Replying to Avatar openoms

Planning to show this setup tonight:

Truely FOSS Satochip javacards https://github.com/Toporin/SatochipApplet initialized with an airgapped, stateless nostr:npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl .

The cards act as a hardware wallet without a display, but with a PIN protected secure element. Mess up the PIN 10 times and the card is bricked. Blanks cost ~2 dollars with chip, ~5 dollars with NFC support. Can compare with #TapSigner, #BitKey and alike.

Find the modded images supporting the smartcard readers here: https://github.com/3rdIteration/seedsigner/releases

Parts:

- a generic smartcard reader (here ACR39U https://a.aliexpress.com/_EzkLWc9 + microUSB adapter)

- can use the same cards as the SpecterDIY

Notes: https://gist.github.com/openoms/510b2876cab19e15c4190456ea8aad82

nostr:note1hatuatxl5hajvh6xdfy3pqkuc0hna2azaap3y6sza3nc6jnpk7lsz7tlkv

Avatar
openoms 1y ago 💬 5

Wrote a quick guide about using an initialized Satochip smart card with Sparrow Wallet: https://github.com/openoms/bitcoin-tutorials/tree/master/satochip#get-started-with-satochip

As these javacards are essentially $5 hardware wallets (with no screen, but using a Secure Element) are great to give bitcoin in a physical form.

This short guide is for the ones receiving them.

To initialize the cards one could use TailsOS offline with Sparrow Wallet or Electrum or a modded version of Seedsigner: nevent1qvzqqqqqqypzp2kq0k2s388x4hcghy2k6s7p5j44jnrpxzmaevfwcxvsprzcrx30qyw8wumn8ghj7mn0wd68ytngw4eh5mmwv4nhjtnhdaexcep0qy38wumn8ghj7mt4d36xjurvv4ux2u3wdp6hx7n0dejkw7fwwahhymry9uqzpaca0y00n4qs4k5drhwaz99vuy78r6ddqxu7hwxy8xghj45knkh5jgfqlz

Reply to this note

Please Login to reply.

Discussion

Avatar
optout 1y ago

In this setup the Satochip only stores the private key, or it also does the signing?

Avatar
openoms 1y ago

It does store the private key and does the signing also.

It only not capable of generating the seed itself so that is needed to be loaded once from an external source using Sparrow Wallet, Electrum Wallet or the modded Seedsigner.

Once the seed is in the card it cannot be exported and the signing is protected by a 4-16 character PIN.

Avatar
optout 1y ago

I assume the JavaCard has to be initialized with bitcoin-specific software (for signing). I wonder which step does that? Or is that not covered by this guide?

Avatar
openoms 1y ago

Loading the Satochip java applet to the javacard is what I refer to as the DIY version of Satochip. It takes seconds to prepare them. Here are my notes, follow the links and readmes in the linked repos for more details: https://gist.github.com/openoms/510b2876cab19e15c4190456ea8aad82#file-satochip-javacard-applet-install

Avatar
optout 1y ago

OK, got it, thx for the clarification! Cool stuff!