Hackthevalley Hackathon 2017 Baar

Motivation

After the good experience last year at the six fintech hackathon, I was trilled to go to hack the valley which is even closer geographically and whose subject is even closer to Bitcoin. My goal was to gain experience with ethereum. So far I only completed the tutorials. I found the technology very interesting, but in the past, I couldn’t come up with a good idea how to make use of it. Neither did I learn of a killer product that went live. This is in stark contrast to Bitcoin. When I first learned about Bitcoin, it was immediately clear to me that this was something very special, something that I waited for without knowing.

Team formation

In contrast to the hackathon last year, most people already showed up as teams. I estimate that only about three of the fourteen teams were formed on site. I joined three guys from a bank in Paris, along with another French guy and a South African who lives in Zurich. First we had to decide on a project. We went through a list with a couple of ideas. But it turned out that for a lot of them it was hard to justify what benefit a blockchain would bring compared to a more traditional approach. That is something I see a lot in the current blockchain hype. Showing up as a team with a formulated idea is a big advantage, as the technology and possible problem areas can be explored before. But In both occasions I enjoyed it to meet new and interesting people and see what we can achieve together in this limited time.

Our project

We settled on the challenge “fighting fraud in the supply chain” with a project that puts smart locks on containers. The devices log all open and close operation on a blockchain. Unlocking operations would have to be authorized by a smart contract. The locks communicate with bluetooth low energy with an app on a smart phone. This in turn communicates to a backend that talks to the blockchain.

Implementation

Shortly after we had the rough concept, the other team members stated that they would feel more confident implementing the smart contract in java, rather than solidity. That’s why they voted for using hyperledger instead of ethereum. Setting it all up and getting the docker containers to work proved a lot more difficult than anybody anticipated. Not only had some team members Windows machines, but also on linux we faced a problem. Namely the docker containers were configured to use the google nameservers, while apparently all outside DNS was blocked by the Thomson Reuters network. The connectivity was generally very flaky.

Infrastructure

I enjoyed working with the team. But that we didn’t know the infrastructure we were working on, complicated our work considerably. The last time I programmed seriously with Java was probably 15 years ago. And we didn’t have good tool support within the environment. I’m sure it is possible to set everything up to work comfortably, but that would have cost us more time even than we lost with the complicated turnaround cycles. In the end, we couldn’t complete our prototype in time. Sure, that is is not a strict requirement of a hackathon. But it’s the pride and goal of every software developer to have the thing perform in a live demo.

Presentations and prize giving

As is common for events like this, the quality of the projects varies wildly. I think nobody in our team expected to be in the top ranks. Even though I must say the presentation looked better than my code.
The project that I liked the most was about subleasing parking spots while people don’t need them. I could imagine something like this generalized to become a decentralized form of AirBnB.
The winners were the same people that won the London HackEthon. During the presentation I thought it rather boring. It was about heart rate sensors publishing directly to ethereum. A smart contract would then take action if the data was out of order. Only after they received the price, I thought some more about it. In hindsight I can see the value in it, and that it was probably implemented better then most other projects.

Conclusion

Thanks to Thomson Reuters and all others involved for organizing this great event!
I hear a lot from Bitcoin maximalists that all other chains can’t compete with the one true blockchain. I’m also invested most in Bitcoin, but I want to be open to the possibilities of other blockchains and smart contract platforms in special. Although I must admit, I never saw a compelling reason for permissioned ledgers and private blockchains. A week before the event I learned about Bitcoin uncensored, and listened to a couple of the episodes. They essentially debunk most of the altcoins and blockchain projects. Calling them ponzi schemes and frauds. This made me skeptical of the blockchain boom, but all the more I was keen to discover good uses at and event full of blockchain hackers. I’m still positive that there are applications that can be improved with blockchains. But most of the ideas have to be descarded upon closer inspection. The only three practical uses for blockchain so far are monetary, timestamping and naming. I am looking forward to expand this list, but it’s not as easy as it seems at first.

