Smart card wallet: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
Waldyrious (talk | contribs) tweak category sort key |
||
(13 intermediate revisions by 5 users not shown) | |||
Line 3: | Line 3: | ||
===Rationale=== | ===Rationale=== | ||
*Computers and smartphones are target for malware. The software | *Computers and smartphones are target for malware. The software on a smart card can be protected. | ||
*Smart cards do not need a battery, nor internet connection, they are robust. | *Smart cards do not need a battery, nor internet connection, they are robust. | ||
*Adoption: people are already used to | *Adoption: people are already used to paying with smart cards. | ||
===Desired features=== | ===Desired features=== | ||
Line 11: | Line 11: | ||
*no blockchain, no node; the card contains only private keys, and an algorithm to sign a transaction | *no blockchain, no node; the card contains only private keys, and an algorithm to sign a transaction | ||
*the smart card should have its own keyboard (for pin code protection) and display (to show the transaction amount) | *the smart card should have its own keyboard (for pin code protection) and display (to show the transaction amount) | ||
(<- Alternative to this is the card returning, to the terminal screen, the debit amount multiplied by a number only the card holder knows which cycles from 1 to 100 to 1 incrementing by 1 each transfer - the card is locked 10 minutes if a second amount is send before a pin is typed.) | |||
* The card holder will know pin, puk, private key and address only from when he programmed it or ordered his smart card. | |||
*the card should implement a deterministic wallet, so that funds can be recovered if the card is lost. | *the card should implement a deterministic wallet, so that funds can be recovered if the card is lost. | ||
Line 25: | Line 27: | ||
==Implementation steps== | ==Implementation steps== | ||
===1. write a bitcoin daemon that can | ===1. write a bitcoin daemon that can talk to a lightweight wallet=== | ||
*this has been done already, see for example bitcoinjs: https://github.com/bitcoinjs/bitcoinjs-lib | *this has been done already, see for example bitcoinjs: https://github.com/bitcoinjs/bitcoinjs-lib | ||
*See also this pull request: [https://github.com/piotrnar/bitcoin/tree/importexporttx importexporttx] can be used to broadcast the transaction | *See also this pull request: [https://github.com/piotrnar/bitcoin/tree/importexporttx importexporttx] can be used to broadcast the transaction | ||
* https://bitcointalk.org/index.php?topic=28278.msg383312#msg383312 | |||
===2. write a lightweight wallet=== | ===2. write a lightweight wallet=== | ||
Line 33: | Line 36: | ||
*this lightweight wallet will be later implemented on the card | *this lightweight wallet will be later implemented on the card | ||
*use it to define the communication protocol between card and reading device. | *use it to define the communication protocol between card and reading device. | ||
update: this is done, see [[Electrum]] | |||
===3. implement wallet on a simple smart card=== | ===3. implement wallet on a simple smart card=== | ||
Line 39: | Line 44: | ||
* amadousarr.free.fr/crypto/ECDSAJAVACARD.pdf : A Software Implementation of ECDSA on a Java Smart Card | * amadousarr.free.fr/crypto/ECDSAJAVACARD.pdf : A Software Implementation of ECDSA on a Java Smart Card | ||
* http://www.acs.com.hk : cards, readers, development kits; no display, pincode needs to be typed on the reading device | * http://www.acs.com.hk : cards, readers, development kits; no display, pincode needs to be typed on the reading device | ||
* http://www.basiccard.com/index.html?overview.htm : Smart Card (ZC7.5) which contains RSA/EC and DES/AES coprocessors. Used in an implementation of the OpenPGP Card 2.0 standard (http://g10code.com/p-card.html) | |||
===4. implement wallet on a smart card with display and pincode === | ===4. implement wallet on a smart card with display and pincode === | ||
Line 45: | Line 51: | ||
* http://www.nidsecurity.com/products/solution-enterprise.html (smart cards with LCD displays) | * http://www.nidsecurity.com/products/solution-enterprise.html (smart cards with LCD displays) | ||
* http://www.avesodisplays.com/ (smard cards with flexible displays) | * http://www.avesodisplays.com/ (smard cards with flexible displays) | ||
==references== | |||
*https://bitcointalk.org/index.php?topic=7539.0 Bitcoin smartcard Point of Sale terminal | |||
*https://bitcointalk.org/index.php?topic=20933.0 Bitcoin and Smart Cards | |||
[[category:Developer]] | [[category:Developer]] | ||
[[category:Technical]] | [[category:Technical]] | ||
[[category:Wallets]] | [[category:Wallets| ]] | ||
[[Category:Mobile]] |
Latest revision as of 08:18, 22 May 2018
This pages gathers resources for the implementation of a Bitcoin wallet on a smart card.
Rationale
- Computers and smartphones are target for malware. The software on a smart card can be protected.
- Smart cards do not need a battery, nor internet connection, they are robust.
- Adoption: people are already used to paying with smart cards.
Desired features
- no blockchain, no node; the card contains only private keys, and an algorithm to sign a transaction
- the smart card should have its own keyboard (for pin code protection) and display (to show the transaction amount)
(<- Alternative to this is the card returning, to the terminal screen, the debit amount multiplied by a number only the card holder knows which cycles from 1 to 100 to 1 incrementing by 1 each transfer - the card is locked 10 minutes if a second amount is send before a pin is typed.)
- The card holder will know pin, puk, private key and address only from when he programmed it or ordered his smart card.
- the card should implement a deterministic wallet, so that funds can be recovered if the card is lost.
Usage scenario
- the reading device may belong to a merchant at a point of sale; it cannot be trusted with private keys.
- the reading device is connected to a full bitcoin node; it can be trusted for getting and sending blockchain information.
- the reading device sends to the card the current balance of its bitcoin addresses. This information can be cached in the card.
- the reading device sends a bitcoin receiving address and transaction amount to the card.
- the amount is displayed by the card ; the user confirms the transaction with his pin code.
- the smart card creates a signed transaction and sends it to the reading device
- the transaction is checked and broadcast by the bitcoin node.
Implementation steps
1. write a bitcoin daemon that can talk to a lightweight wallet
- this has been done already, see for example bitcoinjs: https://github.com/bitcoinjs/bitcoinjs-lib
- See also this pull request: importexporttx can be used to broadcast the transaction
- https://bitcointalk.org/index.php?topic=28278.msg383312#msg383312
2. write a lightweight wallet
- wallet without blockchain, in order to test the daemon
- this lightweight wallet will be later implemented on the card
- use it to define the communication protocol between card and reading device.
update: this is done, see Electrum
3. implement wallet on a simple smart card
- http://www.opensc-project.org/opensc openSC : tools and libraries for smart cards.
- amadousarr.free.fr/crypto/ECDSAJAVACARD.pdf : A Software Implementation of ECDSA on a Java Smart Card
- http://www.acs.com.hk : cards, readers, development kits; no display, pincode needs to be typed on the reading device
- http://www.basiccard.com/index.html?overview.htm : Smart Card (ZC7.5) which contains RSA/EC and DES/AES coprocessors. Used in an implementation of the OpenPGP Card 2.0 standard (http://g10code.com/p-card.html)
4. implement wallet on a smart card with display and pincode
list of vendors:
- http://www.nidsecurity.com/products/solution-enterprise.html (smart cards with LCD displays)
- http://www.avesodisplays.com/ (smard cards with flexible displays)
references
- https://bitcointalk.org/index.php?topic=7539.0 Bitcoin smartcard Point of Sale terminal
- https://bitcointalk.org/index.php?topic=20933.0 Bitcoin and Smart Cards