Pages:
Author

Topic: Sigsafe: A NFC key tag for signing bitcoin transactions - page 8. (Read 23240 times)

legendary
Activity: 1162
Merit: 1007
UPDATE: September 7, 2014



Demonstration video: http://vimeo.com/105458967


UPDATE: August 4, 2014

Below are two pictures of the PCBs for our first nine alpha-model sigsafe bitcoin-signing tags.  The first image shows all nine lined up in two rows with a penny and a ruler for a scale reference.  Most of the board space is NFC antenna--the sigsafe electronics are very simple.  



This picture shows the top (right) and back-side (left) of a sigsafe.  The components on the top side include a low-cost microcontroller, a NFC transceiver, two bi-color LEDs, a few MOSFETs, supporting passive components, and solder pads to attach the optional 0.5mm thick battery.  The NFC loop antenna is visible from the backside of the circuit board.



It really works too:

Code:
$ tx=`pybtctool mktx d511b9d6b05f8f9dbac56b632acafeffb40c6025f694ae1d738c0d5edaab5308:0 1KxvX5Hx8nh36ig2gT5bpeEcqLQcwJsZGB:50000`
$ sigsafe sign $tx | pybtctool pushtx -s




UPDATE: June 9, 2014

To help illustrate potential use cases for an ECDSA signing tag like the sigsafe, a colleague and I prepared some additional images.  

This image shows the sigsafe about to sign a transaction (over NFC) that presumably sends 1.66 BTC to the Android hot wallet.  In an application like this, the sigsafe would be stored in a safe or another secure location, and would be configured to only sign transactions that transfer funds to the hot wallet.  The sigsafe could also require cryptographic authentication from the Android wallet or a password from the user.  



This image shows the sigsafe acting like a "tap-and-pay" device at a traditional PoS terminal.  The sigsafe is compliant with ISO 14443-4, so it already "speaks the same language" as these PoS terminals.  However, the terminals would need to be programmed to support bitcoin payments and the sigsafe protocol.  In an application like this, the sigsafe might be configured with a per-TX and a daily spend limit.  




PRESS COVERAGE:

legendary
Activity: 1162
Merit: 1007
Sigsafe: A NFC key tag for signing bitcoin transactions

I wanted to share a project I’ve been working on.  It’s called “sigsafe” and it is an electronic key tag that signs bitcoin transactions over a non-exploitable air gap.  The device is probably too simple to be considered a hardware wallet; instead, it’s more like a paper wallet that can produce ECDSA signatures.  The device has both high-security applications such as implementing a cold/hot wallet system where the cold wallet can only send coins to the hot wallet, and low-security applications such as a “tap and pay” tag for purchasing retail items at PoS terminals.  Because the device uses the NFC standard, it is highly interoperable with existing phones, laptops, PoS terminals, and other RFID readers.  In fact, when HTML5 browsers begin to support the Web NFC API, it should be possible to create webpages that request signatures from the sigsafe to complete an online payment or to login to a website using the bitID protocol and a single tap.




Here is a link to the white paper: http://sigsafe.ca/sigsafe.pdf

Abstract. A small electronic key tag for signing bitcoin transactions over a non-exploitable air gap is described. The tag communicates via a simple protocol with a NFC-enabled host, harvesting power directly from the NFC electromagnetic field and eliminating the need for a battery. After receiving a signature request from a host device, the tag checks the request against a set of rules and signs the transaction, provided none are violated. User-defined signing rules permit various levels of security from none (sign all requests), to locking the spend addresses, limiting the value of transactions, and requiring a password from the tag’s owner or cryptographic authentication from the host. Malware, hackers or thieves cannot feasibly extract the private keys even with physical access to the tag. A tag manufacturer could store a funded private key within each device sold, with a rule to produce only bitcoin-signed messages, as a proof-of-intent bond to earn customers’ trust.

Pages:
Jump to: