Date: 2 May 2018
Author: Michael Schloh von Bennewitz
Contact: [email protected]
IRC-contacts: msvb-lab, msvb-mob
Title: Advancing the Monero Hardware Wallet
Related to: RFC-HWALLET-1, RFC-HWALLET-2, RFC-HWALLET-3, RFC-HWALLET-4
Get Monero Hardware Wallets
The progress in question has allowed RFC-HWALLET-1 to conclude on time and on budget!
The status of this proposal is:
PENDING FUNDING PLEDGES
In reverse cron order.
20180502 Closed RFC-HWALLET-1 milestones
Finalised injection molding bids
Emphasized immutable bootloader
Collected reddit mentions
20180412 Added recent plastics quotes
Reduced cost of plastics bids
Corrected according to exchange
Replaced DefCon promotion (on request)
20180325 Publish version 0.9
Added requirements text
Added second edition image
Corrected OTA to DFU (David)
Removed DefCon promotion
20180324 Publish version 0.8
Added license and legal
Added budget and workflow
Added scope and deliverables
Added author and project plan
20180322 Publish version 0.7
Added draft sections
20180318 Proposal creation
20180126 Meeting Genesis
Note: PLEASE REMEMBER THAT THE DELIVERABLES (SEE SECTIONS 'DELIVERABLES' AND 'SCOPE CREEP') IS A PCB AND ENCLOSURE DESIGN, ALONG WITH DRAFT FIRMWARE AND SUPPORTING DOCUMENTS.
- Quality: The project is bodacious (bold and audacious)
- Marketability: Attention on user needs through market survey
- Availability: Build your own and commercial models supported
- Usability: Simple and intuitive, one hour learning time
- Reliability: Provision for seed backup with guidance
- Featureset: Early wallet firmware features¹
- Accessibility: One hand one finger operation
- Maintenability: User facilitated manual flashing
- Invulnerability: Prohibitive intrusion effort
- Integrity: Full display of public addresses
- Use coverage: Diverging user and developer features
- Choice: Feature rich design is selectively populated
- Capacity: Maximum density of circuits and minimum case
- Open natured: Hardware and firmware designs are published
- Extensibility: Design with common FOSS applications
- Legal clarity: Avoidance of NDA and closed source
- Novice service: Firmware first run hand holding
- Easy powering: USB-C power over any standard cable
- Mobility: Untethered operation for limited features
- Assurance: Release engineering backed assurance
- Supportability: Leverage of existing channels
- FW testability: Test plan enforcement of Q&A
- Documentation: Comprehensive developer documents
- Responsive: Firm button switches (tactile clicks)
- Understandability: Clear confirmation UI (backlit touch)
- Visibility: High contrast low profile display
- Convenience: Possible zero volt ePaper display
- Size constraints: Standard mechanical limitations
- Perception: Smoother-than-FDM consumer enclosure
- Hackability: Hybrid (PLA and acrylic) enclosure
- Portability: Design merged to and from other projects
¹ Collected from first generation (simplewallet) operations able to complete in an untethered environment (no mining nor IP networking.)
- Physical stability
- Appropriate (heat, life) glue
- Glueless fitting where possible
- Moisture ingress nanocoating
Left over from last cycle
- Screw holes and threading
- Progressive materialise
- User input mechanics
- Capacitive touch testing
- Extensive untethering
- Tap detection circuit
- Alternate ePaper display
- Enclosure facilitation
- Enclosure security
- Firmware security
- Side channel hardware defense
- Passphrase plausible deniability
- Firmware features
- Demonstration mode
- Familiar functions
- Complementary seed storage
- Branded paper kit
- Cryptosteel equivalent
- Power supply integration
- USB-C interop testing
- Lithium battery research
Efforts have yielded hardware wallet designs, and proven a Monero established hardware engineering workflow. The promise of a community controlled hardware wallet remains popular, and work towards financial independence begins in this proposal. The goal is a market entry to become self sustaining and eventually require no community fundraising.
This second development cycle integrates the existing hardware design with a new immutable bootloader, off chip firmware copy, fused deposition modeling and injection molded enclosures, documentation and peripherals. During this time, resources are used for development and to distribute test devices.
Considering that the previous half year cycle concluded on time and on budget, requirements of this proposal are likely to be met or exceeded.
The Monero hardware wallet is a printed circuit board design, immutable bootloader, draft firmware, plastic enclosure design, peripherals design, and supporting documentation.
The project is particularly vulnerable to scope creep. Attempts at consensus on how to react to changing requirements are not planned. Rather, a compromise (maintaining pace of progress) is reached by attending nearly all Monero development meetings and reporting accordingly.
Teambuilding efforts is inclusive, and if contributors work out of scope the deliverables will include their contributions.
Michael is a computer scientist with 20 years of industry (software, telecom, embedded systems) experience. He trains engineers at Black Hat, Hack Miami, and undisclosed locations. Michael designs and produces (not for sale) hardware in his circuits lab. He worked with the inventor of mod_ssl at Cable & Wireless, has contributed to Mozilla and the Tor Project, and trained groups using MbedTLS with Atmel secure elements.
