Get the latest BitBoxApp here: https://shiftcrypto.ch/download
Etzlihütte
The bull is here, and many new people enter the crypto space. Demand for our BitBox02 picked up significantly, and since early this year, we’ve been ramping up the production of new devices as fast as quality control allows.
With so many more devices going out to new customers and focus on improving operations, from shipping to support, we took the opportunity to go through a similar process with the BitBox software. The primary goal was to address any pain points that add friction in using the BitBox02 and the BitBoxApp and lead to support requests. We released a silent update with improvements in February and are now doubling down with our Etzli update, fine-tuning the user experience, improving error handling, and removing technical debt. New features are on the roadmap, of course, and we’re excited to tackle them as soon as the base layer is rock-solid.
This approach reminds us of the Etzli hut, located in central Switzerland in a pretty bare landscape. The hike up is strenuous, and once there, no spectacular peak with incredible views is waiting for you. But you’ll get a good night’s sleep, food is homemade and plenty, and a tiny wood stove even powers a hot tub. You’re enjoying the here and now. And the following day, the hut is your starting point for the most amazing hikes across spectacular mountain ranges.
Networking
First impressions are essential. Therefore, the installation of the BitBoxApp should be seamless and as frictionless as possible. On Windows, we identified some issues and optimized the installation to properly ask for administration privileges (you no longer need to right-click and “run as administrator”) and to exit the BitBoxApp should it be running already.
Once you’re all set up, what’s more annoying than the BitBoxApp not being able to talk to the Bitcoin network? Unfortunately, the standard ports used by Electrum can be blocked by firewalls, especially in corporate networks. We’re now routing this traffic over the standard HTTPS port 443, where firewall interference is much less likely.
To display the current exchange rates between crypto and the fiat currency of your choice, the BitBoxApp used CryptoCompare. But many of our users are privacy-conscious and route their network traffic over VPN or through the Tor network. That hides your IP address but often triggered rate-limiting and could lead to errors fetching the data. This happens because many users queried the exchange rate servers from seemingly identical VPN or Tor exit servers. We now switched to CoinGecko to provide this data and we proxy it to reduce the actual number of queries. This improvement fixes rate-limiting issues, especially for our users relying on a VPN or the Tor network.
The Tor network is also super-handy to connect to your own full node. But many users experienced troubles when they enabled the Tor proxy in the BitBoxApp and were receiving very vague error messages. It’s also easy to forget that this setting is active and then you’re left wondering why your crypto accounts are not loading. We now provide more explicit error messaging that also includes helpful hints.
Ethereum
We’ve extended existing features like Anti-klepto protection against the covert nonce channel attack, which now also supports Ethereum transaction signing, as well as BTC and ETH message signing.
The “buy crypto” feature now also lets you buy ERC20 tokens directly in the BitBoxApp, with delivery straight to your BitBox02.
We also tackled an issue that caused stuck ETH transactions because of Etherscan silently dropping them. The BitBoxApp now automatically rebroadcasts the transaction if necessary. To improve transaction transparency, you can now also see the ETH nonce in the transaction details.
The BitBox02 aims not only to be secure on a technical level but also to prevent user missteps. One challenge is verifying the ETH transaction details when signing an unknown contract. The BitBox02 displays the raw hex data, but beginners might just approve it without knowing exactly what they are signing. Hackers can take advantage of this, such as when an attacker tricked this user into sending NXM to them, all while thinking he was claiming a mining reward. With this update, the BitBox02 will display an explicit warning when the contract is unknown to the device.
...and so much more.
Of course, there’s a ton of little things, too many to mention in detail. We improved the BitBoxApp performance and removed some quirks in the user interface. We also reduced technical debt by shedding some code that was either unused or no longer deemed relevant, like the “show random number” feature, and moved even more C program code to Rust. And last but not least: la BitBoxApp è ora disponibile in italiano. Benvenuti to our Italian-speaking friends!
One more thing
The Hardware Wallet Interface (HWI) project, which most independent software wallets use to communicate with hardware wallets, just released their version 2.0 update. This release includes full support for the best-in-class multi-signature implementation of the BitBox02! 🎉
Our friends at Sparrow Wallet already released their own update, and we’re stoked how easy it is to use this power-user wallet. Expect projects like Specter Desktop and others to follow; we’ll keep you posted!
How can I stay up-to-date?
We encourage you to sign up to the BitBox news to stay up to date with our latest news, including release notes and bug fixes.
As always, please do not hesitate to contact us at [email protected] if you have any questions.
Thank you for your continued support.
Shift Team
Shift Crypto is a privately held company based in Zurich, Switzerland. Our international team of specialists across engineering, cryptosecurity and Bitcoin core development build the BitBox products and provide consulting services. The BitBox02, a second generation hardware wallet, equips individuals to easily store, protect, and transact cryptocurrencies. Its companion, the BitBoxApp, provides an all-in-one solution to securely manage your digital assets with ease.