Bitcoin Forum

Other => Beginners & Help => Topic started by: MoTLD on April 24, 2012, 03:09:17 PM



Title: Air gapped wallet printer
Post by: MoTLD on April 24, 2012, 03:09:17 PM
Anybody have use for a dedicated wallet generator?

This is an idea I've been bouncing around in my head for a little while now, and I want to see if anybody else is already working on something similar.

I'd like to put a microcontroller in a small label printer, and at the press of a button (or several, for random seed generation) it prints two labels. One has a wallet address, the other has the corresponding private key, both with QR codes.

No computer necessary, instant air gap, open source code.

With some extra effort, it could be expanded to give GPG keys, other currency wallets, etc. Anything you'd normally disconnect and reboot your computer to a live cd for, so long as it uses hashing algorithms that a microcontroller can handle in a reasonable amount of time.

Think I could sell many of these if I started making 'em?

-Mo


Title: Re: Air gapped wallet printer
Post by: Stephen Gornick on April 24, 2012, 11:11:12 PM
Anybody have use for a dedicated wallet generator?

Some conversation about this topic here:

 - http://bitcointalk.org/index.php?topic=74615.0

Think I could sell many of these if I started making 'em?

There is a market for something like that, I would bet.


Title: Re: Air gapped wallet printer
Post by: dayfall on April 25, 2012, 12:01:40 AM
I think it would be possible to program a simple microcontroller to mount itself as a usb mass storage device and to serve up a single image that contains a key that is generated upon powerup.  Or it could write to a SD card which could be inserted directly into most modern printers.  I have built something similar to both of these in the past.  However, I doubt I could get the key generation code compiled on anything.


Title: Re: Air gapped wallet printer
Post by: westkybitcoins on April 25, 2012, 12:57:26 AM
Anybody have use for a dedicated wallet generator?

This is an idea I've been bouncing around in my head for a little while now, and I want to see if anybody else is already working on something similar.

I'd like to put a microcontroller in a small label printer, and at the press of a button (or several, for random seed generation) it prints two labels. One has a wallet address, the other has the corresponding private key, both with QR codes.

No computer necessary, instant air gap, open source code.

With some extra effort, it could be expanded to give GPG keys, other currency wallets, etc. Anything you'd normally disconnect and reboot your computer to a live cd for, so long as it uses hashing algorithms that a microcontroller can handle in a reasonable amount of time.

Think I could sell many of these if I started making 'em?

-Mo



I'd certainly be very interested in one of those, IF there was the small additional feature that I could print out more than one copy of a given keypair. Not that I want it to store the addresses/keys; rather, so that I when I push "New Keys", I can tell it how many copies to print.

If I intend to store more than a pittance at an address, I want more than one copy of it and its key as backup, and if I have to scan it into a computer to make copies, that kind of defeats the purpose.


Title: Re: Air gapped wallet printer
Post by: Tuxavant on April 25, 2012, 02:18:31 PM
This needs a simple LCD display to show QR codes for a truly air-gapped implementation. Count me in for at least one.


Title: Re: Air gapped wallet printer
Post by: MoTLD on April 26, 2012, 04:46:42 AM
Stephen Gornick: Thanks for the link, looks like I'm (unsurprisingly) not the first to think of this. :)

dayfall: Those could both be done, but the idea is for this device to be pretty much incompatible with computers so there's no way short of looking over the user's shoulder or breaking into his safe to get the private key.

westkybitcoins: Hadn't thought of multiple copies, thanks! You're right, backups are a must.

Tuxavant: Actually, that was my first idea, have it show a QR code on an LCD. But the second you've scanned that QR code, your air gap is only as good as the device you scanned it into, and if that's good why not just generate the code on it? So this printer would be for folks who want their private key never to have touched a machine that will ever be networked.

But the labels will certainly have QR codes, to minimize the chance of typing mistakes. And the public address label would probably just be scanned in and then thrown away, so maybe I'll consider an LCD display for it and print just the private keys.

Thanks for the input, everybody! Now that I'm past my newbie limits, I'll start a new post about this elsewhere if/when I actually throw something together.

