Topic: [ANN] BitSafe Hardware Wallet Now Shipping - page 2. (Read 22083 times)

Why not use a GPL supercapacitor instad? And a battery just as option ?
https://bitcointalksearch.org/topic/m.1582402
http://vimeo.com/51873011#

Wouldnt it become possibe to build that safe even smaller? I assume that the acutal design is cause of the lithium battery.

1) You'd need battery power.
2) You'd need to integrate a resettable pin.
3) People scanning for bluetooth devices would know that a hardware wallet was nearby if yours was turned on.  Might be best to keep that information private.

That said, it's rarely a bad idea to have more options instead of fewer, and this could potentially open the door for hardware wallet + mobile device, which would be neat.  I think the security is still there, as you would still have to physically push buttons to authorize transactions with the wallet.

Any way these things could get one of those new low power Bluetooth radios instead of USB, or would that break security?

This looks awesome!

One question:
Is it possible to make a paper backup of your wallet AND encrypt it?  Do you just make the paper backup while the wallet is not encrypted, or can you make the paper backup of the encrypted wallet and decrypt it once it has been digitized again?

I'm currently building an open source POS for Bitcoin merchants.

Do you have any documentation on the API?

If possible I would like to integrate with my POS so that a customer comes in to pay via BTC, I raise the transaction at POS and present a USB port to the customer to plugin and approve the transaction.

Thanks!  This is what I wanted to know, and this sounds very good. 

Just bought one! It's great to see this happen for real.

I have been developing the firmware. You can get it from: https://github.com/someone42/hardware-bitcoin-wallet. It's in a state of flux, as the surrounding Bitcoin infrastructure changes. At the moment I'm working on implementing an interface based on protocol buffers, so that I can make it "Trezor compatible" (eg. see https://bitcointalksearch.org/topic/hardware-wallet-wire-protocol-125383).

Here is an entirely fictitious depiction of what is possible:

• You open multibit and plug the BitSafe into your computer. One of your greyed-out wallets becomes highlighted.
• You navigate to bitmit.com, and purchase something for 1.815 BTC. Multibit handles the Bitcoin URI and gives you a payment prompt.
• After approving multibit's payment prompt, a light flashes on the BitSafe and "Send 1.815 BTC to www.bitmit.net?" appears on the OLED display.
• You press the "approve" button on the BitSafe and the relevant Bitcoin transaction propagates to the rest of the Bitcoin network.

During this story, there is no opportunity for malware to intercept your private keys. Private key storage and transaction signing is done entirely on the BitSafe. Malware does not even have the opportunity to redirect funds to another address; using a proposed payment protocol (see https://gist.github.com/gavinandresen/4120476), addresses and amounts are signed by the merchant (in this case www.bitmit.net), authenticated by the BitSafe and displayed on its OLED display.

It gets better than this. You could encrypt your wallet so that if you accidentally lose the BitSafe, any finders will have a harder time accessing your wallet. "Deluxe" versions of the BitSafe might include a USB port which will allow you plug in a USB keyboard. You could then enter passphrases without fear of (software) keyloggers. Maybe you could even use this keyboard to enter a brainwallet passphrase; the Deluxe BitSafe generates, uses, and erases the brainwallet independently of the host computer.

Currently, the firmware implements a deterministic wallet based on the proposed BIP 0032 standard. So you would be able to do a wallet backup by writing a series of letters/numbers on a piece of paper. You would presumably place this paper in a physically secure location (eg. safe). If you lose the BitSafe or it breaks, you can entirely restore the wallet from this piece of paper.

This looks like a great product.  I have only 1 question:

What happens to my keys & bitcoins if I loose the device or it stops working because my dog chewed on it?

Man. That is awesome! Your support is greatly appreciated. Having access to mass production capabilities will make this so much more affordable.

Thanks.

If we run out of prototypes then I may solicit for your help in the near future.
After finishing the prototypes, I don't ever want to see a soldering Iron again :-)

As for the mass producible versions, its months away, but I'll keep you posted.

Ok, I see. With Bitsafe and also Trezor, the idea is that the private keys are never exposed to the PC. The PC doesn't even have
the authority to tell the hardware wallet to create a signature. The idea is the PC software will generate the data or transaction to be signed and then
pass it to the hardware wallet where it can be double checked on the little screen to verify nothing nefarious is going on. If all checks out
then a signature is sent to the PC only with the press of a button on the hardware wallet. This makes it impossible for viruses, malware, etc.
to get your bitcoins. It's like having a dedicated computer that you know for sure is clean just for your bitcoins, but it is even more secure than that
because the firmware is compiled directly for the hardware and doesn't need a OS of any kind. Someone42 could explain it better.
I've had my mind mostly in the hardware development side and am not fully up to speed on exactly how it will work.

This is a fantastic project for the bitcoin community and BFL would love to contribute to it.  Perhaps we can leverage our volume production capability to make these cheap enough to help spread bitcoin to the fringe interest crowd.  In the meantime, if we can help with the development by providing resources, please let us know.

Something like this:
http://www.newegg.com/Product/Product.aspx?Item=9SIA0SF0CK3099

It has a keypad and is hardware encrypted and needs no drivers.  It does on the other hand not offer anything bitcoin specific. 

Sure. Sorry for the slow response.

Currently, there is no client support so it doesn't work, yet. Someone42 was the first pioneer in open
source Hardware wallet and helped with a lot with the bitsafe.
Here is one of his first posts:
https://bitcointalksearch.org/topic/hardware-bitcoin-wallet-a-minimal-bitcoin-wallet-for-embedded-devices-78614

Hopefully, you can get an idea of how it will work and how to use it from that thread.

What's an encrypted USB stick? Is it just a wallet file that is encrypted?

  no I just knocked that up when I saw this thread today first time I heard about this, look forward to getting my hands on one 

Allten, could you answer these questions?  

is the firmware / source code posted somewhere like github or is it not developed yet??


This is a great project, opensource hardware is great. I'll try and help out where I can.


Bitmit seems down atm??

Wow. That looks nice. Where were you during the Logo creation? Maybe you did create a post. Sorry if you had.
This is good material. Thanks.

Thanks.

That's the advantage of open source: "Release early and release often".
I didn't have the pressure of having a perfect or even working product like others do.

However, there is still a lot of development before it will be functional for anyone.

I completely agree with you about different versions. I wanted to create one with no display, one button, and a few LEDs with no OLED display.
It should be possible, but will be extra work verifying the security before creating a signature: Price vs. Convenience.
We'll see if any developers want to take on the challenge. Should be able to verify the concept with the Bitsafe now - just don't use the screen.

Congrats on winning the race to the market release 

I think it'd be interesting to see what can be done on the security side to have a smooth customer experience for the different products out there or about to be released. Kind of a common UI specification for secure hardware wallets in different price ranges (with display + button such as Trezor / with button only / without buttons i.e. typical smartcard)