So basically this open source code could replace the 3rd step in this guide, so that you don't have to use ln.cash and can use this instead running in your own server.
This basically closes the loop and makes everything necessary to make lightning tap payments open source, and peer-to-peer, with no need of any intermediaries.
This system uses SUN authentication on the NXP 424 card. The card tap data changes on each tap and this is used to verify that you have the actual card and haven't just copied the data.
The setup of the card to achieve this is described in the documents on this repo as well.
It's easy for merchants to accept on Android mobile with Breez POS.
For self sovereign merchants, there is BtcPayServer with the POS app & NFC plugin. This also works nicely on Android mobile without even having to install an app, just a shortcut. It then opens full screen (as a Chrome PWA).
Or if they want to flip direct to fiat (for simpler accounting or to mitigate volatility worries), in some countries they can use the CoinCorner POS app (with KYC).
In the UK, there are organised and motivated individuals who help businesses to onboard and this is proving to be very effective.
And if you host your own Bolt Card then you can set up your own payment rules on your hosting server.
There is a fair amount of innovation possible here, from the obvious limit per tx or per day to only paying invoices from certain nodes or checking with your app for larger amount authorisation or other checks.
Interesting.... if I can be bothered to run such a thing, anyone using my v4v.app service could potentially use a Bolt card. Will have to see if it is easy enough to set up.
Love this! I’m very curious what the security model is. What prevents the merchant from stealing funds? Do you only want to keep a small amount of funds on the card? Or is the payment amount limited?
The unique aspect of the bolt card system is that it has replay protection to prevent trivial cloning of the card.
This is achieved by using a feature developed by NXP (who make the chip inside the cards) called Secure Unique NFC (SUN) authentication.
Each tap of the card gives a new message and this is verified on the bolt card server.
The lightning invoice from the POS device is also sent to the bolt card server.
The bolt card server then has it's own payment rules which are defined for each card that is hosted - by default just enable/disable, per-tx limit and per-day limit.
Of course, you can modify the software to put any payment rules you like into it.
So basically this open source code could replace the 3rd step in this guide, so that you don't have to use ln.cash and can use this instead running in your own server.
This basically closes the loop and makes everything necessary to make lightning tap payments open source, and peer-to-peer, with no need of any intermediaries.
Amazing times.
Might be a bit more than that wrt card setup.
This system uses SUN authentication on the NXP 424 card. The card tap data changes on each tap and this is used to verify that you have the actual card and haven't just copied the data.
The setup of the card to achieve this is described in the documents on this repo as well.
Yes, it closes the loop, as you said.
You could put that tutorial on github (or some wiki), so it can be fine tuned ;) If you want, we could add it here: https://gitlab.com/sovereign-individuals
And I wonder if it would make sense to have a wiki associated with SN.
If you can improve the documents, please make a PR to the repo.
Bolt Card is now
I assume that I have to wait for an Australian business to pick it up and implement it though?
Self Sovereign
You can implement it yourself and host your own Bolt Card that will work with merchants worldwide.
Merchants
There are an increasing number of merchants who accept it in the UK (where it started) and further afield.
https://bitcoinevents.uk/spending/
https://www.coincorner.com/WhereToSpend
It's easy for merchants to accept on Android mobile with Breez POS.
For self sovereign merchants, there is BtcPayServer with the POS app & NFC plugin. This also works nicely on Android mobile without even having to install an app, just a shortcut. It then opens full screen (as a Chrome PWA).
Or if they want to flip direct to fiat (for simpler accounting or to mitigate volatility worries), in some countries they can use the CoinCorner POS app (with KYC).
In the UK, there are organised and motivated individuals who help businesses to onboard and this is proving to be very effective.
http://bridge2bitcoin.com/
If a business uses a PoS with NFC lightning, like https://btcpayserver.org for example, then it should just work with the Bolt Card, worldwide.
It does work like this.
And if you host your own Bolt Card then you can set up your own payment rules on your hosting server.
There is a fair amount of innovation possible here, from the obvious limit per tx or per day to only paying invoices from certain nodes or checking with your app for larger amount authorisation or other checks.
There is now an open source (MIT license) Android app for writing the Bolt Card. No need to buy special hardware.
https://github.com/boltcard
https://twitter.com/bolt_card
https://t.me/bolt_card
Time to place an order * cracks knuckles*
blank cards https://zipnfc.com/nfc-pvc-card-credit-card-size-ntag424-dna.html
nice designs https://www.coincorner.com/BuyTheBoltCard
custom card design https://nfc.cards/en/front-and-back-printing/67-custom-nfc-card-ntag424-dna-front-and-back-printing.html
Many businesses will spring from this. People will use bitcoin without knowing it.
This is the way.
TY boltcard
How is this different then using LNurl-withdraw ?
It is LNURLw on an NFC card where the code changes each time and is verified at the host server before payment is made.
This means the card cannot be trivially copied (aka replay protection) which makes it useful as a payment card.
siiiiiiiiiick
That is great news! Open source <3
LOVE this! Just need to get yet another card and sort it out
This is the beginning of a new era in Bitcoin payments.
You'll be able to just tap your card and you'll be spending directly from your own lightning wallet to the merchant lightning wallet.
No third parties needed to send or receive the money.
This is great!
Can confirm.
This is what I do and it feels great.
These are what I call great stacker news! Thanks for posting. Will check it out soon.
Is this from the original coincorner implementation or is it an independently developed system? Just curious...
Interesting.... if I can be bothered to run such a thing, anyone using my v4v.app service could potentially use a Bolt card. Will have to see if it is easy enough to set up.
Love this! I’m very curious what the security model is. What prevents the merchant from stealing funds? Do you only want to keep a small amount of funds on the card? Or is the payment amount limited?
The unique aspect of the bolt card system is that it has replay protection to prevent trivial cloning of the card.
This is achieved by using a feature developed by NXP (who make the chip inside the cards) called Secure Unique NFC (SUN) authentication.
Each tap of the card gives a new message and this is verified on the bolt card server. The lightning invoice from the POS device is also sent to the bolt card server.
The bolt card server then has it's own payment rules which are defined for each card that is hosted - by default just enable/disable, per-tx limit and per-day limit.
Of course, you can modify the software to put any payment rules you like into it.
THIS IS NOT FROM COINCORNER - Danny Scott has warned peeps to proceed with caution - https://twitter.com/CoinCornerDanny/status/1557678131749732352
This is open source software for people who want to run their own bolt card systems.
Don't trust. Verify.
The website doesn't work.
The code is on GitHub at https://github.com/boltcard/