Bitcoin Forum
July 13, 2020, 06:20:34 AM *
News: Latest Bitcoin Core release: 0.20.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Proposal: Hardware wallet (Win 3 BTC)  (Read 5383 times)
kalleguld
Newbie
*
Offline Offline

Activity: 43
Merit: 0


View Profile
October 03, 2012, 09:25:37 PM
Last edit: October 05, 2012, 09:40:06 PM by kalleguld
 #1

So, I have an idea for a secure, reasonably cheap "hardware wallet".

It's a keyfob-sized thing with a USB connector, a small display and a couple of buttons. You'd have it connected to your computer, and when you want to make a transaction, you'll get a window where you enter the amount, address and your password. Those three things are then sent to the keyfob. In its display it will say "send x BTC to 1addressbLahbLah ?", and you'd press the "accept" or the "reject" button. The (now signed) transaction is now sent back to the PC and broadcast on the network.

The keyfob would be powered by USB, controlled by a cheap microchip and would contain an encrypted version of your privkey (or possibly the paper wallet from Armory).

The advantage of doing this is that it would be very secure, as your privkey can not be extracted by normal means, and you have the final say over all transactions. It is also a lot faster and less distruptive than booting a live-cd every time you need to make a transaction, and cheaper than keeping an extra computer around.

Any comments/concerns are welcome.

Edit: for your chance at winning 3 BTC, see this post in the thread
AWARD-WINNING
CRYPTO CASINO
ASKGAMBLERS
PLAYERS CHOICE 2019
PROUD
PARTNER OF
1500+
GAMES
2 MIN
CASH-OUTS
24/7
SUPPORT
100s OF
FREE SPINS
PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1594621234
Hero Member
*
Offline Offline

Posts: 1594621234

View Profile Personal Message (Offline)

Ignore
1594621234
Reply with quote  #2

1594621234
Report to moderator
kalleguld
Newbie
*
Offline Offline

Activity: 43
Merit: 0


View Profile
October 03, 2012, 10:21:26 PM
 #2

The Air gap is that you cannot reprogram the microcontroller without accepting it on the keyfob. The software on the keyfob is therefore trustworthy* and won't send your money to the wrong address.
And your wallet is only stored on the keyfob, from where it can't be extracted, because there's simply no method of doing so unless you install new software on the keyfob.

*standard disclaimer applies; read source code.
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1001


View Profile
October 03, 2012, 11:22:31 PM
 #3

Any comments/concerns are welcome.

Related:

Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices
 - http://bitcointalk.org/index.php?topic=78614.0

Smart card wallet, take 2
 - http://bitcointalk.org/index.php?topic=94119.0

Bitcoins on a Raspberry Pi
 - http://bitcointalk.org/index.php?topic=93724.0



Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


kalleguld
Newbie
*
Offline Offline

Activity: 43
Merit: 0


View Profile
October 03, 2012, 11:25:25 PM
 #4

Quote
Hmm... I simply don't trust software enough to accomplish this.
But... how do you use bitcoin, then?  Huh Do you do all calculations by hand? Smiley

There is only the same communication as in an offline transaction in Armory (with the added security of a password sent from PC -> keyfob.
The whole thing could be done over QR code, but an electrical interface is easier.
kalleguld
Newbie
*
Offline Offline

Activity: 43
Merit: 0


View Profile
October 03, 2012, 11:29:50 PM
 #5

Thank you Stephen Gornick
The first link is exactly what I meant.
kalleguld
Newbie
*
Offline Offline

Activity: 43
Merit: 0


View Profile
October 04, 2012, 09:37:45 AM
 #6

OK, if you don't understand it, I guess the product is not for you Wink

One last try at explaining why it's secure:

The keyfob only understands a very limited set of commands from the PC:
  • Install this new wallet
  • Sign this transaction

No matter how infected your PC is, it can't extract your wallet from the keyfob. The "best" it can do is try to make the keyfob sign a transaction, but even then, the keyfob would display the transaction on its display, and you'd have to press accept.
kalleguld
Newbie
*
Offline Offline

Activity: 43
Merit: 0


View Profile
October 04, 2012, 12:57:12 PM
 #7

Quote
It sounds good to me, when can I buy one?
That's the spirit Smiley

I don't know, though.

