Hardware wallet system with instant payment confirmations

[Finski]

Hi,

I don't know if this has been proposed earlier but I've been playing around with this idea for quite some time now and decided to post it here after seeing the TREZOR ad.

Basically the idea is a hardware wallet that holds your private keys and does transaction signing pretty much like the TREZOR does BUT with support for instant payments without the need of compromising your bitcoin sovereignity to any 3rd party. The problem regarding the TREZOR wallet in normal commerce is that the payee cannot be 100% sure that there's no attempt of double spending the bitcoins etc. so accepting the payment cannot be instant. OTOH with online wallets which are able to provide instant payment confirmations both the payer and payee will have to trust a 3rd party holding his/her bitcoins.

The HW wallet I'm proposing would consist of a hardware wallet that has a built-in "cool off time" (say 60 minutes or so to avoid double spending) after each transaction. During this cool off time no further transactions could be made with the hardware wallet. Additionally the manufacturer of the hardware wallet would provide a balance management database: if the user wants to avoid the 60 minute cool off time he/she/payee has to send the transaction to the online database and the database will then respond with a transaction specific unlock message (digitally signed using asymmetric encryption) which will revoke the built-in cool off time of the HW wallet and further transactions can be made immediately there after. This way the payee can either inquire the online database or check the validity of the signature of the unlock message and be certain of whether the payer had enough balance to complete the transaction and whether the transaction was valid: if everything is OK the payee can instantly be sure that he/she will receive the bitcoins and accept the transaction.

This way the owner of the HW wallet can use his/her bitcoin independent of any third party if need be and regular commerce is made possible at the same time with practically instant payment confirmation. The proposed HW would have to be secure enough that the private keys could be trusted to exists only within the HW key (and optionally as a paper back up with the manufacturer). Trust from the payee's side is required in the manufacturer of the HW key and the online database but IMHO the risks involved here are inherently smaller than with online wallet systems.

What do you think? Is something like this already in the works?

-Finski

EDIT: Turned out that the cool off time was an unnecessary and flawed idea. The HW wallet should instead synchronize any unconfirmed transactions with the database whenever connected to the internet (i.e. before making a new database synchronized transaction). This way any payee with internet connection can instantly be sure that the transaction is valid without regard to how any previous transaction was made. Offline payments are still possible but the payee cannot check the validity of the transaction until going online. This can be viewed as pretty much analogous with online/offline debit/credit card payments.

[1715367760]

1715367760

[1715367760]

1715367760

[1715367760]

1715367760

[1715367760]

1715367760

[1715367760]

1715367760

[greyhawk]

So I go to the newsvendor and get the paper, but then I can't get a coffee next door, because I'm on cooldown?

[Finski]

So I go to the newsvendor and get the paper, but then I can't get a coffee next door, because I'm on cooldown?

Sure you can if the payee supports sending the transaction to the balance management database. The database will respond with a confirmation (digitally signed) which will then revoke the cool off time. The cool off time is there only to make sure that the database is up to date (regarding usable balance) even if the payee doesn't support sending the signed transaction to the database for confirmation...

[escrow.ms]

Instead of cooloff time, it can show a warning to user or it should confirm from user whenever he tries to send money.

[greyhawk]

So I go to the newsvendor and get the paper, but then I can't get a coffee next door, because I'm on cooldown?

Sure you can if the payee supports sending the transaction to the balance management database. The database will respond with a confirmation (digitally signed) which will then revoke the cool off time. The cool off time is there only to make sure that the database is up to date even if the payee doesn't support sending the signed transaction to the database for confirmation...

What if my newsvendor is out in his shitty little kiosk in the street? Cause newsvendors usually are.

[Finski]

Instead of cooloff time, it can show a warning to user or it should confirm from user whenever he tries to send money.

Yes, actually now that I come to think of it there's no real need for the cool off time: whenever the key is about to make a database synchronized transaction it can also confirm any older transaction with the database before signing a new transaction.....

Thanks....

[Finski]

So I go to the newsvendor and get the paper, but then I can't get a coffee next door, because I'm on cooldown?

Sure you can if the payee supports sending the transaction to the balance management database. The database will respond with a confirmation (digitally signed) which will then revoke the cool off time. The cool off time is there only to make sure that the database is up to date even if the payee doesn't support sending the signed transaction to the database for confirmation...

What if my newsvendor is out in his shitty little kiosk in the street? Cause newsvendors usually are.

Think of this as an equivalent for a debit/credit card; you'll need internet access for instant confirmation. :/ But the HW wallet could be connected to the internet, for example, through your phone using Bluetooth.

EDIT: .. And like I wrote above the cool off time was actually a flawed idea and unnecessary. But you can still make the transaction without connection to the database, however, but the payee cannot be sure of receiving the payment until he/she has the bitcoins just like with offline credit card payments.

[ranlo]

So I go to the newsvendor and get the paper, but then I can't get a coffee next door, because I'm on cooldown?

Sure you can if the payee supports sending the transaction to the balance management database. The database will respond with a confirmation (digitally signed) which will then revoke the cool off time. The cool off time is there only to make sure that the database is up to date even if the payee doesn't support sending the signed transaction to the database for confirmation...

What if my newsvendor is out in his shitty little kiosk in the street? Cause newsvendors usually are.

Think of this as an equivalent for a debit/credit card; you'll need internet access for instant confirmation. :/ But the HW wallet could be connected to the internet, for example, through your phone using Bluetooth.

It could also just be GSM (I think is the acronym for what phones use?) enabled. This would allow usage pretty much anywhere.

[Finski]

So I go to the newsvendor and get the paper, but then I can't get a coffee next door, because I'm on cooldown?

Sure you can if the payee supports sending the transaction to the balance management database. The database will respond with a confirmation (digitally signed) which will then revoke the cool off time. The cool off time is there only to make sure that the database is up to date even if the payee doesn't support sending the signed transaction to the database for confirmation...

What if my newsvendor is out in his shitty little kiosk in the street? Cause newsvendors usually are.

Think of this as an equivalent for a debit/credit card; you'll need internet access for instant confirmation. :/ But the HW wallet could be connected to the internet, for example, through your phone using Bluetooth.

It could also just be GSM (I think is the acronym for what phones use?) enabled. This would allow usage pretty much anywhere.

That's a valid possibility.. Usage offline is possible too (like with the TREZOR), of course, but then it's just like any other bitcoin transaction; the payee's not safe until the transaction is in the block chain.

[ranlo]

So I go to the newsvendor and get the paper, but then I can't get a coffee next door, because I'm on cooldown?

Sure you can if the payee supports sending the transaction to the balance management database. The database will respond with a confirmation (digitally signed) which will then revoke the cool off time. The cool off time is there only to make sure that the database is up to date even if the payee doesn't support sending the signed transaction to the database for confirmation...

What if my newsvendor is out in his shitty little kiosk in the street? Cause newsvendors usually are.

Think of this as an equivalent for a debit/credit card; you'll need internet access for instant confirmation. :/ But the HW wallet could be connected to the internet, for example, through your phone using Bluetooth.

It could also just be GSM (I think is the acronym for what phones use?) enabled. This would allow usage pretty much anywhere.

That's a valid possibility.. Usage offline is possible too (like with the TREZOR), of course, but then it's just like any other bitcoin transaction; the payee's not safe until the transaction is in the block chain.

Yeah, I'd be wary of any offline-only system just because you have no idea whether or not it's actually valid. Could be someone that is going from person to person claiming they have x amount, then "transferring" and you wouldn't know until later.