OBPP Bitcoin Wallet Privacy Rating Report 2nd Edition - February 2016
NEEDS ANALYSIS AND REQUIREMENTS SPECIFICATION Team 8: Simple offline electronic bitcoin wallet...
-
Upload
osborne-robertson -
Category
Documents
-
view
217 -
download
1
Transcript of NEEDS ANALYSIS AND REQUIREMENTS SPECIFICATION Team 8: Simple offline electronic bitcoin wallet...
NEEDS ANALYSIS AND REQUIREMENTS SPECIFICATION
Team 8: Simple offline electronic bitcoin wallet
September 26, 2014
MEET THE TEAM
• Andre Elliott
• Project Manager
• Mark Nixon
• Lead ECE
• Kishen Patel
• Treasurer
• Zach Hoelzle
• Historian
CODE OF CONDUCT
Meeting times:
Monday 4-7pm, Friday 10-12pm
Communication:
E-Mail and Text messaging
Document Transfer:
Google Drive, E-Mail, Blackboard blog
Conflict Resolutions:
Submit complaints to project manager
PROJECT OVERVIEW
• Develop simple electronic device that stores Bitcoin currency offline
• Maximize simplicity for end user
• Secure device and transactions
WHAT IS BITCOIN?
• P2P payment system
• Payments recorded in public ledger
• Public-key cryptography
• Private key as digital signature
STATEMENT OF THE PROBLEM
• Bitcoin transaction security
• Private key stolen
• Data encryption
• Offline Bitcoin Wallet
REQUIRED CAPABILITIES
• Wallet must connect to a PC with a wired connection
• Supplemental PC software must be able to integrate between wallet and Bitcoin network
• Submit transactions to Bitcoin network
• Physical device must be capable of alphanumeric input
• Device must be password protected with fail-safe measures
• Password input must only be possible on device
REQUIRED CAPABILITIES
• All onboard device account and transaction data must be encrypted
• Device should have large display
• Battery powered operation
• User confirmation required through device prior to completing transaction
• Device must consist of inexpensive commercial off-the-shelf components
DESIRED CAPABILITIES
• Capability of displaying QR codes on display alongside alphanumeric information
• Rechargeable battery via external USB power source
• Custom designed plastic enclosure for device components
• Ideal for desired touchscreen-based interfaceMicrocontroller-based touchscreen display
FUNCTIONAL REQUIREMENTS
• Hardware device requirements:
• USB or other wired communication input/output port
• Input method in the form of a hardware keypad or touchscreen display
• Internal or removable flash memory solution
• Ability to lock and power down device to prevent vandalism of stored information if obtained outside party
FUNCTIONAL REQUIREMENTS
• Software Requirements:
• User account encryption on Bitcoin wallet device
• Synchronize all stored accounts with Bitcoin network to update Bitcoin ledger when connected to PC
• PC based software must communicate with offline wallet and peer-to-peer Bitcoin network
• Must be able to download and view Bitcoin ledger when the wallet is attached to PC
PERFORMANCE/USABILITY REQUIREMENTS
• PROCESSING POWER
• INTERNAL BATTERY
• MEMORY (> 512 MB)
-Sufficient for hundreds of accounts
-transaction history
-retractable memory cards
• LCD SCREEN
-QR codes
-Menu/command prompts
-Transactions, history
PERFORMANCE/USABILITY REQUIREMENTS
• Random noise
-Ensure that key has maximum entropy
• Johnson-Nyquist
• 256-Bit pure-random private key
• Secondary option
-Manual entry of private key data
• 64 characters
• In the range of 0-9 or A-F
PERFORMANCE/USABILITY REQUIREMENTS
• Operating modes-Locked and unlocked
-Password entry (5 attempts)
• Accepting transactions-Preventing user errors
-Checking for sufficient funds (transaction fee)
-destination address can be entered in
Device via keyboard and/or the pc application
• Code-Published on group website
-Links and description for each
-Comments within the code
Successful transaction, exit/logout
Enter amount, accept,
sufficient funds
Enter password
CONSTRAINTS
• Total budget cost < $1000
-Unit cost < $200
• Practical ergonomic design-Size (5*3*0.5 inches)
• Must not be wireless or compatible with internet-Security, purpose of the project
• Software coding in C variants
• Spring 2015 firm deadline
TESTING
All tests have been lumped into one of six different categories. Some of the listed tests will have multiple test references due to overlapping/redundant tests. TESTCT is for desired capabilities testing, TESTRTF/TESTRTN are for requirements testing and TESTCON is for constraints testing.
Sections:
1. Wallet Communication Testing
2. Bitcoin Network Testing
3. Usability Testing
4. Security Testing
5. Power Testing
6. Miscellaneous Testing
WALLET COMMUNICATION TESTING
• TESTCT-01 and TESTRTF-01: Wired Communication Testo Bitcoin wallet shall be connected to a PC via
USB. As long as computer recognizes the device the test shall be considered successful.
• TESTCT-02 and TESTRTF-03: Software Communication Test o Desktop software should recognize device. Using the desktop
software the user should be able to change the settings or account information with the offline bitcoin wallet.
BITCOIN NETWORK TESTING
• TESTCT-03 and TESTTRN-01: Bitcoin Transaction Testo Using an available account, the user should
be able to send bitcoins to another bitcoin account.
o Assuming first transaction is successful, the user should then be able to see the sent transaction on the offline bitcoin wallet.
• TESTRTF-04 and TESTRTF-05: Account Syncingo Connect device to a PC. Accounts on PC should sync with
device.o Unplug device from PC. Verify that account data on the device
matches with the accounts on the PC.
USABILITY TESTING
• TESTCT-04, TESTCT-07 and TESTRTF-02: Device Inputo Power on the device and input the device’s password to unlock
device. Have multiple people perform this action to gauge how easily text can be entered into device.
• TESTCT-11: Display Testo Using the offline bitcoin wallet, create a
QR transaction to another account. Using a mobile media device, take a picture of the QR code and verify that the mobile media device is able to read the QR code.
SECURITY TESTING
• TESTCT-05, TESTRTN-04 and TESTRTN-05 : Lock/Unlock
o With the device in a locked state try to send a bitcoin transaction while tethered to a PC. Verify that transaction fails.
o Enter improper password into device. Verify device remains locked. Enter proper password into device and verify that is becomes unlocked by successfully performing bitcoin transaction.
• TESTCT-09 and TESTRTN-06 : Transaction Approvalo With device tethered to PC and in an unlocked state, perform a
bitcoin transaction. Verify that before the transaction goes through that the user must first approve the transaction via the offline bitcoin wallet.
SECURITY TESTING
• TESTCT-06 and TESTRTF06: Encryptiono Remove the SD card from the
offline bitcoin wallet and insert it into an available PC. Verify that there is no bitcoin account information in plaintext.
• Optional Test: Random Noise Generatoro Sample multiple times from the
thermal noise resistor ADC line. Verify that the pdf is uniform.
POWER TESTING
• TESTCT-08 and TESTRTN-02 : Runtimeo Make sure that the offline bitcoin wallet’s battery has a full
charge and unplug any power source to the it. Leave the device on and verify that it will stay on for at least 15 hours.
• Optional Test : Rechargeable Batteryo With a discharged battery in the
offline bitcoin wallet, plug it into an available PC. Verify over the course of several hours that the battery recharges to its full capacity.
MISCELLANEOUS TESTING
• TESTCT-10 and TESTCON-01: Budget Testo Add up the cost of all parts required to construct an offline
bitcoin wallet. Total cost should remain under $200.o If funds are approaching 75% of the budget limit, attention
should be brought to the faculty advisor and team leader.
• TESTRTN-03 : Storage Testo Using an appropriate sized SD
card verify that the offline bitcoin wallet can recognize a couple hundred bitcoin accounts.
MISCELLANEOUS TESTING
• TESTRTN-07 : Code Readabilityo Code should be overlooked by all team members and faculty
advisoro Code must be properly commented on and should be able to
be followed by those looking over it.
• TESTCON-02 : Form Factoro Total size of an assembled offline
bitcoin wallet should be measured. Verify that the size is no bigger than 5”x3”x0.5”.
MISCELLANEOUS TESTING
• TESTCON-03 : Wireless Communicationo With a fully assembled offline bitcoin
wallet verify that there are no wireless communicating components.
• TESTCON-04 : Programming Language Testo Go over all code and verify that all code has been written in C
or C++. The only exception is assembly code written for a microcontroller.
• TESTCON-05 : Deadlineo Final working prototype that passes all
tests should be delivered to faculty advisor prior to due date in FSU spring 2015 semester.
DELIVERABLES
• Final product:
• Offline device
• Send/receive funds
• Efficient microprocessor
• Alphanumeric input/output
• Coding in C variants (commented for easy overview)
• Charging/connectivity via USB
• LCD/touchscreen display
• Pocketable device
QUESTIONS?
References:
https://bitcoin.org/en/
http://www.bitcointrezor.com