Show HN: Satoshi9000 analog BTC key generator (mechanical)

Posted by AJTSheppard 10/23/2024

I built this machine so I could generate Bitcoin keys that I could trust. Air-gapped and simple to use and understand (mechanical).

The Satoshi 9000 demo: https://youtu.be/bJiOia5PoGE

The key value proposition of the machine is that it generates analog randomness in the physical world and converts it into digital (1’s and 0’s) randomness. Seamlessly.

But it occurs to me that it may have other uses beyond crypto keys for your own use, such as: * Randomized clinical trials. Clinical trials need a high degree of transparency for ethical reasons; also, for legal reasons should it come to light after the trial has ended that patient selection and treatment selection was not random or in some way biased (say, by the researchers themselves). The machine described herein can provide that transparency to young and old patients, technical and non- technical. * Non-technical management. Many network engineers in need of security keys have bosses that are non-technical. Such managers might prefer security keys (and their generation) which are easier for them to understand. * Estate planning. Suppose members of a family were to inherit digital assets (such as Bitcoin, for example). Not all members of the family are technical and understand Bitcoin. However, each will still need to generate a secure Bitcoin key to receive their share of the inheritance. The machine described herein might help in that task because its source of randomness is more easily understood by laypeople and each can generate their own private key in private (in isolation with the machine). * Anywhere where the users have to have an intuitive understanding of how the randomness is being created; whether they are 5 years old, or 95 years old, and all ages in between.

I'm curious to know if any of the folks over at HN can think of other use cases?

164 points | 89 commentspage 3

jejeyyy77 10/24/2024|

awesome.

hggh 10/24/2024||

Why the thermal printer? The text fades eventually and you will lose your private keys.

AJTSheppard 10/25/2024||

Correct. But it does allow you to walk-away (with other stuff from the machine) with the keys immediately after generating them, leaving a machine which is little more than a motor and some wires at that point.

So what I typically do is print a warning at the top and bottom of the printout urging the user to transcribe the important parts using archival paper and pen as soon as they can.

Also, if you look at the video, you will see an "Archival Printer" port on the front of the control box because I’m developing a printer that prints the keys (plus QR codes) on metal so they last for decades and perhaps centuries. That may be useful in estate planning where the key may be locked away in a safe, or a lawyers safe, for generations. But transcribing to archival paper and pen is relatively permanent (decades) and is easy and seems to work well (lawyers like it).

willvarfar 10/24/2024|||

Yes it really ought punch brail or something?

jszymborski 10/24/2024|||

There is another slot below that reads "archival grade printer".

rtkwe 10/24/2024||

I think the cloudflare video wall is a more practical way to mass generate entropy but this is suitably madcap I enjoy it. There are also other existing methods but they're not as... clearly demonstrable... as this like is used in existing hardware TRNGs.

https://en.wikipedia.org/wiki/Hardware_random_number_generat...

AJTSheppard 10/25/2024||

The case I would make for the Satoshi9000 is that its method of generating randomness is intuitively understood by anyone from five years old to ninety-five years old, technical or non-technical.

I think it would be a stretch to think you could pull a random person off the street, point to a wall of lava lamps, and ask "do you see the randomness, how does it work?" Whereas, I think if you pull a random person off the street, let them watch the Satoshi9000 do its thing, and ask "do you see the randomness, how does it work?" you might get an answer that makes sense.

That, in a nutshell, is the value proposition behind the Satoshi9000.

duskwuff 10/24/2024|||

The Cloudflare lava lamp wall isn't actually that practical. You get more randomness with the lens caps on the cameras (i.e. where the whole frame is just thermal noise).

rtkwe 10/25/2024||

It's not the simplest possible but it's more practical than this by miles. It's a continuum.

nodlek 10/24/2024||

People are missing the point that it is creative and gets the job done, conversation pieces can go a long way.

AJTSheppard 10/25/2024||

This comment brought a smile to my face.

When I showed the machine to my son, Nate, a mechanical engineer, he thought it looked like something from a 1950's sci-fi movie like "Forbidden Planet". Back then, plastics were high-tech and new, and with the acrylic domes, the Satoshi9000 would not look out of place on the set of that movie.

