Bitcoin Forum
December 14, 2017, 04:51:13 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Project OtherCoin - off-chain payment system using tamperproof chips  (Read 5177 times)
drazvan
Full Member
***
Offline Offline

Activity: 191



View Profile WWW
October 26, 2013, 10:40:23 PM
 #1

Hi everyone,

I would like to introduce a project that I've been working on for the past 3 months or so. It's called OtherCoin and it is an off-chain Bitcoin payment system based on a microSD card with a tamperproof smartcard in it, inserted into a phone or a computer. It works by securely generating and storing Bitcoin private keys inside its tamperproof chip and only releasing the public key to the wallet. It is also able to establish an encrypted and authenticated connection to a similar OtherCoin smartcard and transfer one or more of the Bitcoin private keys it stores to that card.

To my knowledge, it is the first off-chain Bitcoin payment system that does not require an Internet server. Even if the issuer of the cards goes out of business or the server is hacked or taken offline, the system keeps working because all transactions are strictly between two OtherCoin smartcards that authenticate each other and certify that the transferred Bitcoin private keys have either been generated inside the tamperproof chip or have been received securely from a similar tamperproof chip. The system is fully anonymous and also offers zero-confirmation transactions.

Mike Hearn has pointed out that the protocol it uses is somewhat similar to the one MintChip uses (http://en.wikipedia.org/wiki/MintChip). They have the same "smartcard to smartcard" connection and the same form factor (microSD) but their chip signs messages indicating the value of the transfer while OtherCoin transfers Bitcoin private keys to transfer value.

I have uploaded a short presentation at http://www.othercoin.com/OtherCoin.pdf .

The project is approximately 70% done (most of the smartcard code is done but there is still work to be done on the software wallet side that runs on the smartphone).

Any feedback would be greatly appreciated at this point. Would you use this? Is there anything you'd like to see implemented?

Thank you,
Razvan
1513227073
Hero Member
*
Offline Offline

Posts: 1513227073

View Profile Personal Message (Offline)

Ignore
1513227073
Reply with quote  #2

1513227073
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 2366



View Profile
November 30, 2013, 08:29:35 AM
 #2

I hope there will be an easy way to use these cards with desktop and laptop computers and not just smartphones.  I'm eagerly awaiting this, it should be an interesting system.

Bitcoin will not be compromised
Natanael
Newbie
*
Offline Offline

Activity: 27


View Profile WWW
November 30, 2013, 10:06:08 PM
 #3

The technical part of it sounds a lot like my idea about a generic crypto device that I've written about before. Although I want it to have a screen and input of it's own. Posted it on reddit on /r/crypto and /r/netsec, but can't find a link...

Edit: found it: http://www.reddit.com/r/crypto/comments/yjxdo/device_concept_universal_personal_cryptography/
drazvan
Full Member
***
Offline Offline

Activity: 191



View Profile WWW
December 01, 2013, 12:03:47 AM
 #4

I hope there will be an easy way to use these cards with desktop and laptop computers and not just smartphones.  I'm eagerly awaiting this, it should be an interesting system.


Well, the form factor is an SD card and there are drivers for it in both Windows and Linux - you plug the microSD card into a standard microSD reader and it also shows up as a smartcard reader with a smartcard permanently inserted into it. So you can use any of the existing PC/SC libraries to talk to it. My initial target is Android smartphones but the protocol itself will be open, so anyone could implement an interface to the OtherCoin card, on any platform.

It's coming along nicely, still trying to get some seed funding for it but that hasn't stopped development. The protocol has been refined a bit, I will update the PDF description as soon as it stabilizes. I should have an early test version in January if anyone wants to give it a try.
drazvan
Full Member
***
Offline Offline

Activity: 191



View Profile WWW
December 01, 2013, 12:06:03 AM
 #5

The technical part of it sounds a lot like my idea about a generic crypto device that I've written about before. Although I want it to have a screen and input of it's own. Posted it on reddit on /r/crypto and /r/netsec, but can't find a link...

