[Pre-Proposal] The Dash Hardware Wallet

If this becomes a proposal, would you vote for it?


  • Total voters
    18

roland

Member
Dear community,

Before getting into all the details about me, my motivation, experience and all the other stuff, let me put the idea first. I strongly believe the Dash ecosystem needs a hardware wallet! Not just support for any hardware wallet, but the best hardware wallet ever.

Meet the Dash Hardware Wallet
dash-1-small.jpg


My name is Roland Hänel, I’m the VP of R&D at Q-loud GmbH in Germany, a company that design, builds and operates “full stack solutions” in the IoT space. My team and myself design and implement embedded hardware, gateway nodes and cloud software stacks. I studied Electrical Engineering and Information Technology and received my M.Eng. degree from the University of Technology in Aachen in 2001. Actually, on the day I defended my thesis I also sold my startup company to QSC AG, Germany’s biggest DSL network operator at that time. I eventually stayed with QSC and helped building the nationwide DSL network, later the all-IP and VoIP networks as the head of the Network Design department. When QSC later decided to move into the Cloud and IoT business, took over responsibility for all development activities in this area.

As an individual, I have followed the blockchain technology area with growing interest over the last year. However, I have to admit that I learned about Dash only a couple of months ago. But what I learned is definitely what sparked my interest, because in my opinion the goals of Dash are exactly the key points of what matters: create an instant, private, secure money that everyone can use. Just as simple as that. Don’t focus on whether your signatures are put in the first, middle or last part of the block. Don’t focus on scripting stuff to help people build thousands of other coins on top of the system. Just put a decentralized, digital cash in the hands of the people!

At the core of any reasonable crypto currency, so with Dash, you hold the money you own, not a bank controls it. This is done through your ownership of your private keys. These we have to guard like the banks guard the money given to them right now. We can argue whether the effort that the banks put into this task is appropriate, but I think we can agree that with crypto currencies right now, just put the private keys on your smartphone is not really the appropriate way if this is more than a couple of Dash.

A hardware wallet is – in theory – the perfect solution for a reasonably secure storage of your private keys. However, the hardware wallets available today are mostly complicated to use or technically inadequate for the task. They are primarily designed for those who hold 100’s or 1000’s of BTC and use a PC to manage their funds occasionally.

What about a hardware wallet suitable for everyday use with your smartphone, tablet and PC? Maybe a device that can even be used at Point-of-Sale installations without any smartphone? This is my pre-proposal outlined in this post, the Dash Hardware Wallet.

What does Dash get with this proposal (“what do you deliver?”)

I propose the development and mass production of a new, specific hardware device: the Dash Hardware Wallet. This device features
  • physical size roughly 50mm x 20mm x 100mm, see picture for size comparison with a 2€ coin (nearly the same size as a US Quarter coin)
  • rugged, spill-proof (at least), yet nice-looking polycarbonate housing/enclosure
  • powered by batteries, 2 * AAA or 3 * AAA (design decision taken later)
  • communication interface Bluetooth Low Energy (BLE)
  • reasonably sized, high-resolution TFT or OLED display
  • PIN pad to unlock / authorize transactions
Basically, imagine the following use case together with the Dash smartphone app: Just launch the app and watch your funds as usual. If you just receive funds, no need to even take the hardware wallet out of your pocket. If you send funds, do everything in the app as you’re used to. Then, as a last step, take out the hardware wallet, verify the destination address and amount on the screen. Enter the PIN on the hardware wallet’s keypad, press the Dash button: done.

Bluetooth will enable a much, much better user experience than all solutions based on USB connectivity. It furthermore allows the device to be hermetically sealed and thus more rugged and less susceptible to all types of “electrical attacks”. Bluetooth might even enable further use cases, such as connecting the hardware wallet directly with a Point-of-Sales terminal. Imagine you want to pay your coffee at starbucks, just take out your hardware wallet, the screen shows the merchant’s address and amount, you enter your PIN and that’s it. Sure, the same thing you could already do on your phone today, but this will never be really secure!

Technical details (“what will you do with the funding?”)

I’ll try to get this first post reasonably short, it’s still a pre proposal. However here are some details of action items that I plan for this project.

