armoredcoin [アーマード・硬貨]
armoredcoin: A Provably Secure Bitcoin-to-Human Machine Interface
[アーマード・硬貨]

This page describes a method for secure Bitcoin wallet creation, validation, storage, & spending in order to prevent exposing private keys to the internet or other connected devices

Introduction:
The protocol has a few simple objectives: trust no one & no thing, provide users verifiable, exclusive, absolute control & ownership of their Bitcoin, protect private keys, enforce redundant validations for outbound transactions. Armoredcoin abides by the 'Seven Laws of Sane Personal Computing' - Obedience, Forgiveness, Retention, Preservation, Survivability, Revelation, and Servitude - making for the kind of reliable, benevolent robots you can trust to babysit your children and your money.

Additional information, usage considerations, and background info can be viewed Here

Preparation: One laptop must be 'airgapped' using the gold standard described here
How NOT to airgap is discussed at length here

Video Walkthrough



Protocol Synopsis:


Blue text = cold computer (airgap)
Red text = hot computer (internet connected)

฿ Assemble and audit a proper airgap computer along with requisite bootable flashdrives and software.

฿ Generate Bitcoin Wallet on cold computer, convert public keys to QR


฿ Scan public keys into hot computer to create a 'watch only address'

฿ Build a transaction on the hot machine, convert to QR

฿ Scan the raw transaction into the cold machine

฿ Sign raw transaction on cold machine

฿ Validate raw transaction on cold machine, convert to QR

฿ Scan revised, signed raw transaction into hot machine

฿ Validate raw transaction on hot machine

฿ Broadcast raw transaction from hot machine

฿ Validate transaction on blockexplorer

To wit: certain theoretical, advanced threats can be neutralized if user equips to MAX Armor - meaning each step above must be duplicated & compared/validated prior to transaction broadcast using TRB, Bitcoin Core, and Electrum clients hosted on entirely different airgap computer pairs, each hot machine syncing via uncorrelated internet sources - preferably located in or tunneled through different jurisdictions. Once all validation sequences are compared & confirmed, broadcast the final signed transaction - preferably from a different computer/wallet pair using a different client version than the transaction origin base pair.

The sequence begins creating a wallet on one secured airgap computer pair, then building and validating a transaction - next, rebuild & revalidate the same transaction on a different wallet/client airgap pair. And finally, rebuild, revalidate, sign, and broadcst the transaction from a third, unique wallet/client airgap pair.

Required materials:
Two mid-2000s laptops (Enhanced Armor = 4 laptops, Max Armor = 6 laptops)
Two USB webcams (Enhanced Armor = 4, Max Armor = 6)
Two 'Woodchipper' bootable USB flashdrives (Enhanced Armor = 4, Max Armor = 6)

Required software & dependencies:
Lubuntu (normal users)
OpenBSD (advanced users)
Electrum (normal users)
Bitcoin Core (normal users)
trb (advanced users)
QR scanner application
QR generator application
Raw transaction validator
python-qt4
python-pip


Required user actions:
฿ Gather required materials and code listed above, verify PGP signed releases

฿ Open the back panel of one of the computers and remove all wireless cards, chips and antennas. Reassemble the computer casing. Mark this computer 'Cold' and the other one 'Hot'. Follow additional steps for airgap in the Preparation section above.

฿ Insert one Woodchipper bootable flashdrive into each laptop and mark the flashdrive plugged into the cold computer as 'cold'; mark the other flashdrive 'hot'

Note: Once any USB drive or device has been plugged into the cold machine, it must remain plugged in permenantly - OR, if removed, it must be destroyed and absolutely never plugged into a connected device

฿ Insert one USB webcam into each computer

฿ Power on the computers, hold F1 (maybe F12) to open the BIOS menus for both machines. Navigate to Boot / Startup and move the USB HDD option to the first position on the list using the F5/F6 keys. Press F10 to save and exit

฿ Wait for computers to restart and wait for UNetbootin / Lubuntu startup dialog

฿ Select 'Try Lubuntu without installing' OR just wait for it to boot normally. Both allow you to boot/run the operating system from the flashdrive

฿ Once Lubuntu has started, go to the cold computer, click the Electrum / trb / BitcoinCore icon on your screen (trb is for advanced users)

Note: only legitimate sources should be used to generate entropy for wallet keypairs or seeds.
Another simple wallet entropy method for non-technical users is described here.

Standard Armor Sequence

Electrum instructions:

฿ Click the Electrum icon on your desktop, follow the prompts to create a new wallet on the cold computer. If supplying your own keypairs, choose 'Use existing keys'. If using Electrum wallet seed, save your seed phrases to a text file on your desktop and select the option to provide additional entropy, paste the additional words from your entropy generator into the field provided.

