Topic: [ANN] OPENDIME v3 – Now *Genuine Verified* Bitcoin Credit Stick (in stock!) - page 5. (Read 16498 times)

Yes, he can. That's why I proposed to use a passphrase (as an option) to encrypt the private key. If this option is implemented, and you make use of it (i.e. encrypt the key), you would have to pass the thingie with a passphrase, for example, written on paper. Yes, that would make using opendimes a bit cumbersome, but in this case there will be less incentive for thieves to steal them. In case you lose one, you won't be as much frustrated (since no one will be able to appropriate your coins)...

And the one who finds it will feel like returning it to you for a reward (you could stick your address to it)

Is it like a paper wallet where anybody that has your private keys can spend it?

If the opendime gets stolen, the thief can spend the coins?

...

Actually, another question just occurred to me, nvK.

Based on what I read at your website (FAQs), it looks like the OPENDIME does not need to be in any communication with your website (no communication via the Web implies greater security for us users).  Doing the deeper security checks is beyond my capability.

Is that correct (no communication of the device with opendime)?

Perhaps readers of this thread may be interested to know that it looks like both Trezor and Ledger both require connection to their sites (not sure, but I believe that is the case).

No firmware updates and no connections back to opendime.com are big positives in my book.

...

Update on my use of OPENDIME hardware

I bought six of them, tried one out to learn the device within a day or so of arrival.  The instructions and device lay-out were "good enough" for me to load the device with random input, later to "load" the wallet with BTC.  Later, I broke the small stick (in center with lock logo) to get the private key, and had the small amount of BTC there swept to my blockchain.info wallet.  (More detail upthread, this was a summary).

*   *   *

I have since gone on to load up two more with somewhat larger amounts of BTC with the idea of keeping them as "cold storage" devices (not really recommended by nvK, but they're my devices now, smile).  The OPENDIMEs are now ready to be issued as "payment" or as a gift (two of the uses foreseen by their website).  YES, there is no way to securely backup the Private Key (it's hidden in my unbroken devices), but they are securely locked away, as one would lock up gold or CA$H.

One nice thing about them is that I will never have to "update firmware", as I have had to do with both Ledger and Trezor.  In both cases I was nervous during the update process...  But, I was forced to do so with the Trezor, else it would not work (not even open to see amount).

Fun mention on Bitcoin Uncensored Podcast!

https://soundcloud.com/bitcoinuncensored/e45-midget-drug-dealers-081516 (min 38:40)

Happy to answer questions

Yeah, but they are not intended to change hands, and (I hope) the private keys are encrypted with a passphrase in them (I don't really know). So even an electron microscope won't help a would-be hacker. If you add this feature (as an option), that would make the wallet by far more resistant to a possible hack, and no one will be able to grab your coins if you accidentally lose the stick. In any case, now I understand how the device works. If it can confirm the address with a signed message, you can rest assured that it has the right key and the address of the wallet is indeed authentic...

Thanks for sparing your time

Similar to Trezor or Ledger, to remove the private key you'd need to spend a few hundred thousand dollars to peel open the micro and read with an electron microscope. By it's nature, the private key for Opendime has to reside inside the device.

That means that the key is internally readable without unsealing the device, and as such can be read by whoever gets access to it, right? So it would be possible to extract the private key (maybe programmatically) and then try to double spend the coins loaded in the wallet...

Take it as a warning, if your device takes off in serious, someone will hack it eventually

Opendime will sign a message using it's private key; can be verified with any wallet

I got that, but this is precisely the point I'm trying to clarify. Say, you are given a stick which allegedly has some bitcoins on it (you are told so). Okay, you know the address, and you can check on the blockchain how many bitcoins belong to this address, but you don't know the private key (until you unseal the device), thereby you don't know if the stick does actually contain the wallet with that address (and its private key)...

In this way you are required to break the seal to make sure it is authentic (i.e. get the private key), but after that the device is no longer usable

You can deposit more and pass it along multiple times like a bearer bond if sealed. They can only be unsealed once.

Offchain means that the bitcoins are still in it, unspent in the blockchain.

I read the FAQ on your page, and this part clearly states that Opendime units are expected to be used only once:


That means that you can't make n-transactions offchain as you at first stated. What did I miss?

There is a whole FAQ on authenticity and validation here https://opendime.com/#faq . It also ships with a few open source validation python scripts for advance users. But better yet, the Electrum plugin will be merged soon and you will be able to do "paranoid" check right from Electrum!

