cryptX

is a reverse-engineered hardware ledger for the Solana blockchain, with custom PIN + seed phrase authentication, real-time balance monitoring, and live fraud detection using log analysis.

Comment

Inspiration:

  • We were inspired to create cryptX to build something that meaningfully combines hardware and software security, while intentionally challenging ourselves to explore what’s possible on constrained hardware. The name “cryptX” comes from a cryptex, a portable puzzle box designed to hide secrets, reflecting our goal of creating a compact and secure system for protecting and verifying sensitive information.

What it does:

  • cryptX is a fully functional hardware crypto wallet built on top of the Solana network, designed to bring real security to blockchain transactions without the $150 price tag. It lets users send and receive SOL between wallets on Solana testnet, with every transaction requiring physical approval on the device, just like a real Ledger.

  • The wallet enforces a full authentication lifecycle: users set a 6-digit PIN, back up a BIP-39 seed phrase, and must physically confirm every signing request on the hardware before any transaction hits the chain. On top of the core wallet functionality, cryptX runs a live fraud detection layer powered by Gemini that continuously monitors device behavior across every connection, PIN attempt, and transaction event, flagging suspicious patterns like repeated auth failures or mid-transaction disconnects, and automatically blacklisting compromised devices before they can do any damage.

  • Everything is visualized in a real-time Next.js dashboard showing live Solana balances, full transaction history pulled directly from the blockchain, and AI-generated risk reports per device.

How we built it:

  • We started by reverse engineering hardware wallets like the Ledger Nano S to understand their core architecture: transaction construction on the host, secure offline signing, and blockchain submission. Rather than replicate the entire system, we isolated private keys and exposed only signed data, shaping how cryptX interacts with Solana.

  • The physical device runs a complete wallet state machine in C++ handling setup, PIN creation, transaction signing, and a three-attempt self-destruct wipe, all persisted through power cycles via EEPROM. Users interact through two physical buttons and a small RGB LCD, creating a real hardware experience rather than a software simulation.

  • Security was the hardest part. We implemented challenge-response authentication using SipHash-2-4 with keys derived from the chip's hardware signature, cryptographically binding device identity to the physical silicon. Seed phrases follow the BIP-39 standard used by every major wallet, displayed word by word on the LCD and verified before any signature.

  • The Next.js dashboard connects to the Arduino over USB using the browser Web Serial API at 115200 baud, exchanging line-based commands in real time. It constructs live Solana transactions with Web3.js and submits them the moment users approve on-device. Every action feeds into a Google Gemini agent that monitors for suspicious behavior like repeated PIN failures or mid-transaction disconnects, automatically blacklisting compromised devices before they cause damage.

Challenges we ran into:

  • A challenge that we faced was working within the tight hardware constraints of the Arduino Uno, especially its limited memory and processing power. This meant we couldn’t rely on heavy cryptographic libraries or complex data handling, so we had to simplify how transactions were structured and signed while still keeping the system reliable and secure.

  • Even managing serial communication and fitting data into small buffers required careful optimization, forcing us to thoughtfully split responsibilities between the Arduino and the main application. We actually maxed out the ram on our Arduinos and had to optimize the firmware.

Accomplishments that we're proud of:

  • Building a fully functional hardware wallet from scratch in 36 hours with no prior hardware experience is something we're genuinely proud of. Reverse-engineering the Ledger signing protocol and reimplementing it ourselves gave us a deep appreciation for how much engineering goes into consumer crypto security. Getting the full authentication pipeline working, from BIP-39 seed generation on the device to SipHash challenge-response auth to a live signed transaction hitting Solana testnet, all within a few days, was a real milestone.

  • We're also proud of how the fraud detection layer came together, turning raw device logs into actionable AI-generated risk assessments that feed back into the system to block compromised devices in real time.

What we learned:

  • We learned how hardware wallets establish trust through signing boundaries, challenge-response authentication, and why private keys must never leave the device. Getting hands-on with EEPROM persistence, I2C displays, and state machines in C++ gave us real insight into the hardware side of the problem.

  • We also gained a much deeper understanding of how Solana transactions are constructed, serialized, and submitted under the hood. Building PIN entry, seed backup, and confirmation flows on a tiny display taught us how dramatically security and usability trade off when interface real estate is minimal.

  • Additionally, we learned how AI can be practically applied to real security problems, not just as a chatbot layer. The dashboard never needs the seed, only forwarding signed bytes. This clarified why relay-only software still matters for the threat model and shaped how we think about trust architecture.

What's next for cryptX:

  • Short term: We plan to upgrade to stronger hardware for a real hardware signer with more memory and CPU for safer crypto operations, better UX, and room for secure elements. We also want to add support for popular networks like Ethereum, Arbitrum, and Base. Additionally, implementing auto-firmware updates to keep users protected will be super beneficial.

  • Next: We're open-sourcing key components to help the community without compromising security: reference firmware, signing and session flows, and transaction relay mechanisms. This lets the stack be audited and forked.

  • Long term: We imagine an open-source hardware wallet alternative that delivers real security without the cost barrier. This includes a shared blacklist across suspicious wallets and an AI agent that learns from patterns across thousands of devices and ledgers securely in real time. We'll keep hardening the system as we add more connectivity and intelligence as well.

Built With

Share this project:

Updates