"BurnerOS allows you to generate private keys" - This part caught my attention. What source of entropy does BurnerOS use to generate the private keys?
Also, the phrase "Tap the card against your smartphone to launch BurnerOS" is a bit unclear. How does the smartphone recognize or interact with this operating system? Is BurnerOS embedded on NFC card, or it must be preliminary installed on the phone itself?
Burner uses a combination of three sources of entropy, each hashed and subsequently all hashed together: hardware RNG, factory seeded entropy and user entropy. The rational for this is that 2/3 of the entropy sources could be "bad" but you would still end up with sufficient entropy to ensure a key could not be reconstructed. Specifically, the chip maker could be malicious, we could be malicious but as long as you (as a user) add your own entropy you will be fine. More likely, users add poor entropy and the chip entropy + factory entropy save the day. It covers a number of various threat models while making it such that you can gift a card to someone without later swiping the funds.
See our
FAQ post on this topic.
BurnerOS is a marketing term for our web app. It lives at os.burner.pro -- it uses the same low level libraries noted in my original post (libBurner and libHalo) to interface with the Burner. No installation necessary.
You say that the entire private key isn't reveled to the person funding the Burner, and that only the recipient of the device has access to the whole key. What mechanism do you use for this? If I want to use a Burner to gift bitcoin to a friend, how does he get the whole key but I don't?
You talk about a Card Duplicator tool on your website that you use instead of a seed. Do I understand correctly that the only way to back up and recover the bitcoin deposited on a Burner is to buy another Burner or how exactly do I withdraw my BTC from your device if I don't have the private keys and seeds and don't want to use your product anymore?
Not quite -- the full key is never revealed to anyone; you merely can interface with the card and request that it sign a message to spend any UTXOs. A recipient of the card can confirm whether or not the Burner has ever signed *any transaction* (thus deeming it more or less trustworthy). Of course, even if a Burner has signed a message you could still send the funds off to another wallet (or the same wallet!) if you are concerned that the signature is some unbroadcast transaction.
Yes -- that's correct regarding Card Duplicator: if you don't duplicate a Burner and it is destroyed then funds are lost; it's very cash-like in that way. We recommend backing up one Burner to multiple other Burners if you want to store anything beyond say $100-1,000 worth of funds depending on your risk appetite.
If you don't want to use our product anymore, simply use the web app to send the funds off to a new wallet. But let's assume we are dead and our web app is no longer hosted -- in this scenario you can use our open libraries to interface with the card and request that it generate a signature to spend any UTXOs (you can even do this with a USB NFC reader and airgapped PC if you wish).
Seeds are never revealed; this is primarily normie protection from someone social engineering you to reveal a seed (e.g. a phishing email to update your Burner firmware -- but Burner firmware is non-upgradeable
I know this is opinionated and controversial with respect to hardware wallets -- e.g. some folks like bitkey do this as well. We might consider a variant in the future that allows for seed export but we think just increases the attack surface significantly.
You have a slick website and a product that basically looks and seems to function much like a Satochip or Satodime.
Close but with a couple big distinctions: (1) you can fully interface with the Burner from a web site with no other app needed -- a big difference in ease of use and (2) as the recipient of a Burner you can actively use it as a signer. By that I mean, regularly load and spend BTC from it, where all signatures happen within the secure element. In the case of Sats card you are unsealing keys and moving them to potentially insecure hardware to sweep funds.
So there's no seed phrase involved here, just a duplicator tool to "backup one "Burner to another"? What happens when I accidentally drop my burner in the cat's litter box? Or gets burned up in a house fire?
It's gone like cash. If you are storing anything more than you would in flammable cash, back it up one or more times and stash it in a few places. Use distinct PIN codes for each Burner. In BurnerOS we mandate a 6-digit PIN and will permanently lock the card after 20 bad attempts.
'm curious about the Flexa thing. So far there are really only a handful of merchants that accept bitcoin out in the wild, and it sounds like you're creating what amounts to an NFC credit card--but you wrote "merchants" and it sounds like you meant it as a global term, i.e., you'd be able to pay any merchant (that accept credit cards, it should go without saying). Can you elaborate on that?
That's a bit more up to Flexa and their distribution; if more merchants accept Flexa then you can spend it in their location. This will take a while because the Visa/Mastercard duopoly has resulted in locked down NFC permissions really tightly. If there is big demand for other Bitcoin payment mechanisms like BTCPay we would explore supporting them as well. We are somewhat concerned with users having to understand the distinction between traditional Bitcoin and Lightning so we have held off on that side of things entirely for now.