Development activities:
  • hardware design (schematics, PCB, BOM, …)
  • prototype creation, testing & verification
  • define Bluetooth LE API for relevant crypto function (wallet initialisation, receive, send, …)
  • implementation of the Bluetooth LE API for crypto functions on the target (KW41Z)
  • generic firmware development, including secure update feature (via Bluetooth LE)
  • design of enclosure (3D modeling), verification using 3D prototypes (STL, vacuum casting)
Testing / certification:
  • testing for compliance with EU regulations (RED, 2014/53/EU), mark with "CE"
  • testing for compliance with US/Canada regulations (FCC, IC), mark with FCC/IC
  • safety testing (UL, CSA, Intertek or equivalent certification)
Production setup / tool development:
  • injection molding tools (assume 2 tools, S136 steel, high polishing required), test shots
  • PCB manufacturing setup costs (tools, stencil etc.) for mass production
  • production flash and test tools (bed of nails, programming stations, …)
  • first production run (including purchasing/procurement, line setup, worker setup, …)
  • setup of independent production quality supervision (SGA or equivalent)
Project management, coordination, accounting

Mass production
  • ramp up mass production and produce a first run of 10,000 devices

Budget (“how much money do you need?”)

Current project planning shows a total project budget of USD $893,000. If we conservatively estimate a Dash value of $230 (roughly a 90 day average), that’s 3578 Dash.

We would apply for a payment of about 360 Dash per month for a period of 10 months (total project duration).

Note that this amount includes the full development and certification efforts as well as the production of the first 10,000 devices. So, even if you set all development stuff to zero value, we get the individual device at a price of $89.3 per piece, which is pretty decent for the first production run.

There will be more details on budget planning if I decide to go forward with a formal proposal. Feel free to ask any question right away beforehand if you like.

Short term benefits

The first production run will yield 10,000 end devices. Since these have been paid for with the budget, we cannot not sell them for our profit, they belong to the Dash network!

We could for example (just some thoughts)
  • use them as giveways at conferences, events etc.
  • provide any masternode owner one device for free (hope for a multiplier effect)
  • give them all away for a small amount of Dash (e.g., 0.01 Dash) as a promotion, only one per person/shipping address, to get people into using the app / Dash in general
  • ...more ideas to come...
If you have any suggestions how to maximize the value of these 10k devices, please let me know.

Long term benefits

We plan to make all development outcomes open source (MIT license preferred were possible and non conflicting, e.g. with GPL stuff). I feel obliged to do this because development is funded by the network and knowledge should not be kept private by us. Anyhow, because this is a security device, making stuff open source also allows for more trust and better verification by third parties (formal of just anyone interested in this stuff).

Note that as with any high-volume hardware development, the benefit is not only the development outcome, but also the ability to run mass production per se. Therefore, we set a project goal of target cost (COGS) for the finished device of $22, which would in turn enable a future retail price (including all retail margins, shipping, duties etc.) of $49. This would place the Dash Hardware Wallet in a very aggressive market position (“best product – best price”). Some might consider this the biggest impact of this proposal.

Timeline (“when can you deliver?”)

As this is a project that covers the development of new hardware (and firmware), covers testing and formal certification as well as a mass market production ramp up, we estimate an (ambitious) timeline of 10 months for the whole thing.

Risks (“can you really pull that off?”)

Yes I can! Yes we can! My team and I have proven several times that we can develop, test, certify and also mass produce such designs. We have created complex industrial control solutions that only run in batches of 100 pieces as well as consumer electronics devices that run in batches of 100,000 units. We have successfully dealt with European (RED directive) and American regulatory bodies (FCC, IC). We know what to source in far-east and what to source in Europe or the US. Hardware projects always have a very special risk of delay, but I think the timeline is a realistic one. If we get a month’s delay in the end, we have to fight through it, at least it won’t increase costs (so funding interval stays as 10 months fixed).

Of course we depend on others to make this contribution really have a large effect. Integration of the Dash Hardware Wallet into the Dash Wallet App needs to be done by the development team of the App. But I'm pretty sure that if we have a great product, they'll be more than eager to do that.