He is a Monero citizen ([email protected]) in good standing, and lightweight user of other cyptocurrencies (Ethereum and Bitcoin.) He earned the trust of colleagues and students using custom derivatives of Bus Pirate, FRDM, and NodeMCU shield devices, as well as larger companies (references on request) assigning first generation SBC hardware shield extensions on contract.
||Completed in last funding round
||Reverse engineering device stock²
||Developer kits (SE, FPGA, CPLD, BTLE)
||Chip and memory programmers
² SC4-HSM, Trezor-T, Coldcard, Mooltipass, and similar
Passive and IC Components
||Paste, substrate, nozzles
||PLA, ABS, and other filament
||SLA resin and container tanks
||1.4301 (Aisi304) steel sheets
||Acrylic and Plexiglas
Facilities and Services
³ ABS or hybrid, any cost underrun allows for otherwise unplanned developer edition production
Travel and Promotion
||DefCon and other promotions⁴
⁴ DefCon village, DefCon demolab, and BSides to service existing demands
Trips to remote manufacturing locations (Shenzhen, Hongkong, Hangzhou) will not be taken unless necessary, for example when a flight is cheaper than postal shipping or acting as a courier yields a customs free import. In those cases, the trip cost is absorbed by the resource savings (with nothing new to add.)
||Lost contracts reimbursement⁵
⁵ Estimated by crossing vectors 6 months lapse, proximity obligation, and hour loss.
A 20% buffer is in place to lower risk of production loss or delay. This is partly due to component and service instability (like past LED shortages) and partly due to monetary fluctuation.
||Fulfillment of requirements
Note: The base rate is calculated according to last month's average 172 € XMR exchange rate. The current price is 202 €.
Machinery in use is too numerous to mention. A local maker lab offers a quarter million euros worth of equipment in twelve rooms. Preexisting (owned, borrowed, or otherwise accessible) resources including SLA printers, solder injectors, JBC rework stations, vapour phase reflow ovens, pick and place, and four (!) CO2 laser machines will be used while consuming no budget.
Portions of this proposal may be defunded according to degree of fundraising success. This may lead to unplanned scenarios:
- Unexpected scope reverse creep
- Cancellation of injection moulding
- Replacement of bootloader development
- Reduction of PaaS documentation systems
- Cancellation of some promotion deliveries
- Fewer test systems leading to reduced QA work
- Introduction of new budget items to fund plastics tooling
The actions and features at risk would still be worked on a best effort basis. To be clear, this
proposal has no defunded budget items and all resources (see 'Budget') will be procured in the most expedient and inexpensive way.
Software engineering develops a second stage bootloader to replace the current factory stock bootloader. This allows for a device that requires no extra UI for boot or reset circuits, and streamlines the appearance. The first stage bootloader will be migrated to a device (probably the CEC1702) that supports a immutable bootloader and secure boot.
Either (immutable or second stage) bootloader may assist the next generation secure MCU (probably CEC1702 based) to verify all on chip code according to the Monero Project's secret key.
A locking memory or programming block is not planned (allowing for maximum user control.)
Firmware is the part of a hardware wallet located in the microcontroller's internal flash storage.
While supporting Monerujo-hw firmware, this generation of devices will depart from STM32 specific constructs. A set of libopencm3(3) based interfaces allow modular feature selection at buildtime. For example, a board lacking intrusion detection ICs may receive a smaller and less expensive flash storage, by tuning firmware size according to hardware needs. In addition to libopencm3(3) (via GNU GCC/ARM), MBed, PlatformIO, and CryptoAuthLib (possibly via MPLabX/Eclipse) research will preclude a decision on a firmware development platform.
Unit and regression testing is conducted on second stage bootloader and firmware. Because common virtualization systems don't emulate Cortex-M (low power) environments, this promises to be a worthy challenge.
Mechanical engineering results in enclosures for both developer edition and consumer edition.
To support the hacker creative mentality, the developer edition enclosure release is a set of portable modelling source files as well as generated Standard Triangle Language (STL) files. A document serves to guide the developer when preparing slice files (in GCode or equivalent) for a FDM or SLA technology 3D printer. To encourage modification and remixing, (GitHub tracked) designs are indexed on trending solid modelling hubs like:
A separate enclosure is designed for the consumer edition wallet device, to accommodate its small size and lean featureset. While mechanical engineering may produce files for do it yourself printing, attention is turned to professionally tooled model to support injection moulding technology.
The consumer enclosure may be produced in volume by contracting with a tool maker and plastics factory, in the same manner as almost all plastic enclosures in the world. The material will likely be acrylonitrile butadiene styrene (ABS) in the colour chosen by community survey.
The current state of online documentation is maintained:
Additionally, new documentation is published:
To manage complexity, the documentation system moves from simple GitHub pages to a devops PaaS system.
As usability goals are achieved, hardcopy is published to serve users and developers.
Several supporting peripherals are researched. This includes paper and (Cryptosteel equivalent) stainless steel seed media, professionally created using 1.4301 (Aisi304) steel sheets and a 150 Watt CO2 laser or CNC router. Daughter boards exposing FPGA or CPLD components as well as SDHC, NFC, and other requested technologies are researched.
Such promising peripherals may be bundled with prototype deliveries or prove valuable enough to become official projects.
Online PCBA services are seeded with design material for simple (few clicks) ordering. Michael is reachable for PCBA production as well. Contract fabricators publish designs (shared projects) and 3D print shops are seeded with enclosure information.
On a related note, the same production facility (as used in this project) is used for producing DefCon Monero badges, of use to our project as they test NFC circuitry and EEPROM off chip storage.
A marketing plan is constructed to guide towards a future market entry, playing an important role in sustainable development. This requirement supports the goal of long term project survival with no direct community funding.
Promotional activities introducing the larger cryptocurrency community to Monero's unique ecology are undertaken. People get quite excited when seeing, hearing about, and studying (in their hands) hardware wallet devices. For example, CCC, BSides, and DefCon events are served by distributing prototype or release grade devices.
A sales plan is drafted and a pilot ecommerce system is researched to offer community members a gratis or subsidized device. This integrates other colleagues' ecommerce work (such as Monero Integrations and Globee) where possible.
Prototype samples are mailed to forum investors, testers, and promoters in accordance with current hardware team practices, including poste restante blind delivery on request.
As firmware matures enough to support on-chain network operations, the testnet is used to provide an out of the box trial experience. The testnet my be (ab)used for new user aquisition challenges, such as make a first transaction with your new hardware wallet for a free shirt or a more advanced transfer from your hardware to mobile wallet for a free card pack. The testnet is considered for ecommerce trials as well.
Twenty to sixty hours per week six months long, scheduled at the author's discretion. This variability accommodates the challenge of synchronized board printing, mechanical engineering, parts ordering, firmware integration, and quality assurance.
Time is spent in a:
- Local maker space
- In house circuit lab
- Local and some remote travel
Those interested in board development may refer to the last proposal section 'Workflow.' The forthcoming project involves too many technologies (PCB, PCBA, FDM, SLA, steel, acrylic, Cortex-M development, and injection moulding) to concisely detail a workflow.
Work is transparently carried out according to typical distributed Opensource practices. The degree of in house production is maximized to shrink the attack surface of supply chains.
||Early firmware demonstration at Security BSides 
||Initialisation work (platform, communication, and procurement)
|Early May April
||Production testing of first batch of released board design
||Technology showcasing at DefCon China, site visit to Chinese manufacturers
||FDM tooling, immutable bootloading, project documentation, mechanical research
||SLA tooling, set of second generation release PCBs and test distribution
||Laser tooling, reverse engineering of injection moulded enclosures
||Hybrid (acrylic) tooling, mechanical constraint specification of board features
||PaaS administration, midterm report on bootloader and firmware development
||Enclosure fine tuning and start of injection moulding tooling
||Backport of mechanical features in hardware and firmware
||First volume production of streamlined (for reach) device
||Board and enclosure demonstration at DefCon, distribution
||Regression side channel attack trials, board explorers
||FDM and SLA generations (UI and decorative improvements)
||Injection moulding and board fabrication, pilot sales site work
|End of term⁶
||Demonstration video of a enclosed device running immutable bootloader
⁶ Six month conclusion
Most contending hardware wallet vendors (such as Shift Devices, Satoshi Labs, Ledger, and Keepkey) have launched efforts at Monero support in the past. Part of the Monero hardware team's existential role is to force the hand of such vendors to integrate and maintain Monero support (which is working slowly but surely.)
It is the author's hope that several Monero capable hardware wallets eventually exist, and that the community holds the keys to features and production of their own model.
The Monero Project owns this (Opensource) proposal, the blueprint-like result of a month's careful deliberation and research. The author contributed it by uploading content to the forum. Readers are free to print and hand it to investors, colleagues, university professors, or whoever else, in order to start a hardware project of their own.
Source files (text and binary) of all work state Copyright (c) 2018, The Monero Project.
CERN Open Hardware License 1.2
Being a hardware project, no software license is used for schematic, layout, and related work. Instead, a open hardware license is applied whose terms resemble the other Monero projects' (BSD|MIT) licenses. Patents are more relevant to hardware projects so to counter risk of conflict the CERN OHL is used.
Appropriate Opensource licenses are applied to documentation, software, and other designs.
Nondisclosure agreements (NDA) are avoided. According to the author's knowledge, no Monero hardware team member has ever signed a NDA relating to technology in use. This allows us to publish everything under free and open terms.
Progress is reported at community meetings and hardware team meetings. Support and collaboration is conducted primarily via IRC, with attention to other common channels (Telegram, Mattermost, Slack, Reddit) as well. Physical meetings such as meetups and conferences are attended.
Teamwork and collaboration are encouraged. Teambuilding is a soft requirement and strengthens the Monero community. Outreach to other hardware makers mutually benefits the respective communities.