Proposal “dash-hardware-wallet-phase1“ (Closed)Back
|Title:||The Dash Hardware Wallet - Phase 1|
|Monthly amount:||343 DASH (89668 USD)|
|Completed payments:||no payments occurred yet (3 month remaining)|
|Payment start/end:||2017-10-18 / 2018-01-16 (added on 2017-10-09)|
|Final voting deadline:||in passed|
|Votes:||119 Yes / 356 No / 24 Abstain|
The following description is a shortened version of the full project proposal. Click the link to see the full proposal as PDF:
Dear Dash community and masternode owners! My name is Roland Hänel, and the proposal I’m putting forward today is about creating a hardware wallet for the Dash ecosystem.
(design prototype, not finished product)
Hardware wallets available today (products like Trezor, Ledger and Keepkey) do their job mostly well, but I believe the Dash community should own the best hardware wallet. So, I propose to create a new hardware wallet, specifically designed for and branded for Dash: the Dash Hardware Wallet.
The Dash Hardware Wallet will support Bluetooth LE and thus be compatible with not only any current PC/Laptop (as the other products on the market), but also with wallet software on smartphones and tablets. It’ll be the first solution on the market that allows the safe storage of Dash on a mobile device. In my view, this feature alone justifies the development effort. But there are numerous other features as well…
Who am I / Who is the team
My name is Roland Hänel, I’m the VP of R&D at Q-loud GmbH in Germany, a company that designs, builds and operates “full stack solutions” in the IoT space. My team and myself design and implement embedded hardware, gateway nodes and cloud software stacks. I studied Electrical Engineering and Information Technology and received my MEng degree from the University of Technology in Aachen in 2001.
On the day I defended my thesis I also sold my startup company to QSC AG, Germany’s biggest DSL network operator at that time. I eventually stayed with QSC and helped building the nationwide DSL network, later the all-IP and VoIP networks as the head of the Network Design department. When QSC later decided to move into the Cloud and IoT business, I took over responsibility for development activities in this area, which is now Q-loud GmbH (https://q-loud.de).
As an individual, I have followed the blockchain technology area with growing interest over the last years. However, I have to admit that I learned about Dash only a couple of months ago. But what I learned is definitely what sparked my interest, because in my opinion the goals of Dash are exactly the key points of what matters: create an instant, private, secure money that everyone can use. Just as simple as that. Don’t focus on whether your signatures are put in the first, middle or last part of the block. Don’t focus on scripting stuff to help people build thousands of other coins on top of the system. Just put a decentralized, digital cash in the hands of the people!
Why is a hardware wallet needed?
At the core of any reasonable crypto currency, so with Dash, you hold the money you own, not a bank holds the money. This is done through your ownership of your private keys. These we have to guard like the banks guard the money given to them right now. We can argue whether the effort that the banks put into this task is appropriate, but I think we can agree that with crypto currencies right now, just putting the private keys on your smartphone is not really the appropriate way if it is more than a couple of Dash.
A hardware wallet stores the private keys and will never give them away (except for backup purposes, typically to be written on a piece of paper by the user in form of a recovery sentence). All processes that need to be performed using the private keys (e.g., sending Dash to someone else) happen on the hardware wallet itself, and the user needs to confirm these transactions on the hardware wallet.
Why do we need another hardware wallet?
There are products on the market already!
A hardware wallet is – in theory – the perfect solution for a reasonably secure storage of your private keys. However, the hardware wallets available today are mostly complicated to use or technically inadequate for the task. They are primarily designed for those who hold 10’s to 1000’s of BTC and use a PC to manage their funds occasionally.
What about a hardware wallet suitable for everyday use with your smartphone, tablet and PC? Maybe a device that can even be used at Point-of-Sale installations without any smartphone? Hardware wallets available today feature a PC connection via a USB cable. This is nice for stationary use at home, but useless on your iPhone because it doesn’t have a USB port.
