pnm

Problem Statement

PNM brings hardware-backed security to crypto payments through NFC, making crypto feel as seamless as tapping a card. Users deposit USDC into a Vault contract on any sign( currently we support - base sepolia and eth sepolia), then sign payment vouchers using Android's hardware-backed ECDSA P-256 keys—the same secure element that protects your biometrics. These vouchers are transmitted via NFC between merchant and customer devices, enabling instant offline payments that settle on-chain later.The system uses a novel architecture where P-256 signatures are validated by a hub service that bridges hardware security to Ethereum. Each voucher includes cumulative spending tracking, expiry timestamps, and unique slip IDs to prevent double-spending. Merchants can accept payments instantly without waiting for blockchain confirmations, while users get the security guarantees of hardware-backed keys without managing seed phrases during transactions.This creates a payment experience that's faster than traditional crypto payments, more secure than software wallets, and works completely offline—perfect for retail environments where connectivity is unreliable. The vouchers are cryptographically bound to prevent replay attacks, and the cumulative spending model ensures users can't spend more than they've deposited, even across multiple offline transactions.

Solution

Built as a three-tier architecture: Android mobile app (Kotlin), Node.js hub service (TypeScript), and Solidity Vault contract. The mobile app uses Android Keystore to generate and manage P-256 key pairs stored in the device's secure hardware element—the same Trusted Execution Environment that protects biometric authentication. NFC communication uses Android Beam with custom MIME types to exchange payment requests and signed vouchers bidirectionally between devices.The hub service validates P-256 signatures using the elliptic library, since Ethereum's secp256k1 can't verify P-256 signatures on-chain. When a merchant receives a voucher, the hub verifies the hardware signature, checks the voucher schema, validates expiry and cumulative spending, then calls the Vault contract'sredeemVoucherByHubfunction on behalf of the merchant. The Vault contract uses OpenZeppelin's ECDSA library for secp256k1 signatures (for direct on-chain redemption) and implements a cumulative spending model that tracks total amounts spent per user to prevent overspending.The hacky part: we derive Ethereum addresses from P-256 public keys using a deterministic mapping, allowing hardware-backed keys to control on-chain funds without exposing private keys. The voucher system uses EIP-191 message signing with ABI-encoded payloads, and we convert UUID slip IDs to bytes32 hashes for on-chain storage efficiency. The cumulative spending counter prevents double-spending even when vouchers are created offline, since each new voucher must have a cumulative amount greater than the previous one.We used OpenZeppelin contracts for security, ethers.js for signature verification matching the Solidity logic exactly, and Android's NfcAdapter API for peer-to-peer communication. The entire flow works offline—users can create and exchange vouchers without internet, and merchants batch-redeem them when connectivity returns.