Smart=BTC

Pretty safe bitcoin wallet with keys on a smartcard

Project Objective
aug, 2016
Security-aware bitcoin users create and sign their bitcoin transactions on a computer that is not connected with the internet. It's a very secure way because the private keys and signing is done off-line. But the handling is tedious and need a lot of steps.
There are multiple documents explaining how to do this. See for example:
https://en.bitcoin.it/wiki/How_to_set_up_a_secure_offline_savings_wallet

Cryptographic Smartcards stores the private keys on a chip on the card. They include specialized hardware that performs crypto algorithms (RSA, DSA, ECC) to do all the operations on the card. They also generate the key pairs (public + private keys) on board, to avoid the risk from having more than one copy of the key. By design there usually isn't a way to extract private keys from a smart card. Such smart cards are mainly used for digital signatures and secure identification.

So it is a very usefull, secure and cheap tool for signing bitcoin transactions!

Because I could not find a solution (a "wallet") built on a general purpose smartcard (the so called PKCS#11 type), I decided to write a simple programm to do Bitcoin transactions with a smartcard. The same smartcard that I can also use for ssh-login and encryption.

Introduction
I needed a smartcard which could do the bitcoin Elliptic Curve signatures. I found one :
http://www.smartcard-hsm.com
This SmartCard-HSM has build-in support for the secp256k1 Elliptic Curve, the cryptographic algorithm used by Bitcoin.
Because there was no so-called PKCS#11-aware wallet for smartcards I had to write this myself.
I choosed to write it in Python.
Fortunately there is a good library for bitcoin: "python-bitcoinlib", someone called it "The Swiss Army Knife of the Bitcoin protocol."
The result is this simple wallet. It shows the transansactions that have unspents, build a tansaction, signs it and sends it to the bitcoin network. It is open source under the GNU General Public License version 3, so you can see what its doing and you can adapt it to your needs.

But use it at your own risk!
You have to prepare your smartcard, it can be a tedious exercise if it is the first time for you. But using the smartcard in bitcoin transactions is nearly as secure as the offline method and the handling is far more easy.