Falls Du die deutsche Version des Reviews lesen möchtest klicke hier.
More than two years ago I tested the BitBox01. Back then it was still called Digital-BitBox. In this review I don’t want to go into detail about the BitBox01 but rather go through my points of critique back then. Afterwards we will look at the new BitBox02 and check if the BitBox02 improves upon these points. Among others, these were my main points of critique:
- No display to verify transaction details
- Incompatible backup format (only by using the Backup Center)
- Incomplete multi-sig functionality
- Missing “send all” button
Before we look at these points, let’s start at the beginning. The new BitBox02 comes in two editions. Bitcoin-only and Multi edition. In this review I’m using the Multi edition that supports Bitcoin, Litecoin, Ethereum (incl. ERC-20 tokens) and U2F. As the name says, the Bitcoin-only edition only supports Bitcoin and nothing else.
Packaging and shipping
The BitBox02 is delivered in a vacuum sealed plastic bag that has a special pattern on the edge. I assume that is some sort of tamper-evidence mechanism. Unfortunately, there is no information on that during the webshop checkout or on the manufacturer’s website. If an unknowing user receives a tampered device that was re-packaged in a normal plastic bag, he would not spot that the device has been tampered with. A hint on the order confirmation email or on the website would be helpful here. However, the manufacturer confirmed that they are already working on a stronger tamper-evident mechanism. In addition, there should soon be more information on the Webseite. The shipping was very swift and the price of the device is around 100 €. The box contains:
- microSD card
- USB-C to USB-A adapter
- USB-C extension cable (~ 30cm)
- 4 rubber pulls
- Quick start guide
Interestingly enough, a backup card to hand-write the Mnemonic is missing. Although a backup on the microSD card is created automatically, I recommend to also write down the Mnemonic.
The initial setup is quite straight forward and, as expected, is beginner friendly. At first you need to download the BitBoxApp from Shift Cryptosecurity, the manufacturer of the BitBox02. In addition, you can enable the option to show the hash of the installed firmware each time the device boots up. If an attacker modified the firmware on your device in the meantime, you would notice that as the hash would be different. Therefore I recommend to activate this option and to memorise a few digits of the hash. It is usually enough to memorise the first and last three digits. If you want, you can also verify the hash, however, that is not as straight forward at the moment. To do that:
- Get this python script from the BitBox02 firmware repository
- Get the latest signed firmware (make sure “signed” is in the filename)
- Now you can verify the firmware by using the python script
- ./describe_signed_firmware.py firmware.vX.X.X.signed.bin
If a new firmware version is available when setting up the device, the user is prompted to install the update. That is accompanied by a nice animation on the BitBox02 display.
Shift Cryptosecurity has completely revamped the app since the days of BitBox01 and it is now available for Windows, macOS and Linux. In addition, several wallets are integrated. While the BitBox02 Bitcoin edition logically only supports Bitcoin (BECH32 and P2SH), the Multi edition currently supports the following coins:
- Bitcoin BECH32 (native SegWit, starts with bc1..)
- Bitcoin P2SH (SegWit, starts with 3..)
- Litecoin BECH32
- Tether USD
- Basic Attention Token
Strangely enough, only a handful of ERC20 tokens is supported. After a short correspondence with the manufacturer, however, I was assured that they were working on general ERC20 token support. At that point all ERC-20 tokens will be supported. This also applies to ERC-20 tokens that do not exist today.
What surprised me very positively about the app is how it works under the hood. While many manufacturers rely on their own backend solutions, the BitBoxApp uses Electrum. In other words, if you do not trust the manufacturer, you can connect the app to your own Electrum server. Isn’t that terrific? Other developers could learn from this! In addition, the manufacturer is currently working on a plug-and-play node, called BitBoxBase which will allow non-technical users to easily run their own fullnode, i.e. their own private wallet backend.
Another noteworthy feature is Coin-Control. Granted, this functionality is for advanced users, but I strongly support that Coin-Control is available within your own app and you do not have to rely on Electrum. Coin-Control allows you to build your transactions individually by manually selecting the UTXOs that you want to use as inputs.