Edit: found it: http://www.reddit.com/r/crypto/comments/yjxdo/device_concept_universal_personal_cryptography/

What you're describing there sounds more like the Trezor. The OtherCoin is strictly an offline / off-chain payment solution, it is intentionally not capable of signing transactions or dealing with Bitcoin addresses in any way. It just secures a private key and either releases it to the wallet or securely passes it on to another card. The whitepaper at http://www.othercoin.com/OtherCoin.pdf describes it in more detail, it's definitely not a wallet or a way to sign Bitcoin transactions, it has a different purpose.
drazvan
Full Member
***
Offline Offline

Activity: 191



View Profile WWW
January 08, 2014, 05:14:48 PM
 #6

If anyone's interested, the OtherCoin is now a real product, see my announcement at https://bitcointalk.org/index.php?topic=321085.msg4371708#msg4371708 . There's also a (quick and dirty) YouTube demo video at http://youtu.be/YXGOGMnRx2Y .

Right now I am putting the final touches to the Android app before it's ready to be released as open source for anyone to reuse and integrate into Bitcoin wallets.

In other news, we've been named Runner Up in the Bionym idea competition (see http://www.getnymi.com/blog/first-round-winners-the-nymi-ideas-of-the-new-year/), so we'll be getting one of the first Nymi developer kits. Nymi is a biometric authentication bracelet that authenticates you towards other devices based on your ECG / heart rhythm - so you will soon be able to make OtherCoin payments and authorize them (literally) with a heart beat Smiley .

Finally, we're working with Samsung to get OtherCoin authorized for use in their secure Samsung Knox containers (https://www.samsungknox.com/en). Android applications running inside Samsung Knox containers are isolated from the rest of the phone and protected against malware, so you should feel safer transacting Bitcoins that way. Of course, Samsung Knox only works on Samsung devices (recent ones like the Galaxy S4, Galaxy Note II, Galaxy Note 3, etc).
drazvan
Full Member
***
Offline Offline

Activity: 191



View Profile WWW
January 11, 2014, 11:46:14 PM
 #7

As promised, I've uploaded a more detailed demo of the OtherCoin system to YouTube at http://www.youtube.com/watch?v=ZR8gz0uVBHk&feature=youtu.be (make sure you view it in HD).

It shows it running side by side on a Samsung Galaxy Note 2 and a Vodafone Smart Mini (a.k.a. Vodafone 875), sending keys back and forth over SMS and interfacing with the Android Bitcoin Wallet to reveal a key (remove it from Othercoin and import it into the wallet) and add funds to a key (stored securely in the OtherCoin smartcard). Sending/receiving keys via QR code still works, it's just not shown in this video.

If you have any questions, ask away. If you feel generous (or supportive), 1VeriFivRsUxUqdWMgUmHrgfQXL9J3dfe Smiley.

Thank you,
Ravan
drazvan
Full Member
***
Offline Offline

Activity: 191



View Profile WWW
January 13, 2014, 10:43:48 PM
 #8

Hello again everyone,

I am looking for a few early adopters for the OtherCoin off-chain payment system - we're getting ready to order our first commercial batch from the hardware manufacturer, we're still ironing out the bugs and the UI and provisioning system, but if you'd like to play with one sooner rather than later, this is your chance. This initial batch will go for 0.35 BTC/unit, the final price will probably be lower but I'm trying to play it safe with the initial batch.

You can also get a pack of two for 0.6 BTC (which is probably a good idea since you need someone else with an OtherCoin to send/receive funds to/from). You're also going to need an Android phone with a microSD slot, with Android 4.1 or newer. OtherCoin supports Bluetooth smartcard readers and NFC, but the cgToken Bluetooth reader is just a prototype for now (we have one on loan from the manufacturer) and the NFC version is using the Yubikey Neo (we need to get a few of those as well, but we haven't really tested them as thoroughly as the microSD version).

Finally, if you are interested in becoming an exclusive reseller in your country (or region), please contact me at razvan.dragomirescu (at) veri.fi , in this thread or via PM and make us an offer. Please make sure you can promote this in your area (conferences, meetups, etc). We are looking for _exclusive_ resellers, this is your chance to secure distribution in your country or even your larger region (e.g. North America, Australia, China, etc) and support the launch of the OtherCoin at the same time. We are willing to entertain lower offers given that the product will take a few more weeks to be fully available, but this is no KickStarter project, the hardware is operational and the software works (as demonstrated in the YouTube demo I posted above).

If you have any questions, ask away. If you want to place an order or just show your support, send funds to 1VeriFivRsUxUqdWMgUmHrgfQXL9J3dfe and post here (or email/PM me) to indicate what you've ordered and where you want it shipped. Shipping is included in the price above, as well as VAT where applicable. If you need a VAT invoice, please mention that as well.