Electrum 2.7 with better multisig hardware wallet support and Ledger Nano S

Electrum has been my favorite Bitoin wallet software for a very long time. The reason I had a look at it initially was because there was a debian package. Only when Trezor hardware wallet support was added and was not yet released, I downloaded the sources. It is written in Python. I work with python regularly, but it is not my primary language. But for frequently updating and testing experimental software, it is pretty cool. That’s how I started to report bugs in the unreleased development branch, and sometimes even committing the patches myself.
But the reason I’m writing this post is, that the new 2.7 release contains two features that are important to me.

Ledger Nano S

One is that the Ledger devices now also support multisig with electrum. I took this as the trigger to order a Nano S. It works totally different from the HW1 in that it has a display. Thus you can set it up without an air gapped computer. With only the two buttons, you can navigate through the whole setup process. As a bonus it is also to my knowledge the first hardware device to store Ethereum tokens, not counting experiments such as quorum. So I finally moved my presales ETH.

Multisig with hardware wallets

I wrote about multisig with hardware wallets before. But Thomas took it a huge step further. Now it’s not only super secure, but also super user friendly. Now the hardware wallets are directly connected to the multisig wallet. No more saving unsigned transactions to files and load in the other wallet. You can still do that if you have the signing devices distributed geographically. Given a solid backup and redundancy strategy, you can now also have a 3 of 3 multisig hardware wallet. So your bitcoins would still be secure if your computer was hacked, and two of the three major BitCoin hardware wallets had a problem, which is very very unlikely.

The only thing still missing is the debian package for the 2.7 version.

My new notebook

Last week I finally received my new notebook. It was a long journey, but it was worth it. If you didn’t follow my blog, you can read about it here, here and here.

Delivery

It was delivered in two pieces. The first box contained the notebook, and was delivered normally. The second box contained the docking station and an additional power supply. For the second box I had to send a copy of the invoice to the tax office. I expected Dell to place the required documents inside the boxes. But since it was a domestic delivery for Dell, they didn’t. And I forgot to tell my friend who re-shipped them to check. So when the second box was delivered, I had to pay the import taxes for the whole order in one go. That wouldn’t be a problem in itself, but an announcement would have been nice. Because I don’t usually walk around with so much money, I had to ask the whole team to borrow some cash. Yeah, cash was the only option.

First impression

As expected, the first impression was great. And I had high expectations because I owned a previous model already. The border less screen is a blast. The large bezel of some other devices is such an useless waste of space. Also the docking station works flawlessly. I had somehow the impression they had different models for America and Europe. But other than the power cord, I couldn’t tell anything that wouldn’t fit. Only one USB-C cable is between the dock and the notebook. This is enough for charging the notebook, connecting external monitors, USB3 devices and sound. Funny enough the Bluetooth LE Mouse has shorter wakeup times when the docking station is plugged in.
I don’t insist on linux being pre-installed to save the time installing. It is to make sure the drivers stay available also in the future. I want to make sure that the OEM’s are aware of the people who want to have sane operating systems on their devices. It is essentially the same reason I insisted on paying with BitCoin. It is my money that I spend, and thus I want my purchase to show up in the appropriate columns of the statistics. If people don’t care, some corrupt middle managers just make certain options harder to get and then claim nobody wanted them.
The only item that is not according to my wish list is the keyboard layout. I wanted a Swiss layout, but made the compromise to get a US keyboard because the other factors were more important to me. The plan was to get a swiss keyboard, and retrofit it myself. But when I look at the device now, I figured out that this wouldn’t be easy, as it would require a European palm rest. Thus I abandoned that plan. I had devices with US keyboards before. It’s no big deal, I just prefer the Swiss layout.

Installation

Every time I set up a new device, I follow the guides for installing with smartcard backed full disk encryption and smartcard backed ssh. I wanted to automate this process for a while. So I used the opportunity to write the scripts this time. Since I wanted the procedure to work reproducibly, I started over every time I missed something. In the end I installed the OS at least five times. The next script for installing all the software including those from personal packet archives is a classic. I probably created it almost a decade ago, and always refined it. I once tried to do something similar for Windows at work. But in the end I abandoned it.

