vision

to create the most secure and intuitive

hardware wallet in the world, accessible
to everyone in the world.
why?
We believe for cryptocurrencies or any token for
that matter to succeed, they must exhibit two
principle characteristics: the user experience must
be completely intuitive with the mobile phone as
the ultimate interface; and the scope of security
includes mitigation of social engineering and
human behavior.
 introduction
Mobile wallets (software and hardware) rely on trusted nodes on the blockchain to verify transactions and prevent
inconsistencies such as double spending. While this approach increases security due the authentication protocol
between mobile wallets and nodes, hijacking a full node is enough for a malicious adversary to control the
validation mechanism and cause damage to consumers’ wallets such as allowing double spending. Furthermore,
an attacker that connects to a wallet can gather sufficient information to launch attacks on a wallet and steal
sensitive data. Existing solutions to prevent hijacking are deployed and operate at the application-level in form of
anti-viruses, firewalls, and some privileged access to the operating system.

The vulnerability of software protection mechanisms have been proven over and over again, with a hacker
gaining administrator rights and disabling all software protections before launching attacks. Mobile devices and
mobile wallets are even more exposed, since their computational resource are limited and not able to run basic
software protection.

Our solution uses an isolation and protection module (IPM), directly integrated into the hardware and thus, not in
the reach of potential attackers. Even in the case of node or device hijacking, the IPM will still be able to perform
analysis on the ongoing activities and shut down any attempt by the adversary to cause damage or steal
important data. The IPM operates at several levels. The IPM’s packet classification scheme performs two
complementary traffic analysis tasks: The first task is a signature-based traffic inspection that uses a pattern
matching algorithm to mine for known blacklisted domains (IPs), malware signatures, and blatant TCP flag
violations. In this stage, packets found to possess any of the signatures under monitoring are discarded.
Generally, this packet inspection model doesn’t perform well for 0-day (unknown) attack signatures. To alleviate
this deficit, the remaining packets are then forwarded to a scoring function which is trained to recognize packet
attributes which are out of the expected range of the network behavior (profile-based detection). The scoring
function gives scores to each packet’s attributes and compares this to a threshold value. If the packet’s
aggregated score (summation of all attributes scores) is less than the threshold, the packet is discarded. The
remaining packets are considered to be legitimate traffic and are then forwarded to the host.
 hardware
onoKaiju is a hardware system that utilizes system-on-chip and cryptography to secure private keys and other
sensitive data. Our FPGA generates a key that will be stored directly on the device. Designs and programs are
packed into a configuration file used to program the FPGA at boot-up from non-volatile memory. The bitstream is
encrypted and can only be encrypted by the key stored in the FPGA. The purpose of the CryptoEngine is to ensure
that the bitstream sent to program the FPGA matches the one expected by the FPGA by verifying that the keys
match. Any attempt to program the FPGA with a different bitstream will simply be rejected.

Every wallet produced by onoKaiju will have a key generated and stored on the device. The design file (bitstream)
will also be encrypted and stored on non-volatile memory and shipped to the customer. In a normal case, the
bitstream will always match at boot-up and the design will be configured and operated correctly, activated post-
hardware-validation is an IPM and isolation mechanism to prevent malicious activities.

Adversaries attempting to read from the FPGA will not be able to, and unpackaging the FPGA will return only a raw
structure of the device with no readable data. The only possibility to tamper with a onoKaiju device is to replace the
device configuration file in the non-volatile memory. However, replacing the bitstream in the memory will fail to
configure the device. Furthermore, an adversary can copy the configuration file and attempt to reprogram a different
device but because the key stored on the stolen device is unique, no other encryption engine on a different device
can read it.
 ecosystem
onoKaiju wallets will access full nodes on the blockchain to verify transactions. Each onoKaiju wallet will
access a random number of nodes to verify a transaction. To avoid a single full node in the network
being overwhelmed with transactions, a decentralized load balancing strategy will be implemented over
the course of the project.

To avoid node spoofing and fake nodes, onoKaiju will use its own proprietary network of secure
authenticated full nodes directly connected to the blockchain and are equipped with a variation of our
system-on-chip/IPM-on-FPGA. Full nodes directly attached to the blockchain are considered the most
secure since they run the entire blockchain and save the entire UTXO database. Because onoKaiju
wallets will be connected to those nodes, the authentication of transactions and the elimination of double
spending is guaranteed.

