Bitcoin Forum
December 01, 2022, 05:04:30 PM *
News: Reminder: do not keep your money in online accounts
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: Firmcoins - A new kind of Bitcoin physical bill ready for off-line transactions  (Read 11288 times)
ct1aic
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


Are ฿itcoins Radioactive?


View Profile WWW
July 09, 2013, 10:19:53 AM
 #21

Hi everybody!


I'd like to present my latest innovative hardware project.
It's called Firmcoin. Check http://FirmCoin.com

...

Best regards,
  Sergio.
  Part of the Firmcoin team.

(please note the image is not the actual prototype, it is photoshoped).
Congratulations for the idea, Sergio! I hope to have the possibility of buying those lovely Gizmos...

Best regards.

Rui Costa, PortugalBTC : 1ct1aicGoUVpZeovsw3cCcPJZJHV5JXtW
1669914270
Hero Member
*
Offline Offline

Posts: 1669914270

View Profile Personal Message (Offline)

Ignore
1669914270
Reply with quote  #2

1669914270
Report to moderator
1669914270
Hero Member
*
Offline Offline

Posts: 1669914270

View Profile Personal Message (Offline)

Ignore
1669914270
Reply with quote  #2

1669914270
Report to moderator
1669914270
Hero Member
*
Offline Offline

Posts: 1669914270

View Profile Personal Message (Offline)

Ignore
1669914270
Reply with quote  #2

1669914270
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
TierNolan
Legendary
*
Offline Offline

Activity: 1232
Merit: 1014


View Profile
July 09, 2013, 10:32:16 AM
 #22

For a first security level, none of them have to be online. If you trust the manufacturer (us) then you can trust a firmcoin has coins. You query the firmcoin with a NFC-enabled smartphone and it will tell you if it has coins or not. Another version we're building has a LED that flashes when it has coins when you touch it.

That is pretty cool. 

It says 1BTC on it, so does that mean the intention is for them to be fixed denominations?

1LxbG5cKXzTwZg9mjL3gaRE835uNQEteWF
Boussac
Legendary
*
Offline Offline

Activity: 1220
Merit: 1015


e-ducat.fr


View Profile WWW
July 09, 2013, 12:31:31 PM
 #23

From your Why? page, I found
Quote
Firmcoins can proof to you they are holding a certain private key, without revealing it. Smartcards cannot.
Firmcoins have two capacitive confirmation buttons, where most smartcards do not offer an input interface.
I am at a loss to figure out what makes Firmcoins special compared to smart cards (whether they are NFC enabled or not).
If a private key is stored in a smart card, the card can read a message and return a signature, thus proving it holds the key to a given address.
Also, smart card prototypes with input buttons have been displayed by smart card manufacturers, right ?

TierNolan
Legendary
*
Offline Offline

Activity: 1232
Merit: 1014


View Profile
July 09, 2013, 12:44:19 PM
 #24

I am at a loss to figure out what makes Firmcoins special compared to smart cards (whether they are NFC enabled or not).
If a private key is stored in a smart card, the card can read a message and return a signature, thus proving it holds the key to a given address.
Also, smart card prototypes with input buttons have been displayed by smart card manufacturers, right ?

I assume that firm coins have a private key (of the "firm") embedded in them.  The card would first prove it is a valid firmcoin card.

1LxbG5cKXzTwZg9mjL3gaRE835uNQEteWF
Sergio_Demian_Lerner (OP)
Hero Member
*****
expert
Offline Offline

Activity: 549
Merit: 588


View Profile WWW
July 09, 2013, 03:50:34 PM
 #25


That is pretty cool. 

It says 1BTC on it, so does that mean the intention is for them to be fixed denominations?

We have two models: one (the cheapest) has fixed denominations. The other has a display that shows the Firmcoin balance.
Sergio_Demian_Lerner (OP)
Hero Member
*****
expert
Offline Offline

Activity: 549
Merit: 588


View Profile WWW
July 09, 2013, 04:00:49 PM
 #26

I am at a loss to figure out what makes Firmcoins special compared to smart cards (whether they are NFC enabled or not).
They are similar in many things, specially in tamper-proof measures.

