Skip to content

Coldcard/ckbunker

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

CKBunker

Screen Shot of CKBunker

Full Documentation

  1. Installation
  2. Setup Bunker
  3. HSM Policy
  4. PSBT Signing
  5. Message Signing
  6. Contributing Code

What is the Coinkite Bunker?

It's a python program that you run on a computer attached to a Coldcard. It will setup and operate the Coldcard in "HSM Mode" where it signs without a human pressing the OK key. To keep your funds safe, the Coldcard implements a complex set of spending rules which cannot be changed once HSM mode is started.

Using the tord (Tor deamon) you already have, the CK Bunker can make itself available as a hidden service for remote access over Tor. A pretty website for setup and operation allows access to all HSM-related Coldcard features, including:

  • transaction signing, by uploading a PSBT; can broadcast signed txn using Blockstream.info (onion)
  • define policy rules, spending limits, velocity controls, logging policy
  • user setup (TOTP QR scan to enroll on Coldcard, or random passwords (Coldcard) or known password

The bunker encrypts its own settings and stores the private key for that inside Coldcard's storage locker (which is kept inside the secure element of the Coldcard). The private key for the onion service, for example, is protected by that key.

What is Coldcard?

Coldcard is a Cheap, Ultra-secure & Opensource Hardware Wallet for Bitcoin. Get yours at ColdcardWallet.com

Learn more about the Coldcard HSM-related features.

Follow @COLDCARDwallet on Twitter to keep up with the latest updates and security alerts.

FAQ

Will HSM mode be supported on Mk1 or Mk2?

Sorry no. CK Bunker only works on Mk3 because we need the extra RAM and the newer features of the 608 secure element.

What is HSM?

"Hardware Security Module"

Learn more about the Coldcard in HSM Mode

Quotes

"Basically the cost of a Bitcoin HSM with custom policies is now the cost of a coldcard and you don't need a thirty party to maintain it." - Francis P.

About

CKBunker - A Bitcoin HSM solution to securely authorize transactions using an online Coldcard (over Tor)

Resources

License

Unknown, Unknown licenses found

Licenses found

Unknown
LICENSE
Unknown
COPYING-CC

Stars

Watchers

Forks

Packages

No packages published