Proposal: The Dash Hardware Wallet - Phase 1

Yep, I know the coolwallet, and I know people like it for being thin.

I don't like to say negative things about other products, and you won't hear anything bad about Trezor, Keepkey and the like because I really think they're good products.

However with coolwallet, this is a seriously flawed design. They offer security options which completely defy the purpose of a hardware wallet: as a user, you need to check the amount and destination address of an outgoing transaction on the wallet. With a screen as tiny as they have, that's not really practical (for the destination address), so they pretty much left this option out by default.

Our goal was to have a clear, reasonably sized screen. As for batteries, we have chosen batteries that are available everywhere (AAA), and we aim for a runtime of 1-2 years. Yes you can make that thing very thin with a LiPo cell, but then you'll have to recharge every week. We think that's not practical.

I do not deny your design, but if you want to carry it, a little smaller is better.
Your product is really great.
 
I do not think the features you are solving are problems...YET? Maybe the stakes are not high enough yet? Would we feel the same way when DASH has a 1T market cap? Maybe you are too early with this idea, everything is timing and our velocity will give us feedback when the wheels start shaking. Maybe you should rebrand as a skunk works project? Check out Rivetz and Fuzo in the meantime, there might be some gold in them hills.
 
But if accidently insert a USB stick will malware in your bitkey system, you're screwed immediately.

I have not a bitkey system, because I have not too many cryptocurrencies. My whole fortune is 1.5 Dash and 1.5 PIV.

But suppose I build one day a bitkey system. This system resides into a usb stick. How possible is to boot a system with the bitkey usb, then insert a second unsafe usb ? This is very impossible to happen as mistake, and you must be tottaly nuts if you are doing this. As long as I am not insane, I consider the above senario impossible to happen to me.

Additionally, If I were unable to compile a bitkey system, I would ask/pay a person who I trust to compile it, sign it and send it for me. For example @UdjinM6 and his team, who you trust already, when they code your masternode system. The core team writes things you can only trust, as long as you are unable to understand. And the trust the dash community puts to them, worths almost the whole Dash coins, and not only the few dash coins you are going to put into your bitkey system.

Asking persons you know and trust to compile, sign and digitally send you a safe system, is a much better tactic, than trusting all the below custody.
I need to trust Trezor developers. I need to trust your production line. I need to trust every single entity on the shipping route incuding your fulfillment company, the mail carrier, my mail man.

I always trust persons much more than I trust companies.
 
Last edited:
I have not a bitkey system, because I have not too many cryptocurrencies. My whole fortune is 1.5 Dash and 1.5 PIV.
[...]
But suppose I build one day a bitkey system. This system resides into a usb stick. How possible is to boot a system with the bitkey usb, then insert a second usb ? This is very impossible to happen as mistake, and you must be tottaly nuts if you are doing this. As long as I am not insane, I consider the above senario impossible to happen to me.

Well, what you describe as "happen as a mistake" is the official and supposed way to use bitkey.

I suppose you might wan t ot use bitkey in "high security" mode (let's forget about "medium security" mode here, because this mode means to run a full online browser within bitkey, which is not much better than run a native Linux installation anyway). In "high security mode", if you want to create a transaction, you create the (unsigned) transaction on your normal PC, copy this transaction to a USB stick. Then you boot up bitkey (from the bitkey USB). You remove the bitkey USB stick, then you insert your second USB stick (the one with the unsigned transaction). You sign that with your wallet within bitkey, then broadcast it (via scanning a QR code).

Taken straight from their documentation https://bitkey.io/, click on "Usage".
 
Well, what you describe as "happen as a mistake" is the official and supposed way to use bitkey.

I suppose you might wan t ot use bitkey in "high security" mode (let's forget about "medium security" mode here, because this mode means to run a full online browser within bitkey, which is not much better than run a native Linux installation anyway). In "high security mode", if you want to create a transaction, you create the (unsigned) transaction on your normal PC, copy this transaction to a USB stick. Then you boot up bitkey (from the bitkey USB). You remove the bitkey USB stick, then you insert your second USB stick (the one with the unsigned transaction). You sign that with your wallet within bitkey, then broadcast it (via scanning a QR code).

Taken straight from their documentation https://bitkey.io/, click on "Usage".

I meant insert a second UNSAFE usb.
Because the bitkey system always consists of TWO SAFE usb sticks, which are ALWAYS kept TOGETHER in a keyport.

keyport-pivot-black.jpg
 
Last edited:
You've come back with a more refined proposal but I wish you had submitted it again for discussion instead of diving right in, assuming you had it perfected.

In my mind, your competitor is crypto debit cards. And I'm just not convinced you've made a compelling enough reason for me to carry that debit card and this device. Think about the human psychology. When I go out, I just want to carry three things; keys, wallet, phone. And, actually, if I can get away not carrying my wallet, even better.

Current mode of operation: every few weeks, I load spending money onto my crypto debit card. If I get hacked, I've only lost a small fraction of all I own. I'm not going to buy a device to protect small amounts of money and, equally, I have no desire to carry lots of dash everywhere I go. For exceptional expenses, I can make arrangements with my debit card provider, or I can use an existing hardware wallet.

What I want: I want my existing hardware wallet to support dash from the phone (not just bitcoin). It should not cost $1M+ to achieve this. I would rather that kind of money go towards retailer integration projects.

Btw, simplicity would mean no pin pad, it would integrate some kind of biometrics.
 
I meant insert a second UNSAFE usb.
Because the bitkey system always consists of TWO SAFE usb sticks, which are ALWAYS kept TOGETHER in a keyport.

Yes, that's right. And the second USB sticks gets plugged into the "unsafe, Internet-connected PC" every now and then (to save the unsigned transaction on it). So if you have malware on your Internet-connected PC, guess how "safe" your second USB stick still is.

But I think we have gotten a little off-topic here. Let's agree on the point that there is a way to use bitkey which is probably "much better" than just using a hot wallet on the PC.
 
You've come back with a more refined proposal but I wish you had submitted it again for discussion instead of diving right in, assuming you had it perfected.

[...]

What I want: I want my existing hardware wallet to support dash from the phone (not just bitcoin). It should not cost $1M+ to achieve this. I would rather that kind of money go towards retailer integration projects.

Btw, simplicity would mean no pin pad, it would integrate some kind of biometrics.

I get your point.

On the other hand, I have invested much time and effort into this proposal and the prototypes of this product. I believe the proposal would create a very valuable output for the Dash community for a development cost of $300k (your quote of $1M+ is incorrect here, because you mix up production cost, which is in a later phase and has nothing to do with the effort to create a product). Biometric integration would be nice, but I don't give that a chance for anything near $300k.

To be completely honest, I don't think I am able to create more value to the Dash community than what I have proposed. So it's time to put this to the vote now. I it turns out the proposal will fail, well, of course we'll be disappointed. But life will continue, and we'll give birth to other babys. I won't take it personally - I have created many products, and it's normal that some ideas just don't make it into a product. Time will then tell if it was a bad idea or a missed chance.
 
Yes, that's right. And the second USB sticks gets plugged into the "unsafe, Internet-connected PC" every now and then (to save the unsigned transaction on it). So if you have malware on your Internet-connected PC, guess how "safe" your second USB stick still is.
The second usb stick is always initially hard formatted by the booted bitkey system before being used. Isn't it?
No virus can survive after a hard format, but If you can prove the opposite, I will believe you.
But I think we have gotten a little off-topic here. Let's agree on the point that there is a way to use bitkey which is probably "much better" than just using a hot wallet on the PC.
I agree with this.
 
Last edited:
Back
Top