Have a look at Satodime (https://satodime.io). It is similar to openDime, but with a smartcard form factor.
Since it has NFC connectivity, you can use it easily on a smartphone by tapping it to the back of the phone!
Currently there is an app for android, the iOS app will be released in a few weeks.

The code running on the card is open-source and available here: https://github.com/Toporin/Satodime-Applet
Bonus: the card can store up to 3 vaults, and each slot is reusable!

It's hard to tell. I don't know that much devices that use NFC, and the only way to know for sure is to review the code (if available) or reverse engineer it (which is more difficult)...


That was probably Tibu (https://bitcointalk.org/index.php?action=profile;u=160007) that donated the card, he is much more active on the forum than me! Glad that you liked it :-)

Hi,

Just a few comments about NFC security with respect to NFC skimming and other vulnerabilities. I am the developer of Satochip (https://satochip.io),  a hardware wallet based on a smartcard. Our devices support NFC (e.g. for mobile integration).

All communications with the card uses a secure channel which is encrypted and protected against replay attacks (among other). This means that even if a flipper 'sniff' the communication,  it will only get encrypted data. If it records a communication and ty to replay it (repeating same data), it will also not work.

Moreover any sensitive operation such as signing a transaction is protected by a PIN code, and this PIN is also sent encrypted to the card. In any case, the private keys are never exported outside of the chipcard!

The firmware running on the card is open-source and available on Github, so you can check in details what is being exchanged and verify that it is secured: https://github.com/Toporin/SatochipApplet

We also provide 2 other products based on smartcards:
* Satodime (satodime.io): a bitcoin bearer card to store bitcoin like a physical note with the private key stored on the card
* SeedKeeper (seedkeeper.io): a backup solution for your seeds

Hello,

I would like to get edit privileges for the wiki.
username: Satochip.wallet

Best regards,

Toporin

No special driver required when using the Linux AppImage or Windows executable (the MacOS version is still under development). You can also run the electrum client with the the satochip plugin from the python sources. In this case, you may need to install some dependencies as described in the github project (see https://github.com/Toporin/electrum-satochip).

Hello,
Here is some clarifications regarding your questions:
a) yes, the satochip wallet is fully BIP32 compliant (Hierarchical Deterministic Wallet). A new address is generated after each spending. This is done through the Electrum wallet client (using the satochip plugin). From the user perspective, it works exactly as with a classic electrum wallet, except that the keys are stored securely on the smartcard.
b) Regarding backuping: during the wallet creation with Electrum, the seed is shown on the screen and must be confirmed by the user. THIS IS THE ONLY TIME the seed is visible to the user and the only opportunity to do a backup of the seed! After that, it is no more possible to export the seed or any private key from the Satochip.

New demonstration video of Satochip!
https://www.youtube.com/watch?v=ADWikh8Fxdk

Now with full Bip32 support and improved key derivation performance :-)

To facilitate testing, a built release is now available here: https://github.com/Toporin/BitcoinWallet/releases/tag/v3.0.1

So no need to rebuild the app from sources, simply unzip the target.zip file in a folder and follow the instructions...

I think there is still room for more than one hw wallet.
But you are right, it's not gonna happen overnight!

Integrating a new hardware wallet into an existing client is not easy... Volunteers are welcome :-)

Actually, I am not really selling the hardware wallet myself. It is possible to order blank smartcards here for 6.5$ each: http://www.javacardsdk.com/Index.aspx?p0=AAT1P0000012&p1=1&p2=1&p3=1&p4=0&p5=1
However, the minimum order quantity is 5 and you need to upload the applet on the card yourself...

To make things easier, I can send a test card with the applet pre-loaded for 10$ in btc (that's including the shipping fee). However, this comes with absolutely no guarantee, and I can't even promise any decent level of support (even if I will try to help). Again, the goal of the test card is mainly to play with the concept. If you are looking for a reliable hardware wallet for serious use, I suggest you to try the Ledger Wallet or the Trezor. 

That being said, feel free to contact me by PM if you are still interested :-)

Thanks Tibux for the design, this looks nice!

Mitchełł, yes I still have one card (last one!). You can give me your address by PM and I will send it to you!

While the javacard applet should support testoin, the simple java client that I use does not. It should be possible to do the tests using the java interface library directly (https://github.com/Toporin/SatoChipClient), although it is much less convenient. I will try to improve that as it's obviously a very important point. 

Indeed testing is not very easy for the moment but this project is still very experimental. Also, I would not recommend using it with serious amount of Bitcoin yet until it has been tested more seriously. If someone is interested to test the card and have trouble with the setup, he can contact me by PM and we will find a way...

   

@btchip:
You are right about the AGPL license. I'm still struggling with the intricacies of code licenses but I will correct that!
Thanks by the way for the great work!

@Tibuxx:
Yes I still have smartcards left. Send me your address by PM and I'll ship one to you :-)

@banksycoin

The card was sent this morning!
Expect a few days to receive it (sent from Europe)...

@banksycoin:

Yes I still have smartcard left for testing purpose. You can give me a shipping address by PM and I'll send one to you free of charge!
(Please note that you still need a smartcard reader to use it though)

@2112:

The SatoChip applet on the javacard should support Testcoin, however the BitcoinWallet implementation by ScripterRon only support Bitcoin.
The applet only manages the private keys, it has no knowledge of address or network. So basically any altcoin using the SECP256k1 could be used with it afaik. With minor changes, it should also be able to support NXT coin which uses Curve25519. The main difficulty is to integrate it in a particular wallet client... For testing purpose, there is a simple java library API (https://github.com/Toporin/SatoChipClient) that may provide some starting point...

