Author

Topic: Bitcoin Hardware Wallet Project (Read 5578 times)

legendary
Activity: 986
Merit: 1000
Crypto Currency , Mining, Exchange ATM, Wallet!
December 25, 2013, 06:21:54 PM
#12
it's very interesting. i am developing one simillar usb hardware wallet.lets work together to make it done.
full member
Activity: 238
Merit: 100
December 25, 2013, 02:22:31 PM
#11
Any news on this wallet.
member
Activity: 88
Merit: 10
December 22, 2013, 04:13:54 AM
#10
I don't want to trust a Swiss underground vault company with my private keys.

What if you supported 2-of-2 multisig where one signature comes from the USB keypad device itself?

b!z
legendary
Activity: 1582
Merit: 1010
December 22, 2013, 03:40:50 AM
#9
Any progress on this? It looks like a good alternative to the trezor.
member
Activity: 85
Merit: 10
1h79nc
November 18, 2013, 12:46:15 AM
#8
You should look at the existing work that allten and someone42 did on the Bitsafe hardware wallet...

https://bitcointalksearch.org/topic/ann-bitsafe-hardware-wallet-now-shipping-152517

I think it fizzled out earlier this year, sadly I haven't had a lot of time to work on it either...

Also, add your project to:
https://en.bitcoin.it/wiki/Hardware_wallet
newbie
Activity: 11
Merit: 0
November 11, 2013, 02:44:56 PM
#7
Also, I want to think about "How do we keep people from getting the bitcoin if the key storage device is stolen?".  If it is stolen, the Bitcoin is not lost, because we generate addresses from a deterministic wallet using BIP38.  So you have have the phrase in your head or buried somewhere and you can recover the wallet and all the Bitcoin.

However, we want to prevent people who steal the device from spending the Bitcoin, but still allow us to do transaction with it.  I am looking at whether this is possible using BIP32 and BIP38.  Using shared secret on the keypad device and a pin number with BIP38 the hardware wallet addresses; the person would have to steal the keypad device, the pin number and the hardware wallet device before they can steal any Bitcoin.

BIP32 lets us recover the Bitcoins from the stolen hardware wallet
BIP38 may prevent the person who stole the hardware wallet from spending the coins (unless they steal both wallet and 2-factor device and brute force the pin).
newbie
Activity: 11
Merit: 0
November 11, 2013, 02:34:18 PM
#6
Thanks! I posted it to reddit too.

I am hoping some people with laser cutters and 3d printers and circuit experience show up and start helping. Also C programmers.  Then some Bitcoin barons pour money on us so we can distribute development kits to the team.

I am very busy, but have whole thing mapped out.  I can execute on getting the hardware wallet software working and on the casing for the hardware wallet and writing spec and outsourcing the software for the 8-bit USB dongle.  Then we need someone who can lay out a PCB design for the dongle that can be mass produced; then I will 3d print case prototypes and work to get CNC machined USB cases made.

There are 3 devices:
- the hardware wallet that stores private keys and does remote signing
- the USB Dongle. For 2 factor auth
- the keypad device; which has screen and keys. 2-factor auth + pin + screen for showing transaction information before approving

Hardware Wallet
- get libsecp256k1 compiling for 32 bit ARM processors (working on it)
- get SHA256/AES C libraries compiling
- code for hardware wallet (working on it Smiley
- prototype case in balsa wood with laser cutter (working on it)
- production aluminum cases from China?  Laser cut balsa wood box?

^^ I have all of this covered, but might stop at production

USB Dongle:
- order dev boards (donations help!)
- have someone code the 8-bit dev board (If someone gives me $2000, I can outsource this to someone good and it will get done)
- Breadboard the wiring layout for the chip (I can do this)
- PCB board (I can get this done)
- design competition for the USB device casing?  Aluminum? Plastic? Should not be too expensive
- assemble and start shipping Bitcoin 2-factor auth devices!

USB device for 2-factor auth + pinpad
- uses same software as dongle
- prototype with laser cut balsa wood
- needs production/professional anodized aluminum case (going to cost $800; so need 3 pre-orders to get into production)
- PCB board for buttons and LEDs. Using dev board with micro-USB shield for CPU.
- Assemble and ship!

I have access to a laser cutter now.  I will get libsecp256k1 compiling first on the dev box, before jumping into the hardware.
sr. member
Activity: 490
Merit: 250
November 09, 2013, 12:27:27 PM
#5
I like this project a lot.  I want one of these. 

Can I make a recommendation?  You will get more views if you put updates as a reply instead of editing your original post
newbie
Activity: 11
Merit: 0
November 09, 2013, 04:55:13 AM
#4
The software and firmware will be open source.  For pre-orders the tron style keypad for authenticating with the hardware wallet will be 3 BTC.  The hardware wallet server pre-orders will be 2 BTC.  Preorders will receive a working dev-board prototype and will receive the production version when its done.

If I decide to do the credstick/trezor style device, I will be open sourcing both the firmware and the PCB layout and the autocad files for the case.  However, I need $3000 for non-reoccurring engineering cost and to outsource the programming of the development board.  Cheap 2-factor authentication bitcoin devices will increase Bitcoin security and should increase the price.

I will post pictures as I finish the prototype.
member
Activity: 81
Merit: 10
November 08, 2013, 09:33:40 PM
#3
this is really really cool
I want one of these physical Bitcoin wallets
will it be open source?
how much?
full member
Activity: 182
Merit: 100
November 08, 2013, 01:11:43 PM
#2
I really like the idea and it's got me thinking, I may come back and post later.
newbie
Activity: 11
Merit: 0
November 08, 2013, 11:20:34 AM
#1
This is a hardware wallet. It prevents your Bitcoin from being stolen. It stores your Bitcoin wallet and protects your Bitcoin.  Other people will be unable to steal your Bitcoin, even if your computer is completely broken into and compromised. If your computer is infected with a trojan and there is a key logger and they have complete control of the system, the Bitcoin will still be safe.

The wallet private keys stay on the hardware device and never leave. The hardware device can be put in a colocation center or stored somewhere safe and you can authorize transactions remotely over internet with a USB device. The USB device has a keypad and a shared secret. A pin number is required to authorize transactions, to keep the Bitcoin safe if the key device is stolen.

The hardware wallet is encrypted and uses BIP32, if the wallet device is lost or stolen, you can recover the Bitcoin. This is perfect for exchange operators and other people who want the safety of a "cold wallet" but still need to do transactions from the wallet.

This project needs community support to happen.

=== About Me

I have been active in the Bitcoin community for years  I wrote the golang secp256k1 wrapper and helped debug Sipa's libsecp256k1 cryptography library that Bitcoin will be switching to.

Here is my github: https://github.com/haltingstate

I am now working on getting Sipa's libsecp256k1 library to compile for android and ARM processors. This is the first step in a larger project aimed at building a high security bitcoin hardware wallet.

The wallet should be
- open source
- secure as a cold wallet
- easy to use
- look cool

=== Implementation

There are two parts to the hardware wallet.
1> A secure 32 bit ARM board, which stores bitcoin private keys and can sign with the keys. This device stores the cold wallet private keys.  The private keys never leave the device. This goes in an underground Swiss bunker.
2> A keyfob device that connects to a computer and requires a pin number in order to authorize bitcoin transactions from the cold wallet.

https://i.imgur.com/HKbzn4g.jpg

This is the current prototype of the device for storing the bitcoin cold wallet.  It has no kernel, no operating system and is not connected to a network.  It has to communicate over a serial cable to a computer attached to the internet (raspberry pi?) and should be in a physically secure location.

This is the development board for the key fob. The development board is $31.  For another $12 I can add bluetooth so its wireless and add a battery.

https://i.imgur.com/g2tvYbV.jpg

  The production version requires a custom PCB and case to be manufactured.  The production version will be much cheaper than development board version and may be as cheap as $10 for the microusb version (no battery, bluetooth).  The firmware, PCB layout and casing autocad files will be released with open source license.

http://imall.iteadstudio.com/im120424001.html
http://imall.iteadstudio.com/development-platform/arduino/shields/im120417001.html
http://imall.iteadstudio.com/im120411008.html

A more expensive, premium desktop key fob can be constructed with anodized aluminum and would cost approximately $35 to $60. I am sourcing machine shops now who can CNC the laser cut anodized case.

https://i.imgur.com/eUDL3oQ.jpg

To use the device, a person would load the seed for a deterministic wallet onto the wallet device.  Then they would associate the key fob with the wallet device and sets a pin number.  To make transactions from a wallet, a person attaches the keyfob to a computer, makes a transaction in the Bitcoin GUI, approves the transaction in the keyfob (Verifying amount and destination) and inputs their pin number into the device.

Using and HMAC authentication protocol, the keyfob generates an authentication code that is sent to the hardware wallet.  The hardware wallet then returns the signatures for the addresses used in the transaction.

Notice
- the private keys do not leave the hardware wallet
- if the computer is compromised, the computer cannot change the destination address of an authorized transaction
- if the computer is compromised, the trojan does not have access to the private keys used in the transaction (the wallet is safe)
- if the hardware wallet is stolen, it cannot be used to make transactions without the pin number
- if your keyfob device is stolen, they will be locked out after a certain number of failed key attempts to prevent brute forcing

There are several details of the protocol for security (HMAC authentication, encryption of communication between fob and wallet shared secret, encryption between the computer and wallet etc...), which I wont go into in detail.

The keyfob requires an lcd screen and a keypad.  A less secure but more convenient device, I call the "Credstick" after the currency in Shadowrun.  A Bitcoin credit stick is a USB device the size of a quarter with two buttons on it.  A credstick uses the  same software as the keyfob, but without the hardware keypad and LCD display. They are low cost, disposable and secure.

These are examples of simple AVR 8-bit microprocessors which are suitable for a credstick implementation.

https://i.imgur.com/9qxp03l.jpg

https://i.imgur.com/s0iWIOL.jpg

https://i.imgur.com/51PwWL1.jpg

You "load" the credit stick with authorizations for an amount of Bitcoin associated with a particular hardware wallet. To spend the credits you plug in the credit stick, do a transaction and press the authorize button on the cred stick.  The cred stick then goes to the hardware wallet server and returns signatures for a transaction.

These can be cheap, disposable $5 devices for daily spending and for use at the point of sale (example: buying a cup of coffee).  To make a payment at the point of sale, you swipe the USB device over the POS terminal.  Then you you press the button on the credit stick to authorize the transaction.  The POS terminal communicates with the issuing hardware wallet and receives the signatures for the bitcoin transaction.

=== Whats left

I need to finish porting libsecp256k1 to compile on ARM Cortex-M3. I need to finalize and document the cryptographic exchange protocols.  I need to get AES and SHA256 libraries working on ARM Cortex-M3.

=== What you can do

I am finishing porting secp256k1, SHA256 and AES C libraries to compile for the ARM Cortex-M3. I have to write protocol spec for key storage and remote signing and then finish implementation (surprisingly easy actually).

Then I need to design the form factor for the box the hardware wallet will go in and the form factor for the high end keyfob.  I am looking at using laser cut 0.25" anodized aluminum for the casing and a button style based upon the monome.  I have a cheap CNC place sourced out that can do this work.

It will be a 3x4 keypad with a ~3" LCD display in this style.

https://i.imgur.com/j6MIzSf.jpg

It would also be interesting to make a device in this style. Black anodized aluminum with tron style LED keys.

https://i.imgur.com/BiVVLKY.jpg

I need a smaller button size than the monome so I am making prototypes in low temperature thermoplastic and determining what kind of switches to use for the keypad. Then I need to create a breadboard prototype and PCB layout.

Once the software for the hardware wallet and keyfob is working on the dev boards, we need to update bitcoind to support transactions with remote signing.  Then we need to push for the major wallets to adapt option for remote signing from external devices. Trezor has already started on this, so should see some progress on this front soon.

=== Whats going to happen

1> Libraries for bitcoin crypto working on ARM/Android (almost done with this; will be on github soon)
2> Libraries for key storage and remote signing on ARM devices and hardware prototype
3> Software for the key fob on development board (only doing this is there is demand for it and community support)
4> Professionally made PCB boards and iPhone style anodized aluminum casing (requires $$$ and order volume; its going to be $150/unit with 6 units, which is not to bad)

I am open sourcing
- software/firmware for ARM Cortex-M3 hardware wallet
- software/firmware for the key fob and bitcoin credstick
- PCB layouts and components for keyfob and bitcoin credstick

If the community wants to chip in, I have someone good/cheap who will write the keyfob firmware for the $31 commodity hardware.  For the custom PCB devices and devices on  anodized aluminum casing, we will have to do a kickstarter style thing and I will only be responsible for it if there is enough demand.


Update/Appendex/Rant:

=== Advanced Security: What is keeping your hardware wallet safe?

I believe that the ARM hardware wallet implementation will be significantly more secure than hosting private keys on Amazon or keeping them on servers exposed to the public internet.  The wallet has no operating system, no kernel, no external code and is unable to even read messages that are not signed withcrytographic keys and all communication with the outside world occurs over a serial cable.

The hardware wallet is designed to have the security advantages of a cold paper wallet, while still allowing bitcoins transactions to be authorized from the wallet.  Bitcoin cannot be stolen from the wallet, even if the wallet is used from a compromised computer.  It is idiot proof.

=== Exchange Security: Standard for User Authentication

This is how to keep coins from being looted from exchanges.  If a user deposits 10 bitcoins, you create a credstick credit of 10 bitcoins for that user.  Users cannot withdraw more Bitcoin than they have.  A user with 10 Bitcoin cannot withdraw 2000 Bitcoin from the exchange.  The hardware wallet wont let them. Where as right now, if a user gains access to the server running the exchange , they can loot all the bitcoins on the server.

- If a user sells something for 2 bitcoin, you increase their credit by 2 bitcoin.
- If they buy something for 8 bitcoin, you decrease their creditby 8 bitcoin.
- A credit has to come from somewhere (either a deposit or from another user, who is debited).
- The total number of credits for all users must sum to the number of bitcoin in the hardware wallet.

So in order to steal bitcoin, a hacker has to gain control over the authenticate for the credstick accounts for each user and loot them individually.  You store part of the authorization on a $4 USB dongle.  The hardware wallet will not authenticate a withdraw from a user unless they pass an HMAC 2-factor auth that involves possession of the associated $4 USB dongle.  Once the user has associated the account with the credstick dongle, the service will not permit withdraws without the possession of the dongle.  Over-riding the dongle 2-factor authentication requirement would require action by the service operator using their keyfob.

For instance a user losing their keyfob might have to authenticate by typing in a number received through cell phone text message. Some users will be idiots and will not get the $4 dongle and they deserve to have their bitcoin stolen.  These $4 dongles can act as an additional 2-factor authentication system that can be standardized across multiple bitcoin services.
Jump to: