First of all, thanks a lot to Shift Cryptosecurity @ShiftCryptoHQ for selecting me as one of their Beta testers for the new BitBox02 hardware wallet! I’m very happy to be one of the first to hold this thing in my hands and try it out.
This post isn’t a full review and it also probably wouldn’t make much sense for consumers that read reviews to decide whether to buy something, since it’s not the finished product, but a Beta Testing unit that I was sent.
But instead of writing 10 Tweets that will quickly get lost, I wanted to summarize my thoughts, impressions and experiences with it in the last few weeks as a Blog post!
Also, last disclaimer: I was never asked to write anything publicly on the internet about their wallet. I’m just a Beta tester who gets the device to try it and fill out a very specific feedback form for them to help them sort out their last bugs and give improvement suggestions.
Backstory / My Experiences before BitBox02
I have had various software wallets, but quite a while back decided that it would be a good idea to get a hardware wallet. It allows you to keep your cryptocurrency in an ‘offline’ place (comparable to a paper wallet for example) which can’t be accessed by any hacker etc., since the keys to your coins just aren’t on your PC or phone. On the other hand, you can always plug a hardware wallet into your device of choice and perform a payment easily (unlike paper wallets).
At the time at which I decided to buy a hardware wallet, the two most popular options were the Ledger Nano S and the Trezor. They were both pretty expensive at the time (partly because of the increasing price and interest in cryptocurrency) and I wasn’t happy about the software implementation, relying on a web App / browser extension and if I remember correctly, they are (were) both not open-source. Then I found the (then so-called) “Digital BitBox” by Shift Cryptosecurity. It’s being rebranded to just BitBox and then later to BitBox01 since the introduction of the 02 version and it is very small and portable. The App is on GitHub and runs natively on macOS, Linux and Windows.
I bought it and was always very happy about it, maybe I’ll do another blog post about the BitBox01 in the future but I really like it.
Here are the first and most obivous differences that I came across with the BitBox02:
When plugging the device into the computer and opening the App, you don’t entry a password via your computer keyboard, but using ‘invisible sliders’ on the edges of the wallet. It’s a very unique input method that I haven’t encountered yet anywhere else and it works fairly nicely. In my experience, especially as a touch typer, entering via keyboard is a lot faster than touching and sliding around that little device’s sides (even though it’s fun! LOL). My password on the 01 is also a lot longer, because I can type 20 character passwords in around 3 seconds on my keyboard while it takes at least 10 seconds to enter your password on the BitBox02. Plus it’s shorter. ‘What a step backwards!’, I thought at first. But you must keep in mind that in case of the BitBox01, if someone steals it, he can easily perform brute-force attacks by spamming it with inputs from the computer which is simply not possible on the 02. I’m confident to say that brute-force password attacks are infeasible on the BitBox02 which is actually a huge step forward. It also eliminates the risk of a keylogger recording your password and using it later on to transfer money without you noticing it.
With the BitBox01 you either don’t validate the recipient’s address before confirming a transaction via button-press (not recommended!) or you use the iOS / Android companion App. I didn’t have too many issues in the beginning but lately it wouldn’t connect properly and it’s kind of awkward using 3 devices ‘just to send some money’. As a programmer, I fully understand it’s not easy building a system of a microcontroller connected to a PC via USB and a phone App connected wirelessly and having them all communicate perfectly and securely. But to a less tech-savvy person, a bug that just prevents a transaction from being made can and will be a major frustration. The BitBox02 solves this whole issue completely: It has a nice OLED display that shows all the information like recipient’s address and amount of money being transferred before you confirm it and have it sign the transaction. As Steve Jobs would say: “It just works!”. No bugs, no hassle with one more device and it really gives a peace of mind because you know that what you see on screen is what the wallet is about to sign.
Unlike the BitBox01, on the BitBox02 the SD card backup (implemented very nicely and seamlessly on both models!) is not encrypted with a password. I contacted Shift Cryptosecurity and they replied that there’s absolutely no hardware or software limitation, it was just a design decision by them. It may change in the future (e.g. an option to choose or not to choose a password may be added) but for now they removed the password. Since the SD card backup is meant for long-time storage like in a safe (or multiple in various locations), it is definitely possible that for example you HODL and in 30 years you remember about Bitcoin but can’t find your BitBox anymore or just can’t remember such an old password, you just go find the SD in the safe and you’ll be fine. By the way, both models include a microSD card (SanDisk with the 02 and Transcend with the 01) in the box.
USB-C! The new BitBox02 has a USB-C connector unlike the USB-A on the older model. More and more devices (actually I think every modern motherboard) have it and it’s reversible which solves a problem that might otherwise arise with the inclusion of the screen. Don’t worry: A USB-C to USB-A adapter and a USB-C extension cable are also included in the box! This is especially practical if you don’t have USB-C on your front I/O or just want to have easier physical access to the BitBox.
General futher points
Unfortunately, the screen seems very prone to scratches, since it’s all in plastic and the front is glossy. Maybe a 2-part design made of a plastic back shell and a little glass plate on top would solve that. I also included this information in my feedback form. On the other hand, I would try to keep crypto wallets a bit safe anyway (e.g. from water and impacts). For the BitBox01, I designed and 3D-printed a case and will do something similar for the 02 as well.
The touch / slide / tap controls work very well and are fun to use! Just wanted to mention that again :)
Even though the 02 is a bit larger than the 01, the size has remained very compact and pocket-friendly.
The packaging is very well done and professional; you get everything that you might ever need in conjuction with the BitBox (except a computer 😉) and this time even some stickers! :) Instructions are also very clear and easy to follow. Just an overall easy-going and pleasant user experience from opening the box all the way to using the BitBox to transfer funds.
The BitBox02 firmware is open-source! Check it out on GitHub. The README also gives a bit of insight about how the firmware works and how it communicates with the PC.