Hardware Bitcoin Wallet

[MysteryMiner]

OK, say you want to make a transaction. You fill out four things in the PC client: the wallet to transfer from, the amount of BTC, the destination address and the password for the wallet.
You press OK, and the transaction is sent to the device via USB for signing.

The Send-To address is changed by malware to another address before being sent to hardware wallet for signing. Hardware signs the transaction.

You cannot get any security on compromised computer! It is only a question how sophisticated is the malware.

That's why the destination address is displayed on the hardware display.

And how many people will be comparing them? We are talking about people with IQ consisting of only two digits who infect their own computers with malware and still operate them.

Generate addresses that have matching few first digits like 1dice for every starting digits and have the malware to select address with matching start digits to display on LCD.

[1714992696]

1714992696

[1714992696]

1714992696

[1714992696]

1714992696

[kalleguld]

And how many people will be comparing them? We are talking about people with IQ consisting of only two digits who infect their own computers with malware and still operate them.

Generate addresses that have matching few first digits like 1dice for every starting digits and have the malware to select address with matching start digits to display on LCD.

I can do many things, but I can't fix stupid.

[Come-from-Beyond]

OK, say you want to make a transaction. You fill out four things in the PC client: the wallet to transfer from, the amount of BTC, the destination address and the password for the wallet.
You press OK, and the transaction is sent to the device via USB for signing.

The Send-To address is changed by malware to another address before being sent to hardware wallet for signing. Hardware signs the transaction.

You cannot get any security on compromised computer! It is only a question how sophisticated is the malware.

That's why the destination address is displayed on the hardware display.

It should be pronounced for blind users.

[kalleguld]

It should be pronounced for blind users.

What about the deaf-blind? two metal handles that would shock you in Morse code?

[franky1]

no need to build a device just use a USB stick MP3 player such as
http://www.1topstore.com/en-gbp/2gb-lcd-mp3-player-usb-flash-drive-built-in-fm-radio-p8840.html and just change the firmware..

or secondly if your just trying to prevent someone from just using your pc to hack coins by requiring a USB stick to confirm payments..then just use a plain usb stick. make it so the new client wont transmit payment unless a USB stick is inserted containing the wallet or even a special file which the client references. then just dont plug it in untill u need to send payments.

or thirdly why even need a extra usb stick hanging off your keyring.. phones have bluetooth and wifi these days so transmitting a transaction does not require a USB stick insertion into a PC and if u were thinking of using it to plug into merchants POS terminal at stores. it saves risks of some savvy merchant adding a trojan to their POS terminal to clone wallets plugged in.

[MysteryMiner]

And how many people will be comparing them? We are talking about people with IQ consisting of only two digits who infect their own computers with malware and still operate them.

Generate addresses that have matching few first digits like 1dice for every starting digits and have the malware to select address with matching start digits to display on LCD.

I can do many things, but I can't fix stupid.

Many people try to do just that. Wallet encryption in original Bitcoin client is just that. How many trojan horses don't came with a keylogger?

OK, say you want to make a transaction. You fill out four things in the PC client: the wallet to transfer from, the amount of BTC, the destination address and the password for the wallet.
You press OK, and the transaction is sent to the device via USB for signing.

The Send-To address is changed by malware to another address before being sent to hardware wallet for signing. Hardware signs the transaction.

You cannot get any security on compromised computer! It is only a question how sophisticated is the malware.

That's why the destination address is displayed on the hardware display.

It should be pronounced for blind users.

What should the wallet do for retarded users? Make a USB-powered lobotomy?

[kalleguld]

no need to build a device just use a USB stick MP3 player such as
http://www.1topstore.com/en-gbp/2gb-lcd-mp3-player-usb-flash-drive-built-in-fm-radio-p8840.html and just change the firmware..

Yes, but that would be more expensive.

or secondly if your just trying to prevent someone from just using your pc to hack coins by requiring a USB stick to confirm payments..then just use a plain usb stick. make it so the new client wont transmit payment unless a USB stick is inserted containing the wallet or even a special file which the client references. then just dont plug it in untill u need to send payments.

That wouldn't work. A skilled malware writer could modify the client so the client didn't need the USB stick, or sent the money to the wrong account.

or thirdly why even need a extra usb stick hanging off your keyring.. phones have bluetooth and wifi these days so transmitting a transaction does not require a USB stick insertion into a PC and if u were thinking of using it to plug into merchants POS terminal at stores. it saves risks of some savvy merchant adding a trojan to their POS terminal to clone wallets plugged in.

First of all, this thing isn't for POS terminals. It's designed to keep you secure if your own computer gets malware.
Second, even if you inserted this into a malicious terminal, it can't extract the wallet. The device only knows a very limited set of commands: "install this wallet" and "sign his transaction", so you can't clone a wallet from it.

[camem]

So, I have an idea for a secure, cheap and easy to use "hardware wallet".

It will be a small USB stick with a display and two buttons
Expected price: USD 12-15
More info: https://bitcointalk.org/index.php?topic=115294

good idea on securing the display and not trusting the PC OS. But I think your bill of materials (BoM) cost will be closer to $12-15 - so at your potential volumes you might need to retail at more like $40-50 in order to cover your development, production, tooling, and distribution costs and make a dollar per device for yourself. Just a heads up. Also if you open source your software the only intellectual property you've got left is in adding the display to the device nicely (which usb stick providers don't do because it would make the product too expensive), so watch out for competition too...

[Come-from-Beyond]

I think your bill of materials (BoM) cost will be closer to $12-15 - so at your potential volumes you might meed to retail at more like $40-50 in order to cover your development and distribution costs and make a dollar per device for yourself. Just a heads up. Also if you open source your software the only intellectual property you've got left is in adding the display to the device nicely (which usb stick providers don't do because it would make the product too expensive), so watch out for competition too...

