HARDWARE WALLET FOR CRYPTOCURRENCY

Abstract

The invention relates to hardware and software for data storage and consummation of digital transactions in peer-to-peer environments, primarily for making cryptocurrency payments. The technical result consists in higher security for using a hardware wallet. 3 sub-claims.

Claims

1. A hardware wallet for cryptocurrency comprising: an enclosure comprising: a display; a battery connected to a combined antenna for wireless charging of the battery and for exchanging NFC data; a charging controller connected to the battery; and a hardware security module; the hardware security module being connected to the display, to the battery, and to the combined antenna and being a secure crypto processor based on a system on a chip (SoC) and integrating a CPU, an input/output interface, an encryption box, EEPROM (Erasable Programmable Read-only Memory), RAM, Bluetooth, and an NFC controller; wherein the hardware security module is adapted to store cryptocurrency-related information in a secure EEPROM area and wherein the enclosure is adapted to accommodate physical control elements for controlling the hardware wallet.

2. The hardware wallet according to claim 1, wherein the hardware security module is further adapted to clearing the cryptocurrency-related information in the memory.

3. The hardware wallet according to claim 2, further comprising a protection module connected to the hardware security module, the protection module being adapted to detecting penetration into the enclosure or the SoC, wherein the clearing of the cryptocurrency-related information occurs in response to the penetration.

4. The hardware wallet according to claim 1, further comprising a physical control element being a button combined with a finger print scanner and connected to the hardware security module, the button serving to confirm transactions.

5. The hardware wallet according to claim 2, further comprising a physical control element being a button combined with a finger print scanner and connected to the hardware security module, the button serving to confirm transactions.

6. The hardware wallet according to claim 3, further comprising a physical control element being a button combined with a finger print scanner and connected to the hardware security module, the button serving to confirm transactions.

Description

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

[0028] The description below provides information on how the invention claimed can be embodied by using the tools and methods known in the prior art.

[0029] It should be noted that the information on the preferred invention embodiments provided in the description is illustrative and is not intended to limit the scope of legal protection for the invention claimed. A specialist will understand that the information on the tools and methods which is not included in the description may be included within the the scope of protection for the invention in accordance with its functional area.

[0030] A detailed description of the architecture and algorithms of the functioning of cryptocurrency payment systems falls outside the scope of this application because they are widely known by themselves, and the stated technical solution represents but an interface for the end user.

[0031] The prior art analysis revealed information on the so-called secure crypto processors being known. Unlike cryptographic processors “trusting” the bus and outputting unencrypted data to it as if it were located in a secure environment, a secure crypto processor does not output unencrypted data or unencrypted program instructions into an environment which cannot always be reliably secure. The term “secure crypto processor” has not been introduced by the applicant for the first time, and and it is known to have been used in the prior art before the priority date of the invention claimed.

[0032] In particular, specifications of such secure crypto processors are known (refer, for example, to Trusted Computing Group, Incorporated; TPM Main Part 2. TPM Structures. Specification version 1.2. Level 2 Revision 116, 01.03.2011), which reveal their internal structure and functioning algorithms

[0033] For example, when executed in the form of a system on a chip (SoC), a secure crypto processor receives input program instructions in encrypted form, decrypts them, and executes them within the same microchip where decrypted instructions are stored. Information on the possible interaction of a microprocessor and any other data encryption circuit elements is set forth, for example, in R. Elbaz and others, Hardware Engines for Bus Encryption: a Survey of Existing Techniques, 2005.

[0034] Consequently, there are prerequisites in place for the existence of a cause-and-effect relationship between the utilization of a secure crypto processor in the solutions vulnerable to external actions and increasing their security in use. As shown above, a hardware wallet for cryptocurrency is critically vulnerable to an external action where any unknown persons take possession of it. Therefore, it is a secure crypto processor that the invention claimed suggests using as a hardware security module.

[0035] It will be fairly easy for a specialist to implement the internal structure of a secure crypto processor in the form of a SoC. For example, a crypto processor implementing bus-based information processing in encrypted form is known from the patent document U.S. Pat. No. 4,278,837 A, 14 Jul. 1981 (claim 1, FIG. 1).

[0036] Thus, the inclusion of a crypto processor in the solution claimed allows the security of using a hardware wallet for cryptocurrency to be considerably increased in the sense understood by this application, i.e. the inclusion in the claims of an attribute characterizing the particular use of a crypto processor is essential to the possibility of achieving the said technical result.

[0037] At the same time, the fact of the said architectural solutions being known enables a specialist to integrate a CPU, input/output interfaces, an encryption module, EEPROM (Erasable Programmable Read-only Memory), RAM, Bluetooth, and an NFC controller into a SoC to assign to it the functions of a hardware security module used in the technical solution claimed.

[0038] There is no information discovered in the prior art on any tools having the same purpose as the device claimed, wherein it would be suggested using a secure crypto processor as a hardware security module.

[0039] In addition, since the tool claimed is proposed to be used in a specific environment of working with cryptocurrency payment systems (as reflected in the generic concept of the claims), the essential inventive features should include those characterizing the possibility of storing the cryptocurrency-related information in a protected memory area as well as the possibility of signing a transaction because it does not appear possible to implement the designated purpose of the device claimed without doing so.