Problems

No system is perfect, and especially notebooks are known to not always have perfect driver support for linux kernels. The Sputnik team certainly does a great job with routing all their tweaks upstream. So far, I only found two minor problems. Wifi and the touchscreen didn’t work after resuming. Since I use full disk encryption I, suspend only occasionally. The boot times are really ok anyway. This is my first notebook with a touch screen. I force myself to use it sometimes, but on such a small high res screen my fingers are just too big. So, it’s nice to have, but hardly essential.
It is also my first device with a 4k screen. Ubuntu does great with the scaling and settings. The only applications that don’t fully support high res that I found so far, are: electrum, bitsquare and openbazaar. Oh, and it would be nice if the applications used the DPI scaling of the screen they are currently displaying.
Last but not least, the battery time didn’t impress me the only two times I ran on battery so far. It hardly lasts for a full movie. But I will try terminating all my background tasks next time.

Update December 20th 2016

Here is a nice video describing the device:
https://www.youtube.com/watch?v=kvsgTJbIWNo

Decentralized websites and more

“Cool idea, but to be of any use, it would need more functionality and more content” was my impression when I first looked into zeronet. Back then static web pages were all there was, and no UI support for any managing tasks. The next time I checked, probably more than half a year later, it had a blog engine, subscription on the welcome page, mail, chat, forums, wiki, boards and more. Blogs was what hooked me this time. The interesting feature was that you could subscribe, and have the news listed on the hello page. So I started to write new blog posts both on wordpress and on zeronet. True, wordpress has lots of more functionality than the zeronet blog engine. Some things are nice gimmicks, but none of it is really essential. ZeroBlog is really all you need.
Some people started to leave twister for zeronet, but I couldn’t quite understand why. For me, it filled another niche. They are both very nice in their own way.

How it works

To create a site, you can execute a python command on the commandline, or simply clone an existing zite. In both cases, a private key is generated that you need to later sign the content. Signing is really easy, but you better take good care for your private keys. Make sure not to share them, but do make backups for yourself. From the private key, a public key is derived and from that a BitCoin address. The BitCoin address serves as the unique identifier for your zite. If this identifier looks too complicated, you can register a shorter name on the NameCoin blockchain, and link it to your bitcoin address for the zite. Once you sign and publish your zite, you can give the address to your friends, or publish it where other people can pick it up. Whenever another zeronet user requests your address, he sends the query into the mesh. Whoever is closest, serves the files anonymously. Now the user who visited, becomes a seeder who also serves your content. No central server required. Now you can switch off all your computers, and your zite is available. Your zite stays online for as long as there is at least one other user seeding it.

Proxies

To visit zeronet sites, or simply zites as they are called, you should run the zeronet client. The software is written in python with few dependencies. So it is really easy to run. You can either run it locally, or on a personal server. Then just visit the entry page with the browser and navigate from there. But if you want to visit a zite without installing any software, there are also public proxies. There are many reasons why running the software is better than using these proxies, but I won’t go into the details now. And I don’t list the proxies here.

ZeroMe

Then came merger zites. I read about the concept before the release, and was really curious. Some things are not as easy to accomplish with a decentralized anonymous system as with a centralized architecture. But when I had my first play with ZeroMe, my reaction was “Wow this is what I have been waiting for”. I don’t use most social media because of the centralized architecture, and because they own all the data of the users and can make with it whatever they please. There have been decentralized social platforms before, but they were usually a hassle to install and maintain or not so great from a usability standpoint. Now with ZeroMe you choose a hub to store your data, an identity provider, and a presentation. So you have three orthogonal aspects to your experience.

Data Hub

You can subscribe to as many hubs as you wish, but store your data to only one of them per identity. They can be organized by region, language or interests. The more you subscribe to, the more data will be stored on your harddrive, and the more bandwidth will be consumed. You can also run your own hub, and use it only with your friends.