If a private key is stored in a smart card, the card can read a message and return a signature, thus proving it holds the key to a given address.
Yes but a Smartcard will sign anything you ask it for, for example, a transaction, so it will happily loose its funds.
A Fiirmcoin will also sign anything you want, but it will immediately enter the "empty" state.
A Firmcoin will sign special messages that cannot be transactions, to prove the possession of the private key.


Also, smart card prototypes with input buttons have been displayed by smart card manufacturers, right ?
Yes.

Sergio.
2_Thumbs_Up
Sr. Member
****
Offline Offline

Activity: 323
Merit: 251


View Profile
July 10, 2013, 06:41:40 PM
Last edit: July 10, 2013, 06:58:00 PM by 2_Thumbs_Up
 #27

Excellent.

I've pretty much had thoughts about this exact product, only lacking the technical know-how to actually create it.

First thought, how secure is the key generation in this? I'm thinking partly about the generation algorithm (deterministic? random?), but also on what kind of guarantees customers have that you aren't saving all your keys somewhere.

Second thought, you could make these cards even more trust-free by using 2-of-2 transactions, where one key is generated by the card and the other is generated by the customer's own device. Thus, when I recieve a card I generate a key by myself and give it to the card and therefore know that you can't steal my funds. If I give the card to someone else as payment he knows I can't steal the funds since I don't have access to the key generated by the card.

Is there any clever protection against fooling the card making it think it has funds when it doesn't? The card would have to rely on data from your own device, so how come you can't just create a new key and tell the card it's funded?

Edit: All the bolded was answered to satisfaction by simply reading your FAQ.  Smiley

Only one of my questions remains then. What is the life expectancy of these cards and how durable are they?
Sergio_Demian_Lerner (OP)
Hero Member
*****
expert
Offline Offline

Activity: 549
Merit: 588


View Profile WWW
July 11, 2013, 10:20:30 PM
Last edit: July 14, 2013, 12:30:30 PM by Sergio_Demian_Lerner
 #28

Excellent.
Thanks!

First thought, how secure is the key generation in this? I'm thinking partly about the generation algorithm (deterministic? random?), but also on what kind of guarantees customers have that you aren't saving all your keys somewhere.

The process involves using both a hardware random generator and a firmware random pool. But most important, the process is a two-party computation where the hardware cannot force a certain key-pair, not generate key-pairs with any probability distribution other than uniform random.
Regarding saving the keys somewhere, there is no problem with saving these keys. Whenever you decide to extract the funds from a Firmcoin, you should also transfer the funds to another Bitcoin address.
Nevertheless, the Firmcoin will wipe the keys from memory and it can prove (yes it can) that the keys have been erased.
The way it is proved is by a method I created that is called "practical compressibility".  Basically the device will fill its memory with some incompressible data and then send you a hash of this data in reverse order, proving that there is no free memory left that can hold a private key.

Second thought, you could make these cards even more trust-free by using 2-of-2 transactions, where one key is generated by the card and the other is generated by the customer's own device. Thus, when I receive a card I generate a key by myself and give it to the card and therefore know that you can't steal my funds. If I give the card to someone else as payment he knows I can't steal the funds since I don't have access to the key generated by the card.

Yes, I've already discussed this setting somewhere in the bitcointalk forum (here https://bitcointalk.org/index.php?topic=232787.msg2463058#msg2463058)

Is there any clever protection against fooling the card making it think it has funds when it doesn't? The card would have to rely on data from your own device, so how come you can't just create a new key and tell the card it's funded?

First you don't create the key: the Firmcoin creates the key.

To fund the Firmcoin you either give it a block-chain-branch which proves that the funds were transferred to the Firmcoin or you get a certificate from one or more Certificate "authorities" that prove that the address is funded. If many people trust you, you can become your own CA for Firmcoin funds.
Both methods can even coexist, because the Firmcoin remembers the certifications it has.

Edit: All the bolded was answered to satisfaction by simply reading your FAQ.  Smiley
So why didn't you write this line BEFORE the questions so didn't have to answered all your questions!! :-)

Only one of my questions remains then. What is the life expectancy of these cards and how durable are they?

I owe you an more technical answer to this question, but there are many usage factors we still don't know.
The product durability is affected by both physical and usage patterns (that affects the number of FLASH/EPROM write cycles).
The physical properties are very good, since there are no holes, nor connectors and all the prints are inside the package.

My rough estimation is that a Firmcoin can last more than 10 years funded and more than 50 years if the Firmcoin is empty or you don't care if the funds are lost afterwards. We could add the Firmcoin a procedure to "refresh" the memory, so if you execute this function every 5 years, you could have the same funds stored for 50 years. But I'm almost sure that the Bitcoin protocol will change in the following 50 years so you will probably need to do something with your wallet and coins (probably change the signing scheme) before the Firmcoin will wear out.
If the Firmcoin is reloaded every day, it will reach the maximum write-cycles in 270 years.


Best regards,
 Sergio.
Greydon Isis
Newbie
*
Offline Offline

Activity: 14
Merit: 0



View Profile WWW
July 13, 2013, 03:51:09 PM
 #29

so how do you flash check the chip to verify that it is not been corrupted or 2x spent~~~many thanks
peonminer
Hero Member
*****
Offline Offline

Activity: 770
Merit: 531


Crypto is King.


View Profile
July 13, 2013, 11:39:41 PM
 #30

How to order?
Sergio_Demian_Lerner (OP)
Hero Member
*****
expert
Offline Offline

Activity: 549
Merit: 588


View Profile WWW
July 14, 2013, 12:54:55 PM
 #31

so how do you flash check the chip to verify that it is not been corrupted or 2x spent~~~many thanks
All info is in the FAQ (http://firmcoin.com/?page_id=29)

The idea is that the device is tamper-evident, and the private key is chosen by the Firmcoin and stored in tamper-proof memory.
If someone has violated the security of the device, the payee will know.
 
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1004


View Profile
August 15, 2013, 05:41:59 PM
 #32

What is the purpose of the hologram sticker?

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


Sergio_Demian_Lerner (OP)
Hero Member
*****
expert
Offline Offline

Activity: 549
Merit: 588


View Profile WWW
August 16, 2013, 11:08:55 AM
 #33

What is the purpose of the hologram sticker?

Add still another layer of physical security.  It's a measure to deter counterfeiting, but REALLY it does not buy much additional security as I suppose that holograms can be reverse-engineered and cracked.
peonminer
Hero Member
*****
Offline Offline

Activity: 770
Merit: 531


Crypto is King.


View Profile
August 17, 2013, 08:02:31 PM
 #34

I know you guys are going to extreme lengths to keep people from 'cracking' these. I do apologize in advance, but hackers and crackers WILL break into and or intercept information from the device. The length of how far they can go, I am not sure. It is INEVITABLE though. I think if people can crack software and hardware that took multi-million and billion dollar companies years to create, then someone with enough time and knowledge or exploration factor will be able to do something you're not supposed to with a firmcoin. I still want one Smiley

HOW TO ORDER??? /When??
Sergio_Demian_Lerner (OP)
Hero Member
*****
expert
Offline Offline

Activity: 549
Merit: 588


View Profile WWW
August 18, 2013, 02:40:07 PM
 #35

I know you guys are going to extreme lengths to keep people from 'cracking' these. I do apologize in advance, but hackers and crackers WILL break into and or intercept information from the device. The length of how far they can go, I am not sure. It is INEVITABLE though. I think if people can crack software and hardware that took multi-million and billion dollar companies years to create, then someone with enough time and knowledge or exploration factor will be able to do something you're not supposed to with a firmcoin. I still want one Smiley

Firmcoins are not completely hack-proof nor any device I know of. With enough money it's possible to crack anything.

Was is important is that Firmcoins are designed so that cracking a single Firmcoin does not give the attacker a significant advantage for cracking the next one.  We've put a lot attention to protect the Firmcoin from software bugs, which could be exploited from the outside world without physically compromising the device.