My last words for today (it’s close to midnight here)

I hope I included enough details to at least convince you that I have spent more than a few brief thoughts on this idea. On the other hand I hope that I didn’t steal your time by just including too much stuff.

There’s certainly more to discuss, more to share.

This is why I take the opportunity to present you this project as a pre proposal.

I’m looking forward to your comments, get an idea if you like the idea or not, what to improve etc., and then make the right proposal for the final stage. Or to forget the idea altogether?

Yours,
Roland
 
I like the concept of a hardware wallet designed specifically for Dash.

I also like open source. If it's not open source, we could never really know how secure the product is.

How specific is the hardware wallet to Dash? I'm pretty sure if this product could be easily repurposed to work for some other coin, we won't fund it. Or, asked differently, will this wallet be exclusive to Dash and Dash only? We would hate to pay all that money and then see our shiny new product used/adapted basically for free by one of our competitors.

Will this be a heuristically determined wallet with a seed phrase that allows recovery if the wallet is lost or damaged? Or will it use some other recovery method?

Perhaps compare this product to the current offerings of Trezor and Ledger.

Thanks!
 
Oh yeah, and while we're at it, do you have particular ideas about security at border crossings?

Some countries are seriously trying to prevent crypto from getting around their capital controls.

Let's say for example that Venezuela proposes and pass a law that says if we catch you taking your money (dash) across a border (to leave the country) we're going to fine the hell out you and maybe put you in jail if we see you with a lot of Dash in your possession. And they can compel you to turn it on and give them your password.

Some have suggested that there be multiple passwords, one of which would reveal that you have 8 dollars worth of Dash on the device.

Or perhaps make it look like a gameboy or similar device with a fun little game or two you can play.
 
I like the concept of a hardware wallet designed specifically for Dash.

I also like open source. If it's not open source, we could never really know how secure the product is.

How specific is the hardware wallet to Dash? I'm pretty sure if this product could be easily repurposed to work for some other coin, we won't fund it. Or, asked differently, will this wallet be exclusive to Dash and Dash only? We would hate to pay all that money and then see our shiny new product used/adapted basically for free by one of our competitors.

The idea is to make it open source because we don't own it. We might get funding for it, so the result should be owned by whoever gives funding. In this case, it's the Dash network. Since this is no legal entity, we could decide to attach ownership to some Dash-related legal entity, e.g. the Dash foundation. I'm also open for this.

For the time being, the idea is to make it open source. This solves both the "ownership" questions and serves the tradition that "real stuff" in the security space should be open and transparent for everyone to look into. However, as we all know (and a lot of companies fear that), open source does of course speed up the development cycles for the "others", because copy&paste solutions become quick, easy and legal.

Which leads to your question about how specific this thing is for Dash. Here, the idea is: the hardware wallet is indeed a specific Dash hardware wallet.
  • the firmware supports Dash only, and of course it must support the Dash InstandSend and PrivateSend features.
  • the hardware has Dash branding (see pictures, case color, keypad 'OK' logo).
So, to play the devil's advocate, let's assume we get this project funded. Some "bad guy" takes all the stuff we open sourced and creates an "equivalent" bitcoin / Ethereum / ... hardware wallet. Bad guy still needs to create the following things on his own:
  • do the PCB layout (Gerber files), as we should only open source the schematics, not the Gerbers
  • all hardware prototypes
  • all the certification stuff
  • modification of the firmware to support other cryptos
  • hardware tooling for the enclosure, as we shouldn't open source the actual injection molding tool design
Basically, assuming that bad guys is just as capable as ourselves, he could probably "re-do" this project for roughly $150k less than this proposal, that is, he still needs to invest $743k. Because the major part of the money goes into the things listed above and into the production of the first 10,000 devices (which are completely Dash branded).

So I hope I could make it clear that we're quite safe on this one.

Will this be a heuristically determined wallet with a seed phrase that allows recovery if the wallet is lost or damaged? Or will it use some other recovery method?

