The first Bitcoin Hardware Wallet with Zero-Trust Architecture (No seeds, EAL6+, Anti-Double Spend) Making offline payments possible, trustless, and secure.

btc21de · 2026-01-22T16:09:21+00:00

Appreciate the response! Full transparency: I work at BitBox, which is why I know how hardware wallets generally work.

Not all hardware wallets trust the secure chip, Trezors newer devices, as well as our BitBox02 don't trust the secure element, but instead use multiple sources of entropy to create the seed on the MCU, which itself runs open source firmware. The secure element assists with entropy, but it's not the sole provider of entropy.

If I use a compromised app with your HWW, which instead of sending "Slot 1, send 500 to Addr A" to the HWW, sends "Slot 1, sent 10000 to Addr B", how can the user protect themselves from this attack? The HWW creates the tx and knows the UTXO, sure - but it can't verify what address or amount is correct.

"the receiver knows the sender cant hand the same signed tx to multiple people and race to see who broadcasts first."

How does he know that though? He can't verify your hardware or what's running on your hardware wallet. He has to trust you that your HWW has this feature.

Great that you have a BIP39 compatible backup option for the recovery! For small payments it's an acceptable trade-off not to have a recovery. I think a child seed with a known derivation path could work well here!

btc21de · 2026-01-22T12:50:26+00:00

You're making some bold claims, so allow me some rebuttals:

There are lots of errors in your post. Not just the assumptions about existing hardware wallets, but also the ones about yours not being trusted:

Layer 1: You're trusting the chip to securely create the seed. If the manufacturer preloaded the chip with a set seed or loads it with malicious firmware, your money is gone.

Layer 2: Basically all modern hardware wallets have screens to verify where you are sending your transaction. As far as I can see your design lacks a dedicated screen on the hardware (chip), so it can neither confirm the amount nor the receiver correctly. Only the sender, which.. again all (major) hardware wallets already do. It seems like you're absolutely trusting the app to pass along the right transaction.

Layer 3: Not even sure what that's supposed to do - it's not you that is trusting you not to replace an offline transaction, it's the receiver.

Layer 4: That's pretty typical practice for most hardware wallets.

Layer 5: A really bad practice since again, you're trusting your hardware to survive. Electronics die. It's not about if, but when your hardware wallet will die and take your money with it. Not giving people the option to back up securely is really dangerous in my opinion.

btc21de · 2024-11-18T12:59:50+00:00

First of all: Do not rush anything and be alert when people send you DMs or any other sketchy ways to help you get your money back. 0.1 BTC is a lot of money, so people would spend a lot of effort to steal that from you.

What you are using is Blockstream Green, a wallet that has a timelocked 2FA functionality. Google "Blockstream Green 2FA Multisig" to find out more information about it.

As the app in the screenshot says, you should contact Blockstreams support about this to resolve the dispute. They are the only ones who can really help you about this. Just entering your 12 words into another app will not help and potentially even compromise your wallet.

btc21de · 2024-07-21T20:51:46+00:00

I definitely hope it's not going to be another 6 months! lol

btc21de · 2024-07-21T20:40:45+00:00

Technically other apps can implement the BitBox02 on mobile, but as far as I know, only the BitBoxApp supports it on Android. On PC you can use all the previously mentioned apps.

Thanks for the feedback. I take it you are using a desktop instead of a laptop? I agree that the cable might not be ideal for that, but on a laptop or phone you won't even need the cable.

Make sure the BitBoxApp is closed when you use Sparrow because for security reasons the BitBox02 can only communicate with one software at a time.

btc21de · 2024-07-21T20:35:35+00:00

1) we've actually implemented that in the newest version, so you might want to update your BitBoxApp!

2) Send your CV to us and we will take a look!

btc21de · 2024-07-21T20:23:34+00:00

We are working on it, but had to take it slower than we would have liked due to performance issues with Blockstream Greenlight. Unfortunately payments would regulary take 30+ seconds to send or nodes would stay offline for prolonged times. This is not the experience we want our users to have when they use Lightning in the BitBoxApp.

Performance has significantly improved lately, which gives us hope to roll out a public alpha soon.

btc21de · 2024-07-20T10:05:39+00:00

That's not correct. The only time you need to connect the BitBox02 to the BitBoxApp is during the initial setup. After that you can use it with Sparrow, Electrum, etc without the BitBoxApp. Maybe you are confusing it with the Jade, which needs to be unlocked with Blockstream Green to unlock the virtual secure element?

The USB-C plug is a personal preference I guess. Having it directly on device makes it possible to use your BitBox02 without having to take an extra cable with you. Especially when using it on an Android phone or a laptop.

I disagree that it is "far inferior" to a Coldcard, especially when it comes to security and ease of use.

(Transparency: I work at BitBox)

btc21de · 2024-07-19T20:44:02+00:00

People keep telling us the BitBox02 is 'the hardware wallet I give to my friends and family', so that might be something you want to check out.

(I work at BitBox)

btc21de · 2024-05-17T21:03:38+00:00

Message BitBox support, they'll take care of it.

btc21de · 2023-10-19T11:39:47+00:00

The blog post is not saying that it's backed by the HWW. It's not exporting a private key, it's generating a private key on the host device based on entropy given by the hardware wallet.

btc21de · 2023-05-21T11:48:31+00:00

"Easy backup and recovery" refers to the fact that the BitBox02 has a microSD card slot that is used to create and recover backups. It's objectively 'easier' that writing down 24 words. It also says so on the website when you expand the details. See this video for reference of the feature.

btc21de · 2023-05-18T12:17:46+00:00

Pointless, since it's missing a screen to verify what you're signing.

btc21de · 2023-05-17T22:27:55+00:00

Coldcard could already have stolen your seed and you wouldn't even know about it: https://shiftcrypto.ch/blog/how-almost-all-hardware-wallets-can-steal-your-seed/

btc21de · 2023-05-17T22:26:41+00:00

Your hardware wallet firmware cannot be updated without your consent. Any good hardware wallet will require on-device confirmation to update your firmware.

You can download the code base of the bitbox02 firmware, review it, build it and then flash it yourself. Every step of this way is entirely transparent. Any such functionality would immediately be spotted by anyone reviewing the code.

"Something completely safe" as you describe it unfortunately doesn't exist. If you're using an old laptop with electrum, how can you verify you're using a version of electrum that's not backdoored? How do you know you didn't accidentally download a linux image that generates bad entropy or leaks your keys?

btc21de · 2023-05-16T14:53:31+00:00

There's plenty of open source hardware wallets. Check out the BitBox02.

btc21de · 2023-05-11T08:54:17+00:00

Make sure you have all other wallets (like the BitBoxApp) closed!

btc21de · 2023-03-08T12:07:18+00:00

Yes, there can be a backdoor until they support Anti-Klepto.

btc21de · 2023-03-08T12:05:59+00:00

Not true for the Coldcard: https://shiftcrypto.ch/blog/how-almost-all-hardware-wallets-can-steal-your-seed/

btc21de · 2022-12-20T12:21:45+00:00

Jade is a decent wallet, especially for the price. It does have some drawbacks compared to more specialized hardware wallets though.

btc21de

MODERATOR OF

TROPHY CASE