Topic: Tangem wallets - page 2. (Read 1035 times)
Oh these are pretty cool. My favorite one is the bitcoin cash card, the future of cryptocurrency. We had planned on actually making a bitcointalk card with the makers but I guess the project just kind of got put on the back burner. Would like to see it come to fruition however.
It’s great to see hip-to-chain technology. 
Does anyone know how Tangem wallets manage the public key from the private key? Is it possible to program on importing an old key/seed or generating a new private key?
Why are there dedicated MICROCHIPS for each cryptocurrency?
I don't think they have any encryption of the service but the wallet design looks strange, I thought they might modify the design to carry the public key but you can modify the final design yourself.
Does anyone know how Tangem wallets manage the public key from the private key? Is it possible to program on importing an old key/seed or generating a new private key?
Why are there dedicated MICROCHIPS for each cryptocurrency?
I don't think they have any encryption of the service but the wallet design looks strange, I thought they might modify the design to carry the public key but you can modify the final design yourself.
those are segments taken from the Tangem FAQ & hopefully answers your questions:
A wallet private key, which is the key to the ownership of blockchain assets, is always securely generated inside the Tangem chip. The key cannot be injected from outside, backed up or restored. Thus, the card holds a unique and unclonable instance of the wallet.
At the moment, Tangem supports the following cryptocurrencies: BTC, ETH, XRP, BCH, XLM, ADA.
In order to optimize for user experience, we kept it simple. Each Tangem Card is fixed to a certain cryptocurrency and can hold one private key at a time.
Each Tangem Card holds a secure chip that allows you to store and carry digital assets. The private key is generated by and permanently stored within the chip. Nobody has access to it either during or after the manufacturing process. This means that nobody can input, export or make a copy of this key.
The security of Tangem technology is audited by the Kudelski Group, a listed Swiss security company. The report is available here. After the audit, the chip firmware cannot be modified even by Tangem. Its intactness in each Card can be verified with the Tangem App. The app and the NFC communication protocol are open source.
Copyright disclaimer: The above are not my words, the text is taken (as is) from the Tangem Faq.
Source:
https://shop.tangem.com/pages/tangem-faqs
Not quite sure how "how Tangem wallets manage the public key from the private key". I know that you can re-initiate the card (i.e. create a new private/public key pair). However, I am not quite sure if for every transaction a new public key is being created (if this is your question)
Further, if you would like to program Tangem cards, and use the same card for multiple blockchains/cryptocurrencies (one at a time), there is a development kit. You can either use their GitHub code to create your own application or use their android development kit app (from the play store), to program a card with the characteristics of your preference.
Here is a summary of what you can do:
choose blockchain and signature algorithm, coin or token, define lifecycle, set up protection and protocol encryption, play with 2FA and issuer secure channel, check card and firmware attestation, load and read up to 100kb of extra data.
Source: above text taken from "Tangem Development Kit" description
https://shop.tangem.com/products/tangem-developer-kit
It’s great to see hip-to-chain technology.
Does anyone know how Tangem wallets manage the public key from the private key? Is it possible to program on importing an old key/seed or generating a new private key?
Why are there dedicated MICROCHIPS for each cryptocurrency?
I don't think they have any encryption of the service but the wallet design looks strange, I thought they might modify the design to carry the public key but you can modify the final design yourself.
Does anyone know how Tangem wallets manage the public key from the private key? Is it possible to program on importing an old key/seed or generating a new private key?
Why are there dedicated MICROCHIPS for each cryptocurrency?
I don't think they have any encryption of the service but the wallet design looks strange, I thought they might modify the design to carry the public key but you can modify the final design yourself.
One thing I will need to try is to put a small bit on one, and see if I set it up on one device what will happen if its "tapped" to a new device - I want to know if someone can essentially steal the card and they have all the funds on it simply because they have the card ? or because it is sync'd to my device that it is requires my phone?
Also, what happens if I lose my phone? Can I easily access it with another device - the above scenario about someone stealing it would answer this question as it is basically the scenario just not "stolen"
all the cryptographic keys (public/private) are being created within the chip and stays there (ie the private key). If you lose the card, then you lose the funds. The app is just a way to interact with the card (it does not store anything from the card). Hence you can use the card with different phones.
With a single card scan, you can instantly see the balance of the card (ie if it is loaded or not).
If you would like to transfer funds from the card to another addy, you have to keep the card attached to the phone for 1-2 minutes (for security reasons - see contactless RFID skimming)
yea - I tested that just a few mins ago using my wife's phone, loaded right up with no problem - I don't see any way to add a password or anything either.
AFAIK there is no option to add a password. but IMO you do not need one. The major functionality of those cards (except to store crypto like a usual hardware wallet) is to perform off-chain transactions.
User A loads the card with an x amount, and pass it to user B. User B tap the card to the phone, confirmes the loaded amount and keeps the card (as an exchange for goods/ or services)
edit: I never experiment myself with the PIN usage
edit 2: someone should have physical access to your card (for a couple of minutes) to steal your funds. Hence if you are afraid of this situation, then probably this is not the ideal solution to store crypto in it.
edit 3: the FAQ the BitcoinNewsMagazine posted above, will probably solve/answer all your questions :-)
yea I figured it would take longer - my concern was if someone steals the card like a burglary - but that goes with any cold storage wallet as well - all they need to do is peel em and sweep em - if they know what they are lol I always feel that any criminals in my area if they get past the alarm and my guns wont know what crypto is lol
EDIT
another concern - maybe a non issue as there may be other ways to read the card - but what if Tangem goes under or their app stops working - will there be any way to recover the btc that might be on it? An example would be coinkite - I have one of their cards and with the public address I can add to the card but without their system, there is no way to remove anything added to the card/account.
