We’ve seen it in the films. Someone’s forced with violence to give up sensitive data and allow a bad actor to extract wealth from a hostage.
Adding Plausible Deniability to a Bitcoin Wallet
Bitcoiners worry about this, too. On forums where enthusiasts of the cryptocurrency hang out, a popular refrain for some is: “if someone had a gun to your head, you’d probably give up your bitcoin wallet private key.”
Fair enough. But a particular bitcoin hardware wallet, which boasts some of the space’s most experienced coders, thinks it has found somewhat of a technical solution to this age-old conundrum.
The wallet, Digital Bitbox, features plausible deniability as part of its operations. So, what if a government, bully or cold-blooded criminal tries to force you to open your bitcoin wallet?
“Use plausible deniability,” co-founder and programmer Douglas Bakkum proposes. “This is done in two ways. A secondary password can be set that accesses a fully functional hidden wallet. Put some change in it to add plausibility. Or, in case you are forced to recover a wallet from a backup, entering the wrong password will create a valid but different wallet. One could put some change there too.”
Less Is More
A mantra for Digital Bitbox is ‘security in simplicity.” What does this mean?
“Less code means less things that could go wrong and makes auditing the code easier, like finding the things that can go wrong,” suggested Bakkum, whose partner on the open-source hardware wallet project is bitcoin core developer Jonas Schnelli “The physical design is purposely nondescript and minimal in order to avoid unwanted attention.”
Maybe the most unique feature of Digital Bitbox is the backup and recovery process. “We use an onboard slot for a micro SD card, which gives a number of advantages along with much greater convenience to the user,” he explained.
An SD card is not required during normal use. It is only when creating a new wallet, or when reloading a wallet from a saved backup.
“The backup process is completely offline and completely automated such that the only thing an owner needs to do is put the SD card somewhere safe,” Mr. Bakkum explains. “Other wallets require a lengthy and somewhat tedious process of writing down a list of 12 to 24 words as a backup, and on recovery, re-entering the long list of words, often through an interface connected to the internet.”
With Digital Bitbox, secrets — like passwords and keys — never touch the internet. “A side benefit of our approach is the simplicity and speed to create, reload, and switch between different wallets,” he says. “One could make a wallet for a savings account and another for a checking account. Or one could exchange coins, offline and privately, by exchanging an SD card.”
The backup is saved as a PDF file on the micro SD card for convenience. “The micro SD card can be plugged into a trusted printer if one wishes to also make a paper backup.”
Backups are a string of characters that is the wallet’s seed. “The seed in combination with the device password is used to derive the wallet’s BIP32 extended master private key,” Mr. Bakkum goes over. “This is functionally equivalent to an encrypted wallet but better. Specifically, the derivation purposely takes a lot of computational time, which greatly reduces the possibility to brute force attack the backup.”
“The firmware is signed with our company keys,” says Mr. Bakkum. “Only the correct signed firmware can be run, which means that a hacker cannot steal your device and install malicious code. The firmware is deterministically built, which means that an owner can, by oneself, build the code and load it onto the device in order to be sure that what is on the Github repository is really what is on the device. In other words, the firmware can be trusted without the need to trust us.”
Security Chip Isolation
Perhaps Digital Bitbox’s most notable product is its security chip. “All keys and passwords are stored isolated on a separate high-security chip designed specifically to keep your secrets secret,” explains the co-founder and programmer. “The chip contains physical security features to stop an attacker from physically reading data on the chip. This includes tamper detectors for voltage, temperature, frequency, and light, an active metal shield over the circuitry, and internal memory encryption. The point is to make accessing the data too time-consuming and requiring too costly of equipment to be worth the effort.”
This might be considered overkill in most cases. “For us, It is one of multiple steps we take that will make attackers give up before they start, and instead seek easier targets,” he says. The chip has a 50-year lifespan.
Despite a litany of techie features, the hardware wallets overall goal is to keep it simple.
“The minimalist design is important for both security and simplicity,” says the Digital Bitbox co-founder. “It is a guiding principle for us, for example, when thinking about the user experience, the code on the device, and product design. A primary goal is to make the user experience as simple and straightforward as possible. In general, making cryptocurrencies easy is an important issue in the community and an obstacle to more widespread adoption.”
What do you think about plausible deniability in the bitcoin wallet space? Let us know in the comments below.
Images courtesy of Shutterstock and Pixabay.
Can you remember your first-ever bitcoin purchase? For hundreds of us it was some kind of bitcoin-related swag to show the world we supported the digital economy. Try spending your first bitcoins at our bitcoin.com Store – there’s bitcoin clothing, accessories, art, even bitcoin wallet hardware and research reports. Start your journey down the rabbit warren now.
New Bitcoin Wallet Features Plausible Deniability