Identity

The identities existed for a while. You needed an identity to write a blog, to comment on other people’s blogs, to write and receive ZeroMail, to write to boards and chats and talks and wikis. Again different identity providers have different requirements. For ZeroId you have to register your handle on the namecoin blockchain. For Zeroverse you had to send a bitmessage. For KaffieId no external proof is required. You can maintain as many identities as you like. Some can be more credible, others totally anonymous.

Presentation

The official frontend is Me.ZeroNetwork.bit. But as it is all opensource. The first forks or clones started to appear. There is the darker themed Dark ZeroMe. There is ZeroMe Plus which adds some nice features.

Worst customer experience ever

The best notebook ever

I blogged about my attempts to buy a decent notebook here before. But let’s recap quickly. In the fall of 2013 I bought a Dell XPS13 Developer edition. When Dell shortly thereafter announced that they now accept BitCoin, I had the feeling I missed out on that opportunity. Nevertheless, it was the best computer I ever had. As it came with ubuntu preinstalled, there was no hassle with drivers. Everything just worked, it was lightning fast and gorgeous. But in February 2015 it was stolen.

Paying with BitCoin

I wanted to buy the same notebook again, but this time I wanted to pay with BitCoin. The option was not available for the Swiss market, but they expanded it to Canada and the UK. I really didn’t want to find out that it would be possible in Switzerland just after I ordered. Thus I decided to hold my breadth. The waiting became very long, as my ancient intermediary notebook was having thermal issues.

Purism

The selection of ultrabooks with linux pre-installed, that can be bought with BitCoin is not so large. If It has to have a backlit Swiss keyboard, it gets really difficult. But somehow I learned about purism. Their librem notebooks looked very good. As with most startups, the people were really approachable and helpful. I was ready to order their best machine, but they kept having delays. Delivery was always two months out. When it was pushed way back again, I decided I didn’t want to wait any longer, and re-targeted for the Dell.

UK

After a lot more than a year of waiting, and asking Dell to make the leap forward, I was ready to give up the Swiss keyboard. I was ready to order from the UK instead. I was ready to retrofit a Swiss keyboard myself, and pay double taxes. I found a service that would forward the parcel. But although BitCoin was listed as a payment option on the UK Dell website, the option was not available on the checkout screen. I reported this to Dell customer support and tried on a regular basis over the course of a month. Finally I gave up on the UK store.

US

The US store had a model with a 1TB SSD that was even better than the models offered in the European stores. So I went for that. All the mail forwarding services in the US either couldn’t process my card to cover their fees, or didn’t provide a phone number. But a domestic phone number was required for the order form at the Dell store. So I asked around if I could have my order delivered to somebody in the US, and he would forward it to me. A former co-worker who lives in California now agreed. I went ahead and placed the order to his address. Because I was really in need of the device, I chose the faster, more expensive delivery method. Shortly after I paid, I received an eMail stating that the formal order confirmation should follow in two days at the latest.

Black hole

That was the one and only, and the last communication I received from Dell. After a week I started to question why I didn’t receive the formal confirmation, and I found out that the order didn’t appear on the order status page. So I tried to contact Dell order support. In order to initiate a support session, one has to enter the order number. And because the order was not properly in the system, I couldn’t contact them. I tried different means to contact them almost on a daily basis. This week I could finally chat with a support representative. He couldn’t find my order in the system neither, and gave me an eMail address. So I wrote to what appears to be the main eMail address for customer support in the US. An automated response came immediately stating that a human would respond within 24 hours. Nobody ever did of course. I reached out to coinbase to ask about my transaction. They very quickly responded. They stated that on their side everything went through normally, and that Dell indeed received the money. Somebody on a forum suggested that the order might be canceled because of some obscure export regulations. But why a company would cancel an order on such a basis without ever notifying the customer is beyond me.
It has been almost a month now, that I have been desperately trying to find out, when I will receive the notebook that I really need. Dell didn’t even bother to tell me anything. How is that different from the worst scams and frauds out there on the internet? To me that was a lot of money that I sent. I thought of Dell as being trustworthy. No more…

Update September 8th 2016

Barton sent me a mail today stating that they found the problem. They made sure it doesn’t happen again. And the notebook should be delivered early next week. Looking forward…

Update September 22th 2016

The box with the precious new power machine was delivered to me today.
Hooray! Finally! Jay! So excited!
Now I know what I will do tonight… Setting it all up.