฿ Click on 'Wallet,' select 'Private Keys' from the menu bar. Click on 'Export'. Backup your key pairs on a flashdrive textfile, using pen & paper, and/or take a photograph using a camera without wireless capabilities that will never connect to the internet.

฿ Click the 'Receive' tab to view your primary address

฿ Once Bitcoin is sent to your airgap cold wallet address, proceed to the next step in order to spend/send it to another wallet address

฿ Click on "Wallet" in your menu bar, click 'Master Public Keys', select and copy the key (Cntrl+C)

฿ Click QR Generator on your cold desktop, paste the Master Public Key into the field, hit Enter

฿ Use the browser window controls in the upper right corner to increase the size of the QR code until it almost fills the window


฿ Connect the hot computer to internet via wireless or ethernet

฿ On the hot computer, click on the QR scanner icon, select your webcam model in the popup dialog (you might have to click it twice)

฿ Position your hot computer's webcam in front of the QR code displayed on the cold computer monitor

฿ Once the key data appears on the hot computer monitor, copy it to clipboard

฿ Click the Electrum icon on the hot computer desktop, follow the first startup steps. Choose the option to "import Private/Public Keys," paste your Master public key into the field, hit Enter

฿ You will receive a message indicating Watch-only address, click OK

฿ To initiate sending/spending Bitcoin, click the Electrum 'Send' tab, enter the recipient's BTC address, the amount to send, and preferred miner fees

฿ Click 'Preview', then click the 'Save' button in the lower left. Make a note of the file location and name

฿ Open the transaction file in a text editor, select and copy all the content (Cntrl+A, Cntrl+C). Make sure not to copy any blank space at the beginning/end of text

฿ Click on the QR Generator icon on your hot desktop, paste (Cntrl+P) the trasaction data into the blank field, hit Enter

฿ Use the browser window controls in the upper right corner to increase the size of the QR code until it almost fills the window


฿ Open QR scanner on the cold computer desktop, select your webcam model in the popup dialog (you might have to click it twice or refresh page)

฿ Using cold computer webcam, scan the transaction data QR on hot monitor screen, copy the transaction data from QR scanner result

฿ Select Electrum window on the cold machine, select 'Tools', select 'Load Transaction', click 'From text'

฿ Paste transaction data, click 'Load Transaction', the transaction window will pop up, click 'Sign' in the lower right corner

฿ Then click save, make a note of the file location and name

฿ Open the file, select and copy to clipboard only the numbers between the brackets without any extra space

฿ Click the 'Verify Transaction' icon on your cold machine desktop, paste the transaction numbers

฿ Verify the recipient address and Bitcoin amount are accurate


*** If using Enhanced or Max Armor settings, skip the following steps and proceed to the Max or Enhanced Sequence section below ***

฿ On the cold machine, open the last raw 'signed' transaction file (the one whose numbers were just copied)

฿ Select all the transaction data (including brackets, hex, etc), copy it

฿ Open the QR Generator on the cold machine, paste transaction data, hit Enter

฿ Use the browser window controls in the upper right corner to increase the size of the QR code until it almost fills the window


฿ Open the QR Scanner on the hot machine, position the hot machine camera in front of the QR code

฿ Once the transaction data appears on the hot computer monitor, select and copy to clipboard only the numbers between the brackets without any extra space

฿ Click the 'Verify Transaction' icon on your hot machine desktop, paste the transaction numbers

฿ Verify the recipient address and Bitcoin amount are still accurate

฿ Go back to the QR Scanner on the hot machine, this time, copy the entire transaction data (including brackets, hex, etc)

฿ Select Electrum window on the hot machine, select 'Tools', select 'Load Transaction', click 'From text'

฿ Paste the signed raw transaction data from clipboard, click 'Load Transaction'

฿ The transaction window will pop up, click 'Broadcast' in the lower right corner

