Tuesday, January 28, 2014

Encryption is a GO!

Successfully added the code to handle encryption!

Current features (with more to come in later versions):

  • Micro USB charged internal LiPo battery.
  • 1.8" Color LCD display.
  • Dual SD card storage/loading system (one removable SD card for loading new addresses and locking/unlocking the device, one internal SD card for encrypted storage)
  • Without the unlock code present on the removable SD card device will not boot, allowing you to lock the device and unlock it with any SD card containing the proper user-defined passcode.
  • Device lock is secured with SHA-256.
  • Private keys are protected by AES-256 CBC.
  • Displays saved private keys in plain text and/or QR codes.
  • Supports all current cryptocurrencies.


Lots more to do yet in the form of cleaning up the code, adding some error prevention, a little more refining on the encryption process, and making the GUI a little prettier.  Once I am a little more satisfied with the performance of the software, I will be looking more into custom PCBs (as everything was prototyped on retail breakout boards and a Teensy) and possible production options.  It is 9PM where I am now, so I don't have time to make one tonight, but there will be another video coming in the next few days showing how everything functions.  Also, **if there is anyone out there with a 3D printer** I am hoping to get a prototype enclosure made for it soon.
Posted by at 1 comment:

Sunday, January 19, 2014

File IO now working!

Posted a new video showing current progress...Since last time, I have gotten the file IO for both the secure and unsecure SD card worked out and finished most of the associated code.  Currently you can view stored addresses saved on the secure side and import new addresses from the unsecure, storing them on the secure side.  The video contains a demo of how that is done.  I have also added the lock/unlock option, requiring a user defined pass-phrase to be present on the unsecure SD card to allow the device to boot past the splash screen.

The last major process that needs to be implemented is encryption.  I have several libraries to choose from that look like they will be incredibly easy to use, so I don't expect this to take too terribly long to finish.  The user entered text that acts as a lock-code is going to be stored in the devices EEPROM after a hash with SHA-256 so that even if the EEPROM is compromised it will not give up information that will bypass the lock.  As for address encryption, when an address is loaded to the secure card from the unsecure it will undergo some form of AES encryption, which mode depends on how much available RAM I have left when it get to it, but I the libraries I have found offer many options to balance security and performance.

After that, it is a matter of cleaning up...Adjusting the menu system to allow multiple "pages" of addresses if more than 10 are stored, optimizing the code, prettying up the UI, adding error correction, and any other features I decide to add.

In the mean time, if there is anyone out there with a 3D printer that is interested in helping me out with a prototype enclosure, let me know and I will give you details on dimensions and such!
Posted by at No comments:

Closer and closer...

I now have the multi-SD card functionality worked out which took a while...The SdFat library required to work with more than one is considerably more complex than the SD library I was used to using in the past.  Now that I have that going, I have most of the File IO finished, minus some error checking and over-write protection to keep existing keys from being lost when adding new keys.  Here soon a new video will be posted detailing the rest of the changes and progress.
Posted by at No comments:

Sunday, January 5, 2014

Finally moving along!

It has been longer than I intended since the last update, and most of that was spent waiting for parts to get here in the mail...Now that they have, things are moving quickly.  Here is a quick video showing what I have done so far:



I have gotten my SD card readers, new LCD screen, and my Teensy 3.1's in and all the code for the display and controller updated from the libraries I was using for the old screen.  I have also gotten the QR code generation library modified for my purposes and it runs great!  It took a long time to find a library that did everything I needed it to without being to intense to run on a microcontroller.

Many things left to do...The next big step is getting all of the file manipulation code completed.  It is taking more library modification to get things to work with multiple SD cards, but that should be knocked out in the next few days.  The process is basically going to be:


  • Check EEPROM to see if device is locked
  • Check unsecure SD card for unlock code
  • Check unlock code against data in EEPROM
  • Load list of keys from secure SD card
  • Display/delete keys from secure card
  • Load new keys from unsecure card and store them on the secure card before removing them from the unsecure card
  • Associate labels with each key to be displayed on screen.
After all that is done, then I will move on to the encryption for the keys stored on the secure card, as well as the unlock code to be stored in EEPROM.
Posted by at 1 comment:

Monday, December 23, 2013

Crashwallet - Offline Digital Cold Storage/Backup Bitcoin Wallet.

The beginning...

It was December 18th and I was sitting at my computer, tinkering with the small OLED screens that had been sitting around unused for a month when I started to see red...Bitcoin took its heaviest hit in months and the charts visible out of the corner of my eye started looking more and more grim...Updates, rumors, and panic about China's new policy on Bitcoin were fly fast...I needed a distraction...

Over the next couple hours, I tried my best to ignore what was going on and came up with an idea...I was going to make myself a cold storage wallet with an LCD to read out QR codes...THAT should distract me for a while...A couple hours later I had this:







Nothing too special, but a success on the distraction front.

So, shortly after that I made this post on Reddit:

http://www.reddit.com/r/Bitcoin/comments/1t5xa9/knocked_out_a_quick_prototype_while_watching_the/

The number of responses and level of interest completely blew me away...I received a massive amount of feed back and suggestions about hardware, encryption, features, etc...


One week later...

 Copied from the most recent Reddit post:

##############

Hello again guys, I was asked to keep giving updates on the hardware cold storage wallet I started working on about a week ago, so here is the first one. (I plan to do them weekly if I can.)


From now on I am calling this the "Crashwallet" since I first started working on it while watching the Dec 18th crash unfold. Since then I have been hard at work sifting through half a dozen different libraries I have found to handle QR code generation, reading up on encryption and storage options, and ordering some other components.


  • QR codes - Despite trimming as much fat as I can from the libraries I have found that support version 3 codes (the minimum needed for bitcoin addresses) I have been unable to shrink one down to a level the Arduino Pro Mini I used for the original post can handle. (For the record, I am modifying the same library that is used on the Trezor.) This is actually good and bad...Good because it means I will need to upgrade the microcontroller I was using, allowing room for more features, but bad because I don't have any on hand at the moment. 


  • Encryption - Honestly, most of the time I have spent in the last week working on things has been try to tackle the QR libraries, so I have not gone to far in depth here. I have decided to do things a bit differently than in my first post however. Either I am going to use two SD card slots, one (easy to remove) that contains the encryption keys and the method for loading new unencrypted private keys, and a second (device must be disassembled to remove) on which the device will store the encrypted private keys...The other option will be a single SD card to load the private keys and encryption keys and use the microcontroller's internal storage for the encrypted private keys. This of course depends on reliability, and if I am not satisfied with the NVRAM's ability to retain data I will explore other methods. 


  • I have also ordered a few new components to experiment with. I mentioned in another post that donations I received paid for a pair of microSD breakout boards and a LiPo battery/charger from Adafruit (the only component source I know of accepting Bitcoin so far). Also from Adafruit, I ordered a couple different LCD displays. One, is a smaller monochrome dot-matrix LCD used in older Nokia phones which I am hoping will provide an extremely low power consumption option, but will probably not be in my final version...The other, which I am more likely to use, is the 1.8" color LCD that comes paired with a microSD board. This screen is rectangular, leaving room for a simple menu to still be visible while still displaying a QR code and since it includes a card slot, will simplify things considerably. 


  • Upgraded microcontroller...As I mentioned above, the Arduino just could not hack it (surprise surprise) so I also have a couple Teensy 3.1's on the way which are considerably more powerful and will allow for several other options to be added, namely an onscreen menu, onboard encryption, a prettier user interface, and much faster response time among other things. 


The downside is, now I have to wait for things to get here in the mail...Unfortunately, I am on a US Army base in South Korea for another couple months and it is Christmas time, which means the mail runs PAINFULLY slow, so most of what I ordered probably will not be here for another week or two...Thankfully, any day now I should be receiving my Spark Cores which are very similar and should let me get started on the coding while I wait. Until then, I am going to keep streamlining the QR library, reading through some very promising encryption libraries I have found, and working on the code for the user interface.

#############

One day later (today)...


Today, I am looking into getting some graphic design done for me that will eventually become the loading screen for the LCD as well as a logo for the project for me to plaster all over the web and getting this blog setup so anyone interested can better follow my progress.
Apart from that, I have the user interface mostly planned out and just have to wait for the parts I ordered to arrive.
Posted by at 1 comment:
Subscribe to: Posts (Atom)