-Mo


Title: Re: Air gapped wallet printer
Post by: casascius on April 26, 2012, 05:00:22 AM
Sounds to me like you're describing POS credit card machine hardware!

I have SDK's for quite a bit of the hardware, but they generally can only run straight C/C++ code and offer very limited library support.  I have already figured out how to get a VeriFone Vx510 to print QR codes on the built-in printer given a text string to encode.  If someone could provide me some straight C code that could do the ECC calculation and the hashing to form bitcoin addresses - with no dependency on any libraries - where I could call a function and supply 32 random bytes and a buffer where the function can drop a bitcoin address and private key - I could compile and sign a program that did this, for everyone's benefit.

I believe I might be able to dig up an SDK for an older model called the Omni 3200, which is also programmed in C.

The advantage to these older models is they're readily available on eBay for cheap.  That Omni 3200 is available used in the $30-$50 range, which is hard to beat.  They are often perfectly good and in plentiful supply, as businesses liquidate them all the time from upgrading or going out of business.

Once compiled, these programs are fairly easy to load on terminals.  At the very least, they are all capable of using the built-in dialup modem to call a server and grab a program.  I have such a server, and the protocol for supplying programming to the terminal is drop-dead simple (similar to XMODEM protocol).


Title: Re: Air gapped wallet printer
Post by: Red Emerald on April 26, 2012, 05:10:38 AM
Interesting project.


Title: Re: Air gapped wallet printer
Post by: MoonShadow on April 26, 2012, 05:20:35 AM
This is an excellent idea, but users need to be warned to use high quality, archive grade paper & ink.  Regular printer paper yellows while regular ink eventually fades and 'blends' marring the sharp edges of the QR codes.  If the key pages also print the keys in a human readable format, this isn't likely to matter within a normal human timeframe; as if the QR code is too blurred to scan well, one just has to sit down and type it in.

I might buy one, if they don't cost too much.  What would the printer do for entropy, though?  Perhaps a simple am receiver to encode the static background?  A regular microcontroller is way too deterministic and simple of a device to not have some kind of deliberate entrophy; otherwise the keys produced are going to have some distinct bias towards a particular set of keys, and there might be address collisions.


Title: Re: Air gapped wallet printer
Post by: MoTLD on April 26, 2012, 05:44:05 AM
casascius: Awesome, I'd never thought of a POS terminal. My idea was to drop a microcontroller into an off the shelf serial printer, but a used POS terminal would probably be a lot cheaper while providing more options. If I knew more C I'd order one off eBay and collaborate with you on it. Maybe this is the excuse I need to crack some books... ;)

MoonShadow: Excellent points. As was mentioned on the linked thread, thermal paper would be nearly useless. I dunno if there are archival-quality labels, but I had in mind a label printer for this. But I'm glad you mentioned that as now I'm thinking it should print the human-readable part of it as large and well defined as possible in case of eventual fading or blurring.

And for entropy, I was thinking that the user would be required, after selecting what sort of key they want and how many copies, to press all of the device's buttons repeatedly and in random order, lots and lots of times. ;)

Keep the ideas comin' everybody!

-Mo


Title: Re: Air gapped wallet printer
Post by: Tuxavant on April 26, 2012, 12:23:47 PM
Tuxavant: Actually, that was my first idea, have it show a QR code on an LCD. But the second you've scanned that QR code, your air gap is only as good as the device you scanned it into, and if that's good why not just generate the code on it? So this printer would be for folks who want their private key never to have touched a machine that will ever be networked.


For my intended purpose, this device would be an off-line wallet generator and storage device. You only trust the private keys generated by the device until you need to spend the money. That's when you'd display the private keys on the LCD display and sweep them into a private wallet for spending.

Edit: Perhaps displaying the key on the LCD panel might give you the option to actually delete it, or at least mark it "compromised".


Title: Re: Air gapped wallet printer
Post by: casascius on April 26, 2012, 09:55:55 PM
For entropy, I would ask someone to press a large number of keys.  The main source of entropy would be the system tick count collected with each keypress.

