Bitcoin company Coinkite has launched its new hardware wallet, Tapsigner, in an effort to facilitate the self-custody of bitcoins in cold storage.
The product, which looks more like a credit card than traditional hardware wallets, costs $40 and aims to serve as a more intuitive bitcoin signing device to onboard a wider range of people around the world on car setups. – safer Bitcoin storage.
Bitcoin Self-Custody Challenges
Bitcoin self-custody is not easy. It’s come a long way over the years, but it’s still arguably far from intuitive.
Hot wallets, those in which private keys stay “hot” online on a phone or computer, are perhaps the most popular bitcoin wallets given their convenience. All the user has to do is download an app to their phone, create the wallet, write down the recovery words – and voila, it’s ready to use. The tradeoff is of course security: – being connected to the Internet makes this setup more vulnerable to hacking, theft and other attacks.
The alternative, cold wallets, keep “cold” private keys offline, increasing security but at the expense of usability. Cold storage solutions usually require the user to go through many additional steps to move their bitcoin. While this might be a feature rather than a bug for larger holdings, a less smooth transaction experience can be a pain for smaller bitcoin stacks.
So what is the solution?
Tapsigner: a competitor for the “lukewarm” happy medium
Coinkite’s Tapsigner attempts to bridge the gap between the hot and cold storage worlds with a more intuitive user experience.
The new product, which has already started shipping to consumers, brings a secure element — the security chip inside hardware wallets — into an NFC card. Not only does this allow for better transportability as it’s the size of a typical credit card, but it also allows users to interact with their bitcoin holdings in an already familiar way –– tap to pay, or in what case, press to sign.
In the background, Bitcoin transactions work in phases. First, the transaction is built by asking the user –– or the application –– to select the inputs (the addresses sending the bitcoin), the amount to send, the amount to pay in fees, and the outputs (the addresses receiving the bitcoin). Next, the owner of the inputs must sign the transaction; philosophically, it’s the owner of the funds saying, “I own this bitcoin and I authorize this transaction.” The transaction is then broadcast to the peer-to-peer network so that nodes can verify its validity.
While there are risks associated with every step in the process of building, signing, and broadcasting a transaction, signing is arguably the most important as it directly approves the movement of funds. This is where Tapsigner comes in. The card aims to take what’s good in hot wallets — convenience — and join it with what’s good in cold storage — security — at a lower price than traditional hardware wallets.
When used with a hot wallet, for example a phone wallet, Tapsigner maintains the processes of creating and issuing transactions as a responsibility of the phone while taking on the burden of signing – providing more security compared to storing at pure hot and more convenience than traditional cold storage that one would put up for their savings. This is the middle ground where more frequent transactions can borrow the security of a hardened cold storage setup.
Software Wallet Compatibility
Since Tapsigner only signs transactions, it relies on a software wallet. However, not all wallets are compatible with the card.
At the time of writing, users can take advantage of the Nunchukthe bitcoin wallet famous for its multi-user approach to multi-signature, for having the Tapsigner as key for a single-sig, a key in a multisig, or both. Like any private key, the card can be used in multiple ways with different wallet structures.
Software wallet options other than Nunchuk are coming soon, and probably the next one to become fully compatible with Tapsigner is Hexa Wallet. The popular BlueWallet currently has open PR to merge NFC capabilities into the project.
Get into the weeds
Tapsigner comes without private keys. The card leverages the Bitcoin cryptography library in its secure element to generate keys before first use using the software wallet. The user can let the wallet provide the entropy (the randomness needed to create a “good” private key) or provide it themselves. The card combines the provided entropy with the secret entropy, which it selects itself, to actually generate the keys in the Tapsigner.
The private keys generated by the card respect BEEP 32 instead of BEEP 39. In other words, the map adheres to extended private keys (XPRV) instead of the now popular mnemonic seed phrases. In practice, this means that users interested in backing up their private keys won’t be able to store their backup in 12 or 24 words; instead, an encrypted backup of the private key file is required.
When the user requests a backup of the private keys, Tapsigner encrypts the keys with the 16-byte key printed on the back of the card. Therefore, to retrieve the wallet, the user will need the encrypted private key file along with the decryption key printed on the back of the Tapsigner. If the card is lost, the user can simply exploit these two data to recover funds. (Thus, it may be helpful to write the key on the back of the card on paper.)
Although the software wallet may prompt the user to save the file to cloud storage, it should be noted that symmetric encryption – used in this process – is not as brute force resistant as asymmetric encryption. Although the risk of compromise is still low, users are advised to store the backup file offline and protect the encryption key.
Other (future) suitors
Other entrepreneurs and businesses are also interested in bridging hot and cold storage to find the best of both worlds. Jack Dorsey, the tech billionaire who co-founded Twitter and the financial services company Block, formerly known as Square, is perhaps the most famous of them.
Block has announced its intention to create its own hardware wallet in October 2021, and earlier this year detailed what his approach would look like. The plans include a combination of software and hardware products, which the user can leverage to achieve their own optimal balance of security and convenience.
Block will create a mobile app and make it the main interface for customer interaction, while the hardware wallet will be a simple screenless NFC device with fingerprint authentication used only to sign larger transactions on the app.
However, there is no clear timeline yet as to when Block’s product will be released.