BitBox01 (Digital Bitbox) Review 2022
- 1 First Impression
- 2 Set up Digital Bitbox
- 3 Handling
- 4 Compatibility
- 5 Security
The BitBox01 (aka Digital Bitbox) is a small, inconspicuous hardware wallet from Switzerland. It was co-founded by Douglas Bakkum and Bitcoin Core developer Jonas Schnelli.
The Digital Bitbox can be ordered via its own web shop for 59,00 € (click here to check the current price). You could choose from the credit card payment methods via Stripe and Bitcoin. For all customers outside Switzerland, FedEx’s Priority Express shipping method is offered. Although shipping is quite expensive at 28 dollars, the package was already there after two business days.
Digital Bitbox also has resellers around the world who resell hardware wallets on behalf. You will also find a reseller in your country.
Hardware Wallets should preferably be ordered directly from the manufacturer or official resellers.
Dubious shops or private sellers on platforms like ebay or amazon could manipulate the devices for their own purposes or trick the buyer. This way the thieves can steal all coins from your hardware wallet at a later date. Unfortunately there have been such cases in the past
Packaging and contents
If you open the shipping envelope, you will find a small cardboard box packed in a protective film. In addition to the box, there is also a small card with information on the EU and FFC declaration of conformity and the guarantee.
After opening the protective film, one holds a cardboard box in your hand, which is simply printed with the Digital Bitbox logo and still contains some legal notices on the back.
Finally, if you open the box, you can see on the left the Digital Bitbox in the form of a USB stick and a micro-SD card on the right .
There is no guidance or other accessories to just see the clue on the lid to go to the page www.digitalbitbox.com/start/ . Because here you are guided through the institution step by step.
The Digital Bitbox Hardware hardware wallet is pleasantly small with 45x15x5mm and weighs only a few grams. In the process, she engraved the Digital Bitbox logo on the back and a small hole on the opposite side to attach a ring to it.
The back end of the front is somewhat flattened. Here behind is an LED and the Touch button to accept or reject actions later.
The case is filled with resin and made from the same material as gun-proof glass. This makes hardware wallet robust, which is why it can be worn on a keychain without any problems.
The SD Card
The SD card is a Micro SDHC Class 4 by SanDisk with a size of 4GB. This is included in the price of hardware wallet and it is intended for the backup of the Recovery Seeds.
First Impression: Conclusion
The first impression is already very positive. Ordering via the Bitbox webshop was fast and smooth-as did shipping via FedEx.
I like the simple packaging in the printed cardboard box very much and even without instructions you know directly how to proceed. The hardware wallet itself is inconspicuous and very robust. I particularly like the fact that no further cable is necessary as with comparable hardware wallets.
Unfortunately, however, I do not have an SD card adapter, which is a pity because hardly any device has a MicroSD card slot. For example, if you want to replace backup PDFs to restore a wallet or print a backup , you need to be able to read the data of the card directly.
For normal use, an adapter is not necessary, but an expression of the fuse in paper form is certainly interesting for many.
Set up Digital Bitbox
Never use a hardware wallet that is already set up. You must choose your own PIN code or password and perform the backup yourself. This is not given by anyone!
So I open www.digitalbitbox.com/start/ and start setting up the hardware wallet step by step.
Download desktop application
The first thing to do is download the desktop application. This test uses the Windows app, which can be launched after a short installation.
Configure Digital Bitbox
Now it’s a matter of configuring the hardware wallet . To do this, they are connected to the computer on which the software was previously installed. It is important to plug the SD card into the first set up. The backup of the wallet is stored on it.
If you forget the SD card, this is not a problem, because you can also plug it in after a hint, without which you have to start again from scratch.
The software reacts immediately after plugging in the small stick because no drivers are needed, and a name can now be set for the wallet and an device password.
Therefore, for each generated wallet, it is important to remember the current device password well or, if necessary, to write down it in handwriting. By clicking on “submit,” the wallet is created and a backup is stored on the SD card. This happens completely automatically and you don’t have to write down data yourself in handwriting! In addition to the hardware Random Number Generator, the extended private key is generated by random elements from the password as well as by randomly placed bytes during the installation of factory settings.
Those who do not trust the random generation of the hardware wallet can also generate their own keys through self-selected data and load the Digital Bitbox onto via the SD card.
Keep backup safe
The backup in the form of a BIP32 master extended private key, additionally backed by the password used at the time of initialization, is now offline on the SD map. It does not use the familiar 12 or 24 words Backup Seed as you know it from Trezor or Ledger, for example.
Your recovery seed is the backup key to all your crypto currencies and applications. The recovery seed (backup) can only be displayed once. Never make a digital copy of it and never upload it online. Keep the recovery seed in a safe place, in the best case also safe from fire and water. Special backup products such as Cryptosteel Capsule or Billfodl are suitable for this.
No one but yourself can be held liable for financial losses caused by improper handling of sensitive data.
Once set up, you should keep the SD card separate from the device for security reasons and plug it in only to manage the wallets.
If you don’t want to rely on the durability of your SD card, you also have the option of printing out a paper fuse. To do this, you can read out the Micro SD card or connect it directly to the printer. In the subfolder/digitalbitbox/there are .pdf files of all the wallets created so far. This can be printed out and, if necessary, can even directly record the device password used at the time of wallet generation.
One should be aware at this point that connecting the SD card to a computer or printer always carries some risk, since securing the wallet could be visible to attackers, for example by logging the printouts together or the like.
Now the wallet is ready for use.
The basic setup of the hardware wallet was easy and understandable and done in a matter of minutes.
It is also as fast as no other hardware wallet, as the backup is automatically written directly to the SD card.
So now that the wallet has been finalized, a close look is taken at various functions of the hardware wallet and the client.
In order to carry out a transaction with the Digital Bitbox yourself, you first have to receive coins.
To do this, you can navigate to the “Receive” tab and send some Bitcoins to the name of the address. After a short time, according to the “Available Balance” indicator, you have an account balance of 0.001 BTC.
To send the received bitcoins again, you navigate the “Send” tab.
Now a recipient can be given address, the number of bitcoins to be shipped and the amount of fees. Via the “Create Transaction” button, the transaction is sent to the hardware wallet for verification.
Now the LED of the hardware wallet starts flashing and you have 30 seconds to cancel or accept the transaction. To accept, the Touch button must be pressed for more than 3 seconds and the transaction is sent to the network.
Since the Digital Bitbox does not have a display, the standard configuration requires the fact that the correct transaction has actually been verified and that it has not been tampered with. Later, the possibility of smart verification and two-factor authentication, in which the smartphone comes into play as a display, is described.
The Digital Bitbox Wallet offers the following other features.
Unlike other hardware wallets, the Digital Bitbox allows you to secure your current wallet at any time and as often as you want. In addition, you can switch between different wallets with one click, because all the necessary recovery information (apart from the password) is stored on the SD card.
So you don’t have to type in a recovery seed, as you know it from Ledger or Trezor, for example, but the Digital Bitbox process is no less secure because all information is also offline but stored digitally.
So to manage your wallets, you have to click the “Manage Backups” button with the SD card. Here you can switch between individual wallets with the Restore button or reset a self-generated wallet, for example to select the two-factor authentication that you previously imported manually. With the “Verify” button, you can test a selected backup to see if it actually represents a backup of the current wallet.
Change devices password
You can also change your device password at any time with the options. To do this, select the “Change Password” button.
Again, the hint appears that a changed password does not change the backup password of old backups. This password is always the one that has just been used in wallet initialization.
Now you enter the old password and the new password, which must consist of at least four characters. This action must also be confirmed via the Touch button. This password is now the backup password of all future wallets.
Generate new wallet
These “Create new Wallet” options allow you to generate a new wallet at any time.
To do this, you set a name for the wallet. As a backup password, the current device password is automatically used. Again, you have to confirm this action directly via the Touch button. Here is the hint that the current wallet is being overwritten because the hardware wallet can only manage one seed in the configuration at a time. Therefore, you should check beforehand whether there is a working backup of the previous wallet if you want to switch back to it.
In the meantime, if you have not plugged in an SD card, you will get the hint that the backup could not be created. In this case, however, you can easily use the “Manage Backups” function to manually create one once the SD card is plugged back in.
Perform firmware upgrade
At the time of the test, the version 2.1.1 is up-to-date, which can also be seen on the options tab at the bottom right of the corner.
The current firmware version is available in the online download directory of Digital Bitbox. The current version is downloaded and then clicks “Upgrade Firmware” in the Digital Bitbox software. Here you first select the downloaded .bin file.
Then you confirm the action and then have to disconnect the hardware wallet from the USB slot and reconnect it. Now you have a few seconds to type the Touch button briefly so that the upgrade can start.
After a short time, the upgrade is ready and you need to reconnect the Digital Bitbox to complete the process. This time, however, you shouldn’t press the Touch button, otherwise you’ll get into boot loader mode.
So now you can type in your password as usual. After logging in, however, you have to confirm an action via the Touch button again in order to prevent unintended upgrades in the future.
List addresses and generate public key
The generated addresses are based on the standard BIP44. If you are more familiar with this, you will certainly be happy about this option.
The “List Addresses” option can be used to generate addresses using self-selected parameters. This is interesting, for example, if you want to transfer bitcoins to a second account of the same wallet.
Or if you want to generate the extended public key for your entire account, for example, to monitor your account balance with an app.
Resent to factory settings
If you want to reset your device to factory settings, for example, to disable two-factor authentication, you will also find an option in the settings.
After resetting, you set up the wallet again as the first time. You can then use the “Manage Backups” feature to restore old backups because they won’t be deleted during resets.
Digital Bitbox provides a small Java tool that offers additional and non-everyday functions. You can either download this from GitHub and run it offline locally, or trust the corresponding “Backup Center ” page on the official homepage and run the same tool online there.
Restoring a wallet
If you lose their Digital Bitbox or can no longer use it due to a defect, you can use this tool to restore their wallets generated with Digital Bitbox with the help of the backups.
To do this, the form first includes the backup of the wallet, which is located on the SD card or the printed .pdf file. After typing in your device password used at the time of initialization of the wallet, you can use the “Generate” button to generate the BIP32 extended master private key as well as a special Electrum Recovery Key.
With the help of these keys, you can restore your HD wallet with any compatible software, so that you have access to all the child keys with your new software, online or hardware wallet . Of course, you can also simply plug the SD card into a new already set up Digital Bitbox to restore it. Via the options rider in the Digital Bitbox software via the “Mange Backups” button, you can now switch to the backup of your previous wallet.
Generate a random wallet yourself
If you don’t trust the random generation of your private key by the hardware wallet , you can also generate a wallet yourself via this open source Java program.
To do this, you enter random data into the first text box and then click on the Generate button. At the end of the form, you now set a name for this wallet (no blank and special characters) and click on “Export PDF.”
This .pdf file is now copied to the Micro SD card in the subfolder/digitalbitbox/to the other backups.
Via the options rider in the Digital Bitbox software via the “Mange Backups” button, you can now switch to this self-generated wallet by clicking the Restore button.
In the following window you are asked for a password. Since none was specified when it was generated, one is now chosen. Part of the BIP39 protocol is that each password opens a valid but different wallet. So as long as you use the same thing with each recovery, you can access the same bitcoins.
FIDO Universal 2nd Factor Device
With the firmware version 2.1.1, the Digital Bitbox is also an official FIDO security key to use as a second factor, for example with Dropbox or Google.
To do this, you register the Digital Bitbox with the corresponding service, in my example with Google.
