How do you store your crypto — and why isn’t it in your GameBoy?
Standard thinking says a cold wallet, like a Ledger or Trezor, is the best option for keeping portfolios safe.
Those solutions are solid, but physical vulnerabilities and the realities of upgradable firmware have drawn increased attention to their potential shortcomings.
There are also hot wallets. Cold wallets never interact with the internet, but more risk-tolerant crypto holders might keep assets in a software hot wallet loaded into their browsers, like MetaMask, for ease of access.
Both solutions have their pros and cons. Still, generating a seed phrase — the 12-word key that unlocks crypto kept inside associated addresses — is a menial task in both options.
Click a button to generate your seed phrase. Make sure to store a copy securely. Never give your seed phrase to anyone. Onto the next screen.
The boffins at US-based Web3 startup Keyp are working on a novelty solution that injects heady nostalgia into the impersonal process of generating a seed phrase.
Keyp’s Game Wallet is a GameBoy cartridge intended to double as a crypto cold wallet. Cold wallets are air-gapped, trusted devices which have never been connected to the internet — old GameBoys fit that description to a tee.
In January, Keyp CEO Joseph Schiarizzi debuted the project on Twitter, showcasing its early stages of development. Schiarizzi intends the Game Wallet to work like this:
- Insert the cartridge into any compatible device to load a Pokemon-esque RPG game.
- Complete quests (like finding some wax for an old fisherman) to hit key milestones.
- Finish enough quests and you can talk to a cat to generate a secure seed phrase (because you should never share them with humans).
“It’s definitely inspired by Pokemon. I grew up playing Emerald, I probably have 1,000 hours in that,” Schiarizzi told Blockworks. “I think it’s a very good interface [for Web3], it’s easy for everyone to understand.”
How a GameBoy generates randomness
Computer science has difficulty with randomness. It’s practically impossible to reliably generate truly random numbers. This is an unsolved problem for cryptography, leading to all sorts of unique solutions to help make encryption more robust.
In computer science, random number generation often relies on formulas that produce sequences of seemingly random numbers. However, these algorithms are deterministic in nature — the same input will always produce the same output.
True randomness, on the other hand, is associated with inherently unpredictable processes. To achieve true randomness in the digital world, researchers have explored approaches like capturing physical phenomena to extract random bits; things like radioactive decay, atmospheric noise, and quantum processes.
Cloudflare’s novel lava lamp room, for example, films hot malleable goo to find secure cryptographic seeds for use in SSL encryption — which turns HTTP into HTTPS and keeps data transmission between clients and servers private.
The goo moves in random and mysterious ways, and the camera translates those movements into data inputs for key encryption.
In Keyp’s Game Wallet, the actions players perform during gameplay are the game’s analog to that mysterious goo. The idea is: more actions means more security, and the fluffy cat who dishes out the seed phrase won’t give you one until you’ve completed enough quests.
“You need a lot of randomness to generate a wallet securely. GameBoy hardware can’t generate that on its own, it’s not just strong enough. It has to be like a whole game with random inputs,” Schiarizzi said.
How players respond to different in-game events will be one of the primary sources of randomness to generate secure keys. In Game Wallet’s early demos, the game has been hashing actions at various checkpoints — hashing the last 500 things the user has done.
After adding them up, the program can spit out something cryptographically secure, Schiarizzi explained. “Otherwise there’s not enough randomness and there’s not enough memory on board for the GameBoy to do it itself.”
The company is building Game Wallet to support any BIP-39 seed phrase, which can be spun into Bitcoin and Ethereum wallets, or any blockchain that uses that standard. Users will have complete control over their seed phrases, so they can load them into MetaMask or Ledger, or any other compatible wallet.
Game Wallet itself will serve as a cold wallet — an offline-only device that generates and manages seed phrases and private keys. (Some modern third party GameBoy devices do have internet connectivity, though, alongside other ingenious solutions).
GameBoy cartridges don’t last forever
Game Wallet faces an existential threat: time.
Schiarizzi explained the lifespan of GameBoy cartridges depends on how they are built — specifically the memory. If the cartridge uses SRAM, it could last 10 to 15 years. DRAM might go for eight to 10 years before it breaks down the cartridge on account of its power consumption.
Another type could get power from the GameBoy itself, instead of a battery inside the cartridge, which could extend its lifespan to up to 25 years.
“But if we use memory that lasts much longer, it’s going to be really, really slow. You’re gonna have to sit there for three minutes while it generates every time you finish a quest,” Schiarizzi said. ”This is a really high priority for us, obviously, because it affects the security.”
Faster RAM could be offset by a notice appearing to warn users that the cartridge would need to be replaced sometime in the next few years was one solution. “If it dies, then you lose your safe, which is obviously not acceptable for a hardware wallet.”
Data storage gurus would prescribe the 3-2-1 strategy to keep sensitive information (such as seed phrases) safe: Three copies of the data, on at least two different media, with one of those kept in a different location. A fourth layer could be added by keeping an additional copy on an air gapped machine.
When launch?
Game Wallet is in early development. Manufacturing hasn’t started, and there are a number of hurdles before sending out actual cartridges to paying customers.
Keyp said that it plans to demonstrate the randomness of Game Wallet’s keys, conduct public audits of its open-source software, and has considered engaging an external firm to review the code prior to shipping.
As for the eventual price, this is still hazy due to uncertainties around how it will be manufactured and the number of paying customers (Sascha Mombartz, Keyp’s design chief, expects thousands for the first batch).
Schiarizzi told Blockworks he intends to sell Game Wallets for less than a Ledger Nano X — under $150. And the kicker? No firmware updates. Any additional versions of the Game Wallet will come with a completely new cartridge.
“There is no firmware, there’s no updates. You’re gonna get it once [and] we’re never gonna update it because it’s literally a cartridge, it can just never be upgraded. Upgradable hardware is as safe as upgradable smart contracts.”
All that adds a certain lo-fi-ness to this whole process of keeping seed phrases secret. “Nobody is necessarily going to think that you have your seed phrase on a Game Boy cartridge,” Mombartz said.
“And you also need to have a GameBoy — so there are all these layers that are part of the quirkiness, but that actually make it more secure and meaningful.”
Not to mention, holey supply chains often spur worries about tampered physical devices when it comes to cold wallets, undermining security of seed phrases.
As Keyp CEO Schiarizzi put it: his GameBoy has sat on his shelf for 20 years. “I know exactly where it’s been. That’s just more secure than any new hardware device that can be mass produced.”
Get the day’s top crypto news and insights delivered to your email every evening. Subscribe to Blockworks’ free newsletter now.
Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from Blockworks Research’s Daily Debrief.
Can’t wait? Get our news the fastest way possible. Join us on Telegram and follow us on Google News.