PDA as a cold wallet?

[ViceOfBTC21]

If you was tech-savvy like me in 2000s, you probably knew at least one person that had a PDA (Personal Digital Assistant). If you don't know what it is, it was a pocket touchscreen computer that was similar to smartphones today, except you couldn't call and it didn't connect with the Internet (well, unless you had an extension card).

This is a photo of a PDA:



Pretty similar to modern smartphones, no? Since these thingies didn't had an Internet connection and the only built-in communication methods were cable and IrDA, I thought up that it is possible to write a specialized app for old PDAs that allows it to be used as a cheap cold wallet.

I choose Palm OS, since they are easy-to-use even today, they are easy-to-find and there were only very few viruses ever released. Also, there is wide variety of Palm OS PDAs - from prehistoric Palm III from 1998 up to Palm TX from 2005.

Is there any app for Palm OS that allows me to use my old Palm Vx as a cold wallet? It must be open source, we all know why.

[1715678693]

1715678693

[1715678693]

1715678693

[mocacinno]

It would be interesting to find out if it was possible... That being said: I don't know how safe it would be, since you'd probably be stuck with legacy code, or binaries that were really hard to build, this would make them very hard to keep up to date...

That being said: it seems like there is a legacy python version for palmos: https://legacy.python.org/download/other/
So you might be able to rewrite electrum.... I'm pretty sure you won't be able to get the gui running, but maybe the daemon?

Or maybe you could find a browser that supports javascript and run coinb.in... even tough I wouldn't use it to create private keys for cold storage.

Or maybe if you find a wallet that's written in c++, but even then it wouldn't be an easy task to compile it.

Bottom line: it would be a nice theoretical experiment, but I do not believe you'll be able to build and maintain a recent, easy to work with, safe, full featured gui wallet... Unless you wrote one by yourself, especially for palmos (they do have a compiler). So, unless you wrote a wallet from scratch, you wouldn't be able to use it as cold storage IMHO... But I'd be happy if you proved me wrong 😉

[BitMaxz]

That's interesting but the problem it seems they stop developing software for this OS/old phones.

It seems that you already ask this last year from here https://bitcointalk.org/index.php?topic=5141556.0

I tried to search on Google and there is none that you can use to use this old phone as a cold wallet.

The only thing that you can do is to save the private keys in the notepad.

[HCP]

Man... I miss my old Palm devices... had a couple back in the early 2000s, had a camera attachment for one as I recall... ran my entire life on Palms for a couple of years ... they were awesome, but it was a pain carrying Two devices (PDA + Phone)... then I got my first smart phone (a Sony Ericsson P900) and never looked back

Theoretically it should be possible to create a wallet on PalmOS... the difficulties will be:

1. Whether or not any of the required algorithms/libraries have been created for PalmOS or whether you will need to implement these yourself (ie. ECDSA, AES256, RIPEMD160 etc)
2. Getting hold of the hardware to test with
3. The hardware still being usable (as I recall they didn't have great battery life when "fresh", nevermind 20 years later )


For the software development, google is probably going to be your friend in this instance... I'm sure there will still be repositories of PalmOS development guides floating about.

For the hardware, maybe ebay?

[NeuroticFish]

Heh, some 15 years ago I was maintaining/modifying some old code for Windows CE PDAs. I remember how truncated the API was.

For OP use case I think that C++ is not a bad option, but it would still require quite an amount of work and I am not convinced that so many PDA users would transform their PDAs into cold storage.
I mean if one has a lot of free time for hobby programming, yes, it can be a nice project, especially if he has a PDA for testing.

But for most users I think that's easier, faster and possibly better too to simply buy a HW.

[ViceOfBTC21]

Not practical, if you insist want portable device which is open-source (at least on software level), you could always bought linux smartphone (such as PinePhone or Librem 5) or use custom android ROM (such as GrapheneOS)

The only thing that you can do is to save the private keys in the notepad.

At least according to this news (https://www.techrepublic.com/article/pgp-mobile-high-security-for-palm-os-devices/), there's PGP application for Palm OS where you can encrypt and decrypt stuff.
But i don't know if you still can install it and how reliable the algorithm from early 2000 these days.

PGP Inc. doesn't sell or even give away free licenses of PGP for Palm OS today. It's also next to impossible to find binaries of PGP for Palm OS back in the day. I think that PGP for Palm OS was used mainly by journalists with their AlphaSmart Dana digital typewriters (that run Palm OS) to encrypt messages before sending them to the central office, so maybe you can ask one if you know one who used this device.

There is a password manager called Keyring for Palm OS: http://gnukeyring.sourceforge.net/index.html, but the webpage and the app has remained nearly unchanged since 2003.


