously lacking.

In 6 to 8 weeks, I will have a prototype PCB.

Was going to wait to post, but since so many our focused on the same thing I don't want to duplicate the work.
It is going to be open source hardware and open source firmware/software.

However, I wanted to do it with one button. a quick press for one function and a long press (3 seconds) for a different function.

Also, I was looking for different ways to get away with not having a display to keep cost and size down. One thought was to have the
USB Security device to disconnect and reconnect as a keyboard and with a quick press - what is about to be signed would be displayed
with a signature (not the signature for the transaction), but from the USB device (to make sure its not some malware in between the user and the data that's being received).
If all is good, then a long button press produces the desired signature.

Anyways, please keep me informed if anyone else is working on this. I do have a PCB being designed and it's 20% complete.
Also have the design ready for a development board for those interested in developing the firmware and software. The will Start working on the PCB design after I build a prototype.
The final price looks to be between $12.00 to $15.00, but that is no guarantee and that may not even be conservative.

My Wife and a I were discussing the name tonight. Here's what we came up with:


Name: The BitSafe
Slogan: It's much more than a little-bit safe.

Whatever micro-controller you chose, make sure it cannot be reprogrammed over the USB connection otherwise the device would be way too easily compromised.

Also, I think the use of an on-board display is essential for visual confirmation of the destination address before accepting to sign the transaction.

Absolutely. Without a display any method of confirmation via the usb port can be easily faked. The display is the only thing that makes this worthwhile and it doesn't need to cost much at all. You just need to source them from Asia. Some time ago there was quite a discussion of this type of device on Schneier's security blog (http://www.schneier.com/blog/) and the display was the key component (though that discussion was not talking about Bitcoin).

Cheap display like http://www.kx-e.com/upload/gift/2010121617271237333.jpg should be enough.

I was thinking more along this lines,

http://www.ebay.com/itm/84-48-LCD-Module-White-backlight-adapter-PCB-for-Nokia-5110-Arduino-/170817974147?pt=LH_DefaultDomain_0&hash=item27c58b6f83

I know these can be got in qty with only a single line and for less than $1 each, but I no longer have the details on them. It was years ago. I bought the kind in this ebay post for about $3 in Bangkok around 5 years ago, in qty 2-3. So no doubt they are readily available in China for much less. These LCD displays usually have a chip mounted on the glass and can be controlled by any micro controller thru either a serial or 4/8 bit port.

I made a little AVR-powered LCD badge starting with a schematic and going all the way to home-etched board about a year and a half ago.  Maybe I could get a chip with some more horsepower and write some code to make it into a project like this.  Some have suggested using a regular USB key to move between your secure PC and your internet PC.  I don't like the idea of using USB for this because of the possibility of infection:

http://www.tomshardware.com/news/usb-flash-virus-secure,6564.html

If you plug in your USB key to an infected PC connected to the internet, and it's infected, then you plug it into your "vault" PC, the secure PC could also be infected.  If the virus author is clever enough, your private key could be compromised when you plug the key back into the internet PC.  Why not do all of this without USB?  I wonder if a serial interface could be devised that would allow you to send in JSON of a requested transaction (like {address, amount}), have you go physically push a button to confirm it on the device, and have it send back to you a transaction.  It's basically the OP's idea, but much more paranoid.  I have all the equipment to do this - maybe I'll start soon.

If it were me, I wouldn't use C (though cryptography in ASM might be a challenge) but a cheap PIC microcontroller with embedded USB hardware can be had for cheap. I don't know if it has the power to handle the application but proof-of-concept could be put together pretty quickly and reasonably cheaply (Microchip will even send you the chips for free).