The legacy banks in Switzerland

Transaction costs

I have a separate bank account for my tandem flying hobby at the local bank where I live. I didn’t want a plastic card for it, and setting up online banking turned out to be too complicated. So I pay a CHF 3.00 fee for every withdrawal at the counter. That is, if I go to the branch at my home town.
But last week I wanted to withdraw some money near where I work, less than 30km away, at a branch of the same bank. The teller told me that he would have to make a phone call to the other branch, and that the transaction would cost CHF 10.00
That was too much for me. Considering that a bitcoin transaction to Australia (16’000 km) costs CHF 0.02, the transaction cost of the retail bank per km is more than 250’000 times as expensive as that of BitCoin.

Communication

In Switzerland we usually don’t tell each other how much we earn, or how much we have on our bank account. Swiss Banks even had a reputation of secrecy up until recently. Naturally when you communicate with your bank, you expect this to be confidential. So I asked my bank representative for his public key some years ago, so that we could exchange encrypted emails. His answer was that I would have to use the messaging in the online banking platform in order to enjoy encrypted communication. I strongly dislike to have to log into different web platforms in order to communicate with different people. Some banks even communicate with their customers through centralized unencrypted social media, thus voluntarily introducing a man in the middle. I just had to accept what they offered for the time being. Hence I used this messaging system to cancel my credit card last year. He asked me if I wanted to cancel right away, or just not renew it when it ran out in a couple of months. I opted for the later. But then it was renewed nonetheless. So I asked what went wrong, and to please fix it. The answer was, that I didn’t specify when to cancel. Of course I did! Whether the message disappeared from the system because of some glitch, or was deleted intentionally to cover up incompetency doesn’t really matter. Fact is, the communication channel failed completely. Accountability is an important part of communication. This incident cost a lot of trust that I had in my bank.

Stranded funds

But the story with the cancelled credit card didn’t end there. Because it was not cancelled in time. Some company where I used a service, renewed without my consent. Thus they charged the card that should have been terminated by that time. So I had to send a printed form for the chargeback to the card operator. It took some time, but the money came back to my card account. And for another half a year, I receive a monthly letter stating the balance would be reimbursed next month. I misinterpreted this that it would be automatically sent back to my bank account. But it won’t. I have to send them another signed letter by snail mail to perform the obvious. As if it was 1995, and the electronic signature on my email was not 1’000 more secure than the ink on the paper.
Maybe I’m just spoiled with how well everything works with BitCoin. But the legacy banks really could do a better job.
Companies that deal with BitCoin usually:

  • Have competent and responsive customer care
  • Offer real two factor login with hardware tokens
  • Encrypt and sign the eMails with OpenPGP
  • Execute transactions instantly, not only once per work day
  • Have reasonable fees, even if the volume is still ramping up
  • Care about the usability of their platforms

And where they have limitations, they are usually imposed by the legacy financial institutions.

Why I still have no new notebook

It has been more than 14 months since my XPS 13DE notebook was stolen. Ever since, I was on the hunt for a replacement. I have just some simple requirements that seem so difficult to meet:

  • Linux pre-installed
  • Payment in BitCoin
  • Swiss German Keyboard with back light
  • Ultrabook (slim and powerful)

The natural choice would be to go with the successor of the model that I was so fond of. Dell does accept BitCoin, but only in the US, UK and Canada. Unfortunately they don’t sell Swiss keyboards in those markets, and I don’t know where to get a keyboard to retro fit.

There are a few vendors selling devices that fulfill some of the requirements, but I found only one so far that can achieve them all.

The best choice at the moment seems to be a Librem13 or Librem15 from purism. The 13inch model has only an i5 processor, and no backlit keyboard. So I would opt for the 15inch model. They have difficulties getting the display panels. And lots of the devices they shipped internationally didn’t reach their destination. This an unfortunate situation, but they seem very friendly and responsive. From what I can observe, they give their best to resolve the situation as good as they can. At the moment It looks like I have to wait two more months to get a Librem15.

Here are some devices that I considered:

Model Linux BitCoin Keyboard Ultrabook Remarks
Dell XPS13 Developer Edition yes no yes yes Very nice device
Purism Librem15 yes yes yes yes Waiting for display, and shipping problems
Tuxedo yes unknown no yes Only German Keyboards
Why yes no yes yes Out of stock

If you know of a device that fulfills my requirements, and is not listed here, please tell me.

A new era for eCommerce

OpenBazaar went live a short time ago. Even if it still has some rough edges, it offers the best user experience ever for buying or selling something on the internet.

I installed the earlier beta versions last year with great interest. But the developers decided that the core of it was not good enough, and started over from scratch. It still looks somewhat similar on the user interface side. But by looking at the sources and architecture, you can clearly see the difference. The old version was easy to run directly from the sources. The new one uses too much stuff that I’m not familiar with, so that I have to rely on the deb package. This in turn works flawlessly. The only thing that’s missing is a repo, so it would upgrade automatically.

Enough about the technicalities, let me describe what it’s all about. It simply is the easiest and most convenient way to buy or sell something online. No annoying insecure logins, no expensive or slow payments, no complicated shop to set up, just plain and simple.

After you installed the desktop client, you set up your profile which will take five minutes, is very simple, and has to be done only once.

Then you have the option of setting up a store. That is even easier than configuring your profile. Adding an item takes about a third of the time it would on ebay.

If you want to buy something, you can either browse through the listings, or search by tag. When you found what you want, you click on it for closer inspection. If you want to buy it, click the buy button. And that is where the real magic starts. Payments are in BitCoin (the magic internet money), that has arbitration built right into the protocol. You can either send the funds directly, or select an arbitrator from a list. Central services like ebay have only one arbiter service, and from what I read on the internet they are usually not that interested in finding a good solution. In contrast, here you can select from a list of moderators. The moderators can set their fees individually, and build a reputation. Thus a healthy competition among them should arise.

Ok, you selected a moderator, and the delivery address from your profile. After you confirm, you are presented with the familiar qr code that you scan with your mobile BitCoin wallet, or click the link to pay with a desktop wallet. In doing so, you send the coins to a multisig address. That is like a blocking account, but it was set up fully automatically, individually for every trade, and without fees. Once you confirm that you received the goods and are satisfied with them, you akknowledge it. The funds are then immediately released to the merchant.

Should something go wrong, you open a dispute, and the selected moderator will try to find a solution that all parties involved can agree upon. He might ask for a video of the unboxing, tracking information or whatever could help in resolving the dispute.

Now lets look at the merchant side. Up until now what you had to do if you wanted to open a small store on the web involved : buying a domain name, buying web hosting, setting up a website with a store, get a merchant account at a bank and a card processor … way too complicated!

All you have to do with OpenBazaar is checking a box in the settings, and start listing your items.

As it is fully decentralized, there is no central authority that could censor. This is great in many respects, but it could also be annoying if you get to see offers that you rather wouldn’t want to even know about. Early on people speculated if it would become the successor of the silk road. I also was worried that this aspect could ruin the great platform for the rest of us. But the developers came up with a brilliant plan: The nodes talk to each other over UDP. While it caused some headaches for NAT traversal, it can’t be routed through TOR. Hence it is easy to get at the real IP address, and if really bad stuff is involved, the police can ask the ISP for the client’s name and address. I truly hope this is enough to keep the platform clean. There were some reports of drugs listed on the first few days. I don’t know if it was for real, but everyone seems to agree, that this is a stupid idea.

If you did not install OpenBazaar yet, you can still browse the listings at : http://bazaarbay.org/

For example, my store is at : http://bazaarbay.org/@ulrichard

SIX fintech hackathon

I learned of hackathons before. It sounded interesting, but either they were too far away, the topic was not interesting enough, or the date was already booked. This time was different. The topic is really what made it interesting enough. FinTech is about new technology in finance. I’m sure there was innovation in the financial industry in the last 50 years, but it was not very visible, and not as fast as in other industries. Recently I read about an employee in a bank that was asked upon his retirement, what was the biggest change in the last 40 years in his job. His answer was : “air conditioning”.

With the advent of BitCoin, the financial sector started feeling some pressure to innovate. I don’t really know how the term FinTech was born, but this all might have contributed. So one thing was clear for me about the hackathon from the beginning: The project had to be about BitCoin.

SIX is probably one of (if not the) biggest service providers in Swiss finance. They run the Swiss stock exchange, most card terminals in brick and mortar shops and PayNet where people can receive electronic invoices in their online banking. These are only the most visible products. They organized the hackathon for the first time a year ago. This time it was in two locations: Z├╝rich and London. Watching last years videos I realized that the event would be organized much better than I expected. And the actual event was even better than the videos promised.

So I went to the Schiffbau which is a former ship building factory turned into theater. Everything was prepared, and we were welcomed with a dinner. The opening ceremony included a very entertaining speech from an editor of the Wired magazine. Next were presentations for the four workshops. I watched “Blockchain, Smart Contracts and Beyond” and “Cognitive Computing in Fintech”. Both were interesting, but not exactly what I expected.
Some teams were already formed, the others went to the match making session. Everybody who had an idea for a project could present it in a few sentences. Then the teams were formed. The Idea I presented to implement a bridge between PayNet and BitPay didn’t spark a lot of interest, so I helped implementing another endeavor.

Our team set out to implement a bridge between PayMit and BitCoin, thus we named it BitMit. I knew the name was familiar, but it took me a while to remember that BitMit was also the long defunct Marketplace that worked like eBay, but with BitCoin. The responsibilities were quickly found: Iwan would implement the IOS app, Mark would implement the management dashboard, Roger was responsible for the Presentation of our project and I implemented the backend.

IOS App
We received an API for PayMit that came with an example app. The app had buttons for buying certain products. So Iwan replaced the buttons for different denominations of popular crypto currencies. When a button was clicked, the app would first execute the payment using the PayMit API and then communicate with our BitMit backend. Finally it displays a receipt including the BitCoin transaction ID. Apparently working with Apple’s XCode is a very special experience that is far from intuitive.

Back-end
The back-end was responsible for providing a simple API for the IOS app, interacting with the BitCoin blockchain and managing a BitCoin hot wallet. We chose python and flask to do the task. Most members in our team were familiar with python and flask. I only implemented a very small project with flask a few years ago, but that knowledge was almost enough for the task at hand. I wanted to make use of electrum servers to have it lite weight. But Friday and Satturday we wanted to use the BitCoin testnet, and unfortunately there are no electrum servers for testnet. So I went with BitCoinCore.
At first we were not so sure where the backend would run. My notebook would be good enough for the time being. But then the guy from IBM offered to have it running on their cloud. He helped me setting everything up. When connecting with ssh to the ubuntu machine, I didn’t even realize that it ran inside a docker container. And the beast was fast! With the 48 cores and a fast internet connection, the BitCoin blockchain was synchronized in less than six hours.

Management Console
Compliance and auditing is very important for Banks. Thus our Service has to have a means of keeping track what is going on. Mark implemented the front-end using React. I certainly heard this buzzword before, but never saw actual code. It’s quite cool how simple the code looks when the task fits the framework.

Pitch
The presentation or pitch was allowed two minutes max. And a gong would terminate it abruptly on stage. The first iterations were roughly twice that long. It was hard to cut it down to the right duration. Too valuable all the information we wanted to communicate. Roger had a very good opening, which I don’t even know if it was still part of the final pitch.
Before entering the final, we gave the pitch a couple of times. Most important was the presentation to the jury. After the pitch the judges could ask us questions. One guy obviously had no clue about how BitCoin works. When this guy was later presented as member of the board and announced the winners, I felt our chances dramatically dwindling.
I took a video of the pitch Roger and Iwan gave for the final on the main stage. It is streaming from the ipfs.

Our project might be not the most novel idea, but it fills a need. Other projects that were presented sound very funny at first but after thinking it through you don’t think anybody would use it. Still others had only fancy slides but nothing functional to show. But there were also projects that made a really good impression. That is probably the expected outcome from a hackathlon.
For me it was a fun and entertaining experience. I will surely participate in other hackathlons. A big thanks to SIX for organizing the event and for all the good food and drinks we enjoyed.

An interesting fact that I observed was the computers used by the participants. About 90% of them were from apple. Most of the remaining computers ran some kind of flavor of linux. And I saw a single one running Windows.

Super secure BitCoin storage

I wrote about multisig with different hardware wallets something more than a year ago. Back then It was awfully complicated and I didn’t really get it working. A lot of progress has been made since then. The functionality was added to electrum last summer for trezor. I couldn’t test it however because my two trezor are initialized to the same seed, and the recovery sheet is distributed geographically. On top of that, the functionality was, and still is not implemented for ledger wallets. Like I wrote in a previous post, I recently received a keepkey. Multisig functionality was one of the main topics I wanted to experiment with the new device. My goal with this is not for everyday use but for super secure storage of BitCoin.

We are going to create a multisig wallet consisting of trezor, keepkey and ledger HW1. I assume, an electrum wallet is already set up for each of them. Further I assume, the seeds for each of them are written on the paper cards. These cards shall be properly secured. To further improve security, you can split the cards and distribute the contents geographically for example in different vaults.

First you will have to extract the xpub from each one of them. I used the main account. While I assume it would work with secondary accounts as well, I can’t be sure without testing. To construct the multisig watch-only wallet with electrum, follow these steps:

  • File -> New/Restore
  • Enter a name of choice. I use 2ofTKH to indicate 2 of x multisig with Trezor, Keepkey and HW1
  • Select “Restore a wallet or import keys” and “Multi-signature wallet”
  • Select 2 of 3
  • Enter the xpub’s from the three different hardware wallets into the three edit fields
  • Wait for electrum to generate the addresses

Receiving works the same way as every other electrum wallet. But for sending, follow these steps:

With the multisig watchonly wallet:

  • Go to the send tab, and enter the information just like with regular electrum wallets.
  • Click the “Send…” button
  • Notice that the transaction dialog doesn’t have a send button
  • Click the Save button, and save the file as unsigned.txn
  • Close the transaction dialog

With the trezor wallet:

  • Tools -> Load transaction -> From file
  • Select the unsigned.txn that you saved before
  • On the Transaction dialog that opened, click Sign
  • Confirm the transaction on the trezor
  • Note that the status is: Partially signed (1/2)
  • Click Save, and select a name like partially_signed.txn
  • Close the transaction dialog

With the keepkey wallet:

  • Tools -> Load transaction -> From file
  • Select the partially_signed.txn that you saved before
  • On the Transaction dialog that opened, click Sign
  • Confirm the transaction on the keepkey
  • Note that the status is: Signed
  • Click the Broadcast button
  • Close the transaction dialog

The Ledger HW1 can also do multisig, that’s why I used it as the third key. But so far, the functionality is not implemented in the plugin.

The reason I wanted to constuct the multisig wallet with hardware wallets from different vendors is this: Suppose a weakness was found in one of them, at most one of the keys of the multisig could be compromised.

Yes, the procedure is somewhat lengthy and cumbersome. It is not intended for everyday use, but for secure storage of higher value savings. So the usability tradeoff is completely ok for me. Given the security offered by this scheme, it is the most user friendly procedure that I am aware of.