Bitcoin Forum
November 22, 2017, 05:30:40 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Intermediate signing device  (Read 669 times)
Cred
Jr. Member
*
Offline Offline

Activity: 48


View Profile
June 09, 2014, 07:08:44 PM
 #1

After just reading on another thread about the difficulty of entered a high entropy private it seems that what is needed is a device that has no connectivity and whose purpose is only to sign transactions.

How about a device with a camera that can scan a destination address then a private 256 QR code key like Armory's, lets you enter an amount and then displays a QR for the signed tx that can then be scanned by an online device?

If you could make this trustworthy it would make secure signing of txs user friendly.

Is anyone working on something like this or is the idea flawed?
1511371840
Hero Member
*
Offline Offline

Posts: 1511371840

View Profile Personal Message (Offline)

Ignore
1511371840
Reply with quote  #2

1511371840
Report to moderator
1511371840
Hero Member
*
Offline Offline

Posts: 1511371840

View Profile Personal Message (Offline)

Ignore
1511371840
Reply with quote  #2

1511371840
Report to moderator
Join ICO Now A blockchain platform for effective freelancing
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511371840
Hero Member
*
Offline Offline

Posts: 1511371840

View Profile Personal Message (Offline)

Ignore
1511371840
Reply with quote  #2

1511371840
Report to moderator
Ron~Popeil
Sr. Member
****
Offline Offline

Activity: 406



View Profile
June 09, 2014, 07:11:05 PM
 #2

After just reading on another thread about the difficulty of entered a high entropy private it seems that what is needed is a device that has no connectivity and whose purpose is only to sign transactions.

How about a device with a camera that can scan a destination address then a private 256 QR code key like Armory's, lets you enter an amount and then displays a QR for the signed tx that can then be scanned by an online device?

If you could make this trustworthy it would make secure signing of txs user friendly.

Is anyone working on something like this or is the idea flawed?

I don't pretend to be an expert on all of this but it sounds like something that would work. I know there are some reprogrammed phones being used as cold wallets so adding that kind of function might be simple.   

twistyfy
Newbie
*
Offline Offline

Activity: 28


View Profile
June 09, 2014, 07:12:17 PM
 #3

After just reading on another thread about the difficulty of entered a high entropy private it seems that what is needed is a device that has no connectivity and whose purpose is only to sign transactions.

How about a device with a camera that can scan a destination address then a private 256 QR code key like Armory's, lets you enter an amount and then displays a QR for the signed tx that can then be scanned by an online device?

If you could make this trustworthy it would make secure signing of txs user friendly.

Is anyone working on something like this or is the idea flawed?

It sounds like it could happen.
Cred
Jr. Member
*
Offline Offline

Activity: 48


View Profile
June 09, 2014, 07:16:48 PM
 #4

I like the idea. I just wouldn't trust a device with any kind of connectivity. I guess recycling an old disabled smart phone (no wifi, no sim, no bluetooth) would be a good starting point. Maybe I should get the patent in now.
franky1
Legendary
*
Offline Offline

Activity: 1862



View Profile
June 09, 2014, 09:03:04 PM
 #5

I like the idea. I just wouldn't trust a device with any kind of connectivity. I guess recycling an old disabled smart phone (no wifi, no sim, no bluetooth) would be a good starting point. Maybe I should get the patent in now.

research "hardbit" your a bit late on the patent Cheesy

and as for the inspiration for the idea.. although i brought it up in the other thread, it has been an idea being left idle for months, i see no purpose in any web wallet needing login's 2 factors and long entropy passwords.

all a webwallet needs to do is receive a signed TX from a client side script that forms the signed tx, where the online server never see's nor touches a privkey. but you are right simple QR code scanning is the easiest way

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Don't take any information given on this forum on face value. Please do your own due diligence & respect what is written here as both opinion & information gleaned from experience. If you wish to seek legal FACTUAL advice, then seek the guidance of a LEGAL specialist.
Peter R
Legendary
*
Offline Offline

Activity: 1064



View Profile
June 09, 2014, 10:19:52 PM
 #6

After just reading on another thread about the difficulty of entered a high entropy private it seems that what is needed is a device that has no connectivity and whose purpose is only to sign transactions.

Is anyone working on something like this or is the idea flawed?

I am working on something like this.  It’s called “sigsafe” and it is an electronic key tag that signs bitcoin transactions over a non-exploitable air gap.  The device is probably too simple to be considered a hardware wallet; instead, it’s more like a paper wallet that can produce ECDSA signatures.  The device has both high-security applications such as implementing a cold/hot wallet system where the cold wallet can only send coins to the hot wallet, and low-security applications such as a “tap and pay” tag for purchasing retail items at PoS terminals.  Because the device uses the NFC standard, it is highly interoperable with existing phones, laptops, PoS terminals, and other RFID readers.  In fact, when HTML5 browsers begin to support the Web NFC API, it should be possible to create webpages that request signatures from the sigsafe to complete an online payment or to login to a website using the bitID protocol and a single tap.

Here's the project development thread: https://bitcointalk.org/index.php?topic=610453.0

And here's a rendering of the device:




Run Bitcoin Unlimited (www.bitcoinunlimited.info)
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!