The Dash Hardware Wallet will be based on Bluetooth, and thus practically be compatible with any modern device sold on the market. Bluetooth is ubiquitous today, every smartphone, tablet, notebook and even most desktop PCs have this technology built-in.
With the Dash Hardware Wallet, you don’t need to carry cables any more: Just use your Dash wallet on the smartphone (like today without a hardware wallet), and if you need to send out a transaction, you perform the final “confirmation button press” on the hardware wallet instead of your smartphone display. That’s it. All communication between the smartphone app and the hardware wallet happens in the background.
The Dash Hardware Wallet aims to be
- the only hardware wallet on the market which is really compatible with smartphone and tablet use cases, due to the use of Bluetooth LE
- a specifically branded hardware wallet for Dash, with support for the unique Dash features (PrivateSend, InstantSend, new Evolution features). Not just another hardware wallet where Dash is integrated as “some altcoin”
- properly designed for mass market manufacture, so it will hit a retail price point below the competitors even though being a technically more complex solution (Bluetooth)
What does Dash get with this proposal? What do we deliver?
I propose the development and mass production of a new, specific hardware device: The Dash Hardware Wallet.
The hardware features:
- physical size roughly 45mm x 25mm x 90mm, see picture for size comparison with a 2€ coin (nearly the same size as a US Quarter coin)
- rugged,spill-proof (at least), yet nice-looking ABS housing/enclosure, possibly with a decorative TPU (“rubber”) sealing)
- powered by house hold type batteries (current planning is 3 * AAA). Design goal is to offer 1-2 years (!) of battery lifetime
- communications interface: Bluetooth Low Energy (BLE)
- reasonably sized TFT or OLED display (prototype has an PMOLED type display)
- PIN pad to unlock / authorize transactions
The software (firmware) features:
- a hierarchical deterministic (HD) wallet, compliant to BIP32/39/44
- the very first implementation of a Bluetooth LE profile for crypto hardware wallets (“GATT profile”)
- support for specific Dash features (PrivateSend, InstantSend, Evolution features)
Basically, imagine the following use case together with the Dash smartphone app: Just launch the app and watch your funds as usual. If you just receive funds, no need to even take the hardware wallet out of your pocket. If you send funds, do everything in the app as you’re used to. Then, as a last step, take out the hardware wallet, verify the destination address and amount on the screen. Enter the PIN on the hardware wallet’s keypad, press the Dash button: done.
Bluetooth will enable a much, much better user experience than all solutions based on USB connectivity. It furthermore allows the device to be hermetically sealed and thus more rugged and less susceptible to all types of “electrical attacks”. Bluetooth might even enable further use cases, such as connecting the hardware wallet directly with a Point-of-Sales terminal. Imagine you want to pay your coffee at Starbucks, just take out your hardware wallet, the screen shows the merchant’s address and amount, you enter your PIN and that’s it. Sure, the same thing you could already do on your phone today, but this will never be really secure!
The proposal includes a 3-phase project, including professional hardware design (“design for manufacture”, not some breadboard-style prototype), certification/testing, production setup and a first mass-market production batch. After some research and discussion on the Dash forum with a pre-proposal, I decided to split the project into 3 phases to increase accountability on our side, while still preserving the chance to bring this product to mass market success.
Enough talking, do we have prototypes?
After some discussion with the pre-proposal (to be found here: https://www.dash.org/forum/threads/pre-proposal-the-dash-hardware-wallet.16609/) we created a first hardware prototype. Thisprototype comprises a custom hardware design (PCB Rev1) with a Bluetooth LE SoC (system-on-chip), a ABS housing with TPU rubber seal (prototype 3D printed derived from an existing product, no injection mold tool was created for the prototype). Basic software (firmware) integration was done to verify the hardware and all essential functions work (display, keypad, BLE communication, power circuitry).
(PCB prototype (3D model), battery holder. Note: finished product will most likely have 3 * AAA cells.)
