Bitcoin is a kind of internet information asset. We are very clear that the security risk of an internet information asset is much greater than for a physical asset.
Information security risk falls into two categories: risk of information leakage, and the risk that the integrity of information is destroyed.
1.1 Risk of information leakage
Ownership and control of network asset are only realized through the accounts and passwords.
Bitcoin is an extreme example of this, as the private key is everything. Bitcoin account address can be derived from the private key; this is totally different from all network assets we know before. As for other network assets, the account name and password are not mathematically associated; they only have a corresponding relationship in the database. Failure to recognize this huge difference is a major reason why a lot of rookies lost a lot of Bitcoin.
Bitcoin payment is done by the private key signature.
All current Bitcoin wallets are vulnerable to hackers, because the private key generation, decryption, signing , transaction information broadcast are all done by a software that is connected to the internet, making it possible for hackers to steal the private key through the network and thus get all the coins.
In short, if the private key is connected to the internet via an automated program, then it is not secure.
1.2 Risk that the integrity of information is destroyed
As mentioned above, the private key represents the ultimate control of Bitcoin. Loss of the private key results in irreversible loss of bitcoin in the account.
Since the private key (encrypted or not) is stored in a file in a computer (or smartphone), and the computer is always running many other programs, Bitcoin is easy to get lost due to poor backup or computer system failures, this kind of loss happened very often in the early times, someone even lost ten thousand coins at a time.
So, Bitcoin account has huge risks both in theory and practice, we need effective technical solutions. This is the fundamental reason why we decided to develop a Bitcoin hardware wallet.
2. Principle of improving Bitcoin account security
Based on the analysis above, we can come to a conclusion: to improve Bitcoin account security, we must realize the following three indispensable requirements:
2.1 Independent hardware carrier
Only when the Bitcoin hardware is independent is the private key difficult to be stolen by hackers and not vulnerable to computer malfunctions.
2.2 Not connected to the internet
Only when it is disconnected to the internet is it impossible for hacker to invade and steal the private key.
2.3 No automatic communication with online devices
Internet is just one of many communication channels, there are many other channels, such as NFC, Bluetooth, USB, COM, etc.. As long as automatic communication is possible, the private key can be automatically sent by a backdoor program via the communication channels to the internet. Because many kinds of communication are wireless, this risk is bigger than we think.
Let’s combine the three requirements discussed above into one sentence: we need to store the private key in an independent physical carrier that has no automatic communications with devices connected to the internet.
The physical carrier is vividly called a "hardware wallet".
Now, many people buy a computer and install bitcoin-qt, and do not do any other things on this computer for the sake of safety. Essentially, this computer is a hardware wallet. So, compared to a computer, it is obvious that a dedicated hardware wallet is much better in terms of cost, ease of use, and safety.
Paper wallet, brain wallet are also hardware wallets in a broad sense, they are low-cost solutions, and have their own advantages and disadvantages. Obviously, if cost is not a major concern, a dedicated hardware wallet is a better choice.
3 The Compositions of Hardware Wallet Solution
Although it is called “Hardware wallet”, it is actually a technical solution including several hardware, software ,and communication protocol. It falls into such 5 parts as following:
3.1 Offline Hardware(the “Hardware wallet”). Store and execute the offline side software of hardware wallet, and store the private key. Provide the user interface and hardware device to communicate with the online hardware.
3.2 Online Hardware. It may be any computer, cell phone or server. Store and execute the online side software of hardware wallet. Provide the hardware device to communicate with the offline hardware.
3.3 Offline side software. Receive payment commands, sign transactions, and send the signed transactions to the online side software.
3.4 Online side software. Send payment commands to the offline software, receive signed transactions from the offline side software and broadcast to the Bitcoin network.
3.5 Communication Protocol. A data exchanging protocol to connect the offline and online software. It is independent to the offline and online software. This means that everyone can develop offline and online software based on this protocol and all these softwares are compatible.
This system completely shield the private key from the online software, and improve the safety of the Bitcoin account. And more important, this mechanism needs 0 trust between the offline and online software thanks to the manual intervention in the signature process, the open communication protocol between the offline and online software, and multiple confirmations from the offline and online softwares. In other words, the Bitcoin will not be lost even if either or both of the offline and online software is malicious software.
Therefore it is unnecessary for these software to be open sourced to get the users’ trust because opening source is a very important reason of malicious software (if source is open,malicious software can be easily made by adding Trojan into the source code; if source is not open, cracking is needed before adding Trojan, this greatly increases the difficulty).
