[ESHOP launched] Trezor: Bitcoin hardware wallet

[Mushroomized]

Subbin

(I was trying something similar with my raspi  )

[hazek]

Even with those theoretical attacks, real safety of such wallet is much higher than any existing solution.

No such thing as perfect security anyway. All there is are tradeoffs, you gain a bit of security but you lose convenience, you lose a bit of security but you gain a bit of convenience, finding the right balance for the right kind of circumstance is what is important.

I think this project is badly needed and I wish you success!

[sebicas]

Love the idea!! Please sign me up for one!
Have you thought in adding the project to http://www.kickstarter.com?
I will support it if you do...

[niko]

Edit: I'm adding a link to my earlier post about how to strenghten an USB-powered device against side-channel attacks. I know that your chip of choice lacks NEON, but please read it to the end.

Afaik these attacks are more teoretical than in daily use. I'm not saying that it is impossible to get seed with unrestricted physical access to the wallet and good laboratory equipment. But still wallet owner have enough time to send his coins outside the seed.

How does the owner send funds outside of seed if the device has been stolen?

[slush]

How does the owner send funds outside of seed if the device has been stolen?

Device ask him to write down the seed from the display during device initialization. So user have to write it to piece of paper and lock it on safe place for the case of theft or corrupted device.

[waspoza]

Love the idea!! Please sign me up for one!
Have you thought in adding the project to http://www.kickstarter.com?
I will support it if you do...

Maybe instead kickstarter use http://www.bitcoinstarter.com/ ?

[fellowtraveler]

Very exciting!

I am interested in this for OT. What can you tell us about the platform, OS, RAM, etc? I would like to make sure OT is able to run on your device.

[evoorhees]

I want one immediately.

[slush]

I am interested in this for OT. What can you tell us about the platform, OS, RAM, etc? I would like to make sure OT is able to run on your device.

There will be two different devices - one for DYI hackers, built on Raspberry Pi and second on custom hardware.

You can install anything you want on that RPi device (although it won't be recommended for security reasons!). Second device will be running custom software directly on 70MHz processor without any operating system, with built-in 128kB flash ROM...

[niko]

I am interested in this for OT. What can you tell us about the platform, OS, RAM, etc? I would like to make sure OT is able to run on your device.

There will be two different devices - one for DYI hackers, built on Raspberry Pi and second on custom hardware.

You can install anything you want on that RPi device (although it won't be recommended for security reasons!). Second device will be running custom software directly on 70MHz processor without any operating system, with built-in 128kB flash ROM...

How about hardening the device against side-channel attacks by organizing a hackaton following the beta release? Could be part of some Bitcoin conference if timing is right.

[slush]

How about hardening the device against side-channel attacks by organizing a hackaton following the beta release? Could be part of some Bitcoin conference if timing is right.

Well, both software and hardware design will be opensource, so everybody interested in peer review is welcome. We're already in touch with one security group which will potentially make professional security review of the design.

[jtibble]

If it's going to be open-source, I'd like to help with UIX for the device.

[finway]

You should make it pluggable to iPhone,
like this:

[fabrizziop]

Any estimated price?. And, would it be payable in Bitcoins?

[slush]

You should make it pluggable to iPhone,

We discussed that option with audio jack heavily and we rejected the idea for now. By a coincidence stick has some experience with this interface. The reason for "not now" is that we don't want to focus just for Apple devices and it is really hard to implement audio interface correctly for wide range of Andoid devices because of significant differences in specifications between various Andoid phones manufacturers.

So our primary target is to finalize first product which will talk to desktop machines over the USB and if the product will be succesful, then continue with alternative solutions like this.

[slush]

Any estimated price?

Not yet, we're still evaluating final platform and the design of the casing, which can move final price in tens of percents in both direction. And I don't want to give you false promises...

And, would it be payable in Bitcoins?

Definitely yes!

[cbeast]

Very nice project. Let's see if we can get PG to design a leather carry case for this nifty wallet.

[Uglux]

Can I preorder please?

[DoomDumas]

Very nice, love that project !

Well tought, seems to me that this project have real good chance to become a widely sold/used product !

Congratulations   Keep up the good work, I'll enjoy reading developpement about it

I've no usable knowledge to help, but if any funds needed for a mass production startup, I'll sure participate in raising funds !


Slush, AFAIK, you made the first mining pool, I'm confident you and the community that help you will manage to acheive successfully this nice project !

Long live to everybody participating to this

[caveden]

First of all, my sincere congratulations for the initiative!

* No need for periodic backups, writing down the seed to paper during the device initialization will be enough forever
...
* Possibility to do paper-backup of private keys only once during wallet initialization

I'm really not a big fan of paper backups. There are so many ways paper could be destroyed/lost, and there's no way to encrypt paper and send it safely to remote backup servers distributed all over the globe. Plus, if you consider an attacker gaining physical access to the device, you should consider him getting physical access to the paper backup too.

I'd strongly suggest an alternative: allow the user to type a passphrase during initialization. Use this passphrase to encrypt the seed and save only the encrypted copy outside the device via USB. Obviously, instruct the user to use a strong passphrase and to back up the file as much as he can.

I realize that I can scan the paper backup, encrypt it and do it myself. But then again, I would need a safe device just for this task...

* Impossibility to obtain private keys from the device in a case of theft
* Impossibility to re-flash the device with malicious code

Cool. These are important features. But honestly, a thief willing to physically steal the device will likely not even bother hacking it, he'll just perform a $5 wrench attack (or variant) and get the money.
The only potential protection I can think of against $5 wrench attacks is plausible deniability (hidden volumes) - and even that will not protect you if the attacker knows how much money you've got.

By the way, "plausible deniability" may also translate to "multiuser". Each wallet user may have a different password (plus a few "fake users" just for the thieves ), which would represent a different hidden volume in the device. This way, a family for example could share the same device, with each family member having its own wallet. I think you should consider implementing this, not only for security reasons, but also for this nice safe multiuser feature.

I want one immediately.

Me too!

I am interested in this for OT. What can you tell us about the platform, OS, RAM, etc? I would like to make sure OT is able to run on your device.

That could be quite cool too! Particularly if you could easily run an OT-server in it. If I understand OT correctly, you may have multiple servers and exchange tokens from different servers, can't you? This way each asset issuer could easily have their own safe servers, even those issuers which are not tech savvy people. But something tells me that you cannot have a server in the device while preserving its strong security constraints... a server would likely need to be upgraded frequently, I suppose. Even still, it'd be safer than using a generic computer.