Here's an update:
In October 2012, allten contacted me. He had designed some hardware but needed some firmware, while I had some firmware but only a hardware prototype. So we combined our efforts. He sent me a special development version of the BitSafe:
I spent some time porting the firmware to the BitSafe. I think the BitSafe will be the "home" of the hardware-bitcoin-wallet firmware, though much of that codebase is and will remain platform-independent. If you want to get your hands on some actual hardware, see https://bitcointalk.org/index.php?topic=152517.0
The images above make the BitSafe look misleadingly large. This one gives a better sense of scale:
My immediate goals for the firmware have concentrated on integration with other parts of the Bitcoin infrastructure.
- The deterministic wallet implementation now uses the (proposed) BIP 0032 specification. This should allow wallets to be imported/exported across other BIP 0032-compatible Bitcoin clients.
- The wire protocol is being changed to make it more similar to that of slush/stick's Trezor. This should make it easier for Bitcoin clients to support hardware wallets in general.
- I began working on a P2SH (multisignature) address generator, to facilitate secure multisignature reception of funds. However, I've put that on hold to focus on more basic use cases.
Finally, since the last update, a difficult but significant goal has appeared. Gavin Andresen proposed a secure payment protocol (see https://gist.github.com/gavinandresen/4120476
) which makes address rewrite attacks much more difficult. The problem with asking "Send 0.0461 BTC to 1QLbz7JHiBTspS962RLKV8GndWFwi5j6Qr?" is that an attacker could covertly rewrite this address and it is difficult for a user to determine whether a given address is genuine or not. With the proposed payment protocol, the prompt would be something like "Send 0.0461 BTC to mtgox.com?", where the name is validated using some sort of certificate chain.
Such a solution has been alluded to in this thread (see https://bitcointalk.org/index.php?topic=78614.msg880376#msg880376
) and elsewhere, but Gavin Andresen's proposal looks likely to become "the standard". So I would like to implement it.