The other value of this system is the ownership of the offline system and the online system can be completely separated. For example, the customer pays in a merchant, the payment is done by the interaction of offline system (hardware wallet) possessed by the customer and online system possessed by the merchant. The complexity of using this hardware wallet will not be higher than that of original all-in-one wallet, or even lower (for example, it is unnecessary to install any software; it will save lots of internet flow and fee compared to the cell phone wallet; the payment still can be finished where there is no mobile network signal if the merchant is connected to the cable network).
4 Selection of Communication method
The communication method of hardware wallet shouldn't be automatic communication based on the title 2 analysis above; it must be digitalized because the Bitcoin is a digital currency. Only few communication methods can satisfy both conditions. As a conclusion, the best communication method is QR code. QR code has such characteristics as following:
4.1 No Automatic Communication and Indispensable Manual Intervention.
There is a snapshot process in the QR code usage. And this process is completed under manual intervention to aim the camera at the screen. The existence of this process makes automatic communication thoroughly impossible, and completely shuts any potential backdoor.
4.2 Digitalized Communication, Very Low Transmission Error Rate
QR code is digital. The design of QR code has included fault-tolerant mechanism, so its transmission error rate is very low.
4.3 General protocol, Very High Compatibility
QR code is a popular protocol. QR code information can be easily read if you have a camera and a QR code scanner. Now cameras are built in smart phone, tablet computer, and notebook computer, so users don't need to buy a camera, so it is of great help to popularization.
4.4 All Visual, Guaranteed Security
Although QR code couldn’t be read directly by human, but the code image and the analyzed information are full equivalents. It is equal to possess a third party notary that every general QR code screener can analyze the code information. Thus the user can be fully aware of the payment target and amount in a transaction. Such hardware wallet is perfectly secure.
5 Brief Workflow
The brief workflow of hardware wallet is as following:
5.1 Create a user account in a hardware wallet (fill in password, generate a public and private key pair, use the password to encrypt private key. Only save the encrypted private key)
5.2 Apply for receiving Bitcoin fromhardware wallet (display the address, amount, and QR code)
5.3 Payer retrieves the address (copy the text or scan the QR code)
5.4 Payer pays
5.5 Hardware wallet requests to refresh the balance (QR code displays the address)
5.6 Online software receiveds the request to refresh balance (scan the QR code)
5.7 Online software gets the transaction record of this address from the Bitcoin network
5.8 Online software displays the transaction record (QR code)
5.9 Hardware wallet receives the transaction record (scan the QR code)
5.10 Hardware wallet gets the payment address and amount (scan the QR code or manually input)
5.11 Hardware wallet generates unsigned payment transaction
5.12 User inputs the password and hardware wallet signs the transaction
5.13 Hardware wallet displays payment transaction (QR code)
5.14 Online software screens the payment transaction
5.15 Online software verifies the payment transaction (user can confirm manually)
5.16 Online software broadcast this transaction to the Bitcoin network
Postscript on security:
For receiving Bitcoin, receiver needs to do nothing after the transaction because the Bitcoin network will automanually record it. Thus don't worry about the risk during receiving. All risks come from sending Bitcoins.
Transaction is directly displayed as QR code via standard communication protocol, and any unnecessary or false information will be recognized immediately. So there is no risk of private key leakage.
User can analyze the transaction information with reliable devices (if necessary, try to use devices that are not connected to the internet) and software (third party verification software or open-sourced verification software) to find out whether there are malicious actions (if there is private key information in the QR code, if the payee address is the original user-inputted address).
Thus this hardware wallet solution totally avoids the safety risk of Bitcoin in theory. No one can steal Bitcoin out of it even if the developer embeds malicious code.
Therefore, the user can have 0 trust on the hardware wallet provider and this is in accordance with the 0 trust principle of Bitcoin.
6 Communication Protocol
The safety of hardware wallet is at risk only when hardware wallet outputs information (maybe leak private key), so now we publish all the output communication protocols. They are all plaint texts, and can be read by any QR code reader.
operation sender item length content
command 1 0xbc
currency type 1
information length 2
wallet file 153 Bitcionj standard wallet format
check code 4 HASH
apply for synchronization offline
command 1 0xff
currency type 1
address length 2
address 34/35 string type address
last sync time 8
last sync trx ID 32
send transaction offline command 1 0x88
total pages 1
page number 1
currency type 1
data length 2
transaction data length
the type of the transaction information is the standard type of Bitcoin protocol:
packetmagic 4 package header
command 12 information package type(transaction)
message.length 4 package length
hash 4 package doubledigest
hash 32 former transaction HASH
index 4 which output of the trx
scryptbytes 106~107 signature and public key
sequence 4 ffffffff
value 8 payment value
scryptbytes 25 address
locktime 4 0