P.S. Resellers not only get the exclusive rights for OtherCoin in their area but also the rights to the Card2Coin sub-project (see https://bitcointalk.org/index.php?topic=339389) that will become part of the OtherCoin ecosystem, closing the loop by allowing the exchange of OtherCoin keys to dollars directly, without ever having to touch the blockchain. This is not ready yet, it's going to be operational this fall (around September).

Thank you,
Razvan Dragomirescu
beeblebrox
Member
**
Offline Offline

Activity: 117


View Profile
January 16, 2014, 09:09:07 AM
 #9

Hello Razvan,

This is a reply to your post requesting a loan for the project in the other thread.

I've just sent you the remaining 10BTC that I pledged.  This is yours to use freely as you wish.

Also, I've just separately sent you 20BTC as a loan.  These funds are for the commercial advancement of your project.  This loan is on an informal "Gentlemen's Agreement" basis meaning that a loan contract has not been formally drawn up and I'm taking you at your word that you will use these funds for your project and that you will repay me when convenient for you with respect to the commercial success of your project.   I am counting on your honour that you will make a best effort to bring your project to commercial success.  I will not be taking any action to recover the funds if your project is not a commercial success.

Address for loan repayment : 1Gip2pyyeH5igAyB1e81xPtsr3AdxK4rZJ

Best of Luck.
drazvan
Full Member
***
Offline Offline

Activity: 191



View Profile WWW
January 16, 2014, 11:44:13 AM
 #10

Thank you! Received both payments. Will put them to good use, I accept the terms of the Gentlemen's Agreement, will do my best to make this into a commercial success, now that I also have the means to do it.

Thank you once again!
Razvan
mmeijeri
Hero Member
*****
Offline Offline

Activity: 714

Martijn Meijering


View Profile
April 20, 2015, 08:12:27 PM
 #11

Any updates on this?

ROI is not a verb, the term you're looking for is 'to break even'.
drazvan
Full Member
***
Offline Offline

Activity: 191



View Profile WWW
April 20, 2015, 10:32:33 PM
 #12

I'm still working on it (I've actually resumed working on it a few weeks ago). The app is fully functional (both the Android controlling app and the JavaCard secure part that runs on the microSD secure element). I am now working on eliminating the last centralized part of the system (the authority that signs Bitcoin balances) and replacing it with a SPV-style proof. This would allow semi-offline situations where the clients download just the block headers (thus maintaining their privacy - they don't indicate what transactions they're interested in), then the payer proves the balance of a private key by giving the payee the transaction data and a Merkle branch indicating how the transaction connects to a particular block (that the payee is supposed to already know about).

I've managed to port the smartcard side of the app to Infineon chips as well (this used to be an NXP-only affair given that I only had access to their proprietary APIs - now I have access to Infineon's as well).

I'm also looking for additional funding (that was my reason for stopping work on the project a few months ago - ran out of funds and had to go back to my consulting gig for a few months to support myself and my family). I haven't solved this yet, it's frustrating to not be able to focus on this 100% (given that I really love the project and it's what I want to do in the long run), if anyone has any suggestions or business proposals, feel free to message me.

Finally, I plan to enter the Coinbase Hackathon ( https://developers.coinbase.com/bithack ) - I'm trying to finish the SPV proof mechanism before I submit my entry (not sure if it will be ready by then though). This means I will also put together a new demo video showing the current state of the app.

Thanks everyone for your patience and support.
Razvan
mmeijeri
Hero Member
*****
Offline Offline

Activity: 714

Martijn Meijering


View Profile
April 21, 2015, 04:13:43 PM
 #13

That's good news! As for funding, have you considered using Lighthouse?

ROI is not a verb, the term you're looking for is 'to break even'.
drazvan
Full Member
***
Offline Offline

Activity: 191



View Profile WWW
April 22, 2015, 08:44:36 PM
 #14

I have read about Lighthouse a few months ago but I didn't realize it was already operational / usable. I guess I'll have to look again. I'm not sure if their "open source only" policy would apply here - the Android-based OtherCoin app will be open source, but the JavaCard-based secure component running on the secure element will not be. You will always need a secure element for the app to function (I have some medium-term plans to allow first time users to remotely access a secure element that we host in order to try the app before they buy the secure element, but that would negate the anonymity part, we would know who's accessing our hosted secure element).
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!