(PCB prototype built + assembled. This still uses an off-the-shelf keypad (final product will use a custom designed keypad). 1.3-inch PMOLED display, the black bar is an artifact of the PMOLED display scan and the photo camera shutter, not visible to the human eye.)
(3D model of the printed circuit board (PCB) fitting into the housing. Housing is still a derivative from another product, will be further customized/improved for the final product. Dark grey parts are high-quality ABS plastic, the blue part is a TPU rubber holster (also serves as a seal).)
(Actual housing (partly 3D printed), take the hand as a size reference. Front plate (display, keypad) still a mock-up in this prototype version.)
(PCB assembled into the prototype housing. Again, imperfections in the display due to the PMOLED line scanning (not visible in the real product). Front plate still a mockup, but hardware is fully functional in this form factor. For the keypad, a custom tool needs to be made.)
For more prototype pictures, see the full PDF version of this project proposal:
Technical details (what will we do with the funding)
As already mentioned, this project comprises 3 phases, each of which will be applied for in a separate proposal.
Phase 1 includes hardware and firmware development activities:
- Hardware design (schematics, PCB, BOM, ...), testing & verification
- Build of various prototypes (for development only)
- Define+ Verify Bluetooth LE API for relevant crypto function (wallet initialization, receive, send, …)
- Implementation of the Bluetooth LE API for crypto functions on the target (KW41Z)
- Generic firmware development, including secure update feature (via Bluetooth LE)
- Hardware design verification (FIT, MTTF, also including EMC pre-testing conducted in house)
- Prototype implementation of device within the Dash Wallet for Android and/or Evolution wallet
- Projectmanagement, documentation, status reports
- Design of enclosure (3D modelling), verificationusing 3D prototypes (STL, vacuum casting)
After phase 1, we will have a fully functional product in both hardware and software (firmware). Hardware will be verified and tested in-house, software will be tested and verified against at least one existing software wallet (i.e., Dash Wallet for Android or Evolution Wallet if that’s available by the time we are in Phase 1). The enclosure/housing will be polished looking, but still be made from prototype tools.
This proposal is for phase 1. Phase 2 and 3 have already been planned, for details of the work packages of these phases, refer to the PDF:
Phase 1 applies for a funding of a total of 1,029 DASH, over a period of 3 months (343 DASH per month).
For a detailled table of how the funds are allocated to the work packages, please refer to the PDF:
We estimate thefollowing timeline for the project
- Phase 1: starts 3-4 weeks after project funding (we need some setup time to make sure enough team members are available to schedule work efficiently), will take about 3-4 months
- Phase 2: 2-3 months (mainly depends on injection molding tools)
- Phase 3: 2-3 months, but first devices available after 2-4 weeks
Each project phase will individually apply for funding through the Dash treasury. We will only apply for funding of the next phase when we’re 100% sure that we have met all goals of the previous phase.
How we’ll document project progress and handle status updates
During the project, we will release regular status updates and project information, at least monthly. We will do this through a web site / blog specifically created for this purpose.
We do this because we believe we must be transparent to the Dash community who funds our work. At the end, we also want to continue with the next phase(s) of the projects, so we need not only to deliver results, but also spread the word about them.
How we’ll handle overfunding and/or underfunding
Given the volatility of the DASH/USD exchange rate, it is very difficult to plan a big effort like this project and apply for “just enough” funding. We have taken a 120-day average price for the Dash in USD (see financial table).
We will convert the Dash received from the network to USD as needed to cover our expenses throughout the project. Any excess funds (or any insufficient funds) will be carried over to project phase 3 and we’ll adjust the amount of Dash we apply for in phase 3. If excess funds of insufficient funds happen in phase 3, we’ll try to adjust the number of devices in the production run to match the funds that are available to us.
Why do we go for 10,000 devices in the first production run?
Isn’t that too much? Or isn’t it too risky?
Hardware design projects are comparable to software design projects in many aspects. However, they also have some aspects to them that are not obvious if you look at them for the first time. Software can be replicated practically without any cost associated to it, so if we develop a smartphone app, rolling this out to any number of users is easily and instantly possible.
With hardware on the other side, we’re designing for a specific production quantity from the start. You design completely differently whether you expect to produce some hundreds or some ten thousands of your products. This includes the selection of tools for the housing (3D printing vs. machining vs. injection molding) as well as the selection of manufacturing sites (US/Europe vs. Far East), choosing off-the-shelf vs. specific components, etc. pp.
We think that it makes sense to create a product that fits the mass market. 10,000 devices are generally considered the “start of mass production” for consumer-like devices. This quantity is desirable and necessary to get the price down in manufacturing.
We aim at a retail price of $45 (plus tax) of the finished device. This is below all relevant competitor products on the market right now, even though the Dash Hardware Wallet has more complicated hardware to it. However, this goal is perfectly achievable.
It is self-evident that we won’t start a 10k production run in phase 3 without making sure beforehand that this will run smoothly, or at least with minimal issues that can be fixed along the way. The work and expenses necessary to ensure this are included in phase 2 of the project. My team and myself have created complex industrial control solutions that only run in batches of 100 pieces as well as consumer electronics devices that run in batches of 100,000 units. We have successfully dealt with European (RED directive) and American regulatory bodies (FCC, IC). We know what to source in Far East and what to source in Europe or the US. We are certain that we can pull this project off as we have successfully completed many similar projects.
Phase 3 yields 10,000 devices, to whom do they belong?
They belong to the Dash network, because – given that phase 3 was funded by the network – they were paid for by the network. Since we can’t send a bunch of pallets with boxes to a decentralized network, we have to come up with an idea how to distribute the devices.
We will provide devices free of charge (*) to
- any developer that is working on some sort of wallet (smartphone app, desktop software, …) that wants to integrate Dash and use the Dash Hardware Wallet. Applies to a couple (5-25 devices) depending on the needs of the project, number of developers/testers etc.
- any DASH event (e.g. trade show, conference, meetup, hackathon, …) that was wholly or partly funded through the Dash treasury and intends to use Dash Hardware Wallets as giveaways during the event. They should apply for a reasonable amount, which ensures that one person doesn’t receive more than one device as a giveaway.
- any creator of an approved (funded) Dash proposal who clearly includes a statement like “I want to receive XXX amount of Dash Hardware Wallet devices” in the proposal.
- if we’re unable to clear out the stock until 1 year after production, we will ask the Dash Core Team to take over the remaining devices. If they don’t want them, we might decide to do whatever we deem most appropriate (e.g., sell the devices on Amazon and donate the profit for charity, …). This point is only to make sure we’re not forced to sit on a stockpile of hardware forever.
The above terms were invented to enable others to get the devices, not to put us into a position where we have to judge who is “worthy” to get some. Any request will be handled on a first-come-first-served basis.
We will actively encourage the use of the firstproduction batch devices as giveaways, for example by reminding Dash event proposal makers that we have these devices and they can get them for free, as outlined above.
How does this fit into Dash Evolution?
Taken straight from the Evolution web page: “Evolution’s mission is to make digital cash easy to use and access for all users, even those who aren’t technologically savvy.”.
The Dash Hardware Wallet fits perfectly into this vision. Today (October 2017) it is difficult for us to assess what Evolution is in technical detail because the Alpha isn’t released yet. But we certainly plan our make our best effort to make the Dash Hardware Wallet fit into the Evolution framework.
Besides from release our code as open sourcewhen the project is finished, we’ll disclose anything as soon as it is created to the Dash Core Team to enable integration of the Dash Hardware Wallet as soon as possible.
Will the Dash Hardware Wallet support other coins?
Will we make the project open source?
During the discussion of the pre-proposal, it became obvious that this point is somewhat controversial. Some end-users obviously prefer hardware wallets that can store whatever coins they have. On the other hand, since we apply for funding by the Dash network, it seems unfair to funnel money into activities that will might mainly benefit to BTC or ETH holders.
In addition, we have to recognize that as with most (or all) of security-related products, being open source is generally considered to increase overall security, because it’s easier to be audited, verified, criticized (in a positive sense) when the code is freely available. While this was not the standard in the Hardware industry, I strongly believe that we should adopt this approach.
In respect of all the different aspects, we have decided to go with the following procedure:
- We will open source all the major development results, especially the hardware schematics (“circuit design”) and the software/firmware source code, preferably under the MIT license. If this is not possible due to copyleft effects of some GPL component/library, we will use the GPL license.
- Release of the schematics / code will happen after the project is completely finished (after phase 3). This will ensure that all the results are open to the public while still giving the Dash community a “head start” over potential “copy-and-paste” solutions.
Note however that even though all construction designs will be open source, it still won’t be trivial to “copy” the product, because the production setup and tooling required for the Hardware side requires significant time and effort, even if one has all the plans at hand.
- In the (hopefully very unlikely) case that the project must stop because a subsequent phase is not funded, we will release all results created so far immediately.
- The hardware will be branded as Dash, similar as outlined in the pictures in this document. We will use a Dash color scheme, and the “OK” button will carry the Dash symbol.
- I myself as well as the Q-loud team will not implement support for other coins into this product, not within the project (or the funds allocated to the project), and also not in form of some “side project” during the project.
- As soon as we release the construction designs as Open Source, obviously anyone is free to whatever they like as outlined in the applied license (MIT, possibly GPL).
- We will not use the tooling (injection molding tools, production test tools, …) created within the project to produce any other product. This is independent of the Open Source issue, because the tooling is a physical thing not governed by Open Source licenses.
What are the short-term benefits?
Short-term benefit is that we have 10,000 devices, nice and shiny at our hands. They will serve as perfect giveaways and marketing material at any “physical attendance” type of event. Experience has shown that if you give away hardware, this really engages users. Press coverage is also much easier to get if one has a new gadget instead of “just a new app”.
The Dash treasury has funded several expensive advertising campaigns in the past, we think it’s also time to take a fresh approach here. Imagine giving away such devices at a Bitcoin conference: guess what all people will be talking about in the coffee breaks?
What are the long-term benefits?
We envision that the Dash Hardware Wallet will play its role in the evolution of the Dash network towards a user-friendly, easy-to-use digital cash.
The use of Bluetooth technology, which is ubiquitous in embedded devices today will enable more use cases in the future. In addition to the “smartphone companion device” which the Dash Hardware Wallet will be when first launched, it’s perfectly possible for the wallet to communicate directly with a point-of-sale (PoS) terminal, possibly verifying and signing a transaction completely without a smartphone involved (and thus without the need for Wi-Fi or cellular network connectivity on the smartphone). We hope that once the hardware is available, other developers might be encouraged to look into these kind of use cases which would otherwise be difficult to assess for them. We will support these efforts by providing them with the information needed to effectively use the hardware platform for their development needs.
It is obvious that the nature of this proposal is somewhat different from the majority of other proposals currently funded through the Dash treasury. Instead of directly funding advertising or marketing activities, this proposal contains significant development efforts. As an engineer and engineering manager by heart, I hope that a proposal like this gets funded, because in the end, this is a chance to create technical innovation and really make the Dash ecosystem better.
I am fully committed to make this product a success, and I hope it has become obvious for the reader of this document that significant effort was put into the preparation, prototyping and planning of this project. Please support this proposal and give my team and me the chance to make this a success. If you have any questions, feel free to comment this proposal here, or send me an email.
The above description is a shortened version of the full project proposal. Click the link to see the full proposal as PDF:
Show full description ...
Discussion: Should we fund this proposal?
|No comments so far?
Be the first to start the discussion!