Marek Palatinus, widely known as Slush in the Bitcoin community and the operator of mining.bitcoin.cz, the oldest mining pool, has revealed his latest project in collaboration with Pavol Rusnák (stick): a USB Bitcoin hardware wallet. The key motivation behind this endeavor is to address the security concerns associated with storing Bitcoin on computers that are susceptible to viruses and malware attacks. The team aims to provide a user-friendly and secure solution that ensures the protection of digital assets.
Historically, there have been instances where Bitcoin users have suffered substantial losses, ranging from thousands to millions of dollars, due to compromised computers. The prevalence of botnets comprising millions of infected machines further exacerbates the vulnerability of personal devices. Recognizing the need for improved security measures, the proposed hardware wallet aims to offer an accessible solution for safeguarding substantial Bitcoin holdings.
The USB Bitcoin wallet, which remains unnamed at this stage, is a compact device approximately the size of an iPod Shuffle (3×3 cm). It features a custom chip capable of generating new addresses and signing transactions. To initiate a transaction, users connect the device to a computer or potentially a smartphone via USB. After entering the recipient's address and transaction amount on the computer, the user sends the unsigned transaction to the device. To mitigate virus-related risks, the user must confirm the transaction by pressing a button on the hardware wallet. The signed transaction is then sent back to the client for publishing, with the private keys never leaving the device.
The protocol incorporates several additional features to enhance convenience and security. The hierarchical deterministic wallet proposal, drafted by Peter Wuille in 2012, forms the basis for address generation on the chip. A single root private key is used to generate all private keys, allowing for recovery even if the device is lost. The device also freely provides a root public key, enabling Bitcoin clients to generate addresses associated with the device without the ability to spend from them directly. Optional PIN requirements further fortify security, and the device is designed to be tamper-proof, making it exceptionally challenging for thieves to extract private keys or coerce the device into signing unauthorized transactions.
Moreover, the device supports multisignature transactions, allowing users to create addresses requiring multiple private keys for transaction signing. This feature enables more complex security schemes, such as requiring signatures from a subset of specified private keys. Users seeking additional security measures can incorporate the hardware wallet as part of a comprehensive wallet security strategy.
While the device's primary focus is security, its portability may be limited. Although compact in size, it requires a cable to connect to a computer or phone, making it impractical for everyday wallet carry. The team dismissed the inclusion of USB or micro USB connectors due to concerns regarding durability and wear and tear. Nevertheless, Slush emphasizes that the primary goal is to prioritize safety over portability.
A Bitcoin client is required for the device to function on a computer. Currently, cooperation with Multibit and Electrum has been established, as these two clients agreed to implement the necessary protocols. However, online clients like Blockchain do not support the required low-level device interaction. To address this, Multibit and Electrum can be stored on a USB key along with the hardware wallet, allowing for easy loading when needed. Future versions may include a built-in client, but this is not an immediate priority.
The project is still in its early stages, with a full product yet to be released. A security company has been engaged to conduct a thorough code review and testing process, ensuring a high level of security. As additional features increase complexity and potential attack vectors, simplicity remains a key focus for the team. The release will comprise two products: a custom hardware solution for general users and a shield for the Raspberry Pi, catering to the technically inclined. Furthermore, the code for the device will be open source, enabling community scrutiny and contribution.
The success of this project could
signify a significant advancement in Bitcoin security. Decoupling Bitcoin
security from computer security is crucial to ensure user safety. Physical
wallet devices, such as this hardware wallet project, combined with
multisignature transactions, play a vital role in achieving this objective and
enhancing overall Bitcoin security for all users.