Introduction
Saung, Chia: My name is E-ming Saung. I'm senior director of product here at Chia Network. Tangem is a hardware wallet that’s going to be supporting XCH. We brought them in to help people understand what they're getting when they get a tangible wallet. Obviously this plays into a broader topic around custody and security, so we'll talk a little bit about that. We'll also talk a little bit about our partnership between Tangem and Chia and how this all came about. Then we'll jump into all the questions from Discord, Twitter and everywhere else. I’ll turn it over to Cameron to do a quick introduction.
Cameron, Chia: Cameron Cooper. I help lead product here at Chia. I'm very excited about today’s discussion because it really touches on some of the core things that Chia is aiming to solve around self-custody and security of assets. This is a huge component of that.
David, Tangem: My name is David. I'm brand ambassador for Tangem and I’ve been a very, very big crypto enthusiast since 2016. I'm also a content creator and I'm happy to be here with you guys to ask some questions and give you some top feedback, as well as information about Tangem Wallet, the product and safety.
Andrey, Tangem: My name is Andrey. I’m one of the developers at Tangem and I’ll be responsible for the technical part of this session.
What is self-custody?
S: Let's set the context around self-custody. A lot of us know why it's important, but maybe Cameron can start by offering his perspective on self-custody, why it's so hard to actually get it right and how Chia approaches it.
C: Self-custody is one of the things that we talk about very frequently with Chia. It's an important, and in fact critical part of the crypto narrative. We think it's really important for people to be able to have self-custody and control over their digital assets. It's actually a really complex thing to be able to achieve. It goes well beyond simple questions like how do you manage your assets and your keys, and includes things like clawback and recovery. It really does start with key management. We’ve had our BLS keys that we implement traditionally in the software. There haven’t been any hardware security modules or hardware wallets that support BLS, and that’s been a huge pain point for us and for our community. We've been getting lots of questions about when it’s coming, so we’re super excited about Tangem's new product because that's going to solve one of the most important and immediate problems with self-custody: how do you do secure key management? This is a foundational element here, and we’re very excited.
S: Did you want to add your perspective? You guys are obviously deep in this space of self-custody and wallets.
D: Absolutely. One of the key points that we at Tangem have listed very, very high on our agenda is to be as close as possible to the community and to our folks who help us improve and use our product. We also love to work with new blockchain projects and new people in the space to help them do exactly what you mentioned – self-custody. This is one of the biggest things when it comes to security and doing what you want with your assets and not what somebody else dictates. Everybody can see what’s happening in the market right now. FTX is a really, really big issue and Huobi is coming next. We want to make it simple for our users and that's why we're here today.
The Tangem x Chia partnership: Community impact
S: Let’s talk about how this partnership came about. We've actually been talking for a while, but what is it that really led to the genesis of this partnership that we have now and the support?
D: We have some very highly qualified sales people and community managers out there in the space that try to find new interesting projects and products for us. The big trigger point for us was that you have a really great audience in the market and we saw a lot of common ground with Chia.
S: A big part of reaching out to Tangem was really driven by community interest from the Chia side – you could even say they were pestering us! The fact that we've got a really strong community and that engagement pushing us to reach out to Tangem was an integral part of getting the partnership going. I want to thank the community for pushing that agenda and helping us get to the point where we are today.
A: Yeah, the main idea behind Tangem is basically that we’re a feedback-based development company. We listen to people, and every email, tweet and YouTube comment is logged into our system and categorized. Every so often we go through these comments and decide what we're going to do next. The more people ask for something, the better the chance of it being developed.
An alignment of values: Decentralization and security
S: The community reaching out was obviously a big driver and motivation for this. When we looked at the technology side, there's actually a lot of alignment. Given that your cards already support signatures, that obviously made the technical work itself to support the partnership a lot easier, so you could say the technical side paved the way as well. I think the third aspect is our company philosophies. Chia is very much about open source and transparency, and we talk about self-custody and the importance of securing your assets. We also saw some of our philosophies aligning as well. At the end of the day, if we were to go away as a company, we really want things to be able to continue to move forward. I think there's a lot of alignment around our approaches to that and ensuring that we’re building the most secure products and solutions, but at the same time not necessarily just being dependent on the company itself. That means ensuring that the success of the company isn’t central to the future of these products.
Andrey, Tangem: We get that question a lot. What happens if Tangem goes out of business? The short answer is that not much is going to happen. Your cards are going to continue to work, as well as the Tangem application that you use to communicate with the wallets. The application is almost fully open source, with the exception of some API keys. In the worst case, you can just build the application yourself or get an Android APK. That's it. The private, closed source part that we have is the firmware for the hardware wallets itself, which is because of security. It’s been audited by a third-party firm called Kudelski Security, so there are no issues here either.