I am a self-taught programmer, but I can't do it alone. I'd need some help:
  • A businessman to sell the idea and keep in touch with production facilities etc.
  • An electrical engineer to design the thing itself.
  • an extra software engineer/programmer for reviewing code and bounce ideas off on.


This is how I imagine it would look like:
http://www.blogcdn.com/www.engadget.com/media/2009/03/090304-ibmbankstick-03.jpg
Thanks to IBM for making me a prototype Smiley

Edit: A retail price point would probably be 12-15 USD, assuming about 1000 customers.
Dabs
Legendary
*
Offline Offline

Activity: 2660
Merit: 1410


The Concierge of Crypto


View Profile
October 04, 2012, 02:16:03 PM
 #8

Bring this idea to the Yubikey people. You can't extract the AES key or whatever it is from their little token without destroying it.

knight22
Legendary
*
Offline Offline

Activity: 1372
Merit: 1000


--------------->¿?


View Profile
October 04, 2012, 04:02:35 PM
 #9

I like this idea

og2k
Newbie
*
Offline Offline

Activity: 46
Merit: 0



View Profile
October 05, 2012, 10:03:16 AM
 #10

This is a great idea, as the pic shows is in use. Many banks allow ebanking using this method.
Mushoz
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500


Bitbuy


View Profile WWW
October 05, 2012, 10:22:14 AM
 #11

I like the idea, but I wonder how safe it truly is. Isn't it possible the wallet gets hacked, so that the micro-controller starts accepting/processing command it shouldn't?

www.bitbuy.nl - Koop eenvoudig, snel en goedkoop bitcoins bij Bitbuy!
og2k
Newbie
*
Offline Offline

Activity: 46
Merit: 0



View Profile
October 05, 2012, 10:56:34 AM
 #12

By using the limited instructions as below it would mean that you could only write over the wallet that is currently installed. This would also ask you to confirm by pressint the "Accept" button on the device.
The device could be hardware hacked but that would involve opening the device and connecting directly to the micro controller.

OK, if you don't understand it, I guess the product is not for you Wink

One last try at explaining why it's secure:

The keyfob only understands a very limited set of commands from the PC:
  • Install this new wallet
  • Sign this transaction

No matter how infected your PC is, it can't extract your wallet from the keyfob. The "best" it can do is try to make the keyfob sign a transaction, but even then, the keyfob would display the transaction on its display, and you'd have to press accept.
kalleguld
Newbie
*
Offline Offline

Activity: 43
Merit: 0


View Profile
October 05, 2012, 02:12:02 PM
 #13

I like the idea, but I wonder how safe it truly is. Isn't it possible the wallet gets hacked, so that the micro-controller starts accepting/processing command it shouldn't?

There are a couple of ways:
  • If your computer is already compromised when you install the wallet on the microcontroller (µc), then there is no way in theoretical hell you can make a secure wallet. The malware could copy the signals sent to the µc and let the attacker program a new one with the same wallet.
  • If the µc was programmed poorly (that would be my resposibility, and it's why I request another programmer to audit my work), some malware might be able to send strange signals that would make the µc leak the key.
    It would be very unlikely, because the µc has very few responsibilities, so there iae less things to go wrong. Contrast this with a PC, where you have thousands of drivers that all need to play together in an absolutely massive puzzle.
  • If I have programmed a backdoor into the µc / wallet uploading software, someone with knowledge of that backdoor could exploit it to steal your wallet. The backdoor could be there on purpose, or it could be some leftover from debugging the thing.
  • If you have physical access to the µc (ie. you stole one and disassembled it), you can possibly extract the encrypted version of the wallet. You still need a password to decrypt the key and sign the transaction.

I might make it possible to install a new version of the software on the µc. That would open the µc to attack, but you'd have to install the new software on the keyfob first. You'd get this display on the keyfob:
Code:
Warning. Installing the wrong software could expose your wallet.
Press OK 5 times to update software.
You would also need the password for the wallet in order to update the software.
firefop
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250


View Profile
October 05, 2012, 03:18:11 PM
 #14

I'd consult with yubi-key on this one. A couple of key points however.

1. You don't make the software update - you put that on a rom and that's that. This protects the end user. (and you from liability).

2. I like the idea of not having to feed it a block chain information, so it's simply a dumb device that does one thing and one thing only. And that thing is takes a req for payment from the computer it's attached to, verifies it via LCD screen, yes/no/whatever buttons. then signs the transaction.

3. you'd need a very large / high res screen on it, since I'd want to see the entire address it's sending to, also BTC amount (and probably a conversion to usd/eu/cad/whatever).

4. number 3 might make the cost fairly high, but I still think people would go for the idea.

5. in this scenario the only 'settings' needed would be the private key (which there wouldn't be a way to read from the device) and a location currency setting (that's if you're showing btc & fiat).


Good idea let me know when you've got them for sale =P


Richy_T
Legendary
*
Offline Offline

Activity: 1358
Merit: 1003


1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k


View Profile
October 05, 2012, 03:33:52 PM
Last edit: October 05, 2012, 03:43:56 PM by Richy_T
 #15

Consider making it completely unwriteable from the main USB interface. Or at the very least require setting it in a special mode from the built-in controls.

What would be somewhat cool would be to have some flash on there and have the PC software be on it as a read-only USB drive. Though that is a little more complex than what you are suggesting and might open some attach channels itself.

Though personally, I don't see much real need beyond the mobile apps that are around right now. But good luck.

Also, if you could get the hardware, consider an e-ink display. You could have the balance and the address (maybe as a QR code) even with the device unplugged.


1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
kalleguld
Newbie
*
Offline Offline

Activity: 43
Merit: 0


View Profile
October 05, 2012, 07:37:38 PM
 #16

About the update-ability: I was considering it in case the bitcoin network should somehow change (maybe the signing method was proven insecure or something like that). If the device was not updateable, that would render it completely useless.

How about this: You can only update the device if you delete all wallets on it. That way you'd have to reinstall your wallets (that you had a paper backup of, anyway, right?) in case you updated.

I like the e-ink idea, it had crossed my mind. I hadn't thought about the QR code (although that could also be solved with a sticker).

I am going to rewrite what I said in this thread and post it in Dev & Tech over the weekend.
firefop
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250


View Profile
October 05, 2012, 09:06:07 PM
 #17

About the update-ability: I was considering it in case the bitcoin network should somehow change (maybe the signing method was proven insecure or something like that). If the device was not updateable, that would render it completely useless.

How about this: You can only update the device if you delete all wallets on it. That way you'd have to reinstall your wallets (that you had a paper backup of, anyway, right?) in case you updated.

I like the e-ink idea, it had crossed my mind. I hadn't thought about the QR code (although that could also be solved with a sticker).

I am going to rewrite what I said in this thread and post it in Dev & Tech over the weekend.

I wouldn't worry about the update-ability - if something drastic changes, you get to sell new hardware. If you make it cheap enough it shouldn't be a problem (and sha2 isn't going anywhere anytime soon)

cedivad
Legendary
*
Offline Offline

Activity: 1176
Merit: 1001



View Profile
October 05, 2012, 09:16:08 PM
 #18

I really love this idea!
I wanted to do one myself, lol Smiley

How much do you think you will need to finance this?

I think that you should start thinking into it seriously, share the idea and the code with the community, project a solid product build it and do some profit!

My anger against what is wrong in the Bitcoin community is productive:
Bitcointa.lk - Replace "Bitcointalk.org" with "Bitcointa.lk" in this url to see how this page looks like on a proper forum (Announcement Thread)
Hashfast.org - Wiki for screwed customers
kalleguld
Newbie
*
Offline Offline

Activity: 43
Merit: 0


View Profile
October 05, 2012, 09:38:25 PM
 #19

Thanks for the support and the replies, everyone. This is now a thing.

I need a name for this thing. So this thread is now a competition. Suggest a name for the thing, and if I pick yours, you win the 3 BTC I have in my wallet (minus tx fee). It should have a vacant .com address.

For the record, my own suggestion is The Hard Bit, for hardware bitcoin wallet. hardbit.com is taken, though Sad
Richy_T
Legendary
*
Offline Offline

Activity: 1358
Merit: 1003


1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k


View Profile
October 05, 2012, 09:56:09 PM
 #20

Bitstick?

1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!