Also, the website states:

Secure triple-DES encryption using a 112-bit key derived from the password

What? Triple-DES is secure? Do you know that NIST has deprecated 3DES in 2017?

or whether you will need to implement these yourself (ie. ECDSA, AES256, RIPEMD160 etc)

And that's how you lost your Bitcoin, either by wrong implementation which leads to invalid public key/address or weak entropy source for private key generation.

You can program PalmOS at least in C , C++ and assembler, but I guess that any programming language is able to be used given enough work.

Also, libraries written in C and C++ already exist, so porting them to the Palm OS won't be a huge problem. There is MathLib.prc shared Palm OS math library ,which itself is based on the Sun Microsystems' libm: https://github.com/fidian/MathLib

Maybe we can take the existing code for generating secure cold wallets, including appropriate libraries and port them to Palm OS. The only hard work that remains is programming an user interface to allow usage of the program and additional security features such as locking access to the rest of the OS without explicit user's consent.

[ViceOfBTC21]

Heh, some 15 years ago I was maintaining/modifying some old code for Windows CE PDAs. I remember how truncated the API was.

For OP use case I think that C++ is not a bad option, but it would still require quite an amount of work and I am not convinced that so many PDA users would transform their PDAs into cold storage.
I mean if one has a lot of free time for hobby programming, yes, it can be a nice project, especially if he has a PDA for testing.

I think that since the PDAs (Personal Digital Assistants) aren't dedicated to cryptocurrencies but rather using them as a pocket computer, it would be therefore more secure. I don't really understand security through, so correct me if I'm wrong.

TL;DR is above

First, the device is more user-friendly than a ColdCard. That's for sure as touchscreen is infinitely easier to use compared to clunky UI straight out of old dumbphones.
Second, you can use a more complicated password on a PDA compared to dedicated hardware wallet.
Third, there is extremely low risk (but not zero) that you will accidentally leak your private keys, as the device doesn't have any out-of-sight communication methods such as Wi-Fi, Bluetooth, etc. Of course, there remains IrDA, but it does require direct sight and it can be taped over or removed if you are paranoid.
Fourth, it can be truly air-gapped, as after installing a wallet program on the PDA it doesn't require to be connected to the computer anymore. It can transmit relevant information to your phone via generating QR codes. If you accidentally use IrDA or connect it wired to the computer, it should automatically wipe data in order to protect it from leakage. Of course the feature should be optional (for example to update the app), but should require password and display a very explicit warning to turn it off (preferably with dialog to ask user to check if they have a backup and wipe data for uber-paranoid, again optional).
Fifth, many (but not all) of the security features of a ColdCard (such as duress PIN, BIP39 passphrases/25th word, Brick me PIN (that 'kills' the RAM and ROM of a PDA if entered), dice rolls for provable Bitcoin seed generation, etc.) can be implemented in the app.

But for most users I think that's easier, faster and possibly better too to simply buy a HW.

An old PDA lying somewhere is much less suspicious than a hardware wallet. If you happen to be in danger, with the old Palm models that store their data in RAM and have removable batteries you can just pull out them knowing that your Bitcoin/cryptocurrency savings are safe. There is a problem that you might lock out of your Bitcoins whether either when battery goes zero accidentally or deliberately, so it shall support a paper and pen based backup (BIP39).

[NeuroticFish]

I think that since the PDAs (Personal Digital Assistants) aren't dedicated to cryptocurrencies but rather using them as a pocket computer, it would be therefore more secure. I don't really understand security through, so correct me if I'm wrong.

The usual security issues a cold storage faces is in the process of transferring the unsigned transaction to the cold storage and then the signed transaction back to the live device.
I don't expect the PDA will have a nice and simple QR based implementation like it would be possible with modern devices, hence bad surprises can occur at the transfer of those files (which I also expect to be rather clumsy, hence it will lose all its friendliness compared to HWs). Keep in mind that information has to be sent in both directions for signing.

But maybe I am missing something too...

An old PDA lying somewhere is much less suspicious than a hardware wallet.

I agree to this.
Still, I always tell that's safer to keep on hardware wallet only the funds you expect to use in the rather near future while the HODL funds can stay nicely on any variation of paper wallet/seed/steel/whatever.

And imho this security+convenience mix can render the PDA useless.
However, as I said, somebody may find it as a nice free-time project.

[ViceOfBTC21]

Sorry this post is long, but it's the only way I can explain you why PDAs would make a great hardware wallet (although not as pain-free as using a commercial one).

I think that since the PDAs (Personal Digital Assistants) aren't dedicated to cryptocurrencies but rather using them as a pocket computer, it would be therefore more secure. I don't really understand security through, so correct me if I'm wrong.

The usual security issues a cold storage faces is in the process of transferring the unsigned transaction to the cold storage and then the signed transaction back to the live device.
I don't expect the PDA will have a nice and simple QR based implementation like it would be possible with modern devices, hence bad surprises can occur at the transfer of those files (which I also expect to be rather clumsy, hence it will lose all its friendliness compared to HWs). Keep in mind that information has to be sent in both directions for signing.

But maybe I am missing something too...

I guess that we did some hard work, it should be possible to develop a one-way cold wallet that doesn't need to communicate with the crypto spending file. Even the Coldcard, which says that it's truly airgapped, requires you to use SD card from your computer. So if you are ultra-paranoid, you might decide to spend all at once and replace your Coldcard every time.

As Palm OS PDAs are touchscreen-based, it is possible to develop a companion app for current Android/iOS smartphones and Windows/Mac/Linux computers that will guide you with the progress of entering information on PDA by hand. If you don't want to enter everything by hand with Graffiti, you can use a keyboard, camera (QR) or audio modem (speaker and microphone) modules. The last feature is in Electrum, so implementing it probably wouldn't be a problem, but how you will input/output the sound? Again, modules are the answer, but there are no commercial modules such as this available and we need to hack one at home.




This is not impossible, as there have been external keyboards and camera module produced for Palm PDAs. That's for über-paranoid people and I don't need this kind of security, so it can communicate with computer through serial or IrDA. Again, I was speaking about air-gapped security, but the user should be able to use the program wired or this paranoid way if they want to.

The problem is how to get the signed transaction out of PDA. Again, serial or IrDA can be used. But again what the person is extremely paranoid again? We have a screen, so the user can either retype the user-friendly text back to the computer (as long as it's not too long) or display a scannable QR code with a transaction ready to be sent to the Bitcoin network.

An old PDA lying somewhere is much less suspicious than a hardware wallet.

I agree to this.
Still, I always tell that's safer to keep on hardware wallet only the funds you expect to use in the rather near future while the HODL funds can stay nicely on any variation of paper wallet/seed/steel/whatever.

Hardware wallets are also pretty secure for cold storage of low amounts of cryptocurrency (below $10000), but it is also possible to split your HODLings between hardware wallets so the compromise of one would keep at least remaining hardware wallets secure. Anyway, don't keep more crypto in hot wallets than you would carry in your real-life wallet. Bitcoin is electronic cash, not a bank, so treat it as such.

And imho this security+convenience mix can render the PDA useless.

Of course I said that the program can lock you out of the rest of the OS unless you explicitly exit an app (preferably with explicit warning to avoid using it pseudo-hardware wallet as your PDA). Palm OS, while primitive in today's standards, is much more flexible than currently existing mobile operating systems as it doesn't have sandboxing, permissions, etc. You can do everything you want straight out-of-the-box and we can use it to our advantage.

Sometimes the more secure option is a more convenient one, but not always. For example graphical PGP overlays and e-mail plugins can be safer than their command line counterparts as you don't need to save decrypted files on your hard drive. If your computer is compromised, you're fucked anyway.

[ViceOfBTC21]

Secure triple-DES encryption using a 112-bit key derived from the password

What? Triple-DES is secure? Do you know that NIST has deprecated 3DES in 2017?

Even looking at the bit length naively, anything below 128-bits hardly can be considered secure.

The app definitely can be upgraded to use AES 256-bit, the feature was implemented back in 2002 when 3DES was still fresh and new. The code hasn't ever been tested, so it's implementation might be as secure as a Lego safe. The question is whether it's worth it and if it isn't easier to write a proper cold wallet app for Palm OS instead.

You can program PalmOS at least in C , C++ and assembler, but I guess that any programming language is able to be used given enough work.

Also, libraries written in C and C++ already exist, so porting them to the Palm OS won't be a huge problem. There is MathLib.prc shared Palm OS math library ,which itself is based on the Sun Microsystems' libm: https://github.com/fidian/MathLib

Maybe we can take the existing code for generating secure cold wallets, including appropriate libraries and port them to Palm OS. The only hard work that remains is programming an user interface to allow usage of the program and additional security features such as locking access to the rest of the OS without explicit user's consent.

How about support for older processor architecture? For example, Palm TX uses Intel XScale PXA 270, where Intel XScale itself uses ARMv5.
At very least, you need to find compiler which support ARMv5 and manually convert assembly code.

The solution is simple: code in C/C++, so that it will work both on ancient 68k and more modern ARM Palms alike. I don't have any advanced knowledge of Palm programming, but knowing that some apps from 68k era still work on ARM Palms, it should be feasible.