฿ Verify the transaction on your blockexplorer of choice


End Electrum Instructions

~~~

Enhanced Armor Sequence

This sequence directly follows Electrum client signed transaction validation

bitcoin-qt (Core) instructions:

฿ Follow all the equipment setup instructions above on a separate airgap computer pair, plug in new Woodchipper bootable thumbdrives and webcams, power on both computers

฿ Click the Core icon on your cold computer desktop, click on help, then Debug Window

฿ Click QR Scanner on your cold desktop, position the camera in front of the final signed raw tranaction QR code on the cold Electrum computer monitor

฿ Once the transaction data appears on the qt cold computer monitor, copy it to clipboard

฿ In the bitcoin-qt Debug window, in the blank field, type 'decoderawtransaction'[space] then paste the number portion of the signed raw transaction from the QR Scan. Hit Enter

฿ Verify the transaction data matches your destination address and amount

฿ Click the QR Generator icon on the qt cold computer desktop

฿ Paste the raw transaction text into the QR Generator and hit Enter

฿ Use the browser window controls in the upper right corner to increase the size of the QR code until it almost fills the window


฿ Click QR Scanner on the qt hot computer desktop

฿ Position the qt hot camera in front of the qt cold monitor displaying raw transaction QR code

฿ Once the transaction displays on the hot monitor, copy it to clipboard

฿ Click the Core icon on your hot computer desktop, click on help, then Debug Window

฿ In the bitcoin-qt Debug window, in the blank field, type 'decoderawtransaction'[space] then paste the number portion of the signed raw transaction from the QR Scan. Hit Enter

฿ Verify the transaction data matches your destination address and amount

฿ If all data matches and is acceptable, go back to the Debug Window field

฿ Type 'sendrawtransaction'[space] then paste the signed raw transaction from the QR Scan. Hit Enter


Note: advanced users may optionally build and validate the transaction independently on each airgap pair by using signrawtransaction and createrawtransaction:

createrawtransaction [{"txid":txid,"vout":n},...] {address:amount,...}
Create a transaction spending given inputs (array of objects containing transaction outputs to spend), sending to given address(es). Returns the hex-encoded transaction in a string. Note that the transaction's inputs are not signed, and it is not stored in the wallet or transmitted to the network.

Also note that NO transaction validity checks are done; it is easy to create invalid transactions or transactions that will not be relayed/mined by the network because they contain insufficient fees.

signrawtransaction < hexstring > [{"txid":txid,"vout":n,"scriptPubKey":hex},...] [< privatekey1 >,...]
This adds signatures to a raw transaction and returns the resulting raw transaction.

End bitcoin-qt instructions

~~~

Max Armor Sequence

Prior to Max Armor Sequence, follow all the equipment setup instructions above on yet another, separate airgap computer pair (3rd pair), plug in new Woodchipper bootable thumbdrives and webcams, power on both computers

This sequence directly follows the Electrum client final signed transaction validation and takes place before the Enhanced Armor Sequence transaction broadcast

bitcoind (TRB) instructions:

฿ Click QR Scanner on your cold trb desktop, position the camera in front of the final signed raw tranaction QR code on the cold Electrum computer monitor

฿ Once the transaction data appears on the trb cold computer monitor, copy it to clipboard

฿ Open the terminal (Ctrl+Alt+T), type bitcoind to launch the client

฿ Type 'decoderawtransaction'[space] then paste the number portion of the signed raw transaction from the QR Scan. Hit Enter

฿ Verify the transaction data matches your destination address and amount

฿ Click the QR Generator icon on the trb cold computer desktop

฿ Paste the raw transaction text into the QR Generator and hit Enter

฿ Use the browser window controls in the upper right corner to increase the size of the QR code until it almost fills the window


฿ Click QR Scanner on the trb hot computer desktop

฿ Position the trb hot camera in front of the trb cold monitor displaying raw transaction QR code

฿ Once the transaction displays on the hot monitor, copy it to clipboard

฿ Open the terminal (Ctrl+Alt+T), type bitcoind to launch the client

฿ Type 'decoderawtransaction'[space] then paste the number portion of the signed raw transaction from the QR Scan. Hit Enter

฿ Verify the transaction data matches your destination address and amount


Note: advanced users may optionally build and validate the transaction independently on each airgap pair by using signrawtransaction and createrawtransaction:

createrawtransaction [{"txid":txid,"vout":n},...] {address:amount,...}
Create a transaction spending given inputs (array of objects containing transaction outputs to spend), sending to given address(es). Returns the hex-encoded transaction in a string. Note that the transaction's inputs are not signed, and it is not stored in the wallet or transmitted to the network.



signrawtransaction < hexstring > [{"txid":txid,"vout":n,"scriptPubKey":hex},...] [< privatekey1 >,...]
This adds signatures to a raw transaction and returns the resulting raw transaction.

End trb instructions

Proceed to Enhanced Armor Sequence (above) to complete Max Armor Sequence and broadcast final transaction



bitcoin-qt JSON-RPC API Here





Mind the Woodchipper!! From Trilema



Team Armoredcoin is proud to release the brave, new AC1 Control Kit 'Woodchipper' - the first auditable production Bitcoin control system available to the public.

Visit Armoredcoin Storefront for Equipment & Ordnance