Frequently Asked Questions about BitBox

  • What is a BitBox?
  • What coins and functions are supported by BitBox?

    Bitcoin (BTC), Ethereum (ETH, ETC, and ERC20 tokens), and Litecoin (LTC) cryptocurrencies are currently supported. We plan to add more coins in the future. Let us know your favorites!

    The BitBox is a FIDO Universal 2nd Factor (U2F) compatible authenticator. Secure your accounts on Google, Facebook, Dropbox, GitHub and more.

    Existing BitBoxes can add support for new coins and features by upgrading the firmware.

  • What are the unique advantages of BitBox?
    • Offline, anytime backup and recovery with a micro SD card.
    • Native software client avoids security risks of browser-based clients.
    • Plausible deniability with hidden wallets and backups.
    • Tor and Tails OS compatible to protect your privacy.
    • Private keys kept on a high-security chip that prevents physical extraction (50 year lifespan).
    • Portable, extremely durable case filled with epoxy and packed with security.
    • Subtle design avoids unwanted attention.
    • Multisig out-of-the-box (optional to use).
    • Smart verification and second-factor authentication mobile app (optional to use).
    • Fully open source.
    • Swiss ideals - quality, privacy, no backdoors.
  • Do my private keys ever touch my computer or the internet?

    Not even during the initial setup or backup. The onboard microcontroller generates a wallet (BIP32) using a high-quality hardware random number generator to create entropy.

    The onboard slot for a micro SD card allows offline backup and recovery. There is no need to expose your wallet while typing on a keyboard or displaying recovery information on a screen, leaving it susceptible to theft by key logging, screen captures, and cameras.

    Unlike other hardware wallets, you can backup your wallet at anytime and as often as you like. Switch between different wallets in a snap.

    We appreciate paranoia. Therefore, external entropy is added to the hardware random number generator in two ways. First, in order to remove the need to trust the hardware, some entropy is added by us through random bytes set during the factory installation. In order to remove the need to trust us, some more is automatically gathered from you when entering your device password. If that's not enough, load up your own keys either via the micro SD slot or the USB interface.

    Three ways to create or load a wallet:

  • I need more specifications about BitBox
    • Single-purpose microcontroller that connects to a computer as a plug-and-play USB device. No drivers required.
    • The minimalist design keeps the code as simple as possible, making audits easier and reducing the number of attack vectors.
    • AES-256-CBC encrypted communication over USB that is immune to glitching and timing attacks.
    • Two-factor authentication option to prevent man-in-the-middle (MITM) attacks.
    • Erase and reset after 15 failed attempts, eliminating brute force password attacks. If a reset happens by accident, the wallet can be recovered simply by reloading the wallet seed from the micro SD card.
    • Capacitive touch button confirmation. Touch briefly to 'reject', and touch longer to 'accept'.
    • Embedded LED status indicator.
    • Password protected.

Frequently Asked Questions by Thieves

  • What happens if someone steals my BitBox?

    They will also need to steal your password in order to steal your coins. If two-factor authentication is enabled, they will also need your second factor device (such as a mobile phone). After 15 unsuccessful attempts to guess the password, the BitBox will erase all secrets and reset*. This prevents brute force attacks.

    * If reset by accident, simply reload the backup from the micro SD card to recover your wallet.

  • How do I protect against malware and keyloggers?

    Hardware wallets are designed to prevent the majority of malware, such as key logging and file stealing, from allowing someone to get your coins. Even if someone learns the wallet password, the keys stay buried inside the hardware wallet. Using the keys requires physically pressing a touch button and, optionally, two-factor authentication (2FA) using a mobile app. With the mobile app, even handcrafted malware on a fully compromised computer, such as a man-in-the-middle attack (MITM), would be avoided.

  • What if a government or bully forces me to open my wallet?

    Use plausible deniability. A secondary password can open a hidden wallet. Put some change there to add plausibility. Or, in case you are forced to recover a wallet from a backup, entering the wrong password will create a valid but different wallet.

  • How can I verify that the correct transaction is being signed?

    Our smart verification mobile app, after cryptographically pairing it with the BitBox, allows your phone to be used as a large screen to securely verify transactions and addresses.

  • What about side-channel attacks to discover a key?

    Improper cryptographic algorithms can leak secrets from only one signature. Thankfully, algorithms exist that make side-channel signals, such as power usage and electromagnetic waves, very hard to distinguish. The BitBox uses the same cryptographic library used in Bitcoin (secp256k1). It is carefully designed and tested to prevent known side-channel attacks.

  • Can a thief break open a BitBox and physically extract privatedata, for example, by probing the chip’s PIN or de-capping the chip (i.e. reverse engineering)?

    All secrets (keys and passwords) are stored isolated on a separate high-security chip designed specifically to keep your secrets secret. From section 3.1.2 of the data sheet: "The device contains physical security features to prevent an attacker from determining the internal secrets. ATAES132 includes tamper detectors for voltage, temperature, frequency, and light, as well as an active metal shield over the circuitry, internal memory encryption, and other various features. The ATAES132 physical design and cryptographic protocol are designed to prevent or significantly complicate most algorithmic, timing, and side-channel attacks."

    Furthermore, the primary microcontroller's memory is locked, and the JTAG pins are disabled. When using a BitBox, SRAM that temporarily holds secrets is zeroed immediately after use. Given enough effort and equipment, any device is susceptible to being cracked, but there should be plenty of time to transfer your coins to another wallet.