Putting private keys in a physical, real world device is not the most common thing these days, but many various ways of doing this exist with OPENDIME being one of the first. It allows you to physically give bitcoin in meatspace without paying transaction fees, waiting for confirmation delays or having the transaction recorded on the blockchain. We think it’s safe to say OPENDIME isn’t like other wallets!
Introducing The OPENDIME Wallet
The OPENDIME is made by Coinkite and is the 4th iteration of OPENDIME to date. Coinkite, a Canadian company, has been a leader in Bitcoin only hardware wallets since the company started back in 2012.
Over those many years they’ve been relentless in improving and upgrading the security features in their line up which includes the more well known COLDCARD Mk4, SATSCARD and TAPSIGNER.
What Is OPENDIME?
OPENDIME is the worlds first Bitcoin bearer instrument, also sometimes called a “Bitcoin Stick”. You simply load bitcoin onto the receive address that it provides and then physically hand it to someone just like you would with a regular dollar bill.
The receiver can check and confirm that the bitcoin, whatever amount it is, is on the USB stick and that you don’t have the private key to control the funds. When they want to spend the bitcoin, they simply push a pin through the marked hole on the back. This physically changes the OPENDIME (it pops off a resistor) and makes the private key available in a text file on the device.
Import that private key into any regular bitcoin wallet and spend the funds just as you normally would!
Physical Bitcoin Manifested
While bitcoin is a digital cryptocurrency, the OPENDIME brings it into the real world by giving it a more physical presence that can be handed from one person to another just like regular money. Unlike regular dollar bills though, you could theoretically send whatever amount you wanted to it (even billions!) and it’d still be just as small and portable.
What Cryptocurrencies Does OPENDIME Support?
The OPENDIME, like all of Coinkite’s products, only supports bitcoin. This is one key thing we fully support them on as they have precisely zero chill for altcoins. Even ignoring all the scams and complete nonsense that 99.99% of altcoins represent, supporting them requires extra code which increases attack vectors and reduces the security of the hardware wallet.
If you’re wanting support for other crypto holdings, you can stop reading this review right now as Coinkite never has and never will support them. We’d probably suggest the BitBox02 Multi instead.
How To Use The OPENDIME
Using the OPENDIME is technically easy, but is quite unlike pretty much anything else you will have ever used before. In essence it has a few key states.
To begin with, like most other hardware wallets, you need to generate your private key. This is done in a rather unique way as once you plug it into a USB port it appears as just a regular USB drive.
To begin the key generation process you have to copy over some random data such as a picture or two (it needs at least 256k bytes of data) to the USB stick so that it can use them as part of the way it generates randomness. Once it has enough random data copied over to it, it generates the private key and ejects itself.
When you plug it back in, the files and state of the device has permanently changed. There’s a bunch of different folders and files present and it will now show you a bitcoin payment address for you to send funds to.
At this point you can transfer as much or as little bitcoin to it as you want like a piggy bank. You also don’t need to have the device plugged in to send bitcoin to it, just to get the payment address.
In its receiving (sealed) state you cannot access the private key. So any funds you send to it cannot be sent unless you put it into its unsealed (spending) state. While it’s in this receiving state you can also physically give the USB stick to anyone you want.
They can confirm that the bitcoins are present on the private keys the OPENDIME has generated and that you don’t have access to them to spend the funds too. They can then pass it onto someone else if they want too and on and on as many times as needed.
Eventually someone receiving the USB stick will want to actually spend the bitcoin. To do this they’ll need to push a pin through the specified hole on the device which will again, change its state.
When plugged back in, it now will have populated the private-key.txt file with the private key so you can actually spend the funds. After the funds have been swept to another address, the OPENDIME is considered “used” and should be thrown out.
OPENDIME Use Cases
So why might someone use this? Well just like you might use physical dollar bills, it allows for a number of different use cases such as giving a bitcoin gift, paying for something like an in person purchase or any other type of trade.
Maybe you want to have 2-3 of them all pre-loaded up with various amounts of bitcoin and stored in a special bag in case things go wrong. You can take them with you quickly and pay anyone, anywhere even if you don’t have internet access or any other money.
Instant And Off-Chain
Another super handy benefit of transacting bitcoin in this manner is that it’s instant, final settlement that’s off-chain. This means you don’t have to wait 10 minutes (on average) for the next block to be confirmed and you also don’t have to pay whatever transaction fees are at the time.
We can imagine that in the future if fees do escalate lots it might become quite an important reason to use an OPENDIME. When you hand someone one of them with 1M sats on it, there’s also no public record, no transaction fee to be paid and it’s instant.
What’s In The Bag?