D: Let me add a little bit to that. The great thing about Tangem is something I figured out pretty early when I started using it. I came to Tangem as a user and crypto investor. The greatest thing, which Andrey has already mentioned, is that the software is also completely open source. Everybody in the space can download it from GitHub and check it out. Just imagine what Ledger or Trezor might be doing in the background without letting us know. We are 100% transparent and give everybody the right and the opportunity to inspect our software package, which is available on GitHub. This is a really crucial point for us. We want to be transparent and open to our users, our community and our customers. That's what Tangem is for.
A: Yeah. Speaking of transparency, if you want some insights, you can just go to GitHub and see merge requests see merge requests for Chia development.
What the Chia x Tangem partnership could look like
S: Hopefully our community will see how well the philosophies align. This is really just the start of our partnership and what we can do together. We've seen questions come through around support for our primitives or building blocks like NFTs and our tokens. This is going to be very much centred on community demand. Could you speak about how you guys prioritize, and what features you add to the wallet based on a specific chain that you support? How could the other features that Chia supports today potentially be part of Tangem’s roadmap or plans?
D: A very eye-opening situation for me was when I mentioned to the Tangem technical team that when you write an email about an improvement or error, or you need some help, you’ll get an answer in under four hours. That totally blew my mind. I asked for an improvement that would allow you to name the separate wallets in your account. I'm a father of four daughters and my three biggest ones also have a Tangem wallet. I don't want to have to remember the tags – I want to name them. Within a couple of days, they implemented it. That was totally mind blowing for me. To see how close Tangem and its technical team are to their community and customers really impressed me. So whenever you guys have an idea, or there’s something you want changed or you think should be improved, do yourself and all of us a favour and shoot it to the team. They're so happy to get feedback and are really willing to improve the product so it’s the best you can get on the market. Right now we’re the simplest hardware wallet on the market when it comes to setup and starting out. We also want to become the most adopted hardware wallet.
Putting user friendliness first
A: We’re the most user friendly wallet right now. If you compare us to other hardware wallets, it's like day and night.
D: I would strongly recommend checking out the Tangem YouTube channel. There’s a video that I made in the United States in front of a Walmart store. I say to somebody, “Hey buddy, you can have this Tangem hardware wallet for free. And if you can do the setup process in less than four minutes, I’ll give you 50 bucks in Bitcoin.” And guess what? This gentleman did it in less than 3.5 minutes. I’ve done the same test in Germany as well. It was very eye-opening to see that someone with no prior blockchain or crypto experience could set up a non-custodial solution in less than four minutes. I think that speaks for itself.
S: I've seen that video and that's kind what made us interested. There’s a lot of simplicity in how the Tangem cards work. Marrying that with the security side of things as well – that’s a really difficult combination to actually get right. I personally have one and I love the form factor of a credit card versus a small little brick that you have to carry around.
A hardware wallet with no seed phrase: The key to mass adoption?
S: Now we'll start to answer some of the questions from the community that we've received through Discord and Twitter, as well as some speaker requests. The first question is: How does the Tangem key management model operate?
A: It's very simple. The keys are contained within the wallets. There is no way out, and no easy way for them to escape the wallets. You can't really extract them. And since the wallet is seedless, there is no seed phrase. There’s no way to lose the private key. So, you get the wallet in the post, open it and initialize it, and then you create the private keys. From that point on they are stored on the card.
D: Just imagine someone tried to scam you. You get a call: “Hey, I'm a Tangem employee. We have some issues with your Tangem card, so I'm going to need your private key or your seed phrase.” Like I said, we don’t have any seed phrases. It might sound odd that something we learned to do over 13 years just disappears. As a user of the Tangem hardware wallet, I don’t know about the private key. This puts you in a very good position when it comes to protecting your hardware wallet from scams. What’s the greatest way to avoid revealing a secret? Not knowing the secret. You can’t tell anyone your seed phrase or even the private key because you don't know it yourself.
C: I wanted to add that I love this model and think that it's absolutely the best way to do a hardware wallet. You want to make it so that the private keys can never be rederived or exposed in any way. We've seen this fumble from other hardware wallets, and I think it's a disaster. One of the immediate concerns people have is about what happens if you lose the card or key. I think that that's really where Chia’s
thoughts and design around advanced custody solutions come into play. You have coins that are controlled by this but also would have either a multi-sig to have backup keys or a built-in recovery spend path, which would include something like a time-locked recovery clawback mode. So you can have a less secure key that can recover your keys or your coins. I think it's absolutely right to have a hardware wallet where the private keys can never be exposed and then you just take advantage of advanced recovery options.
