[NOW AVAILABLE] BTChip / Ledger HW1 : Bitcoin Hardware Wallet in a USB smartcard

[crazy_rabbit]

I'm still waiting on when I can redeem my 0.1 BTC chips!

[1714750232]

1714750232

[1714750232]

1714750232

[1714750232]

1714750232

[1714750232]

1714750232

[btchip]

I'm still waiting on when I can redeem my 0.1 BTC chips!

oh ok, then I think I should have been a bit more clear with what what distributed, sorry - the printed amount was mostly to show what could be done with the product - none of the chips contained anything else that the (now outdated) code.

[btchip]

A sample desktop video of an integration in KryptoKit : http://www.hardwarewallet.com/video.html (webm, so Chrome only ... just like KryptoKit  )

This shows a bit better how the second factor works

[apetersson]

A sample desktop video of an integration in KryptoKit : http://www.hardwarewallet.com/video.html (webm, so Chrome only ... just like KryptoKit  )

This shows a bit better how the second factor works

how exactly did you obtain the pin that you had to enter later?

[btchip]

A sample desktop video of an integration in KryptoKit : http://www.hardwarewallet.com/video.html (webm, so Chrome only ... just like KryptoKit  )

This shows a bit better how the second factor works

how exactly did you obtain the pin that you had to enter later?

and that's the interesting question

it's obtained by removing and inserting the dongle again, which could not be shown just by recording the desktop. It then re-enumerate as a HID keyboard and types the transaction summary + unique transaction PIN (to be done on the same computer or on a different device supporting HID keyboard depending how confident/paranoid you feel  )

[Cactusizer]

Good job.

[jonasbits]

This looks very good,

would it be possible to prepare a "emergency" transaction where the funds is sent to a cold storage paper wallet?

In case your Btchip is lost or stolen, you could have multiple ways to send this "emergency" transaction. On small problem is that this needs to be done every time you move coins in or out of your wallet.

[btchip]

This looks very good,

would it be possible to prepare a "emergency" transaction where the funds is sent to a cold storage paper wallet?

In case your Btchip is lost or stolen, you could have multiple ways to send this "emergency" transaction. On small problem is that this needs to be done every time you move coins in or out of your wallet.

The good thing is that thanks to HD Wallets, you can do that off card - in case it's lost, you can enter your seed into a client that'll iterate through all indexes of the wallet up to a given number, check the balances of all addresses against the blockchain, then prepare the transaction.

[FlappySocks]

Any news? 

[btchip]

Any news?  

Yes, an upcoming firmware update in a few days adding most of the missing features, C test code, and new APIs for multisignature and prepaid cards as we're discussing distribution deals with a few exchanges / marketplaces, right for the opening of "La Maison du Bitcoin" (a new physical french hub for bitcoin startups) and Bitcoin 2014 (where I'll be on the Prismicide booth, BTChip being used as a prototype of that card)

Getting closer to the commercial launch, for real this time you'll still be able to grab a few samples at the conference though

[FlappySocks]

Could the btchip be used like the Yubikey for web site 2fa?  If so, I think this would give additional value to my own customers.

[btchip]

Yes, you could do something closer to Fido than OATH (so better, IMHO) with BitID as the new version supports message signing.

It requires installing a browser extension though - it's not designed to just type OTPs (we have another unrelated product doing that)

[spring.yu]

Is it possible to use two different keys in such a way that either of those keys could sign?
Just for the single key failover case / redundancy.
Hope it would act like duplicate door keys..

yes, as long as two chips share the same context (triple DES) keys, they can be exchanged.

If so , did it safe?

[Search]

the same concern

[btchip]

the same bot ?

aside from necroreplying, updated specifications for 1.4.4 have been published, as well as C APIs

[btchip]

Added C API documentation and multisignature samples on https://github.com/btchip/btchip-c-api

[btchip]

Video how to http://youtu.be/jXigX_IyruQ - thanks Fred

[btchip]

Install video http://youtu.be/KaC74ULmfOI

Update how-to video http://youtu.be/iVdovocPbgA

[doof]

[Peter R]

Cool project!

I am new to this thread, so please excuse me if I'm slow but I want to make sure I understand the basic idea behind BTChip:

1. The smartcard stores a "context key" that is only known by the smartcard.

2. The smartcard can:
   a. read a cleartext private key, and return the cleartext public key and the "context key"-encrypted private key;
   b. generate a new keypair internally, and return the cleartext public key and the "context key"-encrypted private key;

3. The smartcard can also:
   a. decrypt a "context key"-encrypted private key (from the user) and use that to sign a hash (also from the user)
   b. verify an ECDSA signature.

I know there is a lot of advanced functionality, but did I get that right?  This has applications (like you point out) such as signing bitcoin transactions on a local machine in such a way that the private key decryption and hash signing is done "offline."  Another application is to produce signatures at brick-and-mortar stores to authorize certain transactions (assuming the merchant could determine a valid cyphertext private key).


I have a few questions:

You mentioned using the ST23YT66 secure smartcard microcontroller.  Was this chosen instead of a regular microcontroller so that you could take advantage of the security provisions, cryptographic primitives and user identification methods without having to write your own?  

You mentioned that "the smartcard wallet implementations will rely on GlobalPlatform concepts to define how keys are inserted into the card, authenticate the user to validate access rights to access specific keys, optionally authenticate the card responses."  Is this basically ISO/IEC 7816?  I can understand adhering up to ISO/IEC 7816-4 (ADPUs) and in your case ISO/IEC 7816-12 (USB), but since a custom reader application will always be required, is there a need to adhere to any other sections?  

Basically, I am wondering if it would be possible to start with something like an ARMCore MCU, write firmware to support up to ISO/IEC 7816-4 (APDUs), add whatever cryptographic operations you need to Trezor-Crypto, and then define your own spec for "how keys are inserted into the card, authenticate the user to validate access rights to access specific keys, etc."  This would allow everything to be open-sourced too, if that was your desire.  At the same time, I think you'd still be compatible with the majority of smart-card readers currently deployed in the field (as they'd need an update to their application software anyways to interface with BTChip).