Multi-sig support is planned for the future. This was part of the old app, but unfortunately it was not that well thought out and was therefore removed. The manufacturer is also working on an integration in Electrum wallet. Once that is available Multi-Sig can be used via Electrum.
In addition the BitBox02 Multi edition can also be used as a FIDO U2F key.
User Experience and quality
There’s not much to say here apart from that the product quality is flawless. The BitBox02 feels high-quality, the display has an excellent quality and what I am personally pleased with the most is the USB-C connector.
Much more interesting, however, is the user experience. All security relevant inputs, such as PIN or passphrases, are made directly on the device. The BitBox02 does not have a touch display. Instead, both long sides of the device have five touch sensors each. These sensors make it possible to scroll through addresses and enter passwords on the device. For that, the alphabet is divided into three groups. A-H, I-Q and R-Z. If you touch the A-H group, these letters are again divided into three sub-groups. That way you can enter each letter or a number with two to three taps. In the beginning I had some difficulties with this input method, because it reacts very sensitive to touch. However, with some practice it did not take long until I was able to enter passphrases very quickly. Although it is not as fast as a touch screen, it is much faster and more comfortable than other hardware wallets controlled by a few conventional buttons.
The BitBox02 meets all the necessary security precautions that you would expect for a hardware wallet. It is possible to specify a device PIN or even a password. Furthermore, the wallet’s manufacturer understands the need for the additional passphrase feature. The passphrase can consist of letters, numbers and special characters. Transactions are displayed on the screen of the device, as well as receiving addresses.
As already mentioned, the BitBox02 automatically stores the wallet backup on the SD card during setup. Once the setup is done, you are prompted to unplug the microSD card and store it securely and independent from your BitBox02. If you try to use the BitBox02 while the microSD is inserted, you are advised to remove it. At this point I would also like to emphasise that you unplug the microSD card and to keeping it secure and physically separate from the hardware wallet as the memory card is needed to restore the wallet in case of loss, destruction or theft. In addition, it is also possible to display the mnemonic of the wallet in order to be able to write it down which I advise you do as well.
Further security features
|Bootloader||The bootloader only accepts firmware signed by Shift Cryptosecurity. In addition, downgrades to older firmware versions is not allowed which is important in case a vulnerability is found in an older firmware version.|
|Open-Source||The whole code is open-source and can be found on GitHub.|
|Attestation||The BitBoxApp verifies that the plugged in BitBox02 is genuine and not a counterfeit. For that a key, generated by the secure chip is signed during production. Thereby it is possible to verify the genuineness of the device at any time. That procedure is also used by other manufacturers.|
|USB-encryption||All communication between the device and the BitBoxApp is encrypted in order to prevent attacks on the USB port.|
|Firmware-Hash||As already mentioned, it is possible to show the firmware hash on every boot. In case an agency would pressure the manufacturer to release a manipulated but signed firmware the user could recognise that as the hash will be different.|
|Other||There are a few more security features such as the built in true-random-number-generator. More details regarding all these features can be found here.|
As mentioned earlier, I would now like to draw a comparison between the DigitalBitBox (BitBox01) and the new BitBox02. Let’s see if the manufacturer learned from their mistakes. The following comparison refers to my old review, when the BitBox01 still used the old BitBoxApp.
|No display||High quality and good display|
|Incompatible backup format||Compatible backups following BIP49 and BIP84|
|“Send all” missing||“Send all”-button available in the App|
|No fully-fledged multi-sig||No multi-sig yet|
The backup incompatibility and the missing “send all” button should by now also be fixed for the BitBox01 as it uses the same BitBoxApp. Therefore, I assume that BitBox01 also improved since my initial review.
To summarise, the BitBox02 is finally again a rock solid hardware wallet at a reasonable price. Everything was done right here and the user experience is at a very pleasantly high level.
Thanks to Shift Cryptosecurity for providing me with the test device.