To quote the developers of this device: “OpenDime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.” In this article I’ll try to explain how to use it, is it secure and why would anyone need such a device.
I bought OpenDime with my own funds with a rather impractical purpose – to see how it works from a UX perspective. It feels like this device is made in future, where we’re living in a cyberpunk scenario as OpenDime gives you the chance to hold and touch this immutable digital asset (Bitcoin) in the palm of your hand. Yes, I know that I’m actually holding just the access (keys) to said digital asset, but let’s not get into semantics. So why would anyone need this device?
Use case for this device is rather simple – Bitcoin payments in a physical form. Essentially you can “deposit” Bitcoin worth millions of dollars in this device and carry around in your pocket. If you want to gift some Bitcoin to a technophobe or securely purchase a product securely without waiting for 6 confirmations, then here’s your chance. Especially fascinating seems the option that enables to top-up OpenDime by a third party at any time and from any location in the world.
Here’s a scenario: Bob goes to China to buy some raw materials, he’s given an empty OpenDime and a contract with an unspecified amount of money required, which he needs to sign with the seller. Right after the goods are inspected and a deal is made for how much it’ll cost, the contract can be signed and Bob can contact his employers to top-up said OpenDime with the required amount. Bob then gives away his OpenDime to the seller and seller can instantly ship out the goods. All parties are satisfied, no trust involved.
How to use OpenDime…
Generating private & public key pair:
- Plug OpenDime into any computer;
- Copy some random data (at least 256K) to the OpenDime drive (i.e. take a picture or download random byte string from random.org);
- As soon as OpenDime receives enough data it’ll automatically disconnect;
- Once OpenDime drive is available for second time you can open the index.htm file that’s located in it. There you’ll see the Bitcoin public address, link for the device verification and a link that allows you to check your balance. This means that the key pair was generated successfully.
Note: Instructions in other languages are available in that same index.htm file prior the generation of key pairs.
Using it:
- Send some bitcoin to that public key;
- Store it, trade it, give it away.
Accessing the private key:
To get the bitcoin out from OpenDime you need to physically change this device by unsealing it. To unseal OpenDime follow these steps:
- Use a pin to pierce the ring that’s on the bottom side of the device shown by the arrow (marked with a red circle in the picture below).
- After pushing out the resistor you need to connect OpenDime to a computer; if the resistor was properly removed, then a file named private-key.txt will be available on it.
- Private key that can be imported into most Bitcoin wallets is available on that file.
Note: During this process a permanent change is made inside the flash memory of the processor, which makes the private key easily accessible, thus future use of OpenDime is absolutely not secure.
Cost
OpenDime is not cheap. 1 set (3 OpenDime stick) cost $37.5, which is $12.5 per device. This means that for small payments this device is not very suitable and I’d say that one can call it reasonable only for amount exceeding ~$1250. You must also add the cost of Bitcoin transactions that are required for depositing and withdrawing to/from the device.
On the other hand we must also account for the fact that OpenDime can be passed along between multiple parties thousands of times, so the initial cost is high only for the first owner of OpenDime, but for other users it’s essentially nothing.
How about security?
At first I was skeptical about the security of private key, but after reading OpenDime FAQ my doubts were slightly alleviated, but I’m still worried about OpenDime form factor (USB drive). Answers to my doubts/inquires were found here, which is a long read, so here’s a quick rundown:
- Key pair generation is secure even on unsecured devices
- It is easy to verify the device using built in tools (verification link can be found in index.htm file)
- It’s impossible to falsify verification link
- It’s impossible to re-seal the device as there are permanent changes made into flash memory after unsealing it
- The expected reliability of the chip storing private key is 25-100 years.
I’d like to think that Coinkite has thought about everything, but in my opinion OpenDime is fragile (can break easily) and most likely it’s not waterproof. I’m also certain that it wouldn’t survive an EMP, but let’s not go there. So there’s definitely room to improve.
There’s also chance that other USB devices holding viruses or USBKill will be masked as OpenDime, taking advantage of unsuspecting users and damaging their computers.
Conclusion
OpenDime is a 3-in-1 – Bitcoin piggy bank, hardware wallet and a bearer bond. It is a relatively safe way to transact and store Bitcoin (and Litecoin). Setup of the device, it’s usage and unsealing process is fairly easy, however for technophobes and grannies the need for such a device will be a hard pill to swallow, which makes me think that this is still not an end product, but definitely a step in the right direction.
Will we use OpenDime (or similar devices) only time will tell. Personally I feel a bit pessimistic as the implementation (price, balance checking, security) is still not at the level which I’d call optimal, but if I ignore my pessimism it does feel like I’m holding a piece from the future and can only hope that my purchase will help Coinkite to develop innovations in cryptocurrency ecosystem, which will result into exceptional product.
Where to buy? Coinkite
How much? 37.5$ for 3 sticks (sheesh)
How about shipping? 9.83$ (to Latvia)
Can I pay with Bitcoin? Yes, but the exchange rate for Coinkite was VERY bad