There is no global key, nor shared symmetric secret that you can extract from a Firmcoin, to use in another Firmcoin. Almost everything that's inside the Firmcoin, you can extract by just asking the device for it.

So if a Firmcoin holds 1 BTC, and cracking a Firmcoin costs 100 BTC, then there is no incentive on cracking it for money. I even expect that a university will crack one some day, and that won't affect the security of Firmcoins as a means to make low to medium valued payments (e.g. less or equal to 100 USD per Firmcoin). The same is true for bank notes (and that's why there are no 1M USD banknotes)

If you want to pay more, you're probably in a a context where you're online and you can just make a normal Bitcoin transaction.

The key property of a Firmcoin is not tamper-proof, but tamper-evidence.
haightst
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
October 31, 2013, 05:29:20 PM
 #36

I know you guys are going to extreme lengths to keep people from 'cracking' these. I do apologize in advance, but hackers and crackers WILL break into and or intercept information from the device. The length of how far they can go, I am not sure. It is INEVITABLE though. I think if people can crack software and hardware that took multi-million and billion dollar companies years to create, then someone with enough time and knowledge or exploration factor will be able to do something you're not supposed to with a firmcoin. I still want one Smiley

Firmcoins are not completely hack-proof nor any device I know of. With enough money it's possible to crack anything.

Was is important is that Firmcoins are designed so that cracking a single Firmcoin does not give the attacker a significant advantage for cracking the next one.  We've put a lot attention to protect the Firmcoin from software bugs, which could be exploited from the outside world without physically compromising the device.

There is no global key, nor shared symmetric secret that you can extract from a Firmcoin, to use in another Firmcoin. Almost everything that's inside the Firmcoin, you can extract by just asking the device for it.

So if a Firmcoin holds 1 BTC, and cracking a Firmcoin costs 100 BTC, then there is no incentive on cracking it for money. I even expect that a university will crack one some day, and that won't affect the security of Firmcoins as a means to make low to medium valued payments (e.g. less or equal to 100 USD per Firmcoin). The same is true for bank notes (and that's why there are no 1M USD banknotes)

If you want to pay more, you're probably in a a context where you're online and you can just make a normal Bitcoin transaction.

The key property of a Firmcoin is not tamper-proof, but tamper-evidence.


howsit going with ja firmcoins project? We'd love to integrate these into my forthcoming media/not for profit projects!  Cool x10 many thanks!
No_2
Hero Member
*****
Offline Offline

Activity: 893
Merit: 1026


BTC: the beginning of stake-based public resources


View Profile
September 05, 2017, 06:49:03 PM
 #37

Did this progress any further. Am keen to find out more about what happened to the project.
Sergio_Demian_Lerner (OP)
Hero Member
*****
expert
Offline Offline

Activity: 549
Merit: 588


View Profile WWW
September 07, 2017, 10:05:54 PM
 #38

After some firmcoin prototypes were created, a new company was built to create firmcoins en masse at low costs. The new design was called Digibill and the company behind it was called Doosra.

Sadly, due to different conflicting visions on how the project should grow, the founding team split and the project was abandoned.

It will someday make a comeback, because it's super cool.
The most similar project is Opendime (opendime.com).
BenOnceAgain
Member
**
Offline Offline

Activity: 208
Merit: 84

🌐 www.btric.org 🌐


View Profile WWW
September 07, 2017, 10:20:33 PM
 #39

It will someday make a comeback, because it's super cool.
The most similar project is Opendime (opendime.com).

I certainly hope it does make a comeback, it sounds awesome!  These are the type of innovations needed to bring BTC to the masses.

Dream it. Plan it. Build it.
Need help with your project? [MY WEBSITE] | [MY COMPANY] | [BLOG] | [TWITTER] | [LINKEDIN] | [EMAIL]
Want to help support the blockchain charity I'm building? [LEARN ABOUT BTRIC] | [DONATE] | [TWITTER] | [EMAIL]
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!