The World Needs An Open, Cheap & Ultrasecure Hardware Wallet!
What is the Coinkite Coldcard? It's a Bitcoin hardware wallet, so it signs transactions and can be used offline.
-
BIP39 based, which means you can backup the secret words onto paper, and have lots of sub-accounts and unlimited independent payment addresses. Now with BIP39 passphrase support, unlocking up to 5.9e197 additional wallets from the same seed words!
-
It knows how to understand transactions, so you can see what you are approving.
-
The first "Partially Signed Bitcoin Transaction Format" - PSBT (BIP 174) native wallet which can be used completely offline for its entire lifecycle. See HWI for Bitcoin Core support!
NEW: Mk3 Released!
- New security features and more powerful processor.
- Read the blog announcement.
- Available now for a limited time at special early-bird prices!
Mk2 Features and Improvements
- Physical Buttons! Click-Click-Click
- Better power management & ESD protection
- Tempest anti-monitoring features for keypad scanning & power savings by removing touch keys
- More physical protection on sensitive traces, improving security between secure element and main micro
- See hardware mitigation discussed in our recent blog post
- Boot security improvements: includes updates to foil and/or detect MiTM attacks
- "SHOOT THIS" marker for effective device destruction
- Activity LED for MicroSD card slot
- Software-only improvements will also work on older Mark1 devices
But it's different!
-
NO specialized software required. It accepts standard PSBT transaction (BIP 174) stored on an MicroSD card. NO companion 'app' on your computer, works with the major wallets already (Electrum, and more to come).
-
It's cheap! Simple packaging, plain design, no fancy boxes, no redundant cables.
-
It's ultrasecure! Real crypto security chip. Your private key is stored in a dedicated security chip, not the main micro's flash.
-
Easy back-up! MicroSD card slot for backup and data storage. This allows truly offline signing, by transferring the unsigned/signed transactions on sneakernet.
-
Open source software design runs Micropython and you can change it.
Other features:
-
Full-sized numeric keypad makes entering PIN easy and quick.
-
Larger 128x64 OLED screen.
-
Sign text messages to prove control over private key.
It's an open platform, and we are working on lots of new features, like:
-
Participate in multisig wallets, with other signers.
-
Encrypt/decrypt secret messages (stored on MicroSD or otherwise).
Bulk orders
If you are already an Opendime reseller or NEW and interested in reselling, reach out to support for orders over 50 quantity.
How It Works
Duress/Secondary Wallet Feature
To limit the damage from rubber-hose attacks...
We provide an optional "secondary PIN code". If you enter that PIN code, instead of the "real" PIN code, nothing special is shown on the screen and everything operates as normal... However, the bitcoin key generated is not the main key. It is effectively a completely separate wallet!
To take best advantage of this feature, you should put some Bitcoin into the secondary accounts. How much you are willing to lose or what you need to make it plausible, we don't know.
The "duress" wallet will still be derived from the original BIP39 words, so you don't need to back it up separately, but there will be no way to get from that wallet back to the original wallet with the real funds in it.
We now support BIP39 passphrases so you can also create an unlimited supply of distraction wallets.
Key Storage
We find it a little scary that existing Bitcoin wallets trust the main microprocessor with their valuable secrets.
The Coinkite Coldcard uses
Microchip's ATECC508A
to store the critical master secret (for the root BIP32 HD wallet).
This little chip is very powerful: it does SHA-256 hashing and includes
an internal true random number generator (TRNG). Combining those features, and with careful protocol design, we can enforce cryptographically,
that the attacker must know the PIN to access the secret. An attacker cannot
brute-force all 10,000 combinations of a four-digit numeric code: the search space is
2**256 not 10**4. This remains true even if they removed the chip from
the board or fully-replaced the firmware in the main microprocessor.
More details are available in this white paper and the complete source code is available as well.
Genuine vs. Caution Lights
To resist Evil Maids, and other sneaky people with physical access to your Coldcard, we will sign our firmware with a factory key. During boot-up, the firmware's signature will be verified and the appropriate Green/Red light set. Changing that light's status is actually controlled by dedicated circuitry, so a rogue bit of software cannot override it. The control circuit for this is exposed on the top surface of the product, so any physical tampering by those maids will be visible as well.
Firmware Upgradable and Expandable
This product is firmware upgradable in the field. Updated firmware must be signed by the factory, but we can allow third party software to run as well.
We have so much internal protection for the master secret, that we feel it's safe to allow potentially hostile firmware onto this platform. If you don't feel safe doing that, then it's a choice you can make.
We're hopeful that altcoin proponents will be able to take our system and extend it to support their specialty crypto coins. It should help that all of the firmware is written in MicroPython.
Debug Mode
Upon entering the unlock code (PIN) and selecting the appropriate menu item, we will even support REPL access over USB. This means you can type python commands directly into the product! You might use this to develop new features, create special transactions, or do special signing requests.
As a developer, you can also download the source and compile it yourself to personalize your Coldcard.
Online Documentation
Documentation is online here.