Pages:
Author

Topic: [FREE] Free Coldkeys for testing / reviews (Read 1300 times)

full member
Activity: 190
Merit: 505
February 27, 2020, 06:50:49 AM
#38
BTW the website in your profile http://coldkey.eu/ is throwing 520 error so.. Sad


on the mobile: the 'www.' is missing; that's why
on the desktop: it's also working without 'www.'
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
February 27, 2020, 06:45:24 AM
#36
Great work.
What time are you planning to release those? After all those tests looks like a solid and secure cold storage:)
BTW the website in your profile http://coldkey.eu/ is throwing 520 error so.. Sad

It's working now. I've tried on 2 different browsers no matter www or not was the same. It was cloudflare error.

legendary
Activity: 2464
Merit: 3158
February 26, 2020, 12:54:31 PM
#35
We have pushed the engineering tests a little bit further, this time testing a non-invasive method called "laminography".
Laminography, basically, generates a 3D sample of the inside of an item, putting in evidence cavities and/or irregularities.

Here is the best image of the laminography of a Coldkey :



There are other pictures (different "depths"), but this is the sharpest one.

Here is a video of the shot, and going through the hologram, to see what's further underneath it :

https://streamable.com/dynhc

No QR code appears. Smiley



As the non-invasive methods that would allow to reveal the private key QR code are defeated one after the other;
we are headed towards delivering very elegant and secure solutions for everybody to hold onto their cryptos.
legendary
Activity: 2520
Merit: 3238
The Stone the masons rejected was the cornerstone.
February 10, 2020, 05:44:40 PM
#34
Cool test Yogg! That is great to hear how secure these really are!
legendary
Activity: 2464
Merit: 3158
February 10, 2020, 05:01:36 PM
#33
This morning I had an apointment with a company that does quality control on PCBs.
They really have some high-end hardware, it was a very interesting tour.

Anyway, the engineer who was doing the tests on Coldkeys said he can't think of a method that can reveal the private key without damaging the card.

There is nothing to be seen, that's all.



I brought in two Loaded Coldkeys.
One that is done, loaded, and funded. It's serial "BTC-19.5M.14".
The other one was a test Coldkey with the privkey exposed, to compare tests.



The best they could come up with is this :



We can see the shape of the square paper that is underneath the hologram.

I made a short video when they were fiddling with settings to check what can be extracted from the Coldkey with x-rays.

Video : https://streamable.com/z532h
There's nothing to see here.

They will try with a few other methods, one called "laminography" which is "3d xray" or something like that.

As the Xrays are sensible to the change ("contrast") in matter's atomic density, they told me that overall, they don't expect to see much from these tests.



Bump,
@Yogg I have confirmed with my father that if you provide one card with a hologram I can have it put through a medical/research scanner and through an IRM to try to see through the holo.

Obviously the card shouldn't be loaded, it doesn't have to have the printing on it.

[...]

Also, it is possible that the IRM test might be interrupted halfway if it looks like it could damage the multi-million machine.

Hello guigui371,

Thanks a lot for your proposal. Smiley It is very interesting !

I'd love to see how a Coldkey looks under an MRI scan device.

Alright, I can do it and mark it in a way it's good only for such use.
I'll reach out to you to arrange it all and talk about it in more details.

Just bear in mind, that Coldkey, the operating company and myself cannot be held liable for any kind of damage that would happen with the MRI scan device.

Thank you.



Any idea on how to crack these Coldkeys ? Huh
legendary
Activity: 2114
Merit: 1693
C.D.P.E.M
February 06, 2020, 03:13:35 PM
#32
Bump,
@Yogg I have confirmed with my father that if you provide one card with a hologram I can have it put through a medical/research scanner and through an IRM to try to see through the holo.

Obviously the card shouldn't be loaded, it doesn't have to have the printing on it.

You could just provide a white/unprinted one.  You could write on it, no resale / experimental / you could even cut a corner.
The hologram should be the one you use on your card.
The QR code (it doesn't even have to be of a BTC address) should be printed the same way you do for your real cards.