D: One of the big topics of Tangem is that we want to be the bridge between 8 billion people and the blockchain. Everybody who's in blockchain and into crypto would love to have more focus on that. Really, I can only speak with folks like you about the blockchain. If I start talking about it at work or among my friends, they look at me like I'm an alien. Bringing up the possibility of doing self-custodial in a very easy way is the most important step to onboarding more people to the blockchain.
S: Agreed. I think it’s a barrier to mainstream adoption.
How to purchase Tangem Wallet and how it works
Strangeloop, listener: I was wondering how I can get hold of one of these in the US?
D: We have warehouses all over the world. You can order the Tangem card on our website. Don’t forget to put in the discount code from Сhia – it’s 15% off. Home delivery takes between 3 and 10 days, depending on where you are.
MELL⬣W, listener: Hey, I'm kind of new to the Chia network. I have a question for Tangem. Since I just saw that you're competing with hardware wallets, where's your chipset reader made?
A: The chip is made by Samsung. It's a secure element chip made in Indonesia.
D: Tangem uses NFC technology from your phone to connect to the card and get the signature to validate the transaction. You need a deviation between the chip and microprocessor, so our Tangem card isn’t actually a common NFC chip. It’s an EAL6+ microprocessor that doesn’t allow the private key to be extracted. So even your smartphone which has the Tangem app installed never knows the private key or receives that information.
MELL⬣W: So how does the transaction work when you tap it every time?
D: Imagine there’s a big bubble, and it contains three parties. The first party is your smartphone with the app, the second is the physical card with the microprocessor, and the third party is the user. Once you have the software on the smartphone, the Tangem app requests a signature, then the card is tapped and communicates that the signature is signed, meaning that the transaction is signed. The card is saying “I'm the right card and you need to trust me.” So the trust level of these three parties in the bubble is at the very highest level – the user and the card – and then below this layer one trust level is the smartphone.
The app on the smartphone is at a lower trust level than the card and the user. So what the user and the card communicate as a signature for the transaction is what the app follows.
Protecting the chip: A technical look
MELL⬣W: Okay. So we have a disconnect with NFC technology. Chipset readers have to store some information to sign those keys. What are you going to do to stop RFIDs from outside scanning and things like that?
A: Before you scan the card and sign the transaction, the card requires you to enter a certain password that you’ve previously set.
MELL⬣W: On the card itself?
A: Well, during the initial activation process, you create the keys on the card and you protect it with a password so that if you lose the card the person who finds it can’t really do anything because they don't know the password. If someone tries to sneak up on you and scan the card while it’s in your back pocket, they can’t do it because they don't know the password. Just to clarify, it's not a simple NFC tag. It's a full-blown computer, just miniaturized to a one-millimetre chip.
MELL⬣W: Thank you. I'm gonna be looking more at your website.
A: Our website is actually quite good at this. We have a lot of technical information.
D: I can also recommend following the official Telegram channel from Tangem. We aren’t just selling a product – the educational side is really important to us. Tangem is producing very high-quality content about all these technical details and the blockchain all the time.
Plans for full-scale Chia integration
Monkeyzoo, listener: I can confirm that I ordered my Tangem a week or so ago. It arrived today and I literally set it up while you guys were talking here on the space. So I can attest that it's very easy to set up. It's very well packaged and looks really slick. The only thing I would say is I can't find Chia on the list of assets and managed tokens. Is it still to come?
A: The integration of the Chia blockchain into the application itself is still in progress. Right now, we can correctly generate the address of your wallet and create and send the transactions to the blockchain. These transactions are correctly confirmed. Next, we need to go through a code review process, followed by testing and maybe some public beta testing as well. We also have dedicated Telegram channels for this. So if you want to get in on the action a little bit earlier, you can join our beta testing programme and get some Chia.
Monkeyzoo: Like I say, it's very slick. I'm looking forward to playing around with swaps.
Saving time and money with WalletConnect and 1inch
Monkeyzoo: WalletConnect is integrated as well. Could you speak a bit more about how WalletConnect functions with the devices?
A: Right now WalletConnect supports Ethereum and Ethereum-based blockchains like Optimism and Avalanche. You connect to a DeFi application using Wallet Connect, which then sends you a request. You have to confirm it by tapping your card.
S: We have a WalletConnect implementation on the Chia side, and we've been talking with Tangem about future support so that the Tangem app could then talk to other Chia decentralized applications through that protocol.
D: Tangem also has a direct connection in the app to 1inch. Let’s say you want to swap some Ethereum into USDT or some other ERC-20 tokens into Ethereum. You can do that in your app without having to send your coins from the wallet to an exchange and then do the same thing in reverse. Everything that’s EVM-compatible can be swapped directly in the app. This will save you a ton of money if you want to cash something out. You can also buy and sell some cryptocurrencies directly on the Tangem app with a third-party solution called Mercuryo. Andrey, I think we're working on a couple of other options to get it on and off crypto right now. Correct?
A: Yeah. Right now we use Mercuryo and MoonPay for on-ramp and off-ramp. We're looking at some other options to lower commissions. We currently support on-chain swaps, but we're looking at cross-chain as well, meaning you’ll be able to swap assets from different blockchains. We're also looking into liquid staking.
XCH and CATs: What does Chia offer?
S: Let’s talk a little bit about what’s supported today with Chia and assets on Chia. What is supported is the core native coin, XCH. Other features like offers and CATs (Chia Asset Tokens) are in discussion. Could you provide any more clarity about what Tangem could potentially support in the future?
A: Right now what’s supported is the core token – the native Chia coin. This is standard for us in terms of support. We start with the most basic support that will satisfy the most people. Then, based on user feedback, we add more features to the blockchains.
The Tangem card: Secure as a Swiss deposit box
Mayan $RuneRambo, listener: I'm Markus from Switzerland. The first question would be for Tangem. Does the card need an external power source?
A: It’s powered by NFC technology. Your phone gives power through the NFC antenna to the device. It doesn't have any batteries built in, and it doesn't need charging. It's very simple. The card itself contains only the Samsung chip and the NFC antenna, which is made out of copper. That's it.
D: What’s more, Tangem offers a 25-year warranty on the card. Just take a look at the market. Who else is giving a 25-year warranty on a product? It's amazing. One of the first things that came to my mind when I saw the Tangem card was that I didn’t need to put my Ledger in a metal box and handle it like a raw egg. So what I did – and you can take a look at the Tangem YouTube channel to see this – was freeze it. I froze the card, I shot it with a .22 calibre, I ran over it with a ten-ton forklift, I put it in the washing machine and I burned it with a torch. So I can tell you that this card will survive a lot of things. And after all of that, the card still works. I even drilled a hole in it! I’ve got this card next to me, and it's still working. That’s really impressive.
Protecting against human error
Ali Magga, listener: So you have the Tangem cards. You scan them and they’re working perfectly, you’ve got your backup and everything. Then, let’s say a couple of weeks later, you can’t connect it. Tangem is legit, and you’ve bought it from a legit source. You buy it, you activate it, you transfer your money onto it and suddenly it’s blocked. I know it’s the user’s responsibility to look after the physical card, but what can be done if a technical issue occurs? Your funds are safe in the blockchain and no one can steal them, but the card itself is faulty. What’s the solution?
A: Over the years we’ve had very few faulty cards. Under than ten cases, I think.
D: Even in these cases, we’ve proven that it was a mistake by the user who damaged the card. But let’s look at the situation. Let's assume you order a pack of three cards – you're going to do your setup process. All three cards are similar or the same. So if you break or lose one, you still have two cards. In order to sign a transaction, you only need one card. To set up your wallet on another phone, you need one card and your private password. If you lose your password, you can recover it by using the backup cards. The situation you described will never happen.
If one of your three cards is broken, lost or stolen, you still have two cards. Let’s say you break or lose another – you still have one. In that case, I would immediately order a new set of three cards, set them up again, and transfer all the funds from the remaining card. At Tangem we have a very stringent quality assurance policy. We have a robot in our main facility. It has a smartphone in the back and a card in the front – every second it puts the card in and takes it out. In and out, in and out. We had thousands of transactions signed and the phone broke but not the card.
A: I think it was tens of thousands.
C: You can also rely on additional custody configurations at the chip level so that if any of your keys fail, you will still have backup recovery options.
D: The good thing about Tangem is it's simple. We don’t have a lot of electronic components in our cart. The only thing that’s really electronic is our microprocessor. Assuming you get a bad batch, you wouldn't be able to set it up. I hear your concern, but if you lose or break your Ledger or it just stops working, you’ll be in the same position if you don’t have your seed phrases.
Spend bundles on Chia and the signing process
Grant, listener: When I was thinking about using the Tangem card, it was mostly related to signing arbitrary spend bundles. Were you guys thinking about something more extensive than that, like support for Chia primitives natively on the card? Or is the intention that Tangem would just hand you an arbitrary set of bytes and tell you to sign it with the appropriate key?
A: The only thing a card does is sign bytes – that's it.
Grant, listener: You spoke about supporting something beyond just the native token.
A: Primitives like tokens as opposed to native coins?
S: In Ethereum land you've got ETH as the core native coin. You've then got 20 tokens that are supported as well. We have an equivalent to ERC-20 that we call CATs or Chia Asset Tokens. So I think Grant's question is whether there’s going to be support for more than just signing XCH-specific spends.
A: Right now our focus is on the main currency of Chia, but implementing CAT tokens is not going to be difficult.
S: Tangem is not just a signer. The app itself also serves a sort of wallet functionality. If you use it for other currencies, you can see your balance of those core coins or tokens there. So there's a little bit more than just a pure signing capability that Tangem offers today. But the card is where the signing takes place and you need to have that card in your physical presence to sign.
A: The card is very simple in that regard. It only gives us the public keys to generate the addresses and signs whatever we ask it to sign. All of the rest of the stuff – blockchains, transactions and tokens – is implemented at the application level. Implementing CATs is not going to be difficult.
Grant, listener: As an integrator and somebody who's interested in the broader ecosystem, I think it's great that you guys are building a wallet and that you can do all of this interesting stuff with Chia and support multiple assets. Fundamentally, what the card does is manage public and private keys and then sign arbitrary bytes. I think that there is some nuance with Chia, because BLS can potentially require you to have multiple kinds of signatures. How is this going to work? I did look through the API docs, but a spend bundle can have a lot of different coins within it. Will you have to limit the type of spend bundles that would be handed down to the device to make sure that it can find the right set of keys to sign with?
A: Multi-sig functionality can be done, but within Tangem Wallet it's going to be a single signature.
C: They're basically providing signatures in response to a message. Right now we do two signature types. If I follow what you're asking, it sounds like that full message – including coin ID if that's being used – would be computed by the wallet and then ultimately just a message would be handed over to Tangem. This means that they should be able to handle complex spend bundles from the wallet side. They would figure out the ultimate messages that need to be signed and then probably send over a group of messages – maybe one at a time – to the device for signatures. You mentioned key derivations, but I’m not sure if that’s supported or it’s just a single key.
Does Tangem get to hold the keys?
Crypto Miner, listener: Good morning or good evening. I come from Germany, and I have a question for the Tangem developer. Do you have access to the stored keys – the private keys on the card – or can you export the private keys? In the crypto community we say ‘not your keys, not your coins’.
D: Tangem does not have any servers or any connection to your hardware wallet and your card. What happens on the card stays on the card. Even if you need to reset it, you have to use the card itself. So there’s no way that anything from the card could leave the card and reach your app or anywhere else. Even if you lose all three cards, there’s no money in the world that could get Tangem to restore your private key and access to your funds.
As blockchain enthusiasts, we were trained over the last 13 years that our 12, 24 or even 25 words are the only way to do self-custody. This is obsolete thinking, and it stops us from getting more people onboarded onto the blockchain. Like I said a little bit earlier, if you don't know your seed phrase, you can’t share it with anyone else. We at Tangem have made it very, very secure and easy to handle for our customers. Hopefully you will become a customer and do self-custody in a simpler way.
Setting up the wallet: Entropy and key generation
Andrew, listener: A quick question about setup. What is the source of the entropy and generation of the underlying private key? From there, when you're doing the cloning, there's a set of three and they all end up being clones of each other. How does the cloning process work?
D: During the first setup process, you grab your very first card and there’s an initial signal from the app that tells the microprocessor: “Hey, please generate your own private key”. Then the private key gets generated on the card independently and, thanks to the Diffie–Hellman key exchange, it’s transferred to the second and the third card. Thanks to the 265-bit encrypted security mechanism, the smartphone and app don’t know what the private key looks like. It copies a blind package to the second and third cards so that all three have the same private key and the same private password.
A: The cards are able to establish a secure connection with an unsecured party: the smartphone. This is called the Diffie–Hellman algorithm. It wasn’t invented by us – we just implemented it, and it’s used widely.
As for entropy, the chip inside the card has a lot of sensors, sort of like temperature or atmospheric pressure sensors. These are used in the hardware random number generator to generate your seed phrase.
S: Thanks, everyone. Please follow our Twitter account and join our Discord. You can also reach out directly to the Tangem team. Check out our pinned tweet for how to get the Tangem card with a 15% discount code.