- 3 x OPENDIME
- Getting Started Card
Quick OPENDIME Review
Design & Hardware
There’s really not a great deal to say about the design and hardware here. Coinkite openly admit that they’ve tried to cut all expenses “to the bone” in order to make them as cheap as possible. The bare circuit board design also helps to show the inside so you can see if anyone’s tampered with it or not.
It’d be nice to see a USB-C version, or perhaps one that has both USB-A and USB-C connectors on it so that it can be easily plugged into a phone or tablet without having a dongle on hand.
They only come in 3 packs and you can also get them in a Bitcoin orange special edition color as well as green too. We also love the “legal tender” artwork around the key chain hole. Super nice!
Physical Size & LEDs
Each OPENDIME is 12 x 47 x 5 mm (3 cm³) and weighs just 5 g / 0.18 oz. Obviously they’re tiny which makes them easy to attach to a key chain, chuck in your bag or just generally have them anywhere you’d like.
They also have two small LEDs just near the key hole area, a green and red one, to indicate data activity and current status. These LEDs will work even if you just plug the OPENDIME into a power source and not a computer. There are four different ways they can flash:
- Green (Solid, Brief Flash Of Red): New. Not yet loaded with enough entropy (setup time)
- Green (Brief Flickering): Sealed. Your funds are secure
- Red / Green Alternating: Unsealed. Private key has been revealed
- Green Lights Flash (Fast): General reading and writing to drive
Apparently these specific patterns have been chosen so that it’s very difficult to change them without making large hardware changes to the board.
One important part is the protective silicone cover on each one. This servers multiple purposes including protecting the physical device and making it harder to tamper with the device.
As best we can tell from their website, Coinkite doesn’t offer any official warranty on the OPENDIME wallet.
We cannot and do not warrant that the Products will meet your requirements or expectations, will operate without interruptions, that they will be error-free, virus-free, that the results obtained from their use will be timely, accurate, reliable or current or that any or all deficiencies can be found or corrected.Coinkite’s Terms Of Sale
Security & Privacy
The security model for OPENDIME is again, quite a bit different to most other hardware wallets out there due to its unique design and use. That being said we think Coinkite has done a pretty great job given how cheap each individual device is.
It’s designed and built as a one time use only product, so there’s always going to be certain sacrifices, but now that they’re on their fourth generation it seems most kinks have been ironed out.
Code Openness & Reproducibility
The firmware for the OPENDIME is publicly available, but not open source.
While Coinkite don’t seem to list any license for it and simply refer to it as “source code” not “open source”, we’re going to conclude it’s just source available. You can see the full code for all states of the OPENDIME on their GitHub here.
Coinkite is of course in their full right to have it simply be publicly visible rather than FOSS as it’s their code and their business. They’ve also ensured that their website is accurate, unlike many other vendors, and now states that their source code is “verifiable”.
We consider fully open source to be the gold standard, so the OPENDIME looses a point for this only having verifiable source code. That being said it’s still hugely ahead of most other hardware wallets that don’t even have any of their code available. All of OPENDIME’s firmware builds are also fully reproducible too which is excellent and means they score near perfect marks for this section.
Paramount to a bitcoin wallets security is precisely how it generates your private keys as this is what everything is derived from. While we have seen more robust and more redundant forms of seed generation, for example on their COLDCARD Mk4 product, the OPENDIME still does a perfectly fine job for what it’s meant for.
You’re not securing millions here, you’re using it for maybe at most a few thousand of dollars we’d imagine, but the key is still derived from real world, random entropy along with multiple other randomly generated sources. We can even prove this by simply looking at the code they use to verify it:
As explained by the comments, they take in whatever customer data you provide and combine it with the chips serial number and a randomly generated (by your computer) nonce. They then double hash it et voilà!
Opendime is delivered without any private key. You must give it entropy (random numbers) the first time you use it. Once it’s gotten enough numbers, it will hash them all together and use that to pick a random number to use as the private keyCoinkite
The user data combined with the random nonce gives multiple unpredictable processes meaning the OPENDIME gives excellent security for your new wallet.
An ultra secure generated seed means nothing if it’s not managed and stored properly. Unfortunately there is where the OPENDIME falls down slightly, but mainly just as a result of how it’s designed and meant to be used.
Each OPENDIME is, in Coinkite’s own words, only meant to be used once:
We expect most Opendime units to be loaded once, probably with a “round number” of bitcoins, and unloaded exactly once in their lifetimeCoinkite
As a result, it means that it not only has just one address, meaning users can reuse it causing privacy issues, but that in order to get to the private key and spend the funds the user must plug it into a computer which could be quite risky.
While the private key is very secure on the OPENDIME device itself, once a user unseals it and plugs it into a computer it can be potentially exposed to malicious code running on that computer. This code could instantly detect the device and sweep the funds using the private key in the private-key.txt file.