The card can be returned to you after the experiments or destroyed (as you wish).
We will do the scanner first, and the IRM next.
Because the holo is a foil, there is a great chance that it will be damaged by the magnetism.
Also, it is possible that the IRM test might be interrupted halfway if it looks like it could damage the multi-million machine.

I can organised photos to be taken, but don't expect macro shots or HD photos.
They would be taken from the smartphone of my dad.
And he doesnt have the lastest camera, nor the best skills (but I love him, it's my dad !).

Let me know if you are keen (I've PMed you).
legendary
Activity: 2464
Merit: 3158
That seems like a good change and a much simpler fix than anything I could come up with. If the imprinting on the hologram is unique, that'd help a lot too because it would prevent people from reusing a hologram they harvested from one card (say an unloaded one) on a different card.

The part where I damaged the hologram the most was when trying to get the needle between the card and the bottom layer of the hologram so as pictured, I'm not sure this would be more difficult. I would use the letter as a channel to help guide my syringe under the hologram. (Let me know if that doesn't make sense, it's kind of hard to explain). My intuition says it might be easier to get it in where the hologram has been imprinted.
Arrow denoting where I'd try to inject.

That being said, if you have bigger holograms and the imprinting doesn't overlap with the edge of the hologram, it'd definitely be harder.

I'm meeting with a polymer engineer this afternoon to see if we can relaminate the back of the card to mask that the hologram. I'll let you know! Also heading to the laser lab now and will test out a REALLY bright "light" (although I'm not optimistic about optical methods).

Thanks so much for your review Sa0shisGhost. Smiley
Yes, I will try to munch a little on the holos in the future, but this has to be thought of during the card designing stage.

I am curious to know how easily can the back of the card be laminated again. The embossing should make this difficult to reproduce.



/!\ Don't do this at home
I have been experimenting a little further with Coldkeys, particularly with the private key QR code.

First, I started by carving the privkey QR code with a pair of scissors and made some strip.



Then, why not, I completely cut off the QR code in two.



And the results are surprising !
This card that's been so badly damaged is still functioning !

sr. member
Activity: 382
Merit: 265
That seems like a good change and a much simpler fix than anything I could come up with. If the imprinting on the hologram is unique, that'd help a lot too because it would prevent people from reusing a hologram they harvested from one card (say an unloaded one) on a different card.

The part where I damaged the hologram the most was when trying to get the needle between the card and the bottom layer of the hologram so as pictured, I'm not sure this would be more difficult. I would use the letter as a channel to help guide my syringe under the hologram. (Let me know if that doesn't make sense, it's kind of hard to explain). My intuition says it might be easier to get it in where the hologram has been imprinted.
Arrow denoting where I'd try to inject.

That being said, if you have bigger holograms and the imprinting doesn't overlap with the edge of the hologram, it'd definitely be harder.

I'm meeting with a polymer engineer this afternoon to see if we can relaminate the back of the card to mask that the hologram. I'll let you know! Also heading to the laser lab now and will test out a REALLY bright "light" (although I'm not optimistic about optical methods).
legendary
Activity: 2464
Merit: 3158




To be honest, congratulations for your achievements with the above pic.
This got me thinking to find a solution that would not allow to re-use the hologram, if we imagine the case where the VOID pattern doesn't appear.

So far, this is what I found as a solution :



This way, the holo cannot be re-used if we emboss something on it.
It doesn't have to be a word. Maybe simple "BTC" or the ticker of the coin. I don't know yet. It can be solely some character.

By the way, test generic hologs were 20x20mm, but the definitive ones will be 22x22, so more space to crush something on them. Tongue
legendary
Activity: 2464
Merit: 3158
I find the prospect of mass-adopted physical wallets very exciting for a number of reasons and was fortunate to get 2 Coldkeys from Yogg for testing. Here's a description and results of my first test.

Thank you very very much for this extensive range of tests, Sat0shisGhost !!
I am very happy our Coldkeys pass those security tests.
Yes, the point would be to find the way to provide the most secure ways and media for bearing crypto funds.
That'd be awesome to see Coldkeys being mass-adopted as physical crypto.

Yogg promised me a "surprise" and he delivered. The private key is printed on a polymer that is different from the card plastic and almost the entire key melted (probably too fuzzy to be recoverable)

Hah, so your first solvent actually took away the layer on which the private key is printed, right ? Then it'll only be the blank card.
That layer is very thin and fragile. It will ruin the QR code but if some malicious person tries to tamper with it, then that's only better.

So I'm pretty confident that I've found a solvent that can remove the adhesive without dissolving the private key, but will test this more in the coming days.

That "other solvant" that you used from the left looks more appropriate for this use to me, but there still is the whole work of replacing the hologram correctly, untouched (Wink) and being able to put a new plastic layer on top of that.
I am already starting to think of a solution to make the tampering with the holo much much difficult than it actually is, and quasi-impossible to re-use.

I have access to a lot of equipment and chemicals and am definitely open to suggestions if anyone has some. I'll also be testing some optical attack vectors and will see if I can alter the public key although it looks tough.

Thanks so much for bringing our Coldkeys to your lab and for all the hard work you've done Smiley
sr. member
Activity: 382
Merit: 265
I find the prospect of mass-adopted physical wallets very exciting for a number of reasons and was fortunate to get 2 Coldkeys from Yogg for testing. Here's a description and results of my first test.

The photos below are low-res to save bandwidth. Here's a high-res album: https://imgur.com/a/a0qqmO6

Inspired by the S1 Casascius solvent hack, I decided to give a variation of that method a shot.

For this test, I decided to test 2 different solvents. Chloroform (pictured) and another non-polar solvent. Unfortunately I was out of glass syringes so I used plastic. And the smallest needle I could find.


I attempted to pierce the non-adhesive part of the hologram and inject in some chloroform, however the needle was blocked by a layer of paper/cardboard between the hologram and the private key. It also left a pretty obvious track mark (See photo below). The next thing I tried was trying to slice the edge of the hologram with a scalpel, and trying to inject some chloroform between the plastic card and the hologram. This worked to some extent, but soon, the word 'void' was clearly visible. I won't get into the details of the hologram now, but there's two layers. If the two layers are no longer adhered to one another, the word 'VOID' becomes visible. (see photo below).



Next, I decided to attack the hologram from the LEFT side using my other solvent and pretty much the same technique as above.
The second solvent was a lot better at dissolving the adhesive and I was able to peel back most of the hologram without the 'VOID' becoming visible. However, it's still visible at the edges from the original incision/prying open the adhesive to inject solvent in. I then sliced the top and bottom off with the scalpel.
Yogg promised me a "surprise" and he delivered. The private key is printed on a polymer that is different from the card plastic and almost the entire key melted (probably too fuzzy to be recoverable), as a result of the chloroform. However, as you can see in the photo below, the LEFT side, where I used my other solvent, is not melted. So I'm pretty confident that I've found a solvent that can remove the adhesive without dissolving the private key, but will test this more in the coming days.


As you can see below, the hologram is pretty mangled, however, I think if I practice my technique and stick with the second solvent, I might be able to do a much better job. I'm going to spend 4 or 5 days thinking about how to attack my second Coldkey and will a few more ideas on this one.

 I'm also going to try a few tricks to reattach the hologram without leaving too many traces (as it's pretty obvious this one has been tampered with) and will see if I can find a way to get rid of the 'VOID' text.
I have access to a lot of equipment and chemicals and am definitely open to suggestions if anyone has some. I'll also be testing some optical attack vectors and will see if I can alter the public key although it looks tough.


Below is a photo of the tampered coldkey (left) and the untampered one (right). I think after about 1 second of inspection, it's pretty obvious this Coldkey has been tampered with. Make sure to zoom in on the high res photos: https://imgur.com/a/a0qqmO6


legendary
Activity: 2464
Merit: 3158
Just got my card.. very nice.
Will test it shortly.

And yes.. I noticed this layer on the front side as well.
I am assuming it covers the QR code to help protect from wear/damage. Cool

Thanks yogg Cheesy

I'm glad you got it, minerjones ! Smiley
Can't wait to see results of your tests !

Yes, the durability of a physical bitcoin is a very important matter to me.
Nothing better than plain old QR codes compatible with most open-source wallets.  Cool



I don’t like to give out my address on this forum for obvious reasons but these are fucking awesome yogg.