Agreed that thermal paper has a shelf life, but my first recommendation would be to photocopy it onto normal paper using a copier (could be a multifunction printer, but the important part is that it's not scanned into a computer).  Thermal paper is hard enough to manage for its shape and the fact that it curls, let alone the possibility of the ink fading.  The motivation to use the credit card machines with thermal paper is the low cost of acquisition of the device.

If a multifunction printer must be involved, another promising idea is to create a bootable USB image that does the key generation and dumps the output back to the USB stick as jpegs, which can then be shoved in a multifunction printer for printing.  In fact, this one is extremely practical.  Bootable image could just contain something that runs BitAddress.org's script and renders the output straight to PDF, which most printers can print as well.



Title: Re: Air gapped wallet printer
Post by: MoTLD on April 27, 2012, 12:05:38 AM
Tuxavant: The device I envision has no non-volatile memory, so keeping track of it is not important - assuming your wallets are worth more than the device, anyway. All that matters is keeping track of the keys it prints. A dedicated wallet generator which is also a wallet vault is very interesting, but not what I'm looking to build.

casascius: Agreed, the low cost of a surplus POS terminal might make up for the disadvantages of thermal paper. But, in a perfect world, the output of the device can be directly tossed in the safe with no intermediate steps.

And a bootable USB device creating jpegs is also interesting, but doesn't meet my aims of not needing to use/reboot your computer. It's just a more convenient version of what I already do, which is unplugging the network, booting a linux live CD, running the BitAddress.org script, and printing the output. But if someone (me, maybe?) wants to create a dedicated live cd/usb image which includes lots of Bitcoin tools (full bitcoin client, BitAddress.org, pywallet.py, vanitygen, password vault, etc.) along with all their dependencies in a ready-to-run-offline form, I'm sure it would be well received!

Thanks, guys, keep the great ideas rolling!

-Mo


Title: Re: Air gapped wallet printer
Post by: Foxpup on April 27, 2012, 01:40:17 AM
For entropy, I would ask someone to press a large number of keys.  The main source of entropy would be the system tick count collected with each keypress.

I think any dedicated bitcoin device should have a hardware RNG. The only reason for messing about with such things as input timing is when a hardware RNG isn't available (like on most PCs, for example).


Title: Re: Air gapped wallet printer
Post by: casascius on April 27, 2012, 02:32:09 AM
And a bootable USB device creating jpegs is also interesting, but doesn't meet my aims of not needing to use/reboot your computer. It's just a more convenient version of what I already do, which is unplugging the network, booting a linux live CD, running the BitAddress.org script, and printing the output. But if someone (me, maybe?) wants to create a dedicated live cd/usb image which includes lots of Bitcoin tools (full bitcoin client, BitAddress.org, pywallet.py, vanitygen, password vault, etc.) along with all their dependencies in a ready-to-run-offline form, I'm sure it would be well received!

Thanks, guys, keep the great ideas rolling!

-Mo


Is the printing part difficult?  I don't ever print in Linux, but wonder how does the average Joe set up a printer to work with a live CD?  Would he not need drivers, which may very well not exist for his printer?  Or does Linux have support for most of the typical printers out there?


Title: Re: Air gapped wallet printer
Post by: MoTLD on April 27, 2012, 02:42:42 AM
For entropy, I would ask someone to press a large number of keys.  The main source of entropy would be the system tick count collected with each keypress.

I think any dedicated bitcoin device should have a hardware RNG. The only reason for messing about with such things as input timing is when a hardware RNG isn't available (like on most PCs, for example).

I wholeheartedly agree, but the last time I checked (and I admit, it's been some time) RNG hardware wasn't cheap, or at least the cheap stuff was awfully slow. Have things improved?

Is the printing part difficult?  I don't ever print in Linux, but wonder how does the average Joe set up a printer to work with a live CD?  Would he not need drivers, which may very well not exist for his printer?  Or does Linux have support for most of the typical printers out there?

I'm no linux guru myself, and I was frankly shocked that the Ubuntu live CD I downloaded for just this purpose automagically printed to the HP "winprinter" here at my folks' place that I couldn't use under my OS of choice (eComStation, in case you're curious) back when I had a laptop and needed to print something here.

If my experience is typical, all the average Joe needs is a Ubuntu live cd with bitcoin-related tools and some basic instructions.

-Mo

PS - Yes, I was just being too lazy to quote before. Actually, too lazy to allow bitcointalk.org through the script blocker. But I've changed my evil ways... ;)


Title: Re: Air gapped wallet printer
Post by: Foxpup on April 27, 2012, 03:10:15 AM
I think any dedicated bitcoin device should have a hardware RNG. The only reason for messing about with such things as input timing is when a hardware RNG isn't available (like on most PCs, for example).

I wholeheartedly agree, but the last time I checked (and I admit, it's been some time) RNG hardware wasn't cheap, or at least the cheap stuff was awfully slow. Have things improved?

Well, the expensive stuff has always been faster than the cheap stuff (otherwise why would anyone buy it?), but you don't really need speed. "Awfully slow" these days means a few kilobytes of entropy per second. That's more than enough to generate a bitcoin address in less time than it takes to print it, and in any case is much, much faster than mashing the keyboard to produce entropy.


Title: Re: Air gapped wallet printer
Post by: MoonShadow on April 27, 2012, 04:12:49 AM
For entropy, I would ask someone to press a large number of keys.  The main source of entropy would be the system tick count collected with each keypress.

I think any dedicated bitcoin device should have a hardware RNG. The only reason for messing about with such things as input timing is when a hardware RNG isn't available (like on most PCs, for example).

I wholeheartedly agree, but the last time I checked (and I admit, it's been some time) RNG hardware wasn't cheap, or at least the cheap stuff was awfully slow. Have things improved?


Well, that's exactly why I mentioned an am receiver tuned to static.  Pipe that into the stereo mic-in jack of a small computer, mash the resulting bitstream up with some hashing algos, and you've got a pretty decent RNG hardware on the cheap. 


Title: Re: Air gapped wallet printer
Post by: MoTLD on April 27, 2012, 05:00:51 AM
Well, that's exactly why I mentioned an am receiver tuned to static.  Pipe that into the stereo mic-in jack of a small computer, mash the resulting bitstream up with some hashing algos, and you've got a pretty decent RNG hardware on the cheap. 

Good thinking! I must've read right past that, sorry. The only thing I'd worry about is an adversary having a transmitter nearby and therefore overriding the unpredictability of the seed. Since I plan on keeping the specs and software open on this design, an adversary who knows you have it knows how it works.

But you're on the right track. I've been trying to think of a good, cheap RNG (besides button-mashing) that's hard to either eavesdrop on or influence from afar. So far I've avoided actually researching it so I don't muddy up my thought process, but soon I'll see what's commercially available.

-Mo


Title: Re: Air gapped wallet printer
Post by: MoonShadow on April 27, 2012, 05:05:52 AM
Well, that's exactly why I mentioned an am receiver tuned to static.  Pipe that into the stereo mic-in jack of a small computer, mash the resulting bitstream up with some hashing algos, and you've got a pretty decent RNG hardware on the cheap. 

Good thinking! I must've read right past that, sorry. The only thing I'd worry about is an adversary having a transmitter nearby and therefore overriding the unpredictability of the seed. Since I plan on keeping the specs and software open on this design, an adversary who knows you have it knows how it works.

But you're on the right track. I've been trying to think of a good, cheap RNG (besides button-mashing) that's hard to either eavesdrop on or influence from afar. So far I've avoided actually researching it so I don't muddy up my thought process, but soon I'll see what's commercially available.

-Mo


An attacker could bias your device from afar, but he'd also need to know precisely when you pushed the 'start' button.   And if you were using a normal radio to do it, you could hear the attempt at screwing with it.  Although it's technically possible, the practical means of influencing the entrophy in this fashion is pretty remote.


Title: Re: Air gapped wallet printer
Post by: MoTLD on April 27, 2012, 05:20:57 AM
Although it's technically possible, the practical means of influencing the entrophy in this fashion is pretty remote.

Very true, it's probably not a practical attack vector. However, from a marketing perspective, I'd like to be able to say the device can't be influenced in any way by outside forces.

But your idea certainly has merit. I might go the really simple route by using a plain microphone and leaving it up to the user what to feed into it, if adding sound input is cheaper than other alternatives. The circuitry to turn sound into bits is pretty simple if fidelity isn't important.

-Mo


Title: Re: Air gapped wallet printer
Post by: Foxpup on April 27, 2012, 06:34:51 AM
Well, that's exactly why I mentioned an am receiver tuned to static.  Pipe that into the stereo mic-in jack of a small computer, mash the resulting bitstream up with some hashing algos, and you've got a pretty decent RNG hardware on the cheap. 

Good thinking! I must've read right past that, sorry. The only thing I'd worry about is an adversary having a transmitter nearby and therefore overriding the unpredictability of the seed.

Damn, I read past that too. Anyway, if you only take the least-significant bit of each sample from the ADC, you'll get complete randomness (from background noise) regardless of what an attacker is trying to transmit (since it's an analog signal, there'll always be some level of background noise that's outside the attacker's control). The same trick works with a microphone, for the same reason.


Title: Re: Air gapped wallet printer
Post by: EhVedadoOAnonimato on April 30, 2012, 08:05:33 AM
I would happily buy such a device, but I'd like it to have a feature that I find important: ask for a strong password and use it to encrypt a copy of the key, and print this encrypted copy, so that I could scan it on my computer and safely back it up in a service like Wuala, plus different medias of mine.
I believe backups should be geographically separated, and it's much easier and cheaper to accomplish that with digital data than with paper.

Maybe it should use deterministic key generation, as some clients are already doing, so that I only have to backup an encrypted copy of the seed.

What do you think?


Title: Re: Air gapped wallet printer
Post by: MoTLD on May 03, 2012, 04:38:25 AM
I would happily buy such a device, but I'd like it to have a feature that I find important: ask for a strong password and use it to encrypt a copy of the key, and print this encrypted copy, so that I could scan it on my computer and safely back it up in a service like Wuala, plus different medias of mine.
I believe backups should be geographically separated, and it's much easier and cheaper to accomplish that with digital data than with paper.

Maybe it should use deterministic key generation, as some clients are already doing, so that I only have to backup an encrypted copy of the seed.

What do you think?

Good ideas, I like 'em both. I don't think either would be difficult to incorporate into a system that's already got the horsepower to do the hashing in the first place. It might take a little more memory, but it'd be worth the extra expense IMO.

Thanks, and keep those ideas rolling! It sounds like there's a market for something like this, and you guys are really helping me flesh out some specs, so I might just do this thing.

-Mo

PS - Casascius, I hope you're looking for the code you need to make a POS term work, 'cause competition is good! Also, if you open-source it (and I don't wimp out and use a basic stamp), I might steal some of your code. ;)


Title: Re: Air gapped wallet printer
Post by: EhVedadoOAnonimato on May 03, 2012, 07:47:31 AM
I've thought a little more about it, and there's an issue with the air gapped printer idea.

If we're talking about an air gapped device, that's because we cannot trust our other devices. So, let's assume somebody has one of these printers, but all of his computers are compromised with bitcoin-stealing malware.
While he uses the printer to generate addresses, and only gives these addresses to those that should credit him, he should be safe - assuming the malware is not advanced enough to also tamper the messages where the user sends his addresses to others.

But what would this user do when he wants to spend the money he has in these safe addresses? If he loads the private key into any of his computers, he loses the money.

For such a device to be complete, it should be able to generate offline transactions as well. But that would probably require a way to scan QR-codes. Manually inputing addresses is error prone and annoying.
Anyway, this increases the complexity of what you're trying to do...


Suggestion: talk with someone42, who started this topic: https://bitcointalk.org/index.php?topic=78614.msg879194;topicseen#msg879194
He's trying to do something similar, but purely digital instead of paper printer. I tend to prefer it since I'm not a big fan of paper wallets anyway. But I guess the printing part is not the hard part.


Title: Re: Air gapped wallet printer
Post by: casascius on May 04, 2012, 07:32:15 PM
...but all of his computers are compromised with bitcoin-stealing malware...

Even his computer he booted from a live CD?  or his computer that has never been connected to the internet since the OS was freshly installed?

If someone could create a module in C that exposed a function which took 32 random bytes and gave me a bitcoin address and base58 private key in a buffer I provide, with no dependency on any libs or 3rd party stuff (100% self contained code), I could PROMPTLY produce a downloadable program for the VeriFone VX credit card machines that would issue addresses as QR codes on receipt paper and on screen.  That means all bignumber math and ECC math would have to be implemented right there.  Such a C function would not need to be responsible for entropy, I can handle that, I can provide the 32 random bytes to be used for the private key.  Open source OK as I plan on publishing source to it all.


Title: Re: Air gapped wallet printer
Post by: MoTLD on May 05, 2012, 02:43:59 AM
If we're talking about an air gapped device, that's because we cannot trust our other devices. So, let's assume somebody has one of these printers, but all of his computers are compromised with bitcoin-stealing malware.
While he uses the printer to generate addresses, and only gives these addresses to those that should credit him, he should be safe - assuming the malware is not advanced enough to also tamper the messages where the user sends his addresses to others.

But what would this user do when he wants to spend the money he has in these safe addresses? If he loads the private key into any of his computers, he loses the money.

Actually, I kinda had in mind users who are already so distrustful of their computers as to boot from a live CD every time they create new wallets, and even to create transactions if those wallets are intended for more than one use. This device would simply be a more convenient way to do the same thing.

For such a device to be complete, it should be able to generate offline transactions as well. But that would probably require a way to scan QR-codes. Manually inputing addresses is error prone and annoying.
Anyway, this increases the complexity of what you're trying to do...

All true. I would love for the device to generate transactions, too, but like you said, manual input of addresses is problematic and adding a camera or the like increases the complexity beyond what I had in mind. But I'll keep brainstorming. Manual input, annoying as it is, wouldn't add too much complexity if the device already had a keyboard and screen (like casascius's POS terminals). Hmm...casascius, do your POS terms support a barcode scanner? Maybe the printer could output an old fashioned barcode instead of/in addition to a QR code...?

Suggestion: talk with someone42, who started this topic: https://bitcointalk.org/index.php?topic=78614.msg879194;topicseen#msg879194

Thanks for the link, I hadn't seen that thread yet. Looks like I've got some more prior art reading to do! :)

If someone could create a module in C[...]

Are you really gonna make me finally learn C? I've managed to avoid doing so for over 20 years now... ;)

-Mo


Title: Re: Air gapped wallet printer
Post by: casascius on May 05, 2012, 05:29:51 PM
Hmm...casascius, do your POS terms support a barcode scanner?

Yes, several models (e.g. Vx570) have a USB port which can accept an external keyboard, to which you'd attach a keyboard-wedge 2d barcode scanner that supports QR codes.

Having the credit card terminal approve and sign transactions sent by a computer (either via RS232 or USB) is also a very useful application.  (When connected to a computer, it will look like a serial port over USB, as it supports serial port emulation).


Title: Re: Air gapped wallet printer
Post by: EhVedadoOAnonimato on May 05, 2012, 06:38:44 PM
For such a device to be complete, it should be able to generate offline transactions as well. But that would probably require a way to scan QR-codes. Manually inputing addresses is error prone and annoying.
Anyway, this increases the complexity of what you're trying to do...

All true. I would love for the device to generate transactions, too, but like you said, manual input of addresses is problematic and adding a camera or the like increases the complexity beyond what I had in mind. But I'll keep brainstorming. Manual input, annoying as it is, wouldn't add too much complexity if the device already had a keyboard and screen (like casascius's POS terminals). Hmm...casascius, do your POS terms support a barcode scanner? Maybe the printer could output an old fashioned barcode instead of/in addition to a QR code...?

