I turned an old MP3 player into a personal hardware wallet


At their most fundamental level, every single cryptocurrency wallet on the face of the planet must be able to perform two functions.

First, it must have an address -- a public key -- that may be distributed to anybody. This public key allows the user, or anybody else who's permitted access to it, to send a transaction to the wallet. Typically, but not always, the public key allows anybody to view the current account balance. Secondly, the wallet must have a private key: a special code that produces a unique signature for the user when it's sent through a hash function. The outcome of this private key's application is so unique, so incredibly difficult to replicate, that it's analogous to the user writing and endorsing a cheque. And the endorsement is nigh impossible to forge.

As long as these two functions remain unadulterated, the definition is satisfied. In keeping with the cheque analogy, provided the relevant information is present, a cryptocurrency wallet may be as exotic as you'd like it to be and it can still be accepted. While the story of the farmer writing a cheque on the side of a cow may be little more than a fabrication misinterpreted as reality, there are other examples of people writing legally valid cheques in unconventional formats. Lots of people have cashed in massive cardboard cheques they've won from lotteries. Others have used napkins, or allegedly, even wooden doors painted with the right information. Just as long as the right data is present and the bank's willing to accept your shenanigans, it's legal tender. On a similar note, a last will and testament can be written on almost anything with virtually any medium. So long as the appropriate information is present, it's legal binding.

In keeping with the theme, there are plenty of unique ways to make hardware wallets for cryptocurrency. Just for the fun of it, I went out of my way to install a Bitcoin wallet on an old Sandisk MP3 player. I'd like to clarify that doing so wasn't a herculean effort of programming from the likes of Dan Hackerman -- all it required was that the public key and private key were uploaded to the memory of the device. So long as the relevant information is present, a wallet's a wallet.

116141c3da2770bbbec53700df01a1866d7794b92e2b7351fec0d246483fca11.jpg

To make things a little more official, I went the extra mile of encrypting the text file that held the wallet's private key using my PGP signature. This  guarantees funds can only be transferred out of the wallet if it's plugged into my computer, where the keys are stored. For extra comfort, the encrypted file gets stored on a microSD card -- one that could be removed or copied, and which can be physically locked in a more secure location if need be.

I got to be a little more carefree with the public key. As far as displaying the key as a basic code, I simply uploaded and renamed one of my songs on the player. "None Shall Pass" by Aesop Rock seemed like the most obvious candidate. To get it displayed on the front of the SanDisk, I took its QR code and made it the album art for the song on the player, thus allowing for easier transactions or verification of balances.

553a255eec08a554637cde6bfb353bbd3ac33bf584c887d6359752f766603c7f.png

This approach came with a couple of perks. While it's a little harder (although not impossible) to make a universal wallet that holds multiple currencies, it's still possible to import and export wallets of different currencies by adding public key title songs and private key encrypted text documents. I even came across a couple of accidental -- and most certainly useless --security features. For example, Monero addresses are a minimum of ninety-five characters long. This means that the entire public key cannot ever be visible on the display at any one moment. Instead, the auto-scroller for music titles shows one part of the address at a time, preventing outsiders from photographing a public key.

Mind you, this isn't a terribly fancy approach for making hardware wallets. The state of my mp3 player is only a little more sophisticated than a paper wallet. But it's important to remember that a paper wallet is still a wallet. As the person responsible for the private keys, you are the sole representative for the funds held in your wallet. And with keys held in a digital format, it's not an unimaginable prospect to create a program that conveniently reads the titles of songs or decrypts text documents with a users PGP key when a you submit a password -- thus, acting as a user-generated interface to make the more nuanced features of a software wallet possible.

These are obviously not complicated devices -- It doesn't take an iphone or a tablet to make a cryptocurrency wallet. And it shouldn't require it, either. Rather, I think the single most significant aspect of this format is that any such device complies with the air gap. No device that stores our hypothetical wallet is in any way shape or form capable of independently connecting to an unsecured network. There are no sim chips. There are no radio antennas. Everything that can be put into airplane mode is in airplane mode by default. In some cases, there's not even any firmware present to support a sim chip -- the discarded flip phones are just too old for their networks anymore.

