subject:"\"Re\\\: \\\[Bitcoin\\\-development\\\] Hardware BitCoin wallet as part of Google Summer of Code\""

Re: [Bitcoin-development] Hardware BitCoin wallet as part of Google Summer of Code

2013-04-29 Thread Michael Gronager

Are you familiar with this:

http://code.google.com/p/opencryptotoken/

It does ecc and as it is based on an atmel micro controller, adding a display 
is pretty straight forward  

Michael 

On 29/04/2013, at 18.28, Peter Todd  wrote:

> On Mon, Apr 29, 2013 at 10:30:47PM +0800, Crypto Stick wrote:
>> Crypto Stick is an open source USB key for encryption and secure
>> authentication.
>> We have been accepted as a mentor organization for Google
>> Summer of Code (GSOC) 2013. One of our project ideas is to develop a
>> physical BitCoin wallet according to
>> https://en.bitcoin.it/wiki/Smart_card_wallet
> 
> A word of caution: hardware Bitcoin wallets really do need some type of
> display so the wallet itself can tell you where the coins it is signing
> are being sent, and that in turn implies support for the upcoming
> payment protocol so the wallet can also verify that the address is
> actually the address of the recipient the user is intending to send
> funds too. The current Crypto Stick hardware doesn't even have a button
> for user interaction. (press n times to approve an n-BTC spend)
> 
> Having said that PGP smart cards and USB keys already have that problem,
> but the consequences of signing the wrong document are usually less than
> the consequences of sending some or even all of the users funds to a
> thief. You can usually revoke a bad signature after the fact with a
> follow-up message.
> 
> Not to say hardware security for private keys isn't a bad thing, but the
> protections are a lot more limited than users typically realize.
> 
> 
> I will say though I am excited that this implies that the Crypto Stick
> could have ECC key support in the future.
> 
> -- 
> 'peter'[:-1]@petertodd.org
> --
> Try New Relic Now & We'll Send You this Cool Shirt
> New Relic is the only SaaS-based application performance monitoring service 
> that delivers powerful full stack analytics. Optimize and monitor your
> browser, app, & servers with just a few lines of code. Try New Relic
> and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr
> ___
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
--
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr___
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development

Re: [Bitcoin-development] Hardware BitCoin wallet as part of Google Summer of Code

2013-04-29 Thread Peter Todd

On Mon, Apr 29, 2013 at 10:30:47PM +0800, Crypto Stick wrote:
> Crypto Stick is an open source USB key for encryption and secure
> authentication.
> We have been accepted as a mentor organization for Google
> Summer of Code (GSOC) 2013. One of our project ideas is to develop a
> physical BitCoin wallet according to
> https://en.bitcoin.it/wiki/Smart_card_wallet

A word of caution: hardware Bitcoin wallets really do need some type of
display so the wallet itself can tell you where the coins it is signing
are being sent, and that in turn implies support for the upcoming
payment protocol so the wallet can also verify that the address is
actually the address of the recipient the user is intending to send
funds too. The current Crypto Stick hardware doesn't even have a button
for user interaction. (press n times to approve an n-BTC spend)

Having said that PGP smart cards and USB keys already have that problem,
but the consequences of signing the wrong document are usually less than
the consequences of sending some or even all of the users funds to a
thief. You can usually revoke a bad signature after the fact with a
follow-up message.

Not to say hardware security for private keys isn't a bad thing, but the
protections are a lot more limited than users typically realize.

I will say though I am excited that this implies that the Crypto Stick
could have ECC key support in the future.

-- 
'peter'[:-1]@petertodd.org

signature.asc
Description: Digital signature
--
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr___
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development

Re: [Bitcoin-development] Hardware BitCoin wallet as part of Google Summer of Code

Re: [Bitcoin-development] Hardware BitCoin wallet as part of Google Summer of Code

2 matches

Site Navigation

Mail list logo

Footer information