Yes, this will certainly be an HD wallet (BIP32/39/44). This is the preferred choice for such a device. The recovery sentence will only be displayed on the device once after initialization. It will of course never be transmitted via Bluetooth (it is essentially identical to the private key(s)). Recovery will be done completely on the device (i.e., the user has to walk through the word list using the keypad).

Perhaps compare this product to the current offerings of Trezor and Ledger.

On the very basic level, functionality is the same. The Dash Hardware Wallet essentially holds your private keys. Private keys never leave the device, nor does the recovery sentence. The hardware wallet sends out public keys (addresses) over Bluetooth to an attached smartphone / PC for receice / watch transactions. To send out coins, the attached smartphone / PC generates the transaction, which is then signed on the device. The user needs to acknowledge the transaction on the device, checking the destination address and amount.

Let me focus on the differences between the Dash Hardware Wallet and Trezor and Ledger (I will consider the Ledger Nano S which is the current model).
  • the Dash Hardware Wallet is an exclusive product for Dash. :)

  • the Dash Hardware Wallet will use Bluetooth LE connectivity, making it a perfect fit for use with smartphones, tables and PCs. Trezor and Ledger require a wired USB connection, which is essentially a no-go for smartphones and tablets (yes, I know, there are solutions, but these are not suitable for the mass market).
    This is a huge thing. Note however I don't claim to be the first Bluetooth hardware wallet, there is the Ledger Blue out there, but that's a high-high end device with a premium-premium price. Just doesn't fit any use case in my opinion.
    USB connections, and especially the USB HID device model is also a nightmare in terms of hardware security because any USB HID device could potentially to near to everything on your PC when you plug it in (behave as a keyboard, mouse etc.). BT is much more secure in that respect.

  • PIN entry will be done "just right" on the Dash Hardware Wallet. The Trezor uses this nerdy "shuffled keypad" thing to let you enter the PIN on the PC without the PC knowing the actual numbers. Explain that to your mom! The Ledger make you enter the pin with two buttons, well, that's easy to understand but extremely fiddly.

  • the Dash Hardware Wallet will use a reasonably sized display. To sign a transaction, it is essential that the user reviews the amount and destination address - if either is faked by a compromised PC / smartphone, all the hardware security means nothing! The Ledger Nano S has a tiny display unable to display a full-blown Dash address. This is essentially a security flaw (attacker might generate a 'similar' address which looks the same on the Ledger). Trezor is better, but still too small in my opinion, many peope would need their reading glasses to get that.

  • the Dash Hardware Wallet will have a rugged polycarbonate housing which doesn't mind being carried in your bag without any protection (of course, if you're the type of person wanting to prevent any micro scratch, go for a nice bag). We should be able to achieve a battery lifetime of 2+ years. We will try to even make the thing water proof (at least spill proof). I'm somewhat careful with this promise because this can be a daunting task. But we'll accept the design challenge.

  • the Dash Hardware Wallet will be the first hardware wallet which is clearly designed for mass production and mass adoption. Looking at both the Trezor and the Ledger, it's clear that these designs are neither extremely technically fancy nor cost effective in mass production. We can achieve this because the funding by the Dash Network allows us to design for a batch of 10,000 devices from scratch. In hardware design, this is a game changer for the development process.
Sorry this post is already much too long I suppose. Hope it at least answers your questions.
 
I also would very much like to see dash specific hardware, though I disagree that it shouldn't be re-purposed. When Evan talked about open source hardware / chips for processing blocks, he said that the open source nature would lower the price because it would open up a whole new product line and competition i.e. other Big Blockers could also use it. Which brings me to...

Trezor hardware is also open source and I'm wondering, maybe what you're offering is simply a trezor with a better display and a BT module bolted on. In which case, how did you get to such a high price? And while BT makes things convenient, I do feel somewhat happy that a trezor must be tethered before it can work i.e. no remote exploits possible. Perhaps you could make it with a physical switch that isolates the BT module and immune to electrical induction? Alternatively, NFC might be a better option?

I wonder if we could have this done as a sequence of proposals e.g. first pay for the hardware design.

And finally, don't be offended but the current design it's pretty ugly.
 
Oh yeah, and while we're at it, do you have particular ideas about security at border crossings?