The purpose of this architecture is to ensure trust exists between full nodes and onoKaiju wallets. To
prevent a malicious node pretending to be a full onoKaiju node on the network to connect to onoKaiju
wallets and perform malicious activities, the authentication between onoKaiju wallets and onoKaiju
nodes will be done through the Isolation and Protection Module. This will serve two purposes. First,
preventing a non-onoKaiju node to access onoKaiju wallets and second to prevent onoKaiju nodes being
hijacked and integrated with the network.

The version of IPM in the onoKaiju project will feature an enclave (sandbox) to encapsulate all non-
confirmed communications between a full node and a wallet, until the verification is completed in the
IPM.
secured usability
Verification of wallet addresses using
unique images reduces human error
and man-in-the-middle attacks.

Custom security environments can be

created using multiple Kaiju devices

- Individually customizable wallets

- Multi-device validation and rules
- Recover funds despite multi-device
corruption
 medium of exchange
Blockchain companies will be able to create applications that utilize the Kaiju hardware architecture as well as integrate with the Kaiju app,
allowing cryptocurrencies and other tokens to be easily moved and more readily used.

cryptocurrencies
identification
healthcare
real estate
credit profile
payments
escrow mobile app
hardened security

etc.
interface
product lineup
 for the masses

CPU IPM
Network
Interface
01
A revolutionary hardware
MEM ECDSA architecture consisting of IPM on
FPGA and paired with an open
source mobile app to deliver cold
storage level security seamlessly to
your mobile device.
for the dedicated

02
A revolutionary hardware
architecture consisting of IPM
on FPGA in a purpose-built
highly functional wearable.
 for the integrated
Secure Enclave built
directly into band

03
A revolutionary hardware
architecture consisting of IPM
Pairs with smart watch on FPGA and built directly into
application
smartwatch bands and paired
with the Kaiju app.
onoKaiju: Hardware Sandboxing:
Architecture A Novel Defense Paradigm
Against Hardware Trojans in
https://goo.gl/SC2WHV Systems on Chip
https://bit.ly/2GCdH5M
Hardware/Software Isolation IoT Device Security Through
and Protection Architecture 
 Dynamic Hardware Isolation
for Transparent Security With Cloud-Based Update
Enforcement in Networked
Devices https://bit.ly/2IeDBtj
https://bit.ly/2GSTbLR
DIVE DEEPER
Dive deeper into the underlying technology powering
onoKaiju.
THE TEAM
SCIENCE – TECHNOLOGY - SOCIETY
Francis Hwang
FOUNDER AND HEAD OF R&D

Francis has over a decade of experience in creating,
launching, and managing successful businesses.
Having always gravitated towards enterprises and
ideas that question and disrupt the status quo, it was
a natural step for Francis to start Bucket
Technologies.
Previous ventures include Co-Founding Red Rabbit
in New York City. Francis sits on the Dean’s Board of
Entrepreneurs and Market Makers at the University
of Arkansas.

Francis is the founder and CEO of Bucket

Technologies, which is on a mission of eliminating
coins and alleviating the environmental and
governmental stresses from the production,
distribution, and management of cash and coin
currency, globally.
Christophe Bobda, Ph.D.
CO-FOUNDER AND HEAD OF ENGINEERING
Bobda received the License in mathematics from
the University of Yaoundé, Cameroon, in 1992, the
diploma of computer science and the Ph.D. degree
(with honors) in computer science from the
University of Paderborn in Germany in 1999 and
2003 (In the chair of Prof. Franz J. Rammig)
respectively.
In June 2003 he joined the department of computer
science at the University of Erlangen-Nuremberg in
Germany as Post doc, under the direction of Prof
Jargen Teich. Dr. Bobda received the best
dissertation award 2003 from the University of
Paderborn for his work on synthesis of
reconfigurable systems using temporal partitioning
and temporal placement.
In 2005 Dr. Bobda was appointed assistant
professor at the University of Kaiserslautern. There
he set the chair for Self-Organizing Embedded
Systems that he led until October 2007. From 2007
to 2010 Dr. Bobda was Professor at the University
of Potsdam and leader of The working Group
Computer Engineering.
Professor Bobda is Senior Member of the ACM. He
is also in the program committee of several
conferences (FPL, FPT, RAW, RSP, ERSA,
RECOSOC, DRS), the DATE executive committee
as proceedings chair (2004, 2005, 2006, 2007,
2008, 2009, 2010).
He served as reviewer of several journals (IEEE
TC, IEEE TVLSI, Elsevier Journal of
Microprocessor and Microsystems, Integration the
VLSI Journal) and conferences (DAC, DATE, FPL,
FPT, SBCCI, RAW, RSP, ERSA), as guest editor of
the Elsevier Journal of Microprocessor and
Microsystems and member of the editorial board of
the Hindawi International Journal of Reconfigurable
Computing. Dr. Bobda is the author of one of the
first most comprehensive books in the rapidly
growing field of Reconfigurable Computing.
Daniel Kam
CO-FOUNDER & EVP OPERATIONS

Daniel is a successful entrepreneur who has spending time with his wife and 3 girls, cooking or
launched and built several businesses in the going after big fish (literally, not metaphorically).
technology, managed services, manufacturing, and
hospitality/F&B industries.