I do like the idea of using it to carry a set amount of btc - like in your example, to pay someone where they tap it and verify and then keep the card and there is no concern with me being able to take the funds as they essentially hold the private key in that card.
One thing I will need to try is to put a small bit on one, and see if I set it up on one device what will happen if its "tapped" to a new device - I want to know if someone can essentially steal the card and they have all the funds on it simply because they have the card ? or because it is sync'd to my device that it is requires my phone?
Also, what happens if I lose my phone? Can I easily access it with another device - the above scenario about someone stealing it would answer this question as it is basically the scenario just not "stolen"
all the cryptographic keys (public/private) are being created within the chip and stays there (ie the private key). If you lose the card, then you lose the funds. The app is just a way to interact with the card (it does not store anything from the card). Hence you can use the card with different phones.
With a single card scan, you can instantly see the balance of the card (ie if it is loaded or not).
If you would like to transfer funds from the card to another addy, you have to keep the card attached to the phone for 1-2 minutes (for security reasons - see contactless RFID skimming)
yea - I tested that just a few mins ago using my wife's phone, loaded right up with no problem - I don't see any way to add a password or anything either.
AFAIK there is no option to add a password. but IMO you do not need one. The major functionality of those cards (except to store crypto like a usual hardware wallet) is to perform off-chain transactions.
User A loads the card with an x amount, and pass it to user B. User B tap the card to the phone, confirmes the loaded amount and keeps the card (as an exchange for goods/ or services)
edit: I never experiment myself with the PIN usage
edit 2: someone should have physical access to your card (for a couple of minutes) to steal your funds. Hence if you are afraid of this situation, then probably this is not the ideal solution to store crypto in it.
edit 3: the FAQ the BitcoinNewsMagazine posted above, will probably solve/answer all your questions :-)
According to the FAQ you can also PIN protect the card. With the PIN and the requirement to hold the card next to the Android phone for 30-45 seconds for transfers that is supposed to prevent drive by attacks. I got a few of these to play with when they first came out but never really used them much. I will have to find mine and see how that PIN is enabled.
One thing I will need to try is to put a small bit on one, and see if I set it up on one device what will happen if its "tapped" to a new device - I want to know if someone can essentially steal the card and they have all the funds on it simply because they have the card ? or because it is sync'd to my device that it is requires my phone?
Also, what happens if I lose my phone? Can I easily access it with another device - the above scenario about someone stealing it would answer this question as it is basically the scenario just not "stolen"
all the cryptographic keys (public/private) are being created within the chip and stays there (ie the private key). If you lose the card, then you lose the funds. The app is just a way to interact with the card (it does not store anything from the card). Hence you can use the card with different phones.
With a single card scan, you can instantly see the balance of the card (ie if it is loaded or not).
If you would like to transfer funds from the card to another addy, you have to keep the card attached to the phone for 1-2 minutes (for security reasons - see contactless RFID skimming)
yea - I tested that just a few mins ago using my wife's phone, loaded right up with no problem - I don't see any way to add a password or anything either.
One thing I will need to try is to put a small bit on one, and see if I set it up on one device what will happen if its "tapped" to a new device - I want to know if someone can essentially steal the card and they have all the funds on it simply because they have the card ? or because it is sync'd to my device that it is requires my phone?
Also, what happens if I lose my phone? Can I easily access it with another device - the above scenario about someone stealing it would answer this question as it is basically the scenario just not "stolen"
all the cryptographic keys (public/private) are being created within the chip and stays there (ie the private key). If you lose the card, then you lose the funds. The app is just a way to interact with the card (it does not store anything from the card). Hence you can use the card with different phones.
With a single card scan, you can instantly see the balance of the card (ie if it is loaded or not).
If you would like to transfer funds from the card to another addy, you have to keep the card attached to the phone for 1-2 minutes (for security reasons - see contactless RFID skimming)
My order came in. They are a bit smaller than I thought, just a bit smaller than a credit card.
They did sync fine with the app - though I did not save the app, just downloaded the app, held a card to the phone - it easily scanned it in and shows a public address and balance of zero. It appears that you then can load to the card using the public address. In order to send from the card, it appears that you need to have the card near the phone so that the app can scan it.
One thing I will need to try is to put a small bit on one, and see if I set it up on one device what will happen if its "tapped" to a new device - I want to know if someone can essentially steal the card and they have all the funds on it simply because they have the card ? or because it is sync'd to my device that it is requires my phone?
Also, what happens if I lose my phone? Can I easily access it with another device - the above scenario about someone stealing it would answer this question as it is basically the scenario just not "stolen"
They did sync fine with the app - though I did not save the app, just downloaded the app, held a card to the phone - it easily scanned it in and shows a public address and balance of zero. It appears that you then can load to the card using the public address. In order to send from the card, it appears that you need to have the card near the phone so that the app can scan it.
One thing I will need to try is to put a small bit on one, and see if I set it up on one device what will happen if its "tapped" to a new device - I want to know if someone can essentially steal the card and they have all the funds on it simply because they have the card ? or because it is sync'd to my device that it is requires my phone?
Also, what happens if I lose my phone? Can I easily access it with another device - the above scenario about someone stealing it would answer this question as it is basically the scenario just not "stolen"
Jump to: