|
August 21, 2014, 06:35:16 AM |
|
I have invented a new way of minting physical bitcoins, like casascius, but more secure. Has this been thought of before? Does it exist already? Would it work? I'd love to see something like this produced some day. Idea described below.
The minter loads the private key on a tiny chip, like a sim-card, and glues it on a plastic or metallic coin. The chip is made in such a way that the private key can not be read from the chip.
When a user receives the chip, he can read the public key and the balance from the chip, and a verification message signed by the minter. When the user wants to open/spend the bitcoin inside, he communicates with the chip and gives it a new address to move the bitcoins to. The chip will output a signed transaction, and it will stop outputting the verification message. The chip will then permanently go into "spent" mode (kindof self-destructed).
It will be impossible to make fake coins, as the verification output from the chip must be signed by the mint.
It is possible to duplicate the coin, by making one produce identical output of the verification message. If the verifier has access to the blockchain, he can check that the public key still has a balance, but that kindof ruins the point of a physical coin. A workaround for the duplication problem is to implement challenge and response messages. Then the verifier can feed the coin with some random data, and the coin can sign that data proving that it cointains a secret key from the mint. These mint private keys should preferrably be unique. I assume hierarchical keys come in handy there.
|