He suggested that every coffee table should have one!

fkyoureadthedoc 10/24/2024|||

Am I missing something? There's not a single negative comment in the post as of now.

IshKebab 10/24/2024||

Well... I think the comments are mostly "this is insane and great". I guess you could view the insane part as negative if it was intended to be serious. Kind of hard to tell tbh!

3np 10/24/2024||

Those sentiment-analysis comments ("HN hates X", "it's sad people have to be so negative") really irk me.

Likely thousands of HNers viewed the link. 100+ upvoted. A couple of random accounts (individual(s)? bots?) leave similar comments.

And then somehow those comments are supposed to reflect a wider sentiment of some community or population?

londons_explore 10/24/2024||

I am super dubious of mechanical systems for randomness... Newtons laws are fully predictable after all...

I suggest that any system like this has the output XOR'ed with another random source. If two random sources are XOR'ed together, then both need to be predictable for the output to be predictable.

keeganpoppen 10/24/2024||

i think you should check your work with this comment a bit... (ok more than a bit)

what is the point in having a source of randomness if you need to XOR with a random source? relatedly, if you have a source of randomness, (1) please share and (2) well, there's no real need to go down this particular rabbit hole at all, well, is there?

independent of all of that, you seem to be anthropomorphizing the XOR function a bit... sure, there are some contexts where "1"s "mean" something and "0"s don't (sparse coding? and yeah, that is some pretty generous contortion, but hey: we're all friends here, right?), but in the case of "randomness"* the whole point (presumably) is that predicting "1"s and predicting "0"s are both exactly the same thing: Sisyphean.

i'm not sure that the word "random" "means" any thing beyond "distribution that we cannot model". which is a fine definition, given that models are how we attack random number generation...

* mind you i challenge the reader to pray tell what "randomness" even really means in anything other than a pseudorandom context (aka used to justify the randomness of various algorithms). isn't it oddly instructive that we use something that would pass as a proxy for "random"ness as the basis for our official definition for the second? (Cesium-133). the "second" is no more real than it is random. random is defined via a threshold of non-randomness, and all that we value as discrete and integral in the world that exists beyond our minds (-- if it does, in fact, even exist (or even "exist")--) is a house built upon sand. well, worse than that: the universe "works" because Avogadro's Number is a hell of a lot closer to infinity than it is to zero, and that's good enough for me. log(N) < 100.

jszymborski 10/24/2024|||

There are two coins or die being flipped here. I am guessing they likely use the von Neumann trick for getting random data from biased sources

https://en.wikipedia.org/wiki/Fair_coin#Fair_results_from_a_...

fluoridation 10/24/2024||

That algorithm requires using the same coin for both tosses.

AJTSheppard 10/25/2024|||

Correct.

But that only requires you to run the machine with the same coins/dice in the shakers for two consecutive cycles. And to repeatedly do so into you have generated the desired length of 0/1 bit stream.

Bear in mind the machine is fully configurable/programmable. You always choose what goes into the shakers, how many cycles are run, for how long they shake, how vigorously they shake, and what are done with with the 1's and 0's that result.

Implementing Von Neuman's algorithm on the Satoshi9000 is trivial.

fluoridation 10/25/2024||

Sure. But you can't run it at 1 bit per cycle, only at 2 bits per 2 cycles.

jszymborski 10/25/2024|||

good catch!

cubefox 10/24/2024|||

> Newtons laws are fully predictable after all...

Not fully actually:

https://plato.stanford.edu/entries/determinism-causal/#ClaMe...

UniverseHacker 10/24/2024||

[flagged]

freeplay 10/24/2024||

Side note: excellent unintentional ASMR once Andrew starts explaining how the machine works.

ajay-d 10/24/2024|

Are these like public randomness beacons? NIST[0] and Cloudflare[1] have them. I guess use cases are lotteries that are publicly verifiable, election auditing...

[0] https://csrc.nist.gov/projects/interoperable-randomness-beac...

[1] https://drand.love/

[2] https://blog.cloudflare.com/league-of-entropy/

AJTSheppard 10/25/2024||

Election auditing.

That's a quite interesting idea. I will put more thought into that.

Thanks!

RIMR 10/24/2024||

No.