He has over 20 years of B2B/B2C sales and

marketing experience within various commercial
sectors including cloud-commerce,
telecommunications, and graphic arts.

Daniel regularly speaks and networks with leading

companies and organizations on topics such as
leadership, innovation, branding, and operations
management. When Daniel is not working he enjoys
Nicholas Angel
CO-FOUNDER AND HEAD OF DESIGN

Nick Angel is a two time Clio Award-winning
designer with over 25 years of experience in building
brands and experiences for some of the largest
companies in the world. His work has appeared in
multiple industry publications including Graphis, Print
Magazine and Communication Arts.
He is a three-time entrepreneur having started
successful design consultancies in San Francisco,
Barcelona and Hong Kong. He is a sought after
public speaker and public advocate for the power of
user-centered design and narrative.
Kong Polytechnic as well as aspiring CEOs at the
IESE School of Business in Barcelona.
Most recently he has focused on the design needs of
consumers dealing with the lack of access to
financial tools as well as working with disruptive
startups within the fintech space.
He volunteers a lot of his time to local and national
non-profit organizations with great ambitions but little
budget.

He has also spent a great deal of his career teaching

aspiring designers at The Academy of Art, Hong
Michael Oh
HEAD OF FINANCE

Michael has a background in international finance Michael has a passion for all things economics and
and macroeconomics and has worked in various has recently pivoted to the crypto space.  In the Fall,
capacities spanning investment management to he plans to teach the University of Arkansas’ first
corporate finance to government. Michael spent 12 cryptocurrency course as an Adjunct Professor. 
years at T. Rowe Price as a sovereign analyst Michael received his A.B. from Harvard and M.B.A.
covering emerging markets.  There, he was from MIT Sloan and MPA/ID from the Harvard
responsible for fixed income and currency investment Kennedy School of Government.  In his spare time,
strategies for Latin America and high-yield Asia.  Michael enjoys spending time outdoors with his wife
Prior to that, Michael was an international economist and two daughters.
with the U.S. Treasury, where he was responsible for
formulating international debt policy for the U.S.
government. He has also worked at ExxonMobil in
corporate finance and Asian Development Bank in
policy research.
Matthew Waller, Ph.D.
STRATEGY ADVISOR AND BOARD MEMBER

Dean Waller is the Garrison Endowed Chair in
Supply Chain Management and Chair of the
Department of Supply Chain Management in the
Sam M. Walton College of Business at the University
of Arkansas. He joined the Walton College in 1994.
He is co-Editor-In-Chief of Journal of Business
Logistics the leading academic journal in the
discipline. He is an inventor holding significant
industry patents and his article on vendor managed
inventory is the second most cited article in the
history of Journal of Business Logistics.
SEC Academic Leadership Fellow. He is on the
Walmart Supplier Collaboration Board.
Professor Waller is responsible for the Department
of Supply Chain Management, two research centers,
and is Chair of the Orchestro Science Network. He
received a B.S.B.A. summa cum laude from the
University of Missouri, and a M.S. and Ph.D. from
The Pennsylvania State University.

His opinion pieces have appeared in Wall Street

Journal Asia and Financial Times. Dr. Waller is an
John English, Ph.D.
ENGINEERING STRATEGY ADVISOR AND BOARD MEMBER
A respected expert on quality and reliability engineering, John English is
the ninth dean of the University of Arkansas College of Engineering and is
the holder of the Irma F. and Raymond F. Giffels Endowed Chair. English
was a faculty member in the University of Arkansas department of
industrial engineering from 1991 to 2007, as well as head of the
department from 2000 to 2007. English was the founding director of the U
of A’s Center for Engineering Logistics and Distribution, and has served as
the director of the GENESIS Technology Business Incubator. He was also
on the faculty at Texas A&M University, taught at Oklahoma State
University, and gained industry experience at AT&T Communications.
English has been active on the national level in shaping the future of
engineering education, participating in significant committees for the
Institute of Industrial Engineers (IIE), serving as a member of the board of
directors for the Reliability and Maintainability Symposium and IIE and as a
participant in national meetings of engineering deans. He also holds the
membership level of Fellow in the Institute of Industrial Engineers. Prior to
returning to the University of Arkansas, English was dean of the Kansas
State College of Engineering and holder of the LeRoy C. and Aileen H.
Paslay Chair from 2007 to 2013. Under English’s leadership, the College of
Engineering at Kansas State crafted a vision, promoted and expanded its
research venues and experienced increases in both private giving and
research funding. English holds a doctorate in industrial engineering and
management from Oklahoma State University. He received a bachelor’s
degree in electrical engineering
Kim LaScola Needy, Ph.D.
ENGINEERING RESEARCH ADVISOR