The barcode is a good idea. Two people both using this device could safely send money to one another.

Concerning the keyboard, it doesn't need to be embedded. You may have just an USB port to connect a keyboard to. Such port could be used both to input the encryption password and to write out the encrypted wallet seed into a memory stick.
Such port could also be used to connect to some external software that would provide transactions to be signed. That would still be vulnerable to the risks described here (https://bitcointalk.org/index.php?topic=78614.msg880204#msg880204), which can be considerably mitigated by what jim said just after.

Actually, if you manage to make the printer "detachable", or make it capable of connecting to an USB-printer instead of having its own, than your device may be really small. By that I mean "portable". Improve it with p2p wireless communication like that bitcoincard thing, and hidden volumes for plausible deniability, and you've got the best bitcoin storage and payment device. ;)


Title: Re: Air gapped wallet printer
Post by: EhVedadoOAnonimato on May 05, 2012, 06:41:30 PM
Why is this topic in the Newbies section by the way?
Wouldn't it fit better in the Alternative clients section, like the other one about the Hardware Wallet (https://bitcointalk.org/index.php?topic=78614)?


Title: Re: Air gapped wallet printer
Post by: MoTLD on May 05, 2012, 10:41:35 PM
Why is this topic in the Newbies section by the way?

'Cause I was a newbie when I started it. ;)

Wouldn't it fit better in the Alternative clients section, like the other one about the Hardware Wallet (https://bitcointalk.org/index.php?topic=78614)?

It would. But I think I've learned what I wanted to know from this thread, so I'm going to summarize it and, after a little time for comments, close it. I'll then organize my thoughts and start a new topic in the appropriate forum later, probably when I've got a prototype (unless my flights of fancy take me elsewhere...).

Having the credit card terminal approve and sign transactions sent by a computer (either via RS232 or USB) is also a very useful application.  (When connected to a computer, it will look like a serial port over USB, as it supports serial port emulation).
Actually, if you manage to make the printer "detachable", or make it capable of connecting to an USB-printer instead of having its own, than your device may be really small. By that I mean "portable". Improve it with p2p wireless communication like that bitcoincard thing, and hidden volumes for plausible deniability, and you've got the best bitcoin storage and payment device. ;)

Well, while these things are all excellent and useful; I think the easiest way to make them happen would be for someone42 to add printer support to his ongoing project. I haven't read more than the first few posts of his thread, but from the sound of things it already does most of what's been discussed here in terms of connecting to a computer and dealing with transactions, etc. I need to read the rest and get up to date.

Also, it sounds like a POS term would be the easiest and cheapest OTS hardware for this purpose, so maybe casascius and someone42 should be collaborating on the best and most cost-effective hardware wallet around? Or...competition is always good... ;)

But the device I had in mind is truly air gapped. It never connects to a computer, and it doesn't even store keys. It's a wallet generator, not a wallet. Some folks don't like paper wallets, and I can understand that, but I do. :)

A hardware wallet is a replacement for a checking account or a real wallet full of cash. They don't have nearly the attack surface of a general purpose computer, but they do have an attack surface. Think of my proposed device as a savings account generator instead. It makes wallets which never have and never will touch a networkable device until the moment you're ready to transfer the entire balance elsewhere. When you want to do so, you boot your computer with your handy live CD and generate an offline transaction and when it's gone through you throw away the old paper wallet. Since the paper wallet is a one-time thing, you might not even need the live CD/offline transaction hassle if you're reasonably sure nobody will be able to snarf your private key and empty your wallet before your own transaction goes through.

So I guess the point of this thread, for me, was to see if anybody would be interested in dedicated hardware to do what GP hardware and a dedicated live boot CD already does very well. It seems to me that if you generate enough wallets with a CD boot you won't need to reboot to generate wallets as often as you'll need to reboot to generate transactions. So there probably isn't a market for an air gapped wallet generator unless it also generates air gapped transactions.

