BlueWallet:The Secure Bitcoin Wallet

Christian Decker

ETH Zurich � Distributed Computing Group � www.disco.ethz.ch

I Global

I No intermediary

I Instantaneous

I Pseudonymous

I Secure?

I Global

I No intermediary

I Instantaneous

I Pseudonymous

I Secure?

Security

Bitcoin:

I Ledger based on consensus

I ECDSA (secp256k1) signatures

I Auditable

User:

I Theft

I Price instability

I Legal uncertainty

I . . .

Security

Bitcoin:

I Ledger based on consensus

I ECDSA (secp256k1) signatures

I Auditable

User:

I Theft

I Price instability

I Legal uncertainty

I . . .

Opening an account in Bitcoin

Private Key Public Key Address

Transferring bitcoins

TX: 41b221

B0.1

0

A4.798

1

A4.899

Prev. TX:

a1a53743

4.899

0

C...

1

Inputs Outputs|Outputs

Fee

0.001

Transferring bitcoins

TX: 41b221

B0.1

0

A4.798

1

A4.899

Prev. TX:

a1a53743

4.899

0

C...

1

Inputs Outputs|Outputs

Fee

0.001

Transferring bitcoins

TX: 41b221

B0.1

0

A4.798

1

A4.899

Prev. TX:

a1a53743

4.899

0

C...

1

Inputs Outputs|Outputs

Fee

0.001

Transferring bitcoins

TX: 41b221

B0.1

0

A4.798

1

A4.899

Prev. TX:

a1a53743

4.899

0

C...

1

Inputs Outputs

|Outputs

Fee

0.001

Transferring bitcoins

TX: 41b221

B0.1

0

A4.798

1

A4.899

Prev. TX:

a1a53743

4.899

0

C...

1

Inputs Outputs

|Outputs

Fee

0.001

Transferring bitcoins

TX: 41b221

B0.1

0

A4.798

1

A4.899

Prev. TX:

a1a53743

4.899

0

C...

1

Inputs Outputs|Outputs

Fee

0.001

Securing User Wallets

Protecting private keys is paramount.

Insecure Secure

Di�cult

Easy

Securing User Wallets

Protecting private keys is paramount.

Insecure Secure

Di�cult

Easy

Securing User Wallets

Protecting private keys is paramount.

Insecure Secure

Di�cult

Easy

Securing User Wallets

Protecting private keys is paramount.

Insecure Secure

Di�cult

Easy

Securing User Wallets

Protecting private keys is paramount.

Insecure Secure

Di�cult

Easy

Securing User Wallets

Protecting private keys is paramount.

Insecure Secure

Di�cult

Easy

?

Goals

I Mobile (Point-of-Sale payments)

I Easy to use

I Real-time payments

I Secure

Result

Front Back

Technical Details

Communication Chip

I Bluegiga BLE113 (8 bit)

I 8 kB RAM

I Always on

I Handles communication

I Handles user interaction

Crypto Chip

I STM32 F20RE (32 bit)

I 512 kB RAM

I On demand

I Performs crypto operations

I Stores private keys

There are currently no secure cryptocoprocessors with ECDSA secp256k1.

Technical Details

Communication Chip

I Bluegiga BLE113 (8 bit)

I 8 kB RAM

I Always on

I Handles communication

I Handles user interaction

Crypto Chip

I STM32 F20RE (32 bit)

I 512 kB RAM

I On demand

I Performs crypto operations

I Stores private keys

There are currently no secure cryptocoprocessors with ECDSA secp256k1.

Technical Details

Communication Chip

I Bluegiga BLE113 (8 bit)

I 8 kB RAM

I Always on

I Handles communication

I Handles user interaction

Crypto Chip

I STM32 F20RE (32 bit)

I 512 kB RAM

I On demand

I Performs crypto operations

I Stores private keys

There are currently no secure cryptocoprocessors with ECDSA secp256k1.

Walkthrough

BLE Coprocessor

User

Interface

Point

of Sale

Bitcoin

Network Device

address

outputs

unsigned TX

TX

PIN

PIN

(PIN,unsigned TX)

signed TX

signed

TX

signed TX

con�rm

ation

Walkthrough

BLE Coprocessor

User

Interface

Point

of Sale

Bitcoin

Network Device

address

outputs

unsigned TX

TX

PIN

PIN

(PIN,unsigned TX)

signed TX

signed

TX

signed TX

con�rm

ation

Walkthrough

BLE Coprocessor

User

Interface

Point

of Sale

Bitcoin

Network Device

address

outputs

unsigned TX

TX

PIN

PIN

(PIN,unsigned TX)

signed TX

signed

TX

signed TX

con�rm

ation

Walkthrough

BLE Coprocessor

User

Interface

Point

of Sale

Bitcoin

Network Device

address

outputs

unsigned TX

TX

PIN

PIN

(PIN,unsigned TX)

signed TX

signed

TX

signed TX

con�rm

ation

Walkthrough

BLE Coprocessor

User

Interface

Point

of Sale

Bitcoin

Network Device

address

outputs

unsigned TX

TX

PIN

PIN

(PIN,unsigned TX)

signed TX

signed

TX

signed TX

con�rm

ation

Walkthrough

BLE Coprocessor

User

Interface

Point

of Sale

Bitcoin

Network Device

address

outputs

unsigned TX

TX

PIN

PIN

(PIN,unsigned TX)

signed TX

signed

TX

signed TX

con�rm

ation

Walkthrough

BLE Coprocessor

User

Interface

Point

of Sale

Bitcoin

Network Device

address

outputs

unsigned TX

TX

PIN

PIN

(PIN,unsigned TX)

signed TX

signed

TX

signed TX

con�rm

ation

Walkthrough

BLE Coprocessor

User

Interface

Point

of Sale

Bitcoin

Network Device

address

outputs

unsigned TX

TX

PIN

PIN

(PIN,unsigned TX)

signed TX

signed

TX

signed TX

con�rm

ation

Goals

I Mobile

I Easy to use

I Real-time payments

I Secure

?

Goals

I Mobile

I Easy to use

I Real-time payments

I Secure

?

Goals

I Mobile

I Easy to use

I Real-time payments

I Secure

?

Goals

I Mobile

I Easy to use

I Real-time payments

I Secure

?

Goals

I Mobile

I Easy to use

I Real-time payments

I Secure ?

Security

TX: 41b221

B0.1

0

A4.798

1

A

Fee

Prev. TX:

a1a53743

4.899

0

C...

1

Send previous transactions to BlueWallet

Security

TX: 41b221

B0.1

0

A4.798

1

A?

Fee

?

Prev. TX:

a1a53743

4.899

0

C...

1

Send previous transactions to BlueWallet

Security

TX: 41b221

B0.1

0

A4.798

1

A4.899

Fee

0.001

Prev. TX:

a1a53743

4.899

0

C...

1

Send previous transactions to BlueWallet

Conclusion

I Mobile

I Easy to use

I Real-time payments

I Secure

Thank you, questions?

Authors:

Tobias Bamert

Christian Decker

Roger Wattenhofer

Samuel Welten

ETH Zurich � Distributed Computing Group � www.disco.ethz.ch