nmat (OP)
|
|
August 04, 2011, 01:29:13 AM |
|
I think it would be a great idea to create a real wallet for bitcoins. Instead of locking up a computer inside a safe or writing down private keys, why not create a device just for sending and receiving bitcoins?
The first thing that came to my mind when I thought of this was: android phones. I can buy a cheap android at ebay ($60 or $70 maybe? and the price is coming down...), install bitcoin and use it like a real wallet. Of course it would be better if there was a special "Android Bitcoin Edition" with extra security.
Are there any plans to create a device with such functionality? And does anyone use an Android phone as a wallet?
|
|
|
|
ffuentes
Member
Offline
Activity: 70
Merit: 10
Only a curious passer-by / FirstBits: 13zsc1
|
|
August 04, 2011, 01:38:06 AM |
|
I would like a .jar app to make payments and receive it
An exclusive device would be useless like that device made only for tweeting released the past year.
|
|
|
|
|
Phinnaeus Gage
Legendary
Offline
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
|
|
August 04, 2011, 02:32:36 AM |
|
I think it would be a great idea to create a real wallet for bitcoins. Instead of locking up a computer inside a safe or writing down private keys, why not create a device just for sending and receiving bitcoins?
The first thing that came to my mind when I thought of this was: android phones. I can buy a cheap android at ebay ($60 or $70 maybe? and the price is coming down...), install bitcoin and use it like a real wallet. Of course it would be better if there was a special "Android Bitcoin Edition" with extra security.
Are there any plans to create a device with such functionality? And does anyone use an Android phone as a wallet?
I hope that whoever develops this great idea, has UABB's stamp of approval.
|
|
|
|
nmat (OP)
|
|
August 04, 2011, 02:36:26 AM |
|
An exclusive device would be useless like that device made only for tweeting released the past year.
Well, you may be right. But what if you don't have battery on your phone and you need to make a payment? Sometimes is nice to have different devices for different tasks. And having a wallet is different from being able to tweet... But I agree. A phone is large and we already have one to carry around. Well... you had exactly the same idea. Sending/receiving payments with this would be really simple (I bet my mom could do it!) and it would secure your wallet (I didn't thought of the cloud backup though, but it's an obvious and essential addition). I liked that comment about kindle. Having battery for 1 month sounds good
|
|
|
|
Astrohacker
|
|
August 04, 2011, 02:38:10 AM |
|
Ideally it would be the size of a credit card. But I don't think the technology is quite there yet.
|
|
|
|
|
wumpus
|
|
August 04, 2011, 03:36:25 AM |
|
Ideally it would be the size of a credit card. But I don't think the technology is quite there yet.
If it is only thin client (private key storage and signing only, no blockchain/network) I'm sure you could fit the logic on a credit card-sized device. Ideally it would have a small display to show the amount and a confirmation code, with confirm/reject buttons and communicate wirelessly. This would be safer than using a smartphone...
|
Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through File → Backup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
|
|
|
bitrebel
|
|
August 04, 2011, 03:47:34 AM |
|
How about a Special Credit Card that keeps the wallet.dat file, then when inserted into your computer card reader device, loads it up into the bitcoin client for you to spend or add to?
|
Why does Bitrebel have 65+ Ignores? Because Bitrebel says things that some people do not want YOU to hear.
|
|
|
NF6X
|
|
August 04, 2011, 03:57:38 AM |
|
How about a Special Credit Card that keeps the wallet.dat file, then when inserted into your computer card reader device, loads it up into the bitcoin client for you to spend or add to? I think that is technically feasible. There is a similar smart card for use with PGP encryption. I fact, it doesn't even need to be as big as a credit card. It could be the same size as a SIM card, and the PGP smart card is available in both sizes. http://en.wikipedia.org/wiki/OpenPGP_card
|
|
|
|
bitrebel
|
|
August 04, 2011, 04:03:06 AM |
|
How about a Special Credit Card that keeps the wallet.dat file, then when inserted into your computer card reader device, loads it up into the bitcoin client for you to spend or add to? I think that is technically feasible. There is a similar smart card for use with PGP encryption. I fact, it doesn't even need to be as big as a credit card. It could be the same size as a SIM card, and the PGP smart card is available in both sizes. http://en.wikipedia.org/wiki/OpenPGP_cardAnd there it is....perhaps? I am not technical, and cannot program. I am a good theorist though. Maybe someone can develop a short code that loads that into your bitcoin client and swaps info back and forth. I think the wallet file needs to be secure, but if it's left on a technical device that can malfunction, which would be necessary to run the client, then it can be lost or corrupted, but if the file is saved on a piece plastic and encrypted, then the back and forth loading is all that would be needed, I would imagine.
|
Why does Bitrebel have 65+ Ignores? Because Bitrebel says things that some people do not want YOU to hear.
|
|
|
kjj
Legendary
Offline
Activity: 1302
Merit: 1026
|
|
August 04, 2011, 04:34:06 AM |
|
There are people working on these devices, and hundreds of threads on the subject. Anyone interested in the idea should search, because this thread is almost word for word identical to many of them.
|
17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8 I routinely ignore posters with paid advertising in their sigs. You should too.
|
|
|
natman3400
Member
Offline
Activity: 98
Merit: 10
firstbits: 1nathana
|
|
August 04, 2011, 04:37:26 AM |
|
Im personally working on one that uses a stripped down pengauchu (or however that is spelt) at its core, which should make for a sub $25 price range. If you want to look into it the link is in my sub, I just currently have a lot of stuff going on right now and can't keep up with it.
|
|
|
|
nmat (OP)
|
|
August 04, 2011, 04:38:30 AM |
|
And there it is....perhaps?
