Topic: Dedicated bitcoin devices - dealing with untrusted networks (Read 4285 times)

Hi kjj,

Thanks for those links. Your 'todo' link is very interesting - it is practically identical and goes into the API calls required.

My feeling is that we are still a bit away from a nicely packaged consumer device but are now at the point where we:
1) could do it with a full size computer, etotheipi's push on offline is almost there (just needs serial rather than sneakernet which I know he has been investigating.
2) then we would have the serial line protocol specified enough for smaller devices, say a beagle board. This then makes it portable, though in a slightly 'jumbo' format.

Those are doable with 'garage tech'

3) a full custom device would then have working reference implementations to copy.

I will go through your 'todo' thread in detail. The RPC calls you planned to add are what I would want to add in my MultiBitShell project to enable the wallet device to manage its key etc  (see thread in 'Alternative clients').

Cheers

This has been discussed at length in other threads.  I think the most recent useful thread was the one from etotheipi where we discussed a format/syntax/protocol for transaction proposals.  Also, see the "todo" link in my sig.

No, it's not.  It seems like a small form factor imagination of a device that I've been (mentally) playing with for some time, that uses Dash7 radios to mesh to other such devices, with a dash7 dongle plugged into an Internet router somewhere in order to occasionally connect to any overlay network such as Stratum or the split wallet.dat system that BitcoinSpinner uses.  In fact, it looks a lot like that.  A small dash7 radio and a microcontroller running a custom cut version of BitcoinSpinner, through in the ability to send texts to other cards and a standardized system for requesting a payment via that text (all doable via Dash7 native to the radio) and you have a complete system.  In fact, the bit about the location detection in the video practically screams dash7, since that is the only protocol that I'm aware of that can precisely calculate relative position vectors without outside infrastructure (and thus, if you are a vendor with a few dash7 gateways & already know their precise physical placement, determining the absolute position & vector of any arbitrary dash7 radio is simply math) and the only protocol that can mesh via a rapidly changing network neighborhood.  It was originally developed for the US military for some kind of future warfighting gear including a heads-up display on the soldier's combat helmet that could tell him in near-real time where the nearest tanks/buddies/whatever were relative to himself as well as their "operational status" (i.e. are they still moving, or flat on their face?)  It's an awesome tech, that Dash7 mode 2 (version 2.0) has improved upon greatly for mesh networks.  Because there does not need to be a 'coordinator node' (access point for wifi, root server for other mesh networks) there can be a nearly limitless number of nodes on the network within the broadcast range of any single node. (more practically limted to about 1000 or so nodes within radio range, for reasons related to the physics of digital radios)  In practice, however, bandwidth is the issue, and Dash7 isn't intended for mass data transfers.  Moving whole blocks would be impossible, but moving block headers, pre-pruned merkle trees & loose transactions would be trivial.  If every gateway to the internet for such a dash7-like mesh network were also a Stratum network server, this kind of three layer payment network (the standard bitcoin network as the clearinghouse backend network, stratum as the user network & dash7 devices that can share data natively and communicate with a stratum server when possible) would be able to effectively utilized by the entire planet.

Bitcoincard is like a smartphone but the size of the creditcard? Somehow I don't believe that is a reasonable goal or even possible with out some advancements in manufactured technology.

@World,

Thanks for that - I have just messaged them to say hello.

:-)

something very nice is under development http://bitcoincard.org/

You could perhaps have a layout:

Where:

dddd = the display
H =  home icon, this would also wake up the device out of a sleep mode.  (long press to switch off + you would have a 5 minute auto-sleep)
ok = ok, confirm payment. A green tick icon. Big key.
can = cancel. A red cross icon. Big key.
sync = sync icon
requ = request payment icon
send = send payment icon
up = up arrow
down = down arrow

By having it all icons the keyboard is fully internationalised. You would set the language of the display in your sync software on your PC.

You would put a border around the separate functional key groups to 'join them up' and to square up the keyboard layout.

If you were using infrared you would want the LED on the top edge of the device, in the middle. You would have a little alignment mark on the top of the case  That way when transferring BTC device to device via infrared you would have your device pointing at the recipient's and both could work the two keypads simultaneously.

You would put the microUSB connector on the back edge or the right hand side at the back. You want it at the back so that the device is wedge shaped. Thin at front, thicker at back. That makes the keypad slant towards you when it is sat on a table top. You want it on the right as Apple USB ports are typically on the left of their machines so the cable connection works better.

The position of the LED and microUSB suggests the batteries go at the back left, accessible through a little slot cover on the underside of the device. Circuitry is probably across the centre of the device, leaving only the membrane keypad at the front so it could be thin thin thin at the front edge.

You would also want a Bitcoin logo somewhere. Perhaps to the left of the screen as then you could have the balance (say, 12.345 BTC) right next to it and the two would be visually associated.

It would be thicker than a credit card (because of the microUSB connector) but I wonder if it could be the width and height of a credit card ?
Then it would be easier to fit into existing (physical) wallets people carry.

Something like:



Anybody any good with photoshop ?  :-)

@CryptoCoinMedia

A wrist device might be possible. The power requirements are low enough.
After perusing my Maplin catalog the most similar devices on sale currently are the little crossword puzzle solvers and translation machines, except that you do not need a QWERTY keyboard.

I think you need the following keys:

Numeric: 0123456789 and '.'

Action keys: "sync", "request payment", "send payment"
(as icons)

Confirmation: 'ok', 'cancel'
(like on PIN entry devices for debit cards)

Navigation: Perhaps also a 'menu' or 'home' or 'show history' key. Perhaps also an 'up' and ''down' arrow.

Of course the plethora of UIs for MP3 players indicate that what I think is the minimum may not be the case.  

Edit: the reason I am concentrating on the minimum required is for clarity and also ideally the devices would be so cheap you could practically give them away.

Not sure what the minimum size LCD display is yet. You could probably do it in one line of 20 characters.

What about a wristwatch device for bitcoin ?

The recipient just needs to provide the device with copies of all of the transactions-being-spent (I forgot about this in my previous post). Then the device can calculate the input value and easily see the output value.

@wareen - good idea !
I am not really a hardware guy so it would be really useful to have someone to work on the hardware side and for me to concentrate on "serving up the data".

I will email him and see what he says.

Cheers.

@jim618: You should probably get in touch with Prof. Clemens Cap. He is working on a Bitcoin hardware wallet and he called for interested people to participate.

maybe like this watch?
http://www.kickstarter.com/projects/597507018/pebble-e-paper-watch-for-iphone-and-android?ref=search

@freemoney - good point. That would also reduce the size of the tx which has several benefits.

@Stephen Gornick  With the change tx output as long as the previous tx has been transmitted by either you or the other party you would be able to use it.

However I am trying to think of a protocol that, even as a disconnected, untrusting device you can be 100% sure your tx will be accepted. You can only believe what your home sync computer tells you. You do not want to believe the contents of any tx you receive. Nor that any tx you produce actually gets transmitted to the network. It is for that reason that all the tx you receive and change is marked as 'somebody says this is true but I am not willing to put my reputation on the line just yet and reuse them'.

Another reason not to reuse unconfirmed tx specifically is the very human temptation that if someone sends you a fake tx you might be tempted to pass it on to someone disconnected who cannot get back at you when they detect the double spend.

A bunch of .01 or .001 is not optimal. Probably a collection of UNIT * n^2 up to about average expected transaction amount would be good. But you could customize for reduced number of keys or reduced average or max change.

For example 100x .02 and 100x .01 is going to be strictly superior to 300x .01 unless you make hundreds of tx for amounts between .01 and .02.

It won't have 6 confirmations but it can be spent right away.  The bitcoin client doesn't allow spending on 0/unconfirmed but the protocol allows it, clients will relay it and as long as there are fees paid, miners will likely include it.  BlockChain.info is one such wallet which allows immediate spend transactions, for example.

It needs to know its unspent outputs so it can calculate the balance of a transaction received for signing.

Then you just spend the original inputs again. 

I can't imagine ANY store is going to deliver goods before the tx is at least broadcast, unless it's a regular customer they know and can trust.  For anyone else, they'd have to be online for any transaction.

Still, this is a good point: even if the store broadcasts it immediately your change won't be confirmed for an hour.

$40-60 for something the size of a Kindle.  It's hard to say what a tiny one would cost since there's not much of a market for it.

@theymos

If the user the device is talking to has network access you could give it your public key, it can get your unspent tx outputs and create an unsigned tx yes.

If you wanted to do a device to device transfer you would have to know your available unspent outputs as the other device is an unconnected as you.

@konichua I think there would be a variety of possibilities for the connectivity. I mention IRDA mainly because the hack I am working on has USB and IRDA.