Tutorial: SatoChip & ScripterRon's BitcoinWallet How to use:

Required:

• SatoChip loaded on a smartcard or Yubikey
• BitcoinWallet .jar and lib folder saved on your computer
• Java Runtime Environment 8

To run BitcoinWallet:

You can run the Wallet by executing the following command:

is an optional argument usefull to configure the log with the logging.properties file.
By default, the logging.properties file stored in \jre8\lib is used.

- Wallet setup (only once):
At the first execution, the SatoChip wallet will be setup.
First, the program will ask you to define a PIN and a PUK code:

http://i.imgur.com/Ur6DGbY.jpg

http://i.imgur.com/ogpnhIH.png

The PIN code grants the access to the BIP32 wallet and unlock your account: be sure to keep it secret!
Transactions and message signing is not possible without it. Access is granted until the card is removed or until the wallet is closed
The PUK code could be used in case you block the PIN code with a sufficient number of wrong PIN trials (not supported yet).

After PIN setup, the PIN code is asked for confirmation and to grant access to the chip protected functionalities.
http://i.imgur.com/JjO5gzv.png

Once access is granted, the application will ask you to define a BIP32 seed:
http://i.imgur.com/eQyOJbc.png

This seed will be derived to generate all your Wallet private keys.
Be sure to use a sufficiently long password and to securely backup a copy of the seed!
Once the seed is imported in the secure chip, it is impossible to recover it!
Note that seed generation takes around 2 minutes during which the chip derives the master keys from the seed and performs various operations (you can see the Yubikey or smartcard reader blinking).

- Wallet use:
During normal execution, the application always start by requesting you PIN code:
http://i.imgur.com/JjO5gzv.png

After that, the main windows appears:
http://i.imgur.com/PHMK09D.png
Note that the account balance is still 0 for an obvious reason.

We start by generating a first key by clicking on  'View>Receive address' then 'Create' in the pop up windows:
http://i.imgur.com/IBzQHiH.png
You can create as many key as desired. Note that a new key derivation takes around 30 seconds during which the wallet seems iddle... be patient!

Once it is created, it is possible to send money to this new address:
http://i.imgur.com/s4yHAjE.png

- Wallet spending:

To spend the money received, click on 'Actions'>'Send coins', then copy a destination address, amount and fee in the popup windows:
http://i.imgur.com/0VvxM2j.png

And it's done!
http://i.imgur.com/p7vZHUI.png

In the same 'Action' menu, it is also possible to sign and verify messages:
http://i.imgur.com/hhMCId4.png

Btw, I have three free smartcards with the SatoChip applet loaded for people willing to test and review the wallet.
(You still need a smartcard reader and some patience/skills to set up the installation on your computer)

If you are interested, send me a PM before tomorrow 11:59 PM.
If I have more than three answers, I will pick three people arbitrarily based on their activity on the forum...
 

Hello,

Here is a new secure hardware wallet project based on javacard and compatible with the YubiKey NEO. The sources and building instructions are available on https://github.com/Toporin/SatoChipApplet


This project is fully open source and consists of a javacard applet that is to be loaded on a Yubikey (or any smartcard supporting the required functionalities - ECDSA-SHA256). Beside the applet, a java client is provided in the form of a light java library to simplify integration on existing applications (as the yubikey obviously needs to interact with a client application): https://github.com/Toporin/SatoChipClient.

A simple client java application is also provided as a proof-of-work. This application is a fork based on the BitcoinWallet from ScripterRon: https://github.com/Toporin/BitcoinWallet

The SatoChip has partial BIP32 support but due to technical limitations of current javacards, only hardened keys are supported (i.e. child keys using indices 2^31 through 2^32-1). Using SatoChip, an initial BIP32 seed is imported in the javacard and private keys are derived as requested by an external application. Private keys are never exported outside of the secure chip.

The SatoChip also supports the import of regular (non-BIP32 keys) such as vanity keys. Here again, private keys cannot be exported outside of the secure chip. Up to 16 regular keys can be imported on the chip. In any case, the private keys can be used to sign transactions and Bitcoin messages, if sufficient credentials are provided.

Access to private keys (creation, derivation and signature) is enforced through the use of PIN code. This access control is based on the MUSCLE framework on which the applet is built. As part of this framework, it is also possible to securely store and retrieve data & secret keys in secure memory, or use the chip to perform data encryption and decryption, although some functionalities have been disabled for readability of the code.

Please note that this implementation is currently under development: Use at your own risk!
Don't forget to backup the seed as it is not possible to recover it afterward!
I cannot be held responsible for any loss incurred by the use of this application...

Important remark: the Yubikeys currently sold by Yubico are configured for production only and it is not possible to load the applet on these dongles (see this link for more details: https://www.yubico.com/2014/07/yubikey-neo-updates/). Only the development Yubikeys (with serial number below 3,000,000) are suitable for this use!

Advantages:
-Code is free and open source
-Code should be easy to read and maintain (java card is a subset of java)
-Multiple form factor supported in addition to Yubikey (e.g smartcards, sim cards)
-Plug and play
-Smartcards have a long experience in dealing with physical security
-Can be easily used or extended for other crypto-currencies
-Cheap: possible to buy a compliant smartcard for less than 10$!

Also, when used with a Yubikey Neo:
-Yubikey has minimimal size and is practically indestructible
-Yubico is a reliable company that is not going anywhere anytime soon!
-Many other functionalities: Yubikey OTP, U2F, PGP support...
-Possibility to support NFC

Limitations:
-No screen!
-This is still beta code, use with caution!
-The applet could use more testing
-Performances could be improved

I am open to suggestions/corrections/improvements... Remember, this is a work in progress!
Let me know how it works for you and if you have trouble using it!