He can remove buttons to make it $2 cheaper. Instead of pressing NO a user can just plug the device out.

[MysteryMiner]

Why TrueCrypt does not even attempt to stop malware from compromising encrypted data? Read the TrueCrypt manuals if You don't want to listen what I say. The same with Bitcoins.

What You can do with computer malware can do too!

[cbeast]

You would really only need one button held in while the bitcoin amount goes up. Press twice and the amount goes down while held.

[Come-from-Beyond]

You would really only need one button held in while the bitcoin amount goes up. Press twice and the amount goes down while held.

A touchscreen replaces buttons.

[MysteryMiner]

You would really only need one button held in while the bitcoin amount goes up. Press twice and the amount goes down while held.

A touchscreen replaces buttons.

More expensive and awkward solution replaces cheaper solutions. And there is no need for up/down buttons as the amount is planned to be entered by software.

[legolouman]

OK, say you want to make a transaction. You fill out four things in the PC client: the wallet to transfer from, the amount of BTC, the destination address and the password for the wallet.
You press OK, and the transaction is sent to the device via USB for signing.

The Send-To address is changed by malware to another address before being sent to hardware wallet for signing. Hardware signs the transaction.

You cannot get any security on compromised computer! It is only a question how sophisticated is the malware.

I was going to say something about using a hashed protocol, however if malware is on the computer it doesn't matter. The idea here is golden, as it does not involve a computer. This is for receiving only if I understand correctly.

[MysteryMiner]

OK, say you want to make a transaction. You fill out four things in the PC client: the wallet to transfer from, the amount of BTC, the destination address and the password for the wallet.
You press OK, and the transaction is sent to the device via USB for signing.

The Send-To address is changed by malware to another address before being sent to hardware wallet for signing. Hardware signs the transaction.

You cannot get any security on compromised computer! It is only a question how sophisticated is the malware.

I was going to say something about using a hashed protocol, however if malware is on the computer it doesn't matter. The idea here is golden, as it does not involve a computer. This is for receiving only if I understand correctly.

For receiving not even electronic device is needed to generate private key and address. Or the wallet can be generated on offline computer never connected to network. You can get a old used Pentium3 class computer for as little as 8 USD just for this purpose. And it is much harder to accidentally lose an ATX-size tower and for thief also it is much more physical work to do to steal a system block instead of small dongle.

[chris200x9]

Wouldn't it be kind of difficult to enter exact amounts with only 2 buttons? Not difficult I mean tedious...

[casascius]

Here is another way to go about this:

Look on eBay for the "VeriFone VX510" credit card machine.  This machine is obsolete and consistently under 50 bucks used, and it can download software at least three ways: 1) RS232 through a win32 command-line loader 2) through its dialup modem (same protocol as RS232 loader) 3) it can copy the programming from another terminal using a crossover serial cable. 

I can compile for this platform, and it also has a printer so it can spit out e.g. paper wallets and transaction logs.  I have already demonstrated the printer can print QR codes.

These things have tiny amounts of memory... if someone had written the verification code in C where its dependencies were minimal (e.g. relevant crypto code clipped out of openssl so it didn't depend on any external libs, and of course it can and should talk to a serial port) I could easily compile for this thing.

[kalleguld]

Wouldn't it be kind of difficult to enter exact amounts with only 2 buttons? Not difficult I mean tedious...

You don't need to enter any amount on this thing, you enter it on the PC.

OK, say you want to make a transaction. You fill out four things in the PC client: the wallet to transfer from, the amount of BTC, the destination address and the password for the wallet.
You press OK, and the transaction is sent to the device via USB for signing. On the device you see the amount, wallet and destination, and you press the OK button. The device sends the signed transaction back to the PC, and the PC client publishes the transaction on the 'net.

[kalleguld]

Here is another way to go about this:

Look on eBay for the "VeriFone VX510" credit card machine.  This machine is obsolete and consistently under 50 bucks used, and it can download software at least three ways: 1) RS232 through a win32 command-line loader 2) through its dialup modem (same protocol as RS232 loader) 3) it can copy the programming from another terminal using a crossover serial cable. 

I can compile for this platform, and it also has a printer so it can spit out e.g. paper wallets and transaction logs.  I have already demonstrated the printer can print QR codes.

These things have tiny amounts of memory... if someone had written the verification code in C where its dependencies were minimal (e.g. relevant crypto code clipped out of openssl so it didn't depend on any external libs, and of course it can and should talk to a serial port) I could easily compile for this thing.

No need for an entire credit card machine. And $50 is way more than this thing costs.

Also, the thing about this machine is it's supposed to be easy. No need for rs232, command lines or reflashing old hardware. If you want to install the software on a credit card machine, be my guest, it's just not where I'm headed.

[chris200x9]

Wouldn't it be kind of difficult to enter exact amounts with only 2 buttons? Not difficult I mean tedious...

You don't need to enter any amount on this thing, you enter it on the PC.

OK, say you want to make a transaction. You fill out four things in the PC client: the wallet to transfer from, the amount of BTC, the destination address and the password for the wallet.
You press OK, and the transaction is sent to the device via USB for signing. On the device you see the amount, wallet and destination, and you press the OK button. The device sends the signed transaction back to the PC, and the PC client publishes the transaction on the 'net.

So you need a client on your PC to communicate with it, i.e send the ammount? Isn't this then just basically keeping your wallet on a USB drive?

Why do you need the buttons or a screen?

I'm confused.