Tapsigner: Bitcoin Security Meets Convenience? – Bitcoin Magazine
Bitcoin company Coinkite has launched its latest hardware wallet, Tapsigner, in an effort to facilitate self-storage bitcoin cold storage.
The product, which resembles a credit card more than traditional hardware wallets, comes in at $40 and aims to serve as a more intuitive Bitcoin signing device to onboard a wider range of people around the world into more secure bitcoin self-storage setups.
Challenges in self-storage of Bitcoin
Bitcoin self-storage is not easy. It’s come a long way over the years, but it’s arguably still far from intuitive.
Hot wallets, those where the private keys remain “hot” online on a phone or computer, are perhaps the most popular bitcoin wallets given their convenience. The user just needs to download an app to the phone, create the wallet, write down the recovery words – and voila, it’s ready to use. The trade-off is of course security: – being connected to the internet makes this setup more vulnerable to hacking, theft and other attacks.
The alternative, cold wallets, keep the private keys “cold” offline, increasing security, but at the expense of ease of use. Cold storage solutions usually require the user to go through many more steps to move bitcoin. While it may be a feature rather than a bug for larger holdings, a less fluid transaction experience can be a pain for smaller stacks of bitcoin.
So, what is the solution?
Loser: A Contender for The “Lukewarm” Middle Ground
Coinkite’s Tapsigner attempts to bridge the gap between the hot and cold storage worlds with a more intuitive user experience.
The new product, which has already started shipping to consumers, has a secure element – the security chip inside hardware wallets – in an NFC card. Not only does this allow for greater portability since it’s the size of a typical credit card, but also allows users to interact with their bitcoin holdings in an already familiar way — tap to pay, or in this case, tap to sign.
In the background, Bitcoin transactions work in phases. First, the transaction is constructed by the user – or the application – selecting the inputs (the addresses that send the bitcoin), the amount to be sent, the amount to be paid in fees and the outputs (the addresses that receive the bitcoin). Then the owner of the entrances must divorced the transaction; Philosophically, this is the owner of the funds saying, “I own this bitcoin and approve this transaction.” The transaction is then broadcast to the peer-to-peer network so that nodes can check its validity.
While there are risks associated with each step in the process of building, signing and broadcasting a transaction, signing is arguably the most important as it directly authorizes the movement of funds. This is where Tapsigner comes in. The card aims to take what’s good about hot wallets –– convenience –– and merge it with what’s good about cold storage –– security –– at a lower price than traditional hardware wallets.
When used with a hot wallet, such as a phone wallet, Tapsigner maintains the transaction building and broadcasting processes as a responsibility of the phone while taking on the burden of signing – providing more security compared to pure hot storage and more convenience than traditional cold storage one would set up for their life savings. It is the middle ground where more frequent transactions can lend the security of a hard cold storage setup.
Software wallet compatibility
Since Tapsigner purely signs transactions, it relies on a software wallet. However, not every wallet is compatible with the card.
At the time of writing, users can utilize the Nunchukthe bitcoin wallet known for its multi-user approach to multi-signature, for having Tapsigner as the key for a single, a key in a multisig, or both. Like any private key, the card can be used in a variety of ways with different wallet structures.
Software wallet options other than Nunchuk will be available soon, and the next to be fully compatible with Tapsigner is likely to be the Hexa Wallet. The popular BlueWallet currently has an open PR to merge NFC features into the project.
Get into the weeds
Tapsigner comes without private keys. The card leverages Bitcoin’s cryptography library in its secure element to generate the keys before first use using the software wallet. The user can let the wallet provide entropy (randomness needed to create a “good” private key) or alternatively provide it themselves. The card combines the entropy given with secret entropy, which it chooses itself, to actually generate the keys in Tapsigner.
Private keys generated by the card comply with BIP 32 instead of BIP 39. In other words, the card follows extended private keys (XPRV) instead of the now popular mnemonic seed phrases. In practice, this means that users interested in backing up their private keys will not be able to store the backup as 12 or 24 words; rather, an encrypted backup of the private key file is required.
When the user requests a backup copy of the private keys, Tapsigner encrypts the keys with the 16-byte key printed on the back of the card. Therefore, to recover the wallet, the user will need the encrypted private key file as well as the decryption key printed on the back of the Tapsigner. If the card is lost, the user can only use these two data to get money back. (So it might be worth writing down the key on the back of the card on paper.)
Although the software wallet may prompt the user to store the file in cloud storage, it should be noted that symmetric encryption – used in this process – is not as brute-force resistant as asymmetric encryption. Although the chances of compromise are still low, users are encouraged to store the backup file offline and protect the encryption key.
Other (future) candidates
Other entrepreneurs and companies are also interested in bridging the gap between hot and cold storage to find the best of both worlds. Jack Dorsey, the tech billionaire who co-founded Twitter and the financial firm Block, formerly known as Square, is perhaps the most famous of them.
Block announced plans to build its own hardware wallet in October 2021, and earlier this year detailed what the approach would look like. The plans include a mix of software and hardware products, which the user can leverage to achieve their own optimal balance between security and convenience.
Block will create a mobile application and have it as the main interface for customer interaction, while the hardware wallet will be a simple, screenless NFC device with fingerprint authentication used only to sign larger transactions on the app.
However, there is not yet a clear timeline for when Block’s product might be released.