Primitive use of NFC for blockchain applications

Every NFC chip has a 4- or 7-byte UID, and usually manufactures guarantee that the 7-byte UID is unique. Also authentic chips manufactured by NXP Semiconductors have a 32-byte ECC signature that is also easy to read.

A simple NFC reader in a phone or in a vending machine can read this data, do SHA256 hash on it, and that would be a private key for blockchain operation. For example, a shopkeeper would see the public key, and send some deposit tokens or fidelity points to an associated EOSIO account. A vending machine can automatically deduct some amount from such an account.

One issue is that most NFC cards in your wallet have a 4-byte UID. It gives only 4 billion possible combinations, so a private key would be cracked within a day. Most chips that are used are Mifare Classic chips which have a very poor security schema. The data on such a chip can be cracked and modified within minutes, or at maximum an hour.

The newest generation NTAG213/215/216 chips by NXP Semiconductors have 7-byte UID, and are accompanied with vendor ECC signature. This would produce a much more reliable private key. Also an application can write and lock some random seed in the memory sectors of the chip.

Here’s a simple demo of reading the UID and vendor signature and producing a private key. The program prints out a corresponding public key:

EDIT: I applied two Motorola Android phones of different generations to the reader, and it showed the UID differing in one byte only. Not really good for any practical use.

Telegram: cc32d9, EOS account: "cc32dninexxx"

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store