Market Cap
24h Vol
2272
Cryptocurrencies
15595
Markets
2018-08-18 15:31:13

Cold Card™ - new era hardware wallet

Why risk it with an ETF when you can have it all in your hand?

Cold Card wallet needs no website or computer to operate, unlike Trezor or Ledger. The security chips use secure elements, and pins can be programmed to brick the wallet in a duress situation. Back up of the wallet is accomplished through removable hi reliability, military grade SD cards available on the site.They are shipping NOW. Next level security for the truly paranoid.

Coinkite Cold Card

What is the Coinkite Coldcard? It's a Bitcoin hardware wallet, so it signs transactions and can be used offline.

  • BIP39 based, which means you can backup the secret words onto paper, and have lots of sub-accounts and unlimited independent payment addresses.

  • It knows how to understand transactions, so you can see what you are approving.

  • The first PSBT (BIP 174) native wallet which can be used completely offline for it's entire lifecycle.

BUT IT'S DIFFERENT!

  • NO specialized software required. It looks like a hard drive, so you can drag and drop files into it. NO companion 'app' on your computer, works with the major wallets already.

  • It's cheap! Simple packaging, plain design, no fancy boxes, no redundant cables.

  • It's ultrasecure! Real crypto security chip. Your private key is stored in a dedicated security chip, not the main micro's flash.

  • Easy back-up! MicroSD card slot for backup and data storage. This allows truly offline signing, by transferring the unsigned/signed transactions on sneakernet.

  • Open source software design runs Micropython and you can change it.

OTHER FEATURES:

  • Full-sized numeric keypad makes entering PIN easy and quick.

  • Larger 128x64 OLED screen.

It's an open platform, and we expect other "apps" in time, like:

  • Sign text messages to prove control over private key.

  • Participate in multisig wallets, with other signers.

  • Encrypt/decrypt secret messages (stored on MicroSD or otherwise).

 

HOW IT WORKS

DURESS/SECONDARY WALLET FEATURE

To limit the damage from rubber-hose attacks...

Cold Card™ provide an optional "secondary PIN code". If you enter that PIN code, instead of the "real" PIN code, nothing special is shown on the screen and everything operates as normal... However, the bitcoin key generated is not the main key. It is effectively a completely separate wallet!

To take best advantage of this feature, you should put some Bitcoin into the secondary accounts. How much you are willing to lose or what you need to make it plausible, we don't know.

The "duress" wallet will still be derived from the original BIP39 words, so you don't need to back it up separately, but there will be no way to get from that wallet back to the original wallet with the real funds in it.

KEY STORAGE

We find it a little scary that existing Bitcoin wallets trust the main microprocessor with their valuable secrets.

The Coinkite Coldcard uses Microchip's ATECC508A to store the critical master secret (for the root BIP32 HD wallet). This little chip is very powerful: it does SHA-256 hashing and includes an internal true random number generator (TRNG). Combining those features, and with careful protocol design, we can enforce cryptographically, that the attacker must know the PIN to access the secret. An attacker cannot brute-force all 10,000 combinations of a four-digit numeric code: the search space is 2**256 not 10**4. This remains true even if they removed the chip from the board or fully-replaced the firmware in the main microprocessor.

More details are available in this white paper and the complete source code is available as well.

GENUINE VS. CAUTION LIGHTS

To resist Evil Maids, and other sneaky people with physical access to your Coldcard, we will sign our firmware with a factory key. During boot-up, the firmware's signature will be verified and the appropriate Green/Red light set. Changing that light's status is actually controlled by dedicated circuitry, so a rogue bit of software cannot override it. The control circuit for this is exposed on the top surface of the product, so any physical tampering by those maids will be visible as well.

FIRMWARE UPGRADABLE AND EXPANDABLE

This product will be firmware upgradable in the field. Updated firmware must be signed by the factory, but we will allow third party software to run as well.

Cold Card™ have internal protection on the master secret, so we feel it's safe to allow potentially hostile firmware onto this platform. If you don't feel safe doing that, then it's a choice you can make.

We're hopeful that altcoin proponents will be able to take our system and extend it to support their speciality crypto coins. It should help that all of the firmware is written in MicroPython.

DEBUG MODE

Upon entering the unlock code (PIN) and selecting the appropriate menu item, we will even support REPL access over USB. This means you can type python commands directly into the product! You might use this to develop new features, create special transactions, or do special signing requests.

 

As a developer, you can also download the source and compile it yourself to personalize your Coldcard.

 

Hardware Features

Cold Card Hardware Features

Callout Description
1 Display (128x64 pixels, OLED)
2 MicroUSB connection to PC.
3 MicroSD card slot. Push to eject.
4 Genuine light (Green)
5 Caution light (Red)
6 Numeric keypad. Plus X (Cancel/Refuse) and OK (Checkmark/Accept). Arrows keys on 5,7,8,9 for menus.
7 DFU Button (hole). Not used outside of the factory.

Micro SD Cards

  • Cards up to 32G are supported. Must be FAT formatted (either FAT32 or FAT12)
  • For best performance and long life, we recommend our specialized cards, available on our store, with SLC (single level cells) and higher endurance.
  • Since our storage needs are very modest, smaller cards are fine.
  • We do not guarantee to support all cards ever made, or yet to be made.

Micro-USB Cable Required

  • Use any Micro USB cable to connect to a computer or battery pack.
  • We strongly recommend using a battery pack or AC adapter during setup and seed choosing.
  • Some battery packs may power down because the Coldcard draws very little current, and the pack thinks the attached device is "done charging". It's best to avoid these "smarter" battery packs. Wall adapters (AC to USB) work well.

Genuine / Caution Lights

There are two lights (LED's) marked as Genuine (green) and Caution (red). These lights are directly connected to the Secure Element of the Coldcard. Their purpose is to indicate the flash contents have not changed since your last use of the Coldcard.

When you power up the Coldcard, you should see a Verifying... screen and then the green (genuine) LED will light. This means the flash memory has the correct contents. There is no way for trojan software to change this light to green without your PIN.

Obviously, the Coldcard from the factory will have a green light, and after each firmware upgrade, we update the checksum that is performed so the light will be green again. The only time you should see a red light is during a firmware upgrade process (the first time you enter the PIN after the upgrade), and briefly during power-up sequence when the verification is on-going.

Important

Do not enter your PIN code into what might look like your Coldcard if the light is red! You should assume someone has tampered with it's firmware, and it might operate normally, but in fact be trying to steal your money.

For more technical background on this security feature please have a look at this whitepaper

 

Cryptonews - Cryptocurrency Tracker & World Blockchain News

Cryptonews - Cryptocurrency Tracker & World Blockchain News shows the most accurate live prices, charts and market rates from trusted top crypto exchanges globally. Cryptonews - Cryptocurrency Tracker & World Blockchain News have over 1600+ cryptocurrencies, trusted historical data, and details of active, upcoming and finished initial coin offerings.