Some countries are seriously trying to prevent crypto from getting around their capital controls.

Let's say for example that Venezuela proposes and pass a law that says if we catch you taking your money (dash) across a border (to leave the country) we're going to fine the hell out you and maybe put you in jail if we see you with a lot of Dash in your possession. And they can compel you to turn it on and give them your password.

Some have suggested that there be multiple passwords, one of which would reveal that you have 8 dollars worth of Dash on the device.

Or perhaps make it look like a gameboy or similar device with a fun little game or two you can play.

Well... A hardware wallet is definitely not primarily designed to evade customs and/or border security checks. Compared to just having the private keys on your phone or computer, it might be better anyways because we all know the stories that border control staff might want your computer or phone credentials. For the time being, they don't know what a hardware wallet is, so...

The idea with a "special PIN" is nice. One could also imagine an "erasure PIN", once entered the private keys are erased. Of course you might only want to do that if you have stored your recovery phrase in a secure, different location.

The gameboy thing is nice but I think we should focus on a device which is designed to make its primary use case as easy and intuitive as possible. So I wouldn't do this one.

-Roland
 
I also would very much like to see dash specific hardware, though I disagree that it shouldn't be re-purposed. When Evan talked about open source hardware / chips for processing blocks, he said that the open source nature would lower the price because it would open up a whole new product line and competition i.e. other Big Blockers could also use it. Which brings me to...

Trezor hardware is also open source and I'm wondering, maybe what you're offering is simply a trezor with a better display and a BT module bolted on. In which case, how did you get to such a high price?

If we bolted a BT module on a Trezor, that would an expensive device! Let me explain the details. The Trezor is basically just a single-chip solution featuring an STMicro STM32F205RE MCU. This chip was chosen because it has enough computing power for the job, and it has USB on-board. And the choice was great for that task.

A agree with you, you could just take that design, attach a BT module to it, emulate the USB HID abstraction layer on BT (heck, maybe there's a library that does just that, didn't care to look for it now). You would have this thing up and running in a couple of days, a more refined version in a couple of weeks.

However: this "hardware upgrade hack" leads to a product that ultimately has the same bill of material cost than the Trezor, just with an additional $8-$10 for a bluetooth module, battery circuit etc. etc. The Trezor currently retails at around $100, without BT!

What I'm proposing here is a design that scales for mass production. Current idea is to base it on NXP (formerly Freescape) KW41Z bluetooth SoC. This would enable a one-chip solution just like the Trezor, but in the BT space. Look at the numbers: we're aiming for a BOM cost of $22, which allows a retail price of $49!

So you mentioned the "high price": please consider that the $893k proposed include 10k devices. Even if you rated all of our design work with $0, still you get 10k devices priced $89.3 each. Which is cheaper than the Trezor retail price (of course they could make discounts on such figures, I'm only trying to make a point here).

But the point is: only shooting for this mass market thing is what enables the low price point at the end. We need a large, first batch of devices or we'll have another $100-solution in the market.

And while BT makes things convenient, I do feel somewhat happy that a trezor must be tethered before it can work i.e. no remote exploits possible. Perhaps you could make it with a physical switch that isolates the BT module and immune to electrical induction? Alternatively, NFC might be a better option?

There is no BT module, it's a SoC solution (which is the only cost effective solution if you aim for mass market design). But yes, the physical switch is absolutely planned: You would first have to enter your PIN or at least press the Dash button before the hardware wallet begins advertising itself as a BLE peripheral. So no button press, no radio activity.

Don't feel to secure about USB. While you're certainly correct that a USB connection is very difficult to exploit via radio, if you assume a scenario where your PC got malware on it, I'd not really trust your USB HID stack on the STM32 that much. In this case, BLE (not generic BT!) is probably much better, because your have a clearly defined radio interface.

NFC is not a good option, both in terms of adoption (many different variants, most notable Apple does it different than the rest of the world). And since this standard relies on delivering power by the radio, it is the godfather of all EMI attach schemes.

I wonder if we could have this done as a sequence of proposals e.g. first pay for the hardware design.

That's the reason why I proposed a 10 months timeframe. We'd deliver design results in the process, and as I understood that if MNOs didn't agree that we met our schedule, they could stop funding at any given time, right?

