Bitcoin Forum
May 08, 2024, 10:30:21 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: The Collectibles Issue  (Read 395 times)
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18510


View Profile
January 24, 2023, 11:03:42 AM
Merited by NeuroticFish (3)
 #21

I don't like to be the devil's advocate, however, a signed TX can be easily broadcasted anytime later. So no matter how smart the embedded device is, a previous owner can create and sign the transaction of spending the collectible's coins and... broadcast it years later. Or am I missing something?
It was in reference to a device like an OpenDime, which has to somehow be "unsealed" in order to sign a transaction. In the case of the OpenDime, you push an object through a small hole on the board, which unseats a chip on the other side and allows the private key to be accessed.

So prior to being unsealed, the device would be set up to allow people to sign arbitrary messages from it, proving that the necessary private key is indeed on the device, but it would have to be unsealed in order to sign a transaction. And once it has been unsealed, then at that point it cannot be sold to another person, since as you say a transaction could have been signed at any point, even if the coins are still present on the device.
According to NIST and ECRYPT II, the cryptographic algorithms used in Bitcoin are expected to be strong until at least 2030. (After that, it will not be too difficult to transition to different algorithms.)
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1715164221
Hero Member
*
Offline Offline

Posts: 1715164221

View Profile Personal Message (Offline)

Ignore
1715164221
Reply with quote  #2

1715164221
Report to moderator
1715164221
Hero Member
*
Offline Offline

Posts: 1715164221

View Profile Personal Message (Offline)

Ignore
1715164221
Reply with quote  #2

1715164221
Report to moderator
1715164221
Hero Member
*
Offline Offline

Posts: 1715164221

View Profile Personal Message (Offline)

Ignore
1715164221
Reply with quote  #2

1715164221
Report to moderator
n0nce
Hero Member
*****
Offline Offline

Activity: 882
Merit: 5818


not your keys, not your coins!


View Profile WWW
January 24, 2023, 11:22:51 AM
Merited by NeuroticFish (1)
 #22

Sure; similar to any other hardware wallet (this would be a dumbed-down hardware wallet, in essence). But again, since those are sold dirt-cheap these days, even below the premium of these collectibles over their loaded value, it seems feasible. If they choose to use a smartcard chip, @tibu may have a business opportunity here. Wink
Difficult to say. A collectible producer obviously couldn't just take another company's tried and tested product and use it to start producing collectibles without risking running in to legal trouble.
They can 'take' an open hardware & open source product, as long as they abide by the license (that usually requires them to release sources for their collectible, too - which I'd welcome anyway, though).

The device could e.g. sign messages to show that the (correct) key is there. As well as signing transactions, of course, to spend the funds from that key.
That's a neat solution. Until of course someone finds a vulnerability and tricks it in to signing a transaction when it isn't supposed to. Tongue
I don't like to be the devil's advocate, however, a signed TX can be easily broadcasted anytime later. So no matter how smart the embedded device is, a previous owner can create and sign the transaction of spending the collectible's coins and... broadcast it years later. Or am I missing something?
Because if I'm right it's no use to embed smarter and more expensive devices into collectibles, this kind of stealing problems can still happen.
I would imagine this device to brick itself once it has signed a transaction, i.e. clear its keys (pivate and public) and stop responding to queries from the client. Just like visually inspecting a ripped hologram, a non-responsive device (or responding with a 'wiped' message) would indicate the same thing.

So prior to being unsealed, the device would be set up to allow people to sign arbitrary messages from it, proving that the necessary private key is indeed on the device, but it would have to be unsealed in order to sign a transaction. And once it has been unsealed, then at that point it cannot be sold to another person, since as you say a transaction could have been signed at any point, even if the coins are still present on the device.
A physical seal such as on OpenDime, would of course work, as well.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18510


View Profile
January 24, 2023, 11:43:22 AM
 #23

I would imagine this device to brick itself once it has signed a transaction, i.e. clear its keys (pivate and public) and stop responding to queries from the client. Just like visually inspecting a ripped hologram, a non-responsive device (or responding with a 'wiped' message) would indicate the same thing.
Now that would be dangerous. You accidentally sign a transaction to the wrong address, or with a sub 1 sat/vbyte fee, or with a locktime of block 1,000,000, or something else, and then the device bricks itself. Wave goodbye to your coins. Or you could accidentally send more coins to the collectible in the future, mixing it up for a similar one which is not bricked.

There needs to be some obvious way of telling whether the device is sealed or unsealed, much like an OpenDime does, but the device still needs to function regardless.
NotATether
Legendary
*
Offline Offline

Activity: 1596
Merit: 6730


bitcoincleanup.com / bitmixlist.org


View Profile WWW
January 24, 2023, 11:59:41 AM
 #24

I like the split key idea but it would have to be done with a PGP-signed open source program so that people know what they are dealing with. Better if it was written for all platforms and if there were iOS and Android apps for such a tool as well, so that the user avoids having to do anything.

There would be three separate workflows for user generating the private key, the operator making a "mutated" private key that they send to the user, and the third one would combine the two private keys into a keypair using whatever operation you prefer.

Alternatively this feature could be added to hardware wallets so that people avoid having to trust software in the first place (instead they just have to trust the hardware vendor to be genuine and that's it).

.
.BLACKJACK ♠ FUN.
█████████
██████████████
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
████████████████
░██████████████
████████████
███████████████░██
██████████
CRYPTO CASINO &
SPORTS BETTING
▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
█████████
.
n0nce
Hero Member
*****
Offline Offline

Activity: 882
Merit: 5818


not your keys, not your coins!


View Profile WWW
January 24, 2023, 12:07:31 PM
Merited by vapourminer (1)
 #25

Or you could accidentally send more coins to the collectible in the future, mixing it up for a similar one which is not bricked.
That would be prevented because when it's bricked, it won't output its address, either. I'm trying to think of a technical way that prevents the actual maker to pre-sign a transaction. Since key generation and bricking are both done on-device, that would be secure against a malicious maker. Meanwhile, a PCB-level seal would allow the maker to get a signature before sealing it all up / adding resistor / whatever board-level measures are put in place that require physical breakage to later get to the coins again.

There needs to be some obvious way of telling whether the device is sealed or unsealed, much like an OpenDime does, but the device still needs to function regardless.
Is it a problem if you can only tell by plugging it in? I mean, sure, for reselling it would be better if it was more visual, but you could be scammed if someone uses a picture of a physically sealed item that they later peeled. On the other hand, the solution I suggested would allow the seller to sign the latest block hash and thus provide timestamped proof of funds.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
hZti
Hero Member
*****
Offline Offline

Activity: 952
Merit: 642

Magic


View Profile
January 25, 2023, 07:17:32 AM
 #26

Honestly the Coldkey scam is a shame for the community. The inventor sold part of the company for the price of 0.5 BTC to a German forum member and after the transaction was finished he destroyed the company by taking the funds of the sold coldkeys. Maybe with split key, this could somehow be prevented but I think it is not very practical.
The best I could find is this: https://www.cardwallet.com
They print the wallets under maximum security in the Austrian State Mint and therefore I doubt that something would go wrong. The wallet is however not really a collectible and more a tool in this moment.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18510


View Profile
January 25, 2023, 10:11:15 AM
 #27

I like the split key idea
It doesn't allow the collectible to sold on without introducing trust, though.

That would be prevented because when it's bricked, it won't output its address, either.
Doesn't stop someone from copying the address from their previous transaction.

Is it a problem if you can only tell by plugging it in?
I'm not sure. I wouldn't buy any pre-funded products regardless, so I'm probably not the best person to ask. If you are buying something in person then it is trivial to plug it in to check. If you are buying something online then hopefully your money would be kept in an escrow until you receive the item and plug it in to check.
NotATether
Legendary
*
Offline Offline

Activity: 1596
Merit: 6730


bitcoincleanup.com / bitmixlist.org


View Profile WWW
January 25, 2023, 10:28:40 AM
Merited by o_e_l_e_o (4)
 #28

I like the split key idea
It doesn't allow the collectible to sold on without introducing trust, though.

OK, what about an operating system specifically designed for loading the keys into the collectible?

I mean like this: Each collectible can have a SIM card. The operating system will generate the private key bytes without showing them to the operator, and an additional NFC chip contained inside the collectible can communicate with some NFC receiver inside the computer hardware as soon as you scan using the computer a QR code contained on the collectible that would have connection parameters (which change as soon as you disconnect - only one concurrent connection allowed).

