Introduction 

Context 

The B.CHAIN card is a hardware wallet. It allows their holder to secure their blockchain private keys, generate public keys and sign transactions.

The B.CHAIN card is also a biometric card which has a biometric sensor to perform authentication with fingerprints and remove/complement the usage of PIN on a daily basis.

This SDK allows communicating with the card with simple interfaces.

It provides the functions listed on the table below:

Method name
High level details
connectPower the cardSelect the B.Chain appletInitialize secure channel
authenticateAuthenticate to the card with PIN
changePinChange card PIN
unlockPinUnlock card PIN with PUK
initializeSeedImport a seed in the card
getPublicKeyGet a public key
signTransactionSign a hashed transaction
wipeWalletWipe the card data and block the card
getCardStatus
  • Card identifier
  • Card state
  • PIN try counter
  • PIN try limit
  • PUK try counter
  • PUK try limit
  • Biometry try counter
  • Biometry try limit
  • User authentication rule
  • Enrolled finger count
updateUserAuthenticationRuleChange the user authentication rule (PIN or Biometry)

Deliverable 

The package is delivered as a versioned zip file containing all needed files for integration including Android and iOS libraries.

To get access to the B.CHAIN package you can contact us by email at the following address: bchain@idemia.com.

Architecture 

The package is delivered as a versioned zip file containing all needed files for integration including Android and iOS libraries.

High level diagram of the system and its interactions

1. As per the diagram, the wallet application uses the SDK "manager" to perform desired actions on the card.

2. Then the manager uses the “security provider” to work with cryptography and secure messaging and the “key manager” to handle the SCP03 keys of the card.

3. Both “security provider” and “key manager” can communicate with the integrated secure element of the phone (Keystore on Android / Secure enclave on iOS), to generate keys or perform cryptographic operations on the secure chip.

4 & 5. The "manager" uses the “NFC Communication” layer to communicate and send data with the card.

The SDK also provides an alternative way to the manager to perform actions on the card (get card public keys & perform signature) with custom pure Java “Provider” to ease the SDK integration without to much usage of proprietary classes, find below the concerned classes:

  • BChainProvider (6): This class installs the classes BChainSignature (9) and BChainKeyStore (10) to the global provider; this installation is required to have access to these classes, see section Custom Keystore Providers for more details,
  • BChainSignature (7): This class enables to perform a signature with the card,
  • BChainKeyStore (8): This class enables to get the card’s public keys and initialize the card seed.

11 & 12. These classes (BChainSignature & BChainKeyStore) will call the manager to perform their tasks.