I am not technical, and cannot program. I am a good theorist though. Maybe someone can develop a short code that loads that into your bitcoin client and swaps info back and forth.
I think the wallet file needs to be secure, but if it's left on a technical device that can malfunction, which would be necessary to run the client, then it can be lost or corrupted, but if the file is saved on a piece plastic and encrypted, then the back and forth loading is all that would be needed, I would imagine.
The problem here is that your wallet becomes vulnerable as soon as you open it. Of course that the card will be "offline" most of the time, but if you use it in a windows computer (or any other, but windows is more dangerous) your money is at risk. My approach was to create a self contained device that could open your wallet and make transactions with it (so you could use it at a shop for example). You wouldn't have to put it in a computer and we could harden the security of that device. There are people working on these devices, and hundreds of threads on the subject. Anyone interested in the idea should search, because this thread is almost word for word identical to many of them.
Thanks for the info. I will do a little search through the forums
|
|
|
|
NF6X
|
|
August 04, 2011, 01:31:52 PM |
|
If I understand correctly, on that OpenPGP smartcard the private keys never leave the smartcard. Instead, any signing with the private key happens on the smartcard. If the same idea was used for a Bitcoin wallet, then the private keys of the wallet would never get uploaded to the computer. Malicious code might still be able to use the smartcard to send out bitcoins from the victim's account while the card is plugged in, but it shouldn't be able to steal the private keys for later use.
The OpenPGP smartcard needs to receive a passcode before it'll do stuff. If the card reader has it's own keypad for entering the passcode (some readers do have such a keypad), that can help reduce exposure to malicious software since the passcode never passes through the potentially compromised computer.
I'll poke around for other threads on this topic, too...
|
|
|
|
natman3400
Member
Offline
Activity: 98
Merit: 10
firstbits: 1nathana
|
|
August 04, 2011, 01:42:36 PM |
|
The problem here is that your wallet becomes vulnerable as soon as you open it. Of course that the card will be "offline" most of the time, but if you use it in a windows computer (or any other, but windows is more dangerous) your money is at risk.
My approach was to create a self contained device that could open your wallet and make transactions with it (so you could use it at a shop for example). You wouldn't have to put it in a computer and we could harden the security of that device.
This is what I'm working on. A self-contained, portable, cheap device that runs a modified bitcoin client. I'm also working on making a secure way to back up the device, and an emergency "send all coins" function that would send all the coins on the device's wallet to a per-deteremined address (possibly hard-coded into the device, and the private key given to the owner of the device?).
|
|
|
|
Astrohacker
|
|
August 04, 2011, 04:13:53 PM |
|
Ideally it would be the size of a credit card. But I don't think the technology is quite there yet.
If it is only thin client (private key storage and signing only, no blockchain/network) I'm sure you could fit the logic on a credit card-sized device. Ideally it would have a small display to show the amount and a confirmation code, with confirm/reject buttons and communicate wirelessly. This would be safer than using a smartphone... You know that's actually an interesting idea. For some reason it never occurred to me that it would only actually have to store the private keys. You would presumably subscribe to a service to actually serve as your bitcoin client... or have a bitcoin client on your home computer that your little credit card communicates with. This actually probably is possible with present technology after all. It would need to be able to 1) Store private keys. 2) Sign transactions. 3) Communicate wirelessly with a bitcoin node to broadcast transactions and read the present balances of addresses.
|
|
|
|
kjj
Legendary
Offline
Activity: 1302
Merit: 1026
|
|
August 04, 2011, 05:01:29 PM |
|
Read this. I describe a way to incrementally detach the wallet from the client. Read the rest of that thread too. It describes my notion of a hardware client, and as an added bonus, Gavin describes a service that would provide a lot of security for regular folks. Actually, the thread was Gavin's, and all of my stuff was off-topic, but whatever. Also, read this thread. And while you are at it, read natman3400's posts, particularly on his project, BitClip. We don't always agree on the details, but his project looks pretty good.
|
17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8 I routinely ignore posters with paid advertising in their sigs. You should too.
|
|
|
nostrum
Member
Offline
Activity: 65
Merit: 10
|
|
August 04, 2011, 06:43:16 PM |
|
I have a Nexus S running WhisperCore (a ROM with built in encryption) with the bitcoin wallet app. WhisperCore comes with a backup program called Flashback that will encrypt and upload data to Amazon S3 storage. Titanium Media Sync is also a good alternative as it will enable you to select files individually (+you dont have to pay for Amazon S3).
I think this is a good and safe enough solution (for me) when it comes to a "real wallet". Obviously there are still risks and most of them are solved by having a "bank", containing all the bitcoins I can't afford to lose, where the wallet.dat is encrypted in a TrueCrypt container hidden in Wuala, Dropbox, locally on my computer and on a physical medium.
|
If you always think in categories you will miss the bigger picture. -------------------------------------------------------------- Public GPG: 04351826
|
|
|
kjj
Legendary
Offline
Activity: 1302
Merit: 1026
|
|
August 04, 2011, 06:50:51 PM |
|
I think I have an excessive level of paranoia, because I rejected all general purpose computers (like phones, tablets, etc) because they are too connected. I want something that ONLY knows bitcoin JSON over serial.
Whispercore will save your ass if someone physically steals your phone, but I don't think it'll help if the phone gets owned from the inside.
|
17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8 I routinely ignore posters with paid advertising in their sigs. You should too.
|
|
|
|