Dr. Kim LaScola Needy was named Dean of the Graduate School and Engineers (IIE), holding a Fellow membership status, a Fellow of the
International Education at the University of Arkansas in 2014.  Prior to this American Society for Engineering Education (ASEE), a Fellow of the
appointment she was Department Head and 21st Century Professor of American Society for Engineering Management (ASEM), a member of the
Industrial Engineering at the University of Arkansas.  American Production and Inventory Control Society (APICS) and a
member of the Society of Women Engineers (SWE).  She is a licensed
She received her B.S. and M.S. degrees in Industrial Engineering from the Professional Engineer in Kansas.
University of Pittsburgh, and her Ph.D. in Industrial Engineering from
Wichita State University.  Prior to her academic appointment, she gained
industrial experience while working at PPG Industries and The Boeing
Company.  Her first faculty appointment was at the University of
Pittsburgh. 

Dr. Needy’s research interests include engineering management,

engineering economic analysis, sustainable engineering, and integrated
resource management.  She is Past President of the Institute of Industrial
Heather Nachtmann, Ph.D.
ENGINEERING RESEARCH ADVISOR

Dr. Heather Nachtmann is the Associate Dean for Research for the College
of Engineering and a Professor of Industrial Engineering at the University
of Arkansas. 

She serves as the Director of the Maritime Transportation Research and

Transportation Center and the Mack-Blackwell Transportation Center.  She
received her Ph.D. in Industrial Engineering from the University of
Pittsburgh.
The Roadmap
Evolution of the Kaiju
Evolution I : February - May
The first evolution of onoKaiju will be a fully operational wallet in FPGA coupled with an open source Bitcoin mobile software wallet. The wallet will run on a system,
on chip in pure embedded software on an ARM core. Important functions such as the elliptic curve cryptographic module and SHA256 will then be moved into the
hardware. This first evolution is more for exploration, development and demonstration purpose and will be made of standard parts. The central part is the Picoboard
from Picocomputing (others are also being tested). Because the Picoboard does not provide the interface to a touchscreen and RF modules, standard components
will be used here. An RF module featuring WiFi and GSM will be used to allow internet communication and free mobility of the wallet. For the touchscreen and the RF
to be used with the Picoboard, an interface board is required. This board was designed at the University of Arkansas and could be duplicated at will.

Currently the development is being done on a Picoboard and a different platform, the DE2 Nano from Altera, bulkier than the Picoboard, but also with better support.
It is therefore possible that we decide to use a different board more compatible with our current development environment. Nevertheless, the concepts will remain
the same and the buildup of the first version will be made of standard components.

Expected completion:
• Currently the two development platforms are being completed and the software wallet Electrum is being used https://electrum.org/#home. The software solution
only with a screen and keyboard will be completed in the next two weeks.
• Upon completing the selection and ordering of the touchscreen and RF module, we expect the first wallet fully functional in the FPGA within 2 – 3 months, in May
2018.
• Subsequent development, testing, migration of more software functions to hardware and inclusion of more security primitive will continue in parallel to the second
evolution.
Evolution II : May - August
The transition to the VLSI architecture will start right after the first Evolution has been released. This version will be more compact, low power and low weight since it
will use only one chip instead of the FPGA development subsystem of the previous evolution with more redundant components.

Tasks to be performed will be:

• An integrated FPGA prototype. This version will consist of a single board that integrates the touchscreen and the RF module. The goal here is to have an FPGA
system that can be commercialized while pursuing the full ASIC design. The advantage of this intermediate implementation is that the it can be sold to gauge the
market. The decision to go full ASIC will then be made according to the demand. Increasing unit numbers will justify faster chip transition. This version will need a
board design that can be performed by the company RCal in Prairie Grove or an in-house FPGA designer.
• The System on chip designed in the first version will be used as the basis for the transition to a VLSI architecture. This version will be ready latest a year after the
release of the first Evolution and will require the involvement of a chip designer. Using a standard SoC design environment, we can cut this time in half.
Evolution III : September - December
Transition to ASIC chip architecture + Quantum resistant