Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Related tags

Security related resources cryptick
Overview

Cryptick USB Client - Python

This repo provides scripts for communicating with a Cryptick physical NFT device using Python. Each Cryptick device is a WiFi connected stock ticker for crypto tokens, and is also connected to an NFT on the Ethereum blockchain.

If you're here to authenticate your Cryptick device, skip down to the Digital Signature Authentication (DSA) section.

Requirements

  1. Python >=3
  2. pycrypto lib (for DSA and SHA256 functions)

Available Commands

gettime

Get the internal clock time from cryptick device

python cryptick.py --gettime

settime

Set the cryptick internal clock from the current system time, also setting the UTC offset from the system.

python cryptick.py --settime

24 hour display mode is default. Optionally, specify 12 hour display mode:

python cryptick.py --settime --h12

setmode

Set the cryptick mode. Possible modes are coin, clock, and usbdata. coin displays the cryptocurrency market ticker. clock displays the current time. usbdata mode will listen for any setassetsdata command, allowing for display of arbitrary market data.

python cryptick.py --setmode clock

setbrightness

Set the cryptick display brightness. Value range [1,5]

python cryptick.py --setbrightness 4

getpubkey

Get the public key from cryptick device and write to a pem file. This can be used as a sanity check; to verify that the public key matches the one stored in the NFT on the Ethereum blockchain. Specify the pem output filename as an argument.

python cryptick.py --getpubkey cryptick.pem

resetwifi

Reset the wifi settings of the cryptick device. This removes any stored wifi access point credentials from the device.

python cryptick.py --resetwifi

setwifi

Set the wifi settings of the cryptick device. The device will store the wifi credentials and attempt to connect on next boot.

python cryptick.py --setwifi ssid password

getcurrencylist

Get the device's valid vs currency list.

python cryptick.py --getcurrencylist

getcoinlist

Get the device's valid coin list (list of all valid coins cached from last connection to web service).

python cryptick.py --getcoinlist

setcurrency

Set the device's vs currency.

python cryptick.py --setcurrency usd

setcoins

Set the device's subscribed coins from the list of arguments (up to 10 coins).

python cryptick.py --setcoins btc eth ada dot xlm xrp

setassetsdata

If device mode is set to usbdata, then you can send an asset data json string to display in the ticker. This allows you to send any arbitrary market data to be displayed. The json string is loaded from the specified file in the arguments. Please see the usbdata mode doc for example json file usb_setassetsdata.json

python cryptick.py --setassetsdata usb_setassetsdata.json

getconfig

gets the device's config as a json string and prints it to stdout.

python cryptick.py --getconfig

authenticate

Execute digital signature authentication challenge (DSA) to verify the authenticity of the physical Cryptick device. This process is described in the Digital Signature Authentication (DSA) section.

Cryptick Digital Signature Authentication

Each Cryptick device has an embedded crypto chip which stores a unique private key for ECC DSA. This private key is securely stored and cannot be read out from the device.

Each Cryptick device is associated with a Cryptick NFT on the Ethereum blockchain. The public key is stored in the Cryptick NFT metadata. At any time in the future, anyone can view the Cryptick NFT on the blockchain and see that it is associated with the owner of the Cryptick NFT.

To authenticate the physical Cryptick device, use the following process:

  1. Clone this repository and install the prerequisite library pycrypto:
git clone https://github.com/cryptick-io/cryptick.git
pip install pycrypto

  1. Plug in the Cryptick device to your computer using a USB-C cable.

  2. Locate the serial number of your Cryptick on the back lid, engraved in the wood. In this example, let's assume it is Cryptick Founders Edition (FE) #49.

  3. Next, we can run the script's authenticate command. In this example we will authenticate cryptick founders edition #49:

python cryptick.py --authenticate --serial cryptick-fe/49

  1. The script will grab the cryptick device's public key from cryptick.io based on the provided serial string (full link generated here). It then performs a DSA challenge and verifies the results using the NIST FIPS 186-4 ECDSA algorithm. If the device is authenticated successfully, it will print to the terminal:

Challenge verification success.

  1. To be even safer, you can remove all 3rd parties from the authentication chain, and specify the public key on the command line. To do this, you'll need to view the NFT's data on the Ethereum blockchain. The easiest way to do this is to view the NFT metadata in your Metamask wallet, Etherscan, or on OpenSea.io. In the Cryptick NFT's metadata, the public key is included at the end of the description. Copy the contents of this string into a pubkey.pem file in the same folder as the cryptick.py script and run

python cryptick.py --authenticate --pubkeypem ./pubkey.pem

If the device is authenticated successfully, it will print to the terminal:

Challenge verification success.

You might also like...
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service. This tool can help a digital forensic investigator to know the context, origin of specific files during a digital forensic investigation.

hashlookup 96 Dec 20, 2022
compact and speedy hash cracker for md5, sha1, and sha256 hashes

hash-cracker hash cracker is a multi-functional and compact...hash cracking tool...that supports dictionary attacks against three kinds of hashes: md5

Abdullah Ansari 3 Feb 22, 2022
This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to the attack classes defined and curated malapi.io.

F2Amapper This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to

Ajit Kumar 3 Sep 3, 2022
orfipy is a tool written in python/cython to extract ORFs in an extremely and fast and flexible manner
orfipy is a tool written in python/cython to extract ORFs in an extremely and fast and flexible manner

Introduction orfipy is a tool written in python/cython to extract ORFs in an extremely and fast and flexible manner. Other popular ORF searching tools

Urminder Singh 34 Nov 21, 2022
NexScanner is a tool which allows you to scan a website and find the admin login panel and sub-domains
NexScanner is a tool which allows you to scan a website and find the admin login panel and sub-domains

NexScanner NexScanner is a tool which helps you scan a website for sub-domains and also to find login pages in the website like the admin login panel

null 8 Sep 3, 2022
This is a partial and quick and dirty proof of concept implementation of the following specifications to configure a tor client to use trusted exit relays only.

This is a partial and quick and dirty proof of concept implementation of the following specifications to configure a tor client to use trusted exit re

null 22 Nov 9, 2022
This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data.
This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data.

Scrambler App This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data. It leverages encryption tools such as

Mystic 2 Aug 31, 2022
A way to analyse how malware and/or goodware samples vary from each other using Shannon Entropy, Hausdorff Distance and Jaro-Winkler Distance
A way to analyse how malware and/or goodware samples vary from each other using Shannon Entropy, Hausdorff Distance and Jaro-Winkler Distance

A way to analyse how malware and/or goodware samples vary from each other using Shannon Entropy, Hausdorff Distance and Jaro-Winkler Distance

null 11 Nov 15, 2022
labsecurity is a framework and its use is for ethical hacking and computer security
labsecurity is a framework and its use is for ethical hacking and computer security

labsecurity labsecurity is a framework and its use is for ethical hacking and computer security. Warning This tool is only for educational purpose. If

Dylan Meca 16 Dec 8, 2022
Owner
null
GitHub
A set of blender assets created for the $yb NFT project.

fyb-blender A set of blender assets created for the $yb NFT project. Install just as you would any other Blender Add-on (via Edit->Preferences->Add-on

Pedro Arroyo 1 May 6, 2022
RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.

RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,

null 53 Nov 1, 2022
Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage

Apiiro 84 Dec 23, 2022
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.

DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai

Vadi 329 Jan 1, 2023
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

About: Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux an

Ayoub 861 Feb 18, 2021
Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ

Steven Black 22.1k Jan 2, 2023
Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe

Welcome to HubbleStack!! You can find the docs here You can file an issue here Follow us on Twitter! Development Below are sample instructions to setu

HubbleStack 368 Jan 4, 2023
HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures.

HatVenom HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures. Featu

EntySec 100 Dec 23, 2022
A powerful password generator utility which utilizes the slot technique to generate strong passwords of required length having combinations of lower and upper characters, digits and symbols.

Bitpass Password Generator Installation Make sure Python 3+ is installed

Vaibhaw 6 Feb 2, 2022
A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources to make Ubuntu 20.04 capable of both offensive and defensive security work.

infosec-fortress A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a s

James 41 Dec 30, 2022