85e4da620dca48ed149f576083989c5d7fb22ba7ca88b28165a7d694ea572fe5.jpg

(These are all, in the strictest sense of the word, hardware wallets.)

I'd like to turn your attention to the USB stick on the far right. This here is by far the most ridiculously straightforward example of a secure, low cost, do-it-yourself hardware wallet. Loaded onto it is a copy of TailsOS, downloaded from another drive and verified through a PGP signature. TailsOS is an open source Linux distro that brings many unique security features to the table, including amnesic file storage -- any information you play with while running the OS is wiped entirely, even from the RAM, after shutdown. The sole exception to this is rule is the optional persistent file storage. This storage is password encrypted on the local drive -- or another external drive, if you want -- rendering permanent file storage inaccessible to adversaries.

And perhaps best of all, it comes with a pre-installed Electrum wallet, with your keys saved in persistent storage.

616ff4646f75bdd57cf55e119d34829b556c4ff07382f1761fc54cdc973c6ab9.jpg

When the Electrum is operated correctly, it can have comparable or even superior levels of security to a conventional hardware wallet. Lots of hardware wallets, most notably Trezor and Ledger, go about divorcing the public keys from the private keys through the route I've illustrated below. It's worth noting that such a method works equally well for desktop wallets like Electrum -- all it requires is an offline computer and an online computer, with a drive acting as the intermediate between the two.

813138729d3a7770b6089ea7358880a0e14631a6fc08fe3dfc4457bd3c09f61b.jpg

The underlying message of this examination of hardware wallets shouldn't be that commercial hardware from the likes of Trezor and Ledger are "overpriced," per se. I think price requires a comparison with utility for its justification. If your average middle-age soccer mom or confused grandparent decides they want to start engaging with the world of cryptocurrency and want to make secure transactions, buying a commercial hardware wallet is justifiable. It doesn't take a lot of technical know-how to operate. You don't need to commit significant time and energy to configuring it. And having a tangible wallet with a professional appearance provides some straightforward solace in the face of what might be an overwhelming introduction to an unfamiliar system of transaction.

But for those of you who enjoy tinkering around, I implore you to give homebrew hardware wallets an honest try. Since one of the fundamental axioms of cryptocurrency states that anybody can register an address, your wallet can be as simple or as complex as you'd like it to be.

For example, let's say that you wanted the professional rigor of a commercial hardware wallet, but you harbored distrust for a commercial organization. It's still possible to make your own hardware wallet that runs on commercial-grade open source software. Trezor's software is available to anybody, and pretty recently, a couple of developers found a way to port that software to Raspberry Pi Zero micro-controllers. Anybody who's willing to pony up five dollars for the chip -- along with a few other tools, parts, a MicroSD and ideally a nice case -- is able to put together their own Trezor hardware wallet, complete with whatever custom private keys they desire.

660079da5bed84d874b750ba28082836fce7247c60eb4f1d45baeb314d9475cc.jpg

When we think of the hardware behind cryptocurrency, I imagine plenty of people allow their minds to gravitate towards the more impressive giants of the industry. We might find ourselves imagining massive ASIC arrays, mining cryptocurrency on solar energy in some distant corner of the Earth -- much like a isolated supervillain's lair. Or, we might recall the craze for massive GPU mining rigs during the cryptocurrency heyday that defined the retirement accounts for some lucky newcomers.

But I think we often forget that some of the greater triumphs of crypto have come from its innate accessibility. TailsOS, for example, is capable of running on practically any 64-bit machine, including discarded ten-year-old laptops. Bitcoin nodes have been established on Raspberry Pi circuits, and mounted on cases made out of Lego bricks. And cryptocurrency wallets have been installed on flash drives, phones, sheets of paper, and even mp3 players. Just because cryptocurrency, in all its glory, is something that anybody can get involved in, no matter their standing in the world.

So get out there, you tinkerers and obsessives. Go find some awkward piece of machinery to load a wallet onto. I guarantee you I haven't even come up with the wackiest possible application we'll see yet.

How do you rate this article?


431

8

tigerbot4947
tigerbot4947

I've been writing short stories since 2016 or so.


General Jack's Doomsday Shenanigans
General Jack's Doomsday Shenanigans

Scroll through my crackpot ramblings, please.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.