And finally, don't be offended but the current design it's pretty ugly.

I'm sorry. But not offended. Having done so many designs, unfortunately the experience is that some people will always like it, others not.

But then, this is only a "spend 3-4 hours on it" drawing. This is not what the finished product will exactly look like. But you don't really like the Trezor or Ledger better, do you? They're both ugly as hell?

-Roland
 
Done in stages to insert accountability and price adjustments, with the assurance of $xx cost per device.

Starting to look pretty attractive.

Regarding other tokens borrowing the concept and rolling their own, I'm not opposed to that provided we get first mover advantage. That question was primarily to get some assurance you don't work for some other coin and we're bankrolling their R&D.

If this takes off like gangbusters, the Masternode community can now own things and shares in companies.

What does the markup/profit margin look like on the next batch of 20,000?

Lot's of startups have a plan for if the money doesn't come in as fast as projected. Most startups have very limited plans for how to cope with overwhelming success.

It's not like we don't have the money...
 
Last edited:
I'm sorry. But not offended. Having done so many designs, unfortunately the experience is that some people will always like it, others not.

But then, this is only a "spend 3-4 hours on it" drawing. This is not what the finished product will exactly look like. But you don't really like the Trezor or Ledger better, do you? They're both ugly as hell?

:-D yeah, but unlike others, the trezor is super compact making it very good for concealment.

Anyway, maybe you can contract out the design, get something we can lust over.

With some refinement I would probably vote for this, though I think the first batch should be, say, 3000 and go to MNOs. This way we can approve the final design and discuss any possible tweaks. An OLED display would be preferred, and a physical switch to disable the BT module. With that, you could then put in a second proposal for a much larger order.
 
Done in stages to insert accountability and price adjustments, with the assurance of $xx cost per device.

Starting to look pretty attractive.

Regarding other tokens borrowing the concept and rolling their own, I'm not opposed to that provided we get first mover advantage. That question was primarily to get some assurance you don't work for some other coin and we're bankrolling their R&D.

No way. My (personal) motivation is to "put things into the world". To really see my products being used. And the chance to see that happen is the best with Dash, because the Dash project does focus on the key points: transactions being quick, cheap, safe/secure and reasonably anonymous.

If this takes off like gangbusters, the Masternode community can now own things and shares in companies.

What does the markup/profit margin look like on the next batch of 20,000?

In the final proposal, I will put more details into that. From the number already written down as above:

Therefore, we set a project goal of target cost (COGS) for the finished device of $22, which would in turn enable a future retail price (including all retail margins, shipping, duties etc.) of $49

COGS = cost of goods sold. It basically means that for us as a designer, the goal is that the total BOM (bill of material) for the product, starting from the PCB, all components, the housing, accessories, enclosure parts, also including assembly, testing etc. aims towards a cost of $22. This is basically the price of each unit, sitting on a palette at the doorstep of some Shenzhen factory.

Now these goods have to be shipped, imported, stocked, picked, shipped, ...

What you describe as "markup/profit" depends on how you look at it: if you do all the handling on your own (webshop), shipping on your own etc. maybe you can get down to a cost of $30, making a $19 gross profit per unit. If you decide to bulk-ship the $22 units to Amazon (or alike), they'll ask their fees, margins etc., you'll have to stick with a net profit of roughly $5-$10 per unit.

Still pretty good numbers. If you decide you can also market that product for $69, then the fun really starts. However, let's not forget that as of today, the main goal should be to promote the Dash ecosystem as a whole. So making a profit on those devices is OK, but we shouldn't squeeze this out.

Lot's of startups have a plan for if the money doesn't come in as fast as projected. Most startups have very limited plans for how to cope with overwhelming success.

Thanks dude you made my day. 100% agree. I was forced to do crappy designs in the past for startups, where the main goal was "deliver that in 8 weeks" and "development may only cost $10k". Well, you can deliver on that, however, unlike with software, the hardware you get out of that just doesn't cut it if all goes well and the customer just "now wants to order 10k of those devices". Don't even think of buying 10k of Arduinos and glueing them together... ;-)

-Roland
 
:-D yeah, but unlike others, the trezor is super compact making it very good for concealment.

