kalleguld (OP)
Newbie
 Offline
Activity: 43
Merit: 0
|
 |
October 06, 2012, 03:58:26 PM
Last edit: October 06, 2012, 08:26:47 PM by kalleguld |
|
So, I have an idea for a secure, cheap and easy to use "hardware wallet". It will be a small USB stick with a display and two buttons, as pictured here. http://kalleguld.dk/hardbit/hardbitsketch.pngNot the final designWhy would I need one of these?- It's much more secure than doing your transactions on your computer
- It's easier than using an offline computer or a Live CD to sign your transactions, yet just as secure
- You retain total control over your wallets
- If it is lost or stolen, it's still password protected, so you can restore from paper backup and recover your money
Easy, you say? Describe a transaction workflow!OK, say you want to make a transaction. You fill out four things in the PC client: the wallet to transfer from, the amount of BTC, the destination address and the password for the wallet. You press OK, and the transaction is sent to the device via USB for signing. On the device you see the amount, wallet and destination, and you press the OK button. The device sends the signed transaction back to the PC, and the PC client publishes the transaction on the 'net. Why can't I buy this already?I cannot make this by myself, I need some help. Specifically, I need: - A businessman, who will keep track of orders, outsourcing production, making bulletpoints, etc.
- An electrical engineer, who can design a PCB with the needed components.
- A programmer, who can help me in making the PC UI, the µc firmware, auditing etc.
There will be no normal pay, but you will receive a fair share of any profits and a share in the company if we decide to keep it rolling. What's it called?Nobody knows yet. If you have a great name for it, write it in this thread and you may win 3 BTC, as well as eternal bragging rights. Anything else I should know?Expected price: USD 12-15 More info: https://bitcointalk.org/index.php?topic=115294 |
|
|
|
|
justusranvier
Legendary
Offline
Activity: 1400
Merit: 1009
|
|
October 06, 2012, 04:20:05 PM |
|
Specifically, I need: - A businessman, who will keep track of orders, outsourcing production, making bulletpoins, etc.
- An electrical engineer, who can design a PCB with the needed components.
- A programmer, who can help me in making the PC UI, the µc firmware, auditing etc.
Why do they need you? |
|
|
|
|
cedivad
Legendary
Offline
Activity: 1176
Merit: 1001
|
|
October 06, 2012, 04:24:32 PM |
|
Specifically, I need: - A businessman, who will keep track of orders, outsourcing production, making bulletpoins, etc.
- An electrical engineer, who can design a PCB with the needed components.
- A programmer, who can help me in making the PC UI, the µc firmware, auditing etc.
Why do they need you? He is Jobs reincarnated. Seriously, i think he is taking the business risk (eg, risk of losing everything invested into this if this dosen't work too well). |
My anger against what is wrong in the Bitcoin community is productive: Bitcointa.lk - Replace "Bitcointalk.org" with "Bitcointa.lk" in this url to see how this page looks like on a proper forum (Announcement Thread)Hashfast.org - Wiki for screwed customers |
|
|
|
dunand
|
|
October 06, 2012, 04:24:48 PM |
|
Why do they need you?
For the drawing part. |
|
|
|
|
Justin00
Legendary
Offline
Activity: 910
Merit: 1000
★YoBit.Net★ 350+ Coins Exchange & Dice
|
|
October 06, 2012, 04:49:32 PM |
|
hmm.. that is kinda cool.
|
|
|
|
|
Nite69
|
|
October 06, 2012, 05:05:47 PM |
|
How about a smartcard with bitcoin wallet? https://en.wikipedia.org/wiki/Java_Cardedit: with usb smart card reader it's quite close what you suggested |
Sync: ShiSKnx4W6zrp69YEFQyWk5TkpnfKLA8wx
Bitcoin: 17gNvfoD2FDqTfESUxNEmTukGbGVAiJhXp
Litecoin: LhbDew4s9wbV8xeNkrdFcLK5u78APSGLrR
AuroraCoin: AXVoGgYtSVkPv96JLL7CiwcyVvPxXHXRK9
|
|
|
kalleguld (OP)
Newbie
Offline
Activity: 43
Merit: 0
|
|
October 06, 2012, 06:23:11 PM |
|
Why do they need you?
