When it comes to the potential impact a product like TAPSIGNER can have for bitcoin security I think it is going to be massive.
This Bent is a bit overdue considering Coinkite's TAPSIGNER product dropped last Summer, but you freaks know what they say, "better late than never." If you watch the tutorial above you'll learn that the TAPSIGNER is an NFC enabled card that holds a private key. By creating wallets using a TAPSIGNER on compatible mobile apps like Nunchuk, users now have the ability to create a more robust security set up for bitcoin they choose to access via their mobile devices.
The increased security manifests because the TAPSIGNER + mobile wallet combination creates a quasi two-factor authentication flow for signing and broadcasting transactions. Compared to a pure mobile wallet set up where a user stores a private key on their device that allows them to sign and broadcast transactions directly from an app, adding a TAPSIGNER to the mix makes it impossible for attackers to access a user's bitcoin if they steal their phone. To successfully steal a user's bitcoin they would need to get the phone, the TAPSIGNER, and correctly guess the user's PIN. One can imagine a scenario in which a user loses their phone. By adding a TAPSIGNER to the transaction signing flow, they don't have to worry about someone finding their phone and being able to steal their bitcoin. As long as their TAPSIGNER is secure in their meat space wallet or some other secure location, the bitcoin is secure.
With all that being said, there is one drawback to a single signature wallet dependent on a TAPSIGNER. It isn't possible to verify destination addresses on the TAPSIGNER itself since it is a card form factor without a screen. Users will have to trust that the address the mobile app they're using to construct and broadcast a transaction is displaying the address they actually want to send bitcoin to. This problem is mitigated by including the TAPSIGNER key in a multi-signature quorum that has hardware devices in the mix that can be used to verify addresses on the device. However, I should note that I believe a TAPSIGNER-dependent single signature wallet is fine. I have been using them for months without any issues. You freaks should just be aware of the tradeoffs.
When it comes to the potential impact a product like TAPSIGNER can have for bitcoin security I think it is going to be massive. Especially if you consider the fact that most people will be using their mobile devices to access bitcoin when it becomes widely adopted. The relatively cheap price point for this hardware device makes it accessible to people in developing markets who have a pressing need for more secure mobile-first key set ups. The physical two-factor authentication flow that TAPSIGNER introduces is a massive improvement on the status quo in my opinion.
Beyond that, I think the TAPSIGNER is especially cool because it expands the design landscape of bitcoin key signing with NFC in a way that wasn't done at a commercial level until the product was released. NFC flows are a superior user experience flow compared to plugging in a hardware device and signing a transaction. There are no clunky devices or chords needed. Simply pull out a nondescript card from your meat space wallet and hold it to the back of your phone or NFC-enabled computer. It's a design flow that feels apt for the world we live in today. And whether bitcoiners recognize it or not, better user experience will lead to wider adoption.
Marathon of a weekend that involved Italian food, axes, scooters, a trampoline park, birthday cake, and another Sunday night by the fire.