Agreed on that. With the risk of disappointing you and solarguy and you: I still insist that concealment is not the top priority of a device like this. I don't say that there are no use cases for concealment. Maybe it's even a big thing for most Trezor users. But I don't want to create another "Nerd-only device". For that, Trezor and Ledger are good enough. I want to create the thing that "normal people" will use to pay with Dash. This is a much, much bigger market.

Look at the size comparison, this is why I added the 2€ / Quarter $ coin. If you want a 0-9 keypad (which I think you need), you cannot make it smaller. We have done lots of membrane keypads, if you do them smaller, people with thick fingers won't be able to operate them. Same goes for the screen: the letters you see on the screen are 6mm high. Go below this size and people will start asking for their reading glasses. The footprint of the thing is only slightly larger than a credit card.

Anyway, maybe you can contract out the design, get something we can lust over.

Good point. I will refine the proposal, we should have 3-4 design studies and get some feedback before choosing one of them.

With some refinement I would probably vote for this, though I think the first batch should be, say, 3000 and go to MNOs. This way we can approve the final design and discuss any possible tweaks. An OLED display would be preferred, and a physical switch to disable the BT module. With that, you could then put in a second proposal for a much larger order.

The thing is: there is no technical reason why we couldn't do it just like this. However: a 3k production batch will approximately be 60% of the cost of 10k. Development cost is the same. So, very roughly, cost drops from $893k to $713k.

But: what you consider "tweaks" will most probaby render all your certifications up for re-evaluation. It might dispose your injection molding tools, machine setups for assembly, stencils etc. It might even kill all your negotiated prices with contract manufacturers because of a "changed product". At the end, you'll have to pay another $350k for the tweak to make it ready for mass production.

Tweaks like this you can do to software. In hardware, you design for the masses or do a dirty prototype with a specific field trial in mind.

From your comments, I sense the need that we need to be as transparent and as accountable as possible on the project. How about more clearly defining milestones and decision points on the final proposal? Maybe even to make the timeline longer (smaller payments per month, ability to stop funding quicker if MNOs think we're not performing)?

-Roland
 
Agreed on that. With the risk of disappointing you and solarguy and you: I still insist that concealment is not the top priority of a device like this. I don't say that there are no use cases for concealment. Maybe it's even a big thing for most Trezor users. But I don't want to create another "Nerd-only device". For that, Trezor and Ledger are good enough. I want to create the thing that "normal people" will use to pay with Dash. This is a much, much bigger market.

Look at the size comparison, this is why I added the 2€ / Quarter $ coin. If you want a 0-9 keypad (which I think you need), you cannot make it smaller. We have done lots of membrane keypads, if you do them smaller, people with thick fingers won't be able to operate them. Same goes for the screen: the letters you see on the screen are 6mm high. Go below this size and people will start asking for their reading glasses. The footprint of the thing is only slightly larger than a credit card.



Good point. I will refine the proposal, we should have 3-4 design studies and get some feedback before choosing one of them.



The thing is: there is no technical reason why we couldn't do it just like this. However: a 3k production batch will approximately be 60% of the cost of 10k. Development cost is the same. So, very roughly, cost drops from $893k to $713k.

But: what you consider "tweaks" will most probaby render all your certifications up for re-evaluation. It might dispose your injection molding tools, machine setups for assembly, stencils etc. It might even kill all your negotiated prices with contract manufacturers because of a "changed product". At the end, you'll have to pay another $350k for the tweak to make it ready for mass production.

Tweaks like this you can do to software. In hardware, you design for the masses or do a dirty prototype with a specific field trial in mind.

From your comments, I sense the need that we need to be as transparent and as accountable as possible on the project. How about more clearly defining milestones and decision points on the final proposal? Maybe even to make the timeline longer (smaller payments per month, ability to stop funding quicker if MNOs think we're not performing)?

-Roland

I think we mostly agree and, of course, I'm not the only person with an opinion on this!

When I said about concealment, I was simply stating trezor's advantage, but as for this dash device, I'm okay with your vision. I just want a final design that looks better than a box of matches.