I got it. But how can we check that the private key on this gadget really belongs to the address the balance of which we can check on the blockchain without revealing it? In other words, is it possible to "authenticate" the wallet on the device without "compromising" it? If it is not possible to do without showing the private key, you can't accept it from someone without risking a double-spend or give it to someone else unless you give it "blindly", i.e. without knowing the private key and whether the wallet is authentic. Thereby, you can pass this wallet only once offchain, then you will have to use the blockchain again (at first to check and then to reset the stick)...

But the idea still seems to be viable (for small sums, at least) since it allows to transfer funds without confirmations (even if only once per "cycle")

It's one of those things that is hard to pigeonhole. People use differently, but a good example is that it can be passed along multiple times. So you'd get n transactions offchain. 

Get a package and play around, because it's a whole new thing. It's much more interesting to play and figure out what you can do with it than try to explain

...

Hiya deisik,

You are asking questions that are perhaps best asked of nvK or someone else there at Opendime.  I am not a programmer or computer pro, I had to learn as an autodidact (I got very little help, and NONE of my friends are into this) to just get this far w/ BTC...

Nonetheless, this is how I will probably use them:

-- Put in a "round amount" (say, BTC1.000) into one or more of them.  Now I have an Opendime with +/- $585 in it.
-- When the occasion arrives, I will "pay" or give BTC away by just giving the Opendime itself to the lucky recipient.
-- You can get the Public Key (wallet address) by putting the Opendime into any normal USB slot, and reading the little file.
-- Then you can check the balance of that address (so, yeah, you would need Internet access to do that).
-- The PRIVATE KEY is unknown to anyone (as it is generated when you paste stuff in to initialize it), so cannot be spent until:
-- Whoever the owner is who wants to SPEND the BTC then breaks off that central stick-shaped piece (w/ the small gold "lock" logo).
-- Then you can go read the Private Key in a small file, then you can import that Public & Private Key to a wallet that can IMPORT them.
-- As Opendime says at their website, you DO need a wallet that can "sweep" or will import the keys (blockchain's will work).
-- And once you take out the BTC (preferably very soon after breaking the stick-shaped piece), then you chuck the unit (no longer secure).

So, it's really more of a "wealth preservation" device, you can get the BTC out, but not by spending them in the normal manner.  The idea is to load some BTC, then give the DEVICE away as payment (or partial payment).  In that sense, no BTC is transferred on the blockchain, you are giving away the device, but you (no one) knows the Private Key until that stick-piece is broken off (there is a video showing that at their website).

You could give one or more of them away to loved ones very quietly for example (assuming you mixed the BTC before sending them to the Opendime).  With imagination, you could come up with all kinds of interesting uses or situations where Opendime is just what you would want....

My explanation might not be very good.  Ask nvK, or order a three-pack and see for yourself.

So it is expected that you would pay with these devices in the absence of Internet access (offline mode of operation), right? But how the other party can check if bitcoins are still there, they haven't been spent, and you are not going to spend them later after you give away the devices (read you still have the keys)?

Keep in mind that everything happens in offline mode (i.e. without Internet access)

...

I received my Opendimes today, and had time to try one out.

Ordered July 27, paid by Bitcoin.  Arrived today (Aug 8th).

Device measures about 4.5 cm by 1.0 cm.  Small!  The Opendime fit right into my USB on my laptop.

Several files and a couple of folders are visible upon clicking open the device.  The README file is the important one at this stage.

I had to input text and spreadsheet files to reach the 256 kb for the device to generate the public/private key pair.  Pictures of 2 MB not accepted!  After doing that, you can open a small file to see the wallet address and another to view a QR-code.

*   *   *

Taking the funds out was more difficult for me.  I was hoping that either my Trezor or my Ledger Nano would have a procedure to import private keys, but in BOTH cases I could not do it (or could not find out how).  So I had to use my blockchain.info wallet (which does have a way to import keys).  It was a little hard for me to navigate my way around the *new* blockchain.info wallet, but the instructions are in there.  Once I imported the public key (wallet address "on" the Opendime), I then asked for a transfer of BTC to my regular blockchain address.  blockchain then asked for the private key (Opendime), which I pasted in.

Bingo, transfer made.

Device works.  I bought six of them for $94.80 in BTC, works out to US$15.80 each (total, including shipment).

*   *   *

My only suggestion to Opendime would be to write their instructions more clearly for relative beginners (like me).

You probably will need another wallet on other devices (on your PC, other hardware, or an online wallet) that accepts importing public & private keys.