Hehe, they don't. However, I have a few undisclosed ideas left. |
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 06, 2012, 06:29:03 PM |
|
You know, someone could probably build the app to do this in C, targeting Linux as the OS, using serial as the interface, and it would probably run on gobs of hardware that's already out there for nearly free. People could root their old 2nd generation iPod or whatever, and use it as a transaction verifier and be able to get into it for zero hardware cost (or pick one up on eBay).
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
cedivad
Legendary
Offline
Activity: 1176
Merit: 1001
|
|
October 06, 2012, 06:38:56 PM |
|
You know, someone could probably build the app to do this in C, targeting Linux as the OS, using serial as the interface, and it would probably run on gobs of hardware that's already out there for nearly free. People could root their old 2nd generation iPod or whatever, and use it as a transaction verifier and be able to get into it for zero hardware cost (or pick one up on eBay).
Sure, but that's a nerd thing. We are targeting grandma's here. @op, if you have nothing to offer but a cupple of ideas you better be good at organizing everything and being happy even with a little share. Good luck! |
My anger against what is wrong in the Bitcoin community is productive: Bitcointa.lk - Replace "Bitcointalk.org" with "Bitcointa.lk" in this url to see how this page looks like on a proper forum (Announcement Thread)Hashfast.org - Wiki for screwed customers |
|
|
Richy_T
Legendary
Offline
Activity: 2464
Merit: 2130
1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
|
|
October 06, 2012, 06:40:02 PM |
|
You know, someone could probably build the app to do this in C, targeting Linux as the OS, using serial as the interface, and it would probably run on gobs of hardware that's already out there for nearly free. People could root their old 2nd generation iPod or whatever, and use it as a transaction verifier and be able to get into it for zero hardware cost (or pick one up on eBay).
That's an interesting idea. I have a portable digital storage oscilloscope that appears to have been built into an mp3player hardware. Maybe work from the rockbox project. |
1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
|
|
|
|
layyen
|
|
October 06, 2012, 06:57:07 PM |
|
looks like nice, i like stuff like this.. if it will cost up to 2.5BTC i will buy it ..
|
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 06, 2012, 07:03:03 PM |
|
You know, someone could probably build the app to do this in C, targeting Linux as the OS, using serial as the interface, and it would probably run on gobs of hardware that's already out there for nearly free. People could root their old 2nd generation iPod or whatever, and use it as a transaction verifier and be able to get into it for zero hardware cost (or pick one up on eBay).
Sure, but that's a nerd thing. We are targeting grandma's here. Not exactly. The goal isn't to make it a hobby project for nerds, the goal is to get the hardware cheap. There is SO MUCH obsolete hardware that could run an application like this that people are throwing in the garbage. It would be a sustainable business model to pick some old gadget, refurbish and recycle it into a low-cost bitcoin transaction verifier, and sell it on the open market to grandma. An iPod modified to be a transaction verifier would be very grandma-friendly (if someone else does the modification, of course). |
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
kalleguld (OP)
Newbie
Offline
Activity: 43
Merit: 0
|
|
October 06, 2012, 07:21:17 PM |
|
You know, someone could probably build the app to do this in C, targeting Linux as the OS, using serial as the interface, and it would probably run on gobs of hardware that's already out there for nearly free. People could root their old 2nd generation iPod or whatever, and use it as a transaction verifier and be able to get into it for zero hardware cost (or pick one up on eBay).
Absolutely possible. The device software will certainly be written in C, and I fully expect to open-source it. The PC part of the software will also be open-sourced, and in the long run will be able to support a lot of different transaction-signers. Getting it to run on all kinds of strange hardware will be a different project. |
|
|
|
|
claire
Member
Offline
Activity: 98
Merit: 10
Capitalism rocks my world.
|
|
October 06, 2012, 07:24:28 PM |
|
I absolutely love this idea, but what if it needs an upgrade for some reason? Is it a flashable eprom? If this is the case then why not just have an external usb drive with your bitcoin data that you just unplug? If it isn't flashable then would upgrades cost money?
|
I Love Bitcoin  1A5jmQcmZamhTeHaEZvtMEpoqrH2SECcxk Phone Domination 888-221-0319 |
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 06, 2012, 07:38:25 PM |
|
You know, someone could probably build the app to do this in C, targeting Linux as the OS, using serial as the interface, and it would probably run on gobs of hardware that's already out there for nearly free. People could root their old 2nd generation iPod or whatever, and use it as a transaction verifier and be able to get into it for zero hardware cost (or pick one up on eBay).
Absolutely possible. The device software will certainly be written in C, and I fully expect to open-source it. The PC part of the software will also be open-sourced, and in the long run will be able to support a lot of different transaction-signers. Getting it to run on all kinds of strange hardware will be a different project. If your transaction signer simply assumed the existence of one standard serial port at /dev/something and was designed to call some other binary to ask user a question and get a response, then someone else could worry about the hardware by creating that other binary. |
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
|
kalleguld (OP)
Newbie
Offline
Activity: 43
Merit: 0
|
|
October 06, 2012, 08:16:54 PM |
|
I absolutely love this idea, but what if it needs an upgrade for some reason? Is it a flashable eprom? If this is the case then why not just have an external usb drive with your bitcoin data that you just unplug? If it isn't flashable then would upgrades cost money?
If you use a normal USB drive to hold your bitcoin wallet, a well-written virus could simply steal that file when you connect it. With this thing, once you put your wallet on it, you can't get it off again (so keep a paper backup). There is a chance that the bitcoin network changes some day, and that could make this product obsolete. I chose this approach because: - It's the most secure. There is no chance that you load a malicious firmware that could expose the wallet.
- It's simpler. The simpler, the lower the price. The simpler, the faster to market.
- It's a pretty low cost thing anyway, at USD 12-15. A bit cynical maybe, but if you can afford one, you can afford two.
- if the bitcoin network changes, it's quite possible that the hardware in this thing need to be replaced anyway.
|
|
|
|
|
MysteryMiner
Legendary
Offline
Activity: 1498
Merit: 1042
Death to enemies!
|
|
October 06, 2012, 08:19:58 PM |
|
OK, say you want to make a transaction. You fill out four things in the PC client: the wallet to transfer from, the amount of BTC, the destination address and the password for the wallet.
You press OK, and the transaction is sent to the device via USB for signing. The Send-To address is changed by malware to another address before being sent to hardware wallet for signing. Hardware signs the transaction. You cannot get any security on compromised computer! It is only a question how sophisticated is the malware. |
bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
|
|
|
kalleguld (OP)
Newbie
Offline
Activity: 43
Merit: 0
|
|
October 06, 2012, 08:20:32 PM |
|
I don't see how. That product is when the computer software doesn't trust the user (to have the right license). This product is for when the user can't trust the software on the computer (to do as he says). |
|
|
|
|
kalleguld (OP)
Newbie
Offline
Activity: 43
Merit: 0
|
|
October 06, 2012, 08:21:32 PM |
|
OK, say you want to make a transaction. You fill out four things in the PC client: the wallet to transfer from, the amount of BTC, the destination address and the password for the wallet.
You press OK, and the transaction is sent to the device via USB for signing. The Send-To address is changed by malware to another address before being sent to hardware wallet for signing. Hardware signs the transaction. You cannot get any security on compromised computer! It is only a question how sophisticated is the malware. That's why the destination address is displayed on the hardware display. |
|
|
|
|
|