As for costs, I see your point and my only thought was, wouldn't it be nice if we could get a good grasp of the final product in use. Thus my thinking was, MNOs probably wouldn't mind paying a little more to test drive it before a bigger production.. but I could be wrong on that. You're right, a transparent process with regular updates would keep us at ease. Getting regular updates on some of the projects can sometimes be a problem.
 
I believe there is a need for a low cost hardware wallet, but I think you are asking for way too much money up front, without a working prototype and no track record with the community.

I suggest that you come at this incrementally and build a reputation with the Dash community by making value-add contributions.

I am trying to build a hardware wallet using a Raspberry Pi for less than $20. This is just me tinkering around, and I have zero expertise. With your expertise I'm sure you could come up with something to demo.
 
Keep in mind, on a day to day basis, I probably wouldn't be carrying this device around because when it comes to your example of paying for coffee, I'm okay keeping a small amount of crypto on Coinomi, or on a TenX debit card. For larger transactions, I would use a trezor et al. But then again, you said for mass market, in which case, how does this work with usernames on Evolution? And tbh, I would so much prefer a miniature device I could stick on the back of my phone. As it stands, the use cases I think you're saying are a) easier to use than trezor, b) more secure than trezor, and c) possible use as Point of Sale.
 
Does everyone's laptop / computer that runs full Dash node have Bluetooth? I guess I can plug in an adapter
 
i am not sure why we have to reinvent the wheel here when trezor and ledger are solid products are well maintained - support MNs and whatever else
my worry is to start a new hardware wallet - bug hunting - maintainance question - support - ....
is that really nessacery when we have 3 killer products out there ?
+
can't beat my trezor tbh
 
" I still insist that concealment is not the top priority of a device like this. I don't say that there are no use cases for concealment. Maybe it's even a big thing for most Trezor users. But I don't want to create another "Nerd-only device". For that, Trezor and Ledger are good enough. I want to create the thing that "normal people" will use to pay with Dash. This is a much, much bigger market.


Nice to have, not essential.

thx.
 
This would be a nice marketing feature. Trezors are nice, but here at Dash, we have our own custom designed hardware wallet.

It's a lot of money....
 
I agree with @dashdisciple

"This is a very exciting idea, and it's clear that a lot of thought went into it.

My concerns are mainly in regards to the timeframe, and the general risk of non-delivery.

Overall, I'd love to see this as an independent business that covered its costs from profits on units.

What it sounds like is that this concept needs a large loan/investment capital. It's being structured as a pre-paid buy for 10,000 units to be delivered in the future. The treasury's weak spot is in funding what would otherwise be privately held corporations.

If you could secure some type of legal contract with Dash core directly for this, I'd be in support.

Alternatively, if you came to the table with a more developed prototype and needed money to mass produce, I would be more in support."
 
I believe there is a need for a low cost hardware wallet, but I think you are asking for way too much money up front, without a working prototype and no track record with the community.

I suggest that you come at this incrementally and build a reputation with the Dash community by making value-add contributions.

I am trying to build a hardware wallet using a Raspberry Pi for less than $20. This is just me tinkering around, and I have zero expertise. With your expertise I'm sure you could come up with something to demo.

Jim, thanks for your comment.

I understand that your main concern is whether we really can and will deliver what we promised. I totally agree that this is an issue we need to solve. I'm not trying to ask for a bunch of money for nothing.

However, I strongly disagree that the amount proposed is too high for what I have outlined as a result. If you get 10k devices with the features I proposed for $893k, from my point of view that's a great value. If we'd disagree on that, then I'm out.

Unfortunately, building some "Raspberry Pi prototype" does not help in reaching the 10k target. We're talking about a professionally designed hardware here, not just some tinkering. A Raspberry Pi is the wrong platform to start, as it will never qualify as a hardware wallet (this thing is essentially a Linux PC, with all the security issues such a complex system has, so you might as well put your private keys directly on the PC). The basic idea of a hardware wallet is to be as less complex as possible, only perform the absolute minium required function (private key storage, transaction verification + signing).
 
Back
Top