ARX · BURNER

How it works · ARX Burner / HaLo

A card that is
a wallet.

The Burner is a physical NFC card with an Ethereum key living on its secure element. Hold it to your phone and read its address. The private key never leaves the card.

secp256k1 · on-cardISO 14443-4 · ISO-DEPEIP-55 · checksum

Tap the card — or use the button

Burner connected
0x0000·0000
Variants — re-tint the card

01 · For you

How it works, without the crypto words.

No app setup, no seed phrase to write down, no battery in the card. It's a piece of plastic with a key inside. Here's the whole thing.

02 · Under the hood

The chip is the wallet.

The Burner runs on Arx's HaLo secure element. The card and the wallet aren't two things — the chip holds the key, the wallet is that key. Here's the actual read.

The card is the wallet

A key is generated on the card. It stays on the card.

At personalization, the HaLo secure element runs secp256k1 key generation in place — the same curve Ethereum uses. The private key is written into the chip and is not exportable over NFC. What can ever leave the radio is the matching public key.

So the "wallet" isn't an app, a file, or a phrase — it's a physical keypair you can hold. Lose the card and the key is gone with it.

Transport — ISO-DEP, not NDEF

A smart-card session, not a URL tag.

Most NFC tags are read as NDEF — a chunk of text or a link. The Burner is read as an ISO 14443-4 (ISO-DEP) card: the phone opens a session, SELECTs an applet by AID, and exchanges raw APDUs. iOS filters which cards even wake the reader by these identifiers:

A000000949 0148614C6FHaLo applet
481199130E9F01Arx Burner applet
D2760000850101NFC Forum NDEF App
D2760000850100NDEF Type-4 DF

Capability matrix — what the chip can do

This app reads. The chip can sign.

The HaLo command set is far wider than what AgentCard uses today. The read-only surface is a deliberate first step — not the ceiling.

OpcodeCommandPurposeIn this app
0x02get_pkeysRead public keysUsed
0x01signEIP-191 / EIP-712 signingNot yet
0x11sign_challengeChallenge-response authNot yet
0x04get_attestAttestation / provenanceNot yet
0xB5–B7generate_key_*On-card key generationPersonalization

Going deeper

Why ISO-DEP and an applet, instead of an NDEF URL?+

NDEF is a passive "here's some data" read — fine for a link, useless for a command/response with a secure element. ISO-DEP gives the phone a live channel: SELECT an applet, send APDUs, get signed answers back. That's what lets the same card later sign challenges and attest to its own provenance.

Is the address really "derived on-card"?+

The private key is generated and held on-card — that part is true. But the public-key → address step (keccak256 of the pubkey, last 20 bytes, EIP-55 checksum) is computed client-side by libhalo/ethers after the pubkey is read off. Only the secret material is truly on the chip.

What does "Burner" mean vs "HaLo" vs "AgentCard"?+

HaLo is Arx Research's programmable NFC secure-element platform. Burner is the product card built on it. AgentCard is the name of this iPhone app that reads the card. Three names, one physical object in your hand.

03 · Honest scope

What seeing the address doesn't prove.

We'd rather tell you exactly what this is than sell you more. Reading the address is a real, useful thing — and a narrow one.

What this app does

  • Reads the card's public key over NFC and shows its Ethereum address.
  • Copies that address anywhere you want to send funds.
  • Keeps the private key on the card — it is never read, stored, or transmitted.
  • Retains only the primary address — no other slots, no tag id, no signatures.

What it does not do

  • It does not prove card authenticity, ownership of the key, or your identity.
  • It does not sign, spend, or authorize anything.
  • It does not check balances or show transaction history.
  • It is not a wallet app — it's a reader. The signing surface is the chip's future, deliberately unbuilt here.