However, there does seem to be quite a potential market for hardware wallets. Someone42 and casascius seem to be on similar paths for a convenient but reasonably secure daily-use type hardware wallet. I'll keep thinking about how a proper savings account generator should work, and whether one is even useful versus something like a brain wallet or just CD booting a computer once in a while.

Maybe I'll just put together a bitcoin-tailored live CD. :-P

-Mo

PS - Feel free to post your closing comments, but I'd like to close this topic soon so if there's a good discussion to be had it should have its own topic.


Title: Re: Air gapped wallet printer
Post by: westkybitcoins on May 08, 2012, 09:13:57 PM
So I guess the point of this thread, for me, was to see if anybody would be interested in dedicated hardware to do what GP hardware and a dedicated live boot CD already does very well. It seems to me that if you generate enough wallets with a CD boot you won't need to reboot to generate wallets as often as you'll need to reboot to generate transactions. So there probably isn't a market for an air gapped wallet generator unless it also generates air gapped transactions.

Well, just as a closing comment I'd like to say that I disagree with the highlighted text above.

I still believe your initial idea, of just printing one-address wallets from an offline, air-gapped device is still very valuable. If it were available right now, for the right price (<$20) I'd be looking to get one or two ASAP, and I'm not worried that my system is compromised yet. I can handle my own transaction sending. But a quick and easy way to spit out addresses for storage (with accompanying private key) greatly simplifies things.

Just my 0.02btc.


Title: Re: Air gapped wallet printer
Post by: LukeL on May 09, 2012, 09:11:02 PM
Pardon my ignorance but what does "air gapped" mean exactly?


Title: Re: Air gapped wallet printer
Post by: Stephen Gornick on May 09, 2012, 09:55:45 PM
Pardon my ignorance but what does "air gapped" mean exactly?

Not connected to the network.

There actually are varying degrees of this though even.   You could have a desktop Windows system with the network cable unplugged and no wif-fi and try to call that airgapped, but it isn't.  Because if that system was compromised by a keystroke capture or malware that read the wallet.dat file as then that malware could transmit when the network connectivity is eventually restored.

So the more secure air gapped device doesn't have connectivity and won't.  Since you don't want to have to have around an extra PC or other device just for Bitcoin, a less-capable, specialized system like this wallet printer idea might be more useful.

 - http://en.wikipedia.org/wiki/Air_gap_(networking)


Title: Re: Air gapped wallet printer
Post by: MoTLD on May 10, 2012, 07:30:23 AM
So I guess the point of this thread, for me, was to see if anybody would be interested in dedicated hardware to do what GP hardware and a dedicated live boot CD already does very well. It seems to me that if you generate enough wallets with a CD boot you won't need to reboot to generate wallets as often as you'll need to reboot to generate transactions. So there probably isn't a market for an air gapped wallet generator unless it also generates air gapped transactions.

Well, just as a closing comment I'd like to say that I disagree with the highlighted text above.

I still believe your initial idea, of just printing one-address wallets from an offline, air-gapped device is still very valuable. If it were available right now, for the right price (<$20) I'd be looking to get one or two ASAP, and I'm not worried that my system is compromised yet. I can handle my own transaction sending. But a quick and easy way to spit out addresses for storage (with accompanying private key) greatly simplifies things.

Just my 0.02btc.


Duly noted, and thanks! :)

I'll be back on the road next week, and will thus have lots of time to meditate on this. When winter rolls around again and I find myself indoors with a soldering iron and lots of free time, this might just be the project I take up. And if before then I find myself struck by sudden inspiration (or a pallet of cheap printers) I'll let y'all know.

Thanks again, everybody, for all of the great ideas, refinements, and discussion!

-Mo

PS - It's a credit to this forum that so many pillars of the community hang out here in the newbies section!


Title: Re: Air gapped wallet printer
Post by: Stephen Gornick on October 08, 2012, 01:53:58 AM
Anybody have use for a dedicated wallet generator?

As a bookend to this thread, further discussion here:


Physical device to generate public/private key pairs
 - http://bitcointalk.org/index.php?topic=117054.0