[0040] The use of a secure crypto processor makes it significantly more difficult for an evil-doer to obtain the data which would allow an illegal transaction to be conducted subsequently because data is processed within a chip (SoC), with information transfer taking place in encrypted form.

[0041] As a memory intended for the storage of cryptocurrency-related information, it is expedient to use EEPROM (Erasable Programmable Read-only Memory). Cryptocurrency keys are normally viewed as the said information, which are placed in a protected memory area for the invention claimed.

[0042] In a preferred embodiment, it is suggested that the device claimed be executed in the form of a light rugged enclosure (for example, made of polycarbonate) housing all the main device assemblies. The enclosure may also accommodate a display and physical control elements for wallet operation. The enclosure may be designed moisture proof according to the relevant standard (for example, IP57). The display may be executed as a monochrome or color display and may be touch-screen type.

[0043] The physical control elements may be represented by an on/off button, a button to confirm transactions, a finger print scanner, and navigation elements for the user interface sections displayed on the screen. In some embodiments, the button to confirm transactions may be combined with the finger print scanner for higher security of the device claimed.

[0044] Since the invention claimed is taken to be used within the present-day infrastructure, it is preferable to ensure wireless data transfer capability implemented, for example, by using an NFC module, which allows making use of the invention in a similar way to known payment solutions such as Apple Pay, Samsung Pay, etc. To keep the device compact, it is proposed to use a combined antenna intended for the wireless charging of the enclosure-housed battery and for NFC data exchange when conducting transactions. In an additional embodiment, the device claimed may include a camera and a relevant processing module allowing transactions to be conducted by optical payment terminals reading QR code information (in and of itself, such processing is widely known and used, for example, for payments made by using mobile telephones; therefore, no detailed description of the tools and their interaction algorithms is required for a specialist). The device may be executed with two-factor authorization support based on the FIDO U2F protocol. The device may support data transfer by using the Bluetooth wireless interface.

[0045] The device may be set up by using a prior art known method, and a detailed description of such set-up falls outside the scope of the invention claimed. For example, the device is connected to a computer through an appropriate port (preferably, USB). Once it has been energized, the device launches a secure loading program which may reside in a protected memory area. The secure loading program checks the signatures of the software which controls the device claimed and forbids device operation in case of mismatched signatures. The software may be configured to support the programmed cryptocurrency wallets residing on the PC by using a prior art known method. Access to the device is set by selecting a PIN code or setting up the finger print scanner. Support for a specific cryptocurrency can be ensured by loading the relevant secure software when connection to the PC is established. The transaction recipient and the required amount can be selected by using the control elements on the enclosure, in the PC software wallet, or by reading a QR code. A transaction is confirmed by pressing the relevant button on the device enclosure. The combination of the transaction confirmation button and the finger print scanner materially increases the security of the transaction being conducted. The device may be additionally outfitted with a Bluetooth interface which can be used, for example, to implement two-factor authorization for a mobile telephone application when conducting transactions.

[0046] In addition, for higher security in using the invention, the hardware security module is configured for clearing the cryptocurrency-related information in the memory (or all information contained in the memory) if any unauthorized access attempts are detected.

[0047] The practical feasibility of such solution is known from the prior art before the priority date of the invention (refer, for example, to application US 2012185636 A1 dated Jul. 19, 2012). In a known solution, the protection module comparing the electrical characteristics of a circuit (resistance, capacitance, inductance) with predetermined values resolves to clear the memory-contained information. In the solution claimed, the application of such tool (integrated into the hardware security module or located individually, with its own power supply) may detect attempts to connect external devices to the crypto processor chip pins with subsequent clearance of the private information from the memory. The device intrusion protection module may be provided with an additional power supply source for backup power supply to the emergency memory clearance circuit.

[0048] In addition, the prior art also knows a solution which allows an electronic device to thermally self-destruct in case of attempted unauthorized access (refer to patent U.S. 9,812,407 B2 dated Nov. 7, 2017). Also known are Cypress self-destructing memory chips (https://www.cypress.com/file/99056/download).

[0049] In the solution claimed, the destruction trigger (tool) may operate in a variety of ways. The following can be used as a device penetration sensor: a tie breaker, a balanced magnetic switch, a pressure sensor, a light sensor (for various ranges), and a radio wave sensor. The intrusion protection circuit may be configured as an individual unit which disintegrates when exposed to atmospheric pressure (with vacuum created within the device enclosure in advance) or air oxygen. The mechanical control (protection) tools for penetration into the enclosure may be placed in locations which are not known to users in advance (for example, the enclosure may contemplate a number of such locations, with the device only placed in one of them chosen randomly during manufacture or the enclosure may be designed such that the tool is initially placed in random order during manufacturer and operates when the enclosure is opened). Such placement ensures that an evil-doer does not know in advance where exactly the protection tool is located and is unable to take measures to bypass it. Thus, the solution claimed may be furnished with two protection levels: from penetration into the device and from penetration into the combined chip, which significantly increases security in using the invention as disclosed in this description.

[0050] In view of numerous exemplary embodiments of the features of the invention claimed as listed above, it is reasonable to assume that the essential features of the claims may be summarized collectively to the extent to which they have been presented therein, without losing their effect on the possible implementation of the purpose of the invention and on the achievement of the said technical result.