Kudos.

Thank you very much for your kind words, LFC_Bitcoin. Smiley Happy you like our Coldkeys !
We will be launching our website soon, and will be looking to offer a store where you can purchase these with BTC or credit card.
This way, there wouldn't be a connection between your forum profile and the order.

We are a company and all details will be available soon on the website. (This week)



Sorry I am on mobile and can't find the original thread yet. When are these shipping, I think I bought a couple a few months ago? Thanks yogg! Cheesy

Hey owlcatz !
Thanks for your message Smiley

Yes, absolutely ! Thanks so much for purchasing some of our pre-orders ! You have no idea how these have helped us to go further Smiley
I was about to update the Genesis Edition sales thread with pictures of finished cards this weekend at latest. Smiley
Shipping will start next week, as planned. I will most likely contact you when your order is about to ship. Smiley
legendary
Activity: 3556
Merit: 9709
#1 VIP Crypto Casino
I don’t like to give out my address on this forum for obvious reasons but these are fucking awesome yogg.

Kudos.
legendary
Activity: 2520
Merit: 3238
The Stone the masons rejected was the cornerstone.
I really like these things, I think we could use them as wallets too, and remembered me a lot of the https://bitcointalksearch.org/topic/bitcointalkorg-collectible-coin-5111005 bitcointalk collectible, could be waaay cheaper to implement than any metal wallet.

  Yes they would be nice for a bitcointalk collectable. And they can be loaded as well with any amount of BTC a person chooses to load them with.
 
jr. member
Activity: 111
Merit: 1
I really like these things, I think we could use them as wallets too, and remembered me a lot of the https://bitcointalksearch.org/topic/bitcointalkorg-collectible-coin-5111005 bitcointalk collectible, could be waaay cheaper to implement than any metal wallet.
legendary
Activity: 2520
Merit: 3238
The Stone the masons rejected was the cornerstone.
Received the test card today!
~snip~

Thanks a lot for your review Krogoth ! Smiley
Yes, the point is to make it very difficult to tamper with the holo and access the private key without damaging the card.

If you have any suggestions as to what I should do in another way, I'm all ears. Cheesy


  No suggestions...the card and security authentication are as good as it can get.  Wink
legendary
Activity: 2464
Merit: 3158
Received the test card today!
~snip~

Thanks a lot for your review Krogoth ! Smiley
Yes, the point is to make it very difficult to tamper with the holo and access the private key without damaging the card.

If you have any suggestions as to what I should do in another way, I'm all ears. Cheesy
legendary
Activity: 2520
Merit: 3238
The Stone the masons rejected was the cornerstone.
Received the test card today!

I love the design and the holo pattern in the back!




I was able to load the card with 0.001btc very easily using my Mycelium QR scanner.

Once loaded I then proceeded to try and sweep the btc off the card.

To get to the Holo I noticed was not that easily done. There is a layer of thin plastic in the back covering the entire back.

Using a knife I had to cut that around the holo and then proceed to remove the holo itself before the private key was revealed as follows.

In other words, it is impossible to expose the private key without damaging the card!



Once the QR code was exposed I easily swept away all the btc in the card.

I have to say I am impressed with the design and security of these cards.

Job well done Yogg! Cannot wait to get my cards!

legendary
Activity: 2464
Merit: 3158
Thank you very much everyone for your help and interest to review Coldkeys. Smiley
I knew this would be a little bit of a hitch to make only 3 cards for the tests.
So, finally, after an extensive chat with some of you, I'll be sending 7 Coldkeys for testing purposes.

Here is the list of chosen users :

2x Sat0shisGhost (2 test cards due to the extensive range of tests that will be conducted)
1x Blazed
1x minerjones
1x Krogothmanhattan
1x ChiBitCTy
1x buckrogers

Please send me a PM with privnotes including your shipping details.
I will probably send these out on next Wednesday. I'll get back to you with a tracking number. Smiley
legendary
Activity: 3752
Merit: 1415
Looks like you have enough takers above but if need be I could be able to stress test it for you as well. 
Pages:
Jump to: