James chats with Eliza about systems, systems of systems, operating systems, java, java cards, what posix did wrong, and a ton of other rust adjacent things. Originally Recorded on 2022-04-08.

Hello, This is my very first thread on Stacker.news. Even if the topic is about a brand, it's in no way a promotion for said product. On the contrary, it highlights the free, open-source nature of the solution, as well as the latest technological advances of the device. Introduction Let me introduce you to the Satochip hardware wallet—an EAL6+ certified smartcard equipped with NFC, designed to act as a signing device for Bitcoin and Nostr events. Why smartcards? Smartcards offer several advantages: Affordable and widely available; Dual interfaces - contactless (NFC) and contact (Chip); Minimal electronics, reducing the attack surface; Secure Element (SE)-based for enhanced security. What makes Satochip unique. Satochip stands out because it is 100% open-source. You can build your own signing device in under 10 minutes for just a few dollars. Additionally, this signing device has been natively supported by Sparrow Wallet since version 1.8.0. Smartcard Satochip applet The latest beta Satochip applet is available on Toporin's official Github. This release comes with: Schnorr signature support for Taproot (to be used with Sparrow-Satochip wallet) Schnorr signature support for Nostr (no key tweaking) How to use it - Bitcoin As said previously, if you build your own hardware wallet, you will be able to use it with Sparrow Wallet out of the box to sign your Bitcoin transaction. PIN code protected and BIP32/BIP39 compliant and can also be used in a multi-sig setup. How to use it - Schnorr Schnorr signatures can be tested using Pysatochip v0.15.3 command line interface: Import a private key on keyslot #0: python3 satochip_cli.py --verbose satochip-import-privkey --keyslot 0 --privkey aabbccddeeff00112233445566778899aabbccddeeff00112233445566778899 Get the corresponding publick key: python3 satochip_cli.py satochip-get-pubkey-from-keyslot --keyslot 0 Sign a hash with Schnorr on this keyslot: python3 satochip_cli.py satochip-sign-schnorr-hash --hash 796962c8f2a7b8540f818cbe37d2894b1ab4b71bccddced12e2a4dc11d8802c3 --keyslot 0 How to use it - Nostr You can sign a Nostr message then broadcast it using a specific command: python3 satochip_cli.py --verbose satochip-sign-nostr-event --keyslot 0 --message "Just discover Satochip and it's fcking great!" --kind 1 --broadcast Build your own signing smartcard Grab a compatible JavaCard Navigating the Javacard ecosystem can be difficult... There are many different configuration options that are available, even within the same chipset. For example, while there are multiple Javacards that use the NXP JCOP4 P71, it is generally the SECID versions that will work, whereas EMV versions will not. Tested and working JavaCards The following cards are readily available, tested and confirmed to work. NXP JCOP4 P71 SECID Based Javacards J3R110 J3R180 NXP JCOP3 P60 SECID Based Javacards J3H145 THD-89 Based JavaCards (these currently don't work reliably with the official Satochip builds) CodeWav NFC Sticker Tag Micro Edition THETAKey T101 THETAKey T104 (CodeWav-2 NFC Card) Javacard features required The list of tested cards above isn't exhaustive and generally speaking a Javacard needs to support the following features: Javacard 3.0.4 (Or higher) Support the following Functions javacard.security.KeyAgreement: ALG_EC_SVDP_DH_PLAIN, ALG_EC_SVDP_DH_PLAIN_XY javacard.security.Signature: ALG_ECDSA_SHA_256 javacard.security.MessageDigest: ALG_SHA_256, ALG_SHA_512 javacard.security.RandomData: ALG_SECURE_RANDOM javacardx.crypto.Cipher: ALG_AES_BLOCK_128_ECB, ALG_AES_BLOCK_128_CBC_NOPAD Requirements You will need: OpenJDK version 8 + GlobalPlateform, the tool needed to flash the card A generic smartcard reader The Satochip applet file Download OpenJDK On Windows You can download OpenJDK 8 here Once downloaded, you can install it with all the defaults. On Linux sudo apt install openjdk-8-jdk Download the Satochip applet Grab the Satochip Applet on the official Github repository Flash the applet to the JavaCard This repository includes a release of GlobalPlatformPro which can be used to flash the applets. GlobalPlatformPro requires a working installation of Java, so if you didn't install Java at an earlier step, you need to do that before proceeding... To flash the applet using the default AIDs (which is required to work with existing Satochip compatible software) you can use the following commands. On Windows gp.exe --install ./ SatoChip-v0.14-0.2.cap On Linux java -jar gp.jar --install ./ SatoChip-v0.14-0.2.cap Applets can be uninstalled in the same way using the --uninstall command. Conclusion Satochip represents the perfect blend of open-source philosophy, affordability, and security. By leveraging widely available JavaCards, it makes secure, hardware-based cryptographic signing accessible to everyone. Whether you're using it as a multi-signature Bitcoin wallet, an affordable signing device, or a Nostr event signer, Satochip provides a versatile and trust-minimized solution. With its 100% open-source codebase, anyone can audit, modify, or even build their own signing smartcard in minutes—ensuring full transparency and complete user control. As the ecosystem evolves, the Satochip community continues to push the boundaries of security and self-sovereignty in Bitcoin and beyond. The tools are here. The code is open. The possibilities are endless. 🚀 [13 comments, 60000 boost]

JCardEngine - Java Card Runtime Simulator 🩺. Contribute to martinpaljak/jcardengine development by creating an account on GitHub.

YouTube video by HackersOnBoard

YouTube video by ThothTrust ThothTrust