So anyway, the OS uses that connection to the collectible to write the private key bytes inside some file contained on the SIM, and then the computer sets the SIM to be read-only (which also permanently disables the networking apparatus), before putting them for sale.

This does require however the paper containing the private key to be replaced by an electronic LED screen, also protected by a hologram (how? IDK) somehow.

It would be sort of how credit cards communicate with POS terminals. Although CCs have numbers at the back of them. But the idea here is to prevent the operator from seeing the private key bytes in the first place. Only the customer would be able to.

Any thoughts?

.
.BLACKJACK ♠ FUN.
█████████
██████████████
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
████████████████
░██████████████
████████████
███████████████░██
██████████
CRYPTO CASINO &
SPORTS BETTING
▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
█████████
.
n0nce
Hero Member
*****
Offline Offline

Activity: 882
Merit: 5818


not your keys, not your coins!


View Profile WWW
January 25, 2023, 12:20:41 PM
Merited by o_e_l_e_o (4)
 #29

So anyway, the OS uses that connection to the collectible to write the private key bytes inside some file contained on the SIM, and then the computer sets the SIM to be read-only (which also permanently disables the networking apparatus), before putting them for sale.
That's overcomplicating, no? How about the SIM / embedded SoC in the collectible generates a private key using a secure chip the first time it's powered on? Key never leaves the device.
You plug it in and it appears as a Linux device called /dev/bc1q..... so the creator knows where to send the funds. And a buyer can easily check the value.

To sign a transaction, you pipe (or copy) the PSBT to the device and it returns the signed PSBT.

I presented the idea before, though. Not much different from a hardware wallet; just simplified the functionality to a minimum, but it would use very similar hardware.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
DaveF (OP)
Legendary
*
Offline Offline

Activity: 3472
Merit: 6266


Crypto Swap Exchange


View Profile WWW
January 25, 2023, 03:44:48 PM
 #30

There could also be 2 solutions so to speak (3 actually)

1) For very low value amounts, what we have now does work, unless you have sales in the 10s of thousands the amount you can get if it's a valve of 0.0001 on the coin is not a big deal. You can still make and create collectables an even if BTC goes up 100X from where it is now you are still only looking at $225 a coin. Yes in large numbers it's a lot of money but people would have to be aware of what it is.

2) For the next step up some version of the split key.

3) For the highest level of funding something like the https://satschip.com/ would be acceptable. You just put that under the hologram. Not 100% sure of the cost of them in bulk but that or a similar solution would work.

Or?Huh

The downside is you would need a phone or something with NFC to get to tag. But I don't think that is a big deal anymore.

-Dave

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
NotATether
Legendary
*
Offline Offline

Activity: 1596
Merit: 6730


bitcoincleanup.com / bitmixlist.org


View Profile WWW
January 26, 2023, 07:44:01 AM
 #31

So anyway, the OS uses that connection to the collectible to write the private key bytes inside some file contained on the SIM, and then the computer sets the SIM to be read-only (which also permanently disables the networking apparatus), before putting them for sale.
That's overcomplicating, no? How about the SIM / embedded SoC in the collectible generates a private key using a secure chip the first time it's powered on? Key never leaves the device.
You plug it in and it appears as a Linux device called /dev/bc1q..... so the creator knows where to send the funds. And a buyer can easily check the value.

To sign a transaction, you pipe (or copy) the PSBT to the device and it returns the signed PSBT.

I presented the idea before, though. Not much different from a hardware wallet; just simplified the functionality to a minimum, but it would use very similar hardware.

That would be good, but we still need some apparatus to display the private key on the LED when the user requests it (maybe by touching a metal pin to some kind of hidden button like those used by routers) which permanently activates the private key on the LED.

.
.BLACKJACK ♠ FUN.
█████████
██████████████
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
████████████████
░██████████████
████████████
███████████████░██
██████████
CRYPTO CASINO &
SPORTS BETTING
▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
█████████
.
hZti
Hero Member
*****
Offline Offline

Activity: 952
Merit: 642

Magic


View Profile
January 26, 2023, 08:13:10 AM
 #32



3) For the highest level of funding something like the https://satschip.com/ would be acceptable. You just put that under the hologram. Not 100% sure of the cost of them in bulk but that or a similar solution would work.

Or?Huh


And what happens if you find your Satschip in 20 years, just to find out that coinkite went bancrupt/was sanctioned and therefore the URL that seems to be needed to verify the transaction can not be reached anymore?
I think this whole collectible area is simply an inventions of companies to make money. There is no benefit at all for the community. The issue is that satoshi did not implement the right tools for such things in bitcoin in the first place.
NotATether
Legendary
*
Offline Offline

Activity: 1596
Merit: 6730


bitcoincleanup.com / bitmixlist.org


View Profile WWW
January 26, 2023, 11:25:03 AM
 #33

I think this whole collectible area is simply an inventions of companies to make money. There is no benefit at all for the community. The issue is that satoshi did not implement the right tools for such things in bitcoin in the first place.

We could say the same thing about NFTs, but this is something I view differently from it (especially since there are entire courses dedicated to how to flip JPEGs for a profit).

Most people are not going to be selling their collectables unless they absolutely have to, because they love keeping them.

Collectables look pretty and have an artistic value, and that's about it. Doesn't make them worthless though.

.
.BLACKJACK ♠ FUN.
█████████
██████████████
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
████████████████
░██████████████
████████████
███████████████░██
██████████
CRYPTO CASINO &
SPORTS BETTING
▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
█████████
.
DaveF (OP)
Legendary
*
Offline Offline

Activity: 3472
Merit: 6266


Crypto Swap Exchange


View Profile WWW
January 26, 2023, 01:45:54 PM
 #34



3) For the highest level of funding something like the https://satschip.com/ would be acceptable. You just put that under the hologram. Not 100% sure of the cost of them in bulk but that or a similar solution would work.

Or?Huh


And what happens if you find your Satschip in 20 years, just to find out that coinkite went bancrupt/was sanctioned and therefore the URL that seems to be needed to verify the transaction can not be reached anymore?
I think this whole collectible area is simply an inventions of companies to make money. There is no benefit at all for the community. The issue is that satoshi did not implement the right tools for such things in bitcoin in the first place.

It's open source, you really don't need them just the code.

Also, I did not make myself clear I was not saying use THEM just that a product like THAT would work. My bad on that I knew what I wanted to say in my head, just didn't make it to the hands to type it.

Are there any open standards out there or similar for long term secure single use data storage? Can't find any but I just don't see this never having come up someplace else.

-Dave

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
n0nce
Hero Member
*****
Offline Offline

Activity: 882
Merit: 5818


not your keys, not your coins!


View Profile WWW
January 26, 2023, 03:29:31 PM
 #35

So anyway, the OS uses that connection to the collectible to write the private key bytes inside some file contained on the SIM, and then the computer sets the SIM to be read-only (which also permanently disables the networking apparatus), before putting them for sale.
That's overcomplicating, no? How about the SIM / embedded SoC in the collectible generates a private key using a secure chip the first time it's powered on? Key never leaves the device.
You plug it in and it appears as a Linux device called /dev/bc1q..... so the creator knows where to send the funds. And a buyer can easily check the value.

To sign a transaction, you pipe (or copy) the PSBT to the device and it returns the signed PSBT.

I presented the idea before, though. Not much different from a hardware wallet; just simplified the functionality to a minimum, but it would use very similar hardware.

That would be good, but we still need some apparatus to display the private key on the LED when the user requests it (maybe by touching a metal pin to some kind of hidden button like those used by routers) which permanently activates the private key on the LED.
No, the private key is never shown. Otherwise, a buyer (or the creator) can read it out and save it for later. The device signs PSBTs and outputs the signed transaction, like any other hardware wallet.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
hZti
Hero Member
*****
Offline Offline

Activity: 952
Merit: 642

Magic


View Profile
January 26, 2023, 11:29:19 PM
 #36


We could say the same thing about NFTs, but this is something I view differently from it (especially since there are entire courses dedicated to how to flip JPEGs for a profit).

Most people are not going to be selling their collectables unless they absolutely have to, because they love keeping them.

Collectables look pretty and have an artistic value, and that's about it. Doesn't make them worthless though.

It doesn't make them worthless in a monetary sense. But it makes them worthless in the sense, that they can never really be trusted. If you can not trust your wallet, then the whole point of bitcoin is lost. All bitcoin is about is "Do not trust, verify!". The collectibles put a new centralized organization in the system, even if the whole system was built specifically to be there without the centralized organisation.  Huh
Anyway I like to see collectibles as art, and just hope nobody will load them.
What I like to find out in the future, if there is a "good" way to implement the private key, without the trust.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18510


View Profile
January 28, 2023, 10:00:48 AM
 #37

Any thoughts?
How is it independently verifiable by the buyer? How can the buyer (and indeed, all future buyers) verify that neither the original creator or any previous owners have been able to access the private key?

Not much different from a hardware wallet; just simplified the functionality to a minimum, but it would use very similar hardware.
This is probably the most straightforward option. If you can have a device which will sign transactions passed to it but will never reveal the private key, then whoever owns it can send any coins they like to it, knowing that all previous owners don't have the private key and couldn't have pre-signed transactions to steal their outputs which didn't exist at the time. The biggest issues the same as above, though. Can it be independently verified?
n0nce
Hero Member
*****
Offline Offline

Activity: 882
Merit: 5818


not your keys, not your coins!


View Profile WWW
January 29, 2023, 09:34:52 PM
Merited by o_e_l_e_o (4)
 #38

Not much different from a hardware wallet; just simplified the functionality to a minimum, but it would use very similar hardware.
This is probably the most straightforward option. If you can have a device which will sign transactions passed to it but will never reveal the private key, then whoever owns it can send any coins they like to it, knowing that all previous owners don't have the private key and couldn't have pre-signed transactions to steal their outputs which didn't exist at the time. The biggest issues the same as above, though. Can it be independently verified?
Verifiable hardware is (becoming?) a thing for such critical applications.
To the best of my knowledge, it really started with https://betrusted.io/. For this application, it would need to be paired with some secure and tamper-protected storage chip; these exist. They don't / can't directly output the secret key, and hardware-based data extraction techniques are prevented by that tamper protection.
The combination of a secure element and verifiable hardware is basically what Foundation Passport has accomplished.

In my mind, this is mostly an engineering and price challenge at this point and not really a design / concept challenge. The building blocks definitely exist.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18510


View Profile
January 30, 2023, 09:43:25 AM
 #39

For this application, it would need to be paired with some secure and tamper-protected storage chip; these exist. They don't / can't directly output the secret key, and hardware-based data extraction techniques are prevented by that tamper protection.
I'm no expert in the field, but what are the specifics of the tamper protection? Could a buyer verify that it works for themselves, or are they having to take the word of a third party? Could the average buyer even verify for themselves that the tamper protection hasn't been breached? How easy is this to do?

This would be a very cool concept, but yeah, how feasible is it for a reasonable price? The Passport costs $260 for comparison.
n0nce
Hero Member
*****
Offline Offline

Activity: 882
Merit: 5818


not your keys, not your coins!


View Profile WWW
January 31, 2023, 03:28:38 AM
Merited by o_e_l_e_o (4)
 #40

For this application, it would need to be paired with some secure and tamper-protected storage chip; these exist. They don't / can't directly output the secret key, and hardware-based data extraction techniques are prevented by that tamper protection.
I'm no expert in the field, but what are the specifics of the tamper protection? Could a buyer verify that it works for themselves, or are they having to take the word of a third party? Could the average buyer even verify for themselves that the tamper protection hasn't been breached? How easy is this to do?
The tamper protection to choose for this application would be protection by self-destruction, i.e. if the buyer gets a device that still works (e.g. signs messages which prove it has the secret keys to spend Bitcoin stored on the printed address), the chip has not been tampered with.

This would be a very cool concept, but yeah, how feasible is it for a reasonable price? The Passport costs $260 for comparison.
I'm not sure. The feature set would be drastically reduced. I'm not sure if you can do it with a single chip or need 2, but even in that case, what you need is:
  • Microcontroller
  • Secure storage chip with tamper protection
  • Avalanche noise circuit
  • USB interface

If you want to protect against clipboard malware, you'd also need a screen, but that would make the collectible quite bulky.
The components mentioned above and the software for them should be fairly reasonable in price. Since collectibles always have a price premium, which may be increased if they're marketed as 'especially secure collectibles' (which they are), the price for the hardware and software may work out.

To give concrete numbers: Passport costs $260; devices similar to what I'm describing are available already for around $50 (less in component costs, of course).

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!