Even if you don’t think this is a very likely possibility, there’s still the case of physical damage. What happens if you load it up with 1 bitcoin and then accidentally drop it / sit on it / break it? As there’s no way to see (and thus backup) the seed phrase your bitcoin is forever lost.
These potential issues don’t make the OPENDIME’s seed storage insecure, but they do make it more prone to accidentally loosing your funds and it’s something users should understand. Users break their hardware wallets all the time, but if they’ve got a seed phrase card backup with their 12 or 24 words written down on it, it’s not a huge problem. This backup isn’t possible with the OPENDIME.
Spend Bitcoin Privately & Repeatedly
One area where the OPENDIME also shines is it’s privacy. While the initial sending of funds to the generated address and later sweeping of funds is obviously done on chain and thus, publicly viewable, anything in between is completely private.
You could pass the OPENDIME on between 1 person or 1,000 people. No one would know. No on-chain transaction is recorded. No miner fees are required. It’s just passed on the same way a $50 bill would be. This level of privacy isn’t really possible with traditional hardware wallets.
Interface & Ease Of Use
As described above with the three various states (new, sealed and unsealed), the interface for the OPENDIME is just like a small USB stick. Connect to any USB device or phone and it will instruct you how to use it via a simple read me file or the index.html webpage that has even more helpful information in it. It works with any operating system and when you first plug it in the file structure looks like this:
If you open the main index.html website it gives you more detailed instructions in a multi language user interface which we also like to see.
While the interface is simple enough, understanding how it all works does take a bit of a learning curve (even for us) as it’s just quite a bit different. While it’s in its new state the two LEDs will flash with the red one blinking every few seconds.
Generating The Private Key
From our testing, it seems like it only accepts up to about 1.5MB of data, but it only needs >256 kB to generate the key. After it gets its data it quickly generates the private keys and auto ejects itself and the red LED no longer blinks.
Simply plug the bitcoin USB stick back in and all the files will have changed and the OPENDIME folder will look as per below:
The index.html file has also changed and now shows you how to transfer your funds over to it:
Sending Funds To Your Bitcoin Address
One interesting things about the generated address is that it’s a Pay To Pubkey Hash (P2PKH) address which is a legacy format that will be more expensive to spend due to it being bigger in size (kilobytes). Not the best!
The OPENDIME will only generate this one single address too, even if you send bitcoin to it. This as noted isn’t great for privacy reasons, but is also understandable given its design and intended use.
To check the balance that the OPENDIME holds you can just look at the generated payment address on any block explorer, preferably using Tor or a non-logging VPN.
Spending Bitcoin From An OPENDIME
Finally, after you’re done passing it around and paying for various things, you simply push a pin through the hole and it exposes the private key. You can unseal anytime and it’s a permanent, one way process that physically alters the device forever. From there you can import/sweep the funds into any bitcoin wallet that supports private keys in WIF format.
One other potential area to lose funds though is this unsealing process. For instance, what happens if you send your funds to it… but then accidentally break the device while trying to break the seal?
Again, we don’t think this is too likely to happen, but it’s something users should be mindful of when pushing the pin through. Do so firmly, but slowly and carefully.
Coinkite have some of the most in depth, comprehensive documentation for users to read and follow we’ve seen and while brief, the OPENDIME guide and FAQs are more than enough to help you with any issues you might face.
This combined with the huge array of user guides over the years means you’ll have no issues getting information on how to use it to its fullest.
While we usually offer up a number of comparable wallets in this section, there really aren’t too many other disposable hardware wallets quite like the OPENDIME. There are a few other physical bearer bitcoin wallets, but they usually come in the form of a card or actual “coin”.
As the OPENDIME is a device in its own right, it can generate the private key itself, using real, random input from the user rather than you having to just “trust” that the manufacturer hasn’t peaked at the private key they’ve printed on the card or coin.
This is also far more secure than a paper wallet as they traditionally use old, out dated Java based key generation techniques that will result in you loosing your bitcoin.
Should You Buy An OPENDIME?
Yes! That being said we’re not sure how many people will have a real need for the OPENDIME use case. Bitcoin in physical form is obviously something people use as there’s a number of products out there including the OPENDIME, but how popular they are compared to something like the COLDCARD Mk4 is anyone’s guess.
If you do think you’ll use it, you can rest easy knowing that your private keys are generated securely and are kept safe and sound on the device. Just be as sure as possible that your computer is free from malware when you plug it in after unsealing it.
At this point your private keys are literally stored unencrypted, in plain text files called “private-keys.txt”. It’s a giant red flag for any wallet stealing code that might be lurking on your machine so be certain your computer is secured before plugging it in!