Skip to content

Use an air-gapped Raspberry Pi Zero to sign for Bitcoin transactions! (and do other cool stuff)

License

Notifications You must be signed in to change notification settings

kdmukai/seedsigner

 
 

Repository files navigation

Build an offline, airgapped Bitcoin signing device for less than $50!

Image of SeedSigners in Open Pill EnclosuresImage of SeedSigner in an Orange Pill enclosure



Project Summary

The goal of SeedSigner is to lower the cost and complexity of Bitcoin multi-signature wallet use. To accomplish this goal, SeedSigner offers anyone the opportunity to build a verifiably air-gapped, stateless Bitcoin signing device using inexpensive, publicly available hardware components (usually < $50). SeedSigner helps users save with Bitcoin by assisting with trustless private key generation and multi-signature wallet setup, and helps users transact with Bitcoin via a secure, air-gapped QR-exchange signing model.

Additional information about the project can be found at seedsigner.com.

You can follow @SeedSigner on Twitter for the latest project news and developments.

If you have specific questions about the project, our Telegram Group is a great place to ask them.

Feature Highlights:

  • Calculate word 12/24 of a BIP39 seed phrase
  • Create a 24-word BIP39 seed phrase with 99 dice rolls
  • Create a 24-word BIP39 seed phrase by taking a digital photo
  • Temporarily store up to 3 seed phrases while device is powered
  • Guided interface to manually create a SeedQR for instant input (demo video here)
  • BIP39 passphrase / word 25 support
  • Native Segwit Multisig XPUB generation w/ QR display
  • Scan and parse transaction data from animated QR codes
  • Sign transactions & transfer XPUB data using animated QR codes (demo video here)
  • Live preview during photo-to-seed and QR scanning UX
  • Optimized seed word entry interface
  • Support for Bitcoin Mainnet & Testnet
  • Support for custom user-defined derivation paths
  • On-demand receive address verification
  • User-configurable QR code display density
  • Responsive, event-driven user interface

Considerations:

  • Built for compatibility with Specter Desktop, Sparrow, and BlueWallet Vaults
  • Device takes up to 60 seconds to boot before menu appears (be patient!)
  • Always test your setup before transfering larger amounts of bitcoin (try testnet first!)
  • Taproot not quite yet supported
  • Slightly rotating the screen clockwise or counter-clockwise should resolve lighting/glare issues
  • If you think SeedSigner adds value to the Bitcoin ecosystem, please help us spread the word! (tweets, pics, videos, etc.)

Planned Upcoming Improvements / Functionality:

  • Single-sig and multi-sig change address verification
  • Re-imagined, graphically-focused user interface
  • Multi-language support
  • Customized Linux live-boot OS to allow MicroSD card removal
  • Other optimizations based on user feedback!

Shopping List

To build a SeedSigner, you will need:

  • Raspberry Pi Zero (preferably version 1.3 with no WiFi/Bluetooth capability, but any Raspberry Pi 2/3/4 or Zero model will work)
  • Waveshare 1.3" 240x240 pxl LCD (correct pixel count is important, more info at https://www.waveshare.com/wiki/1.3inch_LCD_HAT)
  • Pi Zero-compatible camera (tested to work with the Aokin / AuviPal 5MP 1080p with OV5647 Sensor)

Notes:

  • You will need to solder the 40 GPIO pins (20 pins per row) to the Raspberry Pi Zero board. If you don't want to solder, purchase "GPIO Hammer Headers" for a solderless experience.
  • Other cameras with the above sensor module should work, but may not fit in the Orange Pill enclosure
  • Choose the Waveshare screen carefully; make sure to purchase the model that has a resolution of 240x240 pixels

Software Installation

The quickest and easiest way to install the software is to download the most recent "seedsigner_X_X_X.zip" file in the software releases section of this repository.

After downloading the .zip file, extract the seedsigner .img file, and write it to a MicroSD card (at least 4GB in size or larger). Then install the MicroSD in the assembled hardware and off you go. If your goal is a more trustless installation, you can follow the manual installation instructions.

Verifying Your Software

You can verify the data integrity and authenticity of the latest release with as little as three commands. This process assumes that you know how to navigate on a terminal and have navigated to the folder where you have these four relevant files present: (This will most likely be your Downloads folder.)

  • seedsigner_pubkey.gpg (from the main folder of this repo)
  • seedsigner_0_4_6.img.zip (from the software release)
  • seedsigner_0_4_6.img.zip.sha256 (from the software release)
  • seedsigner_0_4_6.img.zip.sha256.sig (from the software release)

Note: The specific version number of the files in your folder might not match the above exactly, but their overall format and amount should be the same.

This process also assumes you are running the commands from a system where both GPG and shasum are installed and working.

First make sure that the public key is present in your keychain:

gpg --import seedsigner_pubkey.gpg 

This command will import the public key, or return:

key <...> not changed

Now you can verify the authenticity of the small text file containing the release's SHA256 hash with the command:

gpg --verify seedsigner_0_*_*.img.zip.sha256.sig

Note: The *s in the command above allow the terminal to auto-populate the command with the version number you have in the folder you are in. It should be copied and pasted as is.

The reponse to this command should include the text:

Good signature from "seedsigner <[email protected]>" [unknown]

The previous command validates that aforementioned small text file was signed using the private key that matches the published public key associated with the project (an early timestamped record of this public/private key's creation can be found in this tweet).

The last step is to make sure the .zip file that you've downloaded, and that contains the released software, is a perfect match to the software that was published by the holder of the private key in the last step. The command for this step is:

shasum -a 256 -c seedsigner_0_*_*.img.zip.sha256

The reponse to this command should include the text:

seedsigner_0_4_6.img.zip: OK

There are other steps you can take to verify the software, including examining the hash value in the .sha256 text file, but this one has been documented here because it seems the simplest for most people to follow. Please recognize that this process can only validate the software to the extent that the entity that first published the key is an honest actor, and assumes the private key has remained uncompromised and is not being used by a malicious actor.


Enclosure Designs

Open Pill

The Open Pill enclosure design is all about quick, simple and inexpensive depoloyment of a SeedSigner device. The design does not require any additional hardware and can be printed using a standard FDM 3D printer in about 2 hours, no supports necessary. A video demonstrating the assembly process can be found here. To access the design file and printable model, click here.

Orange Pill

The Orange Pill enclosure design offers a more finished look that includes button covers and a joystick topper. You'll also need the following additional hardware to assemble it:

  • 4 x F-F M2.5 spacers, 10mm length
  • 4 x M2.5 pan head screws, 6mm length
  • 4 x M2.5 pan head screws, 12mm length

The upper and lower portions of the enclosure can be printed using a standard FDM 3D printer, no supports necessary. The buttons and joystick nub should ideally be produced with a SLA/resin printer. An overview of the entire assembly process can be found here. To access the design files and printable models, click here.

Community Designs


SeedQR Printable Templates

You can use SeedSigner to export your seed to a hand-transcribed SeedQR format that enables you to instantly load your seed back into SeedSigner.

More information about SeedQRs

Standard SeedQR templates:

CompactSeedQR templates:

note: CompactSeedQR is an advanced feature that can be enabled in Settings


Manual Installation Instructions

see the docs: Manual Installation Instructions

About

Use an air-gapped Raspberry Pi Zero to sign for Bitcoin transactions! (and do other cool stuff)

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 100.0%