If you sign up next time, you have to connect the Digital Bitbox and tap once in addition to your username and password.
The Digital Bitbox can be a member of a Copay multi-signature wallet for each wallet generated.
To do this, download the Copay Client and create a Multisignature HD Wallet without registering. You can now share this wallet with other copayers or with a digital bitbox.
If you now want to send Bitcoins from this wallet, depending on the settings set, several participants of the transaction must agree to it.
A box with all the necessary information will appear in the Digital Bitbox. Now you have 24 hours to agree to the transaction. As usual, you have to verify the transaction using the Touch button of the hardware wallet .
With the Digital Bitbox itself, you can’t make transactions through the Multisig Wallet, you can only agree or reject them. Even if the multi-signature wallet exists next to the actual wallet, it is co-secured via the same backup.
I like the fact that the software was written directly for the corresponding operating system and you don’t rely on a special browser, for example.
The basic “send” and “receive” functions of Bitcoins are easy to use and performed quickly. Confirmation via the touch button on the device itself is always reliable. However, I miss here (still) basic things like the amounts used directly into a “conventional” currency such as euros or select all existing coins in a transaction. However, these features are already being worked on, as Douglas Bakkum told me.
There are also many useful options, such as the ability to manage multiple wallets simultaneously with a hardware wallet and quickly switch between them, only with the help of the wallet password. In addition, you can use the BIP44 protocol to generate addresses or use the Digital Bitbox as a participant in a multi-signature wallet via copay. I also really like the opportunity to use the Digital Bitbox as a universal second factor (U2F).
The Digital Bitbox supports Bitcoin and since version 2.2.2 the crypto currency Ethereum (ETH, ETC, and ERC20 tokens).
For this purpose , the software MyEtherWallet is used and not your own client. In this case, this is only needed for the setup or just to manage its Bitcoins. For more information on how to use Ethereum through the Digital Bitbox, please visit the official website.
The Digital Bitbox is compatible with all popular operating systems:
Only the Windows Client was tested.
For mobile operating systems, there is an official Smart Verification and two-factor authentication app. However, in order to perform an action, there must always be a client installation under the above operating systems. An independent mobile use on the smartphone via an OTG adapter is therefore not possible.
The Digital Bitbox is also compatible with other services and wallets:
- Tail OS
Digital Bitbox started out as a pure Bitcoin hardware wallet, but now also supports Ethereum and more cryptocurrencies are likely to follow. Support for the Tor network, multi wallets via Copay or use as a universal second factor are other great features.
The only negative point is that the hardware wallet cannot be used mobile until now.
The final section of the test addresses the security features offered by the Digital Bitbox.
The Swiss-based Digital Bitbox advertises itself as a “Swiss hardware wallet and is therefore supposed to stand for quality and privacy without back doors, according to its own statements.
In principle, as with any hardware wallet , the keys are generated offline by the device, making them dependent on the hardware used.
To do this, Digital Bitboxindicates that all cryptography is done on the microcontroller and this code is completely open source. However, the Random Number Generator of the ATAES132A used is a black box. But you can bypass this by generating a wallet with your own random data via the backup tool.
In terms of privacy, Digital Bitbox Tor and Tails OS offers compatibility.
The device is protected with a password, as is any backup.
If the device password is incorrectly entered 15 times, the device will be reset. This prevents brute-force attacks.
If you are forced to give out the recovery password of a wallet, you can simply call it a wrong one. Because each password generates its own working wallet, to which you can also transfer coins.
The current device password can also be protected by a hidden wallet .
Smart Verification and Two-Factor Authentication
You can use a smartphone as a large screen for securely verifying transactions and addresses created by the digital Bitbox. This prevents man-in-the-middle attacks on computers that have been completely compromised and may have been manipulated to display addresses.
As an option, you can also use the mobile phone as a second authentication device.
To set this up, you first need to download the corresponding app from the App Store. The links can be found on the Digital Bitboxwebsite.
Now open the app and follow the instructions.
The pairing is started by scanning a QR code that is issued by the client software.
Additional safety when pairing is guaranteed by the transmitting information about the LED. This includes simply as long as you want the flashing of the LED and then confirms the action with a one-time click on the touch button.
If the pairing was successful, an encrypted connection has been established between hardware wallet and smartphone. This means, to put it simply, the smartphone is now the hardware wallet screen.
Smart Verification allows you to verify information displayed in the software via the smartphone display.
If the smartphone has an internet connection, click on the “Verify Address Securely” button at the recipient address. If both addresses match, you can be sure that it is a correct address.
When you send it, the information is automatically sent to the smartphone. You can also learn more about the transaction, such as outputs, inputs, and hashes to sign, through the Button details.
Two-factor authentication (2FA)
In addition to smart verification, two-factor authentication can be activated. This means that you always need your paired smartphone to confirm to spend bitcoins.
To activate 2FA, click “Enable Full 2FA” in the options. Since 2FA disables the SD card slot, it is important that the smartphone is already connected to the hardware wallet and that there are backups of all wallets. If you are aware of this, you can continue with “Yes.”
The action must be confirmed by pressing the touch button. The Digital Bitbox is then in a closed state until it is reset to the factory settings , which is why not all functions are available.
If you are now making a transaction, it must also be released via the smartphone before confirming it via the Touch button as usual.
This means that no transaction can be carried out without a paired smartphone with an internet connection. If you delete the app or lose your mobile phone, you have to reset the Digital Bitbox to factory settings and restore your wallet from the backup.
If you are forced to issue your current device password, a hidden wallet can be helpful. Instead of your real password, you then issue a different, predetermined password, which opens a second wallet.
To set up a hidden wallet, go to Expert Settings > Hidden Wallet Password in the options and set the second password. As always, the action must be confirmed with the Touch button. If you reconnect the device and enter the hidden password, you won’t get a mistake, but a normal wallet opens. As with a two-factor authentication wallet , this is in a locked state so you can’t see backups.
Via the “Receive” tab, you can transfer money to this hidden wallet as usual.
The confirmation of an action on the hardware wallet itself is done with a simple touch of the button. Since the hardware wallet itself does not have a display, a lot of security is lost in this standard mode: Without activated smart verification or two-factor authentication, you cannot determine whether the transaction has been tampered with and not a Very different transaction on the device.
On a positive note, the smartphone as a “hardware wallet display” offers much more presentation possibilities: So you can already see all the essential information for a pending transaction at a glance, which is on a small Display, as with the Ledger Nano S, for example, is not possible. If you think further ahead, verifying entire documents, for example, is not a problem. And since you usually almost always carry your smartphone with you anyway, this approach to a large and expensive device like the Ledger Bluewith an integrated display is certainly more interesting for many.
On the other hand, the password required to restore a wallet is always typed using a normal keyboard. This allows this to end up in the wrong hands by infesting computers. While access to the recovery files on the SD map is still necessary, this poses some risk.
On the positive side, the Digital Bitbox is completely open source and even offers the possibility to bypass the random generation of the wallets by the Digital Bitbox and to generate one yourself on the basis of its own random data.
By betting on different accounts based on the same seed on simply switching between different wallets, a compromise of a wallet does not affect all accounts.
Anyone who uses their Digital Bitbox in conjunction with Smart Verification at least and keeps their SD card in a safe place with the backups is, in my opinion, very well protected with the Digital Bitbox.
FAQ 7Ask your own question
That is not a problem. You can restore your accounts to a new hardware wallet using the recovery key you wrote down when you set it up.
Use the principle of plausible deniability. When you activate the optional passphrase function, you will be prompted for a passphrase after entering the BitBox password. This option can be used to derive different wallets. This means each passphrase opens a different wallet.
Warning! Coins deposited on a wallet derived from a passphrase can only be restored from the backup if the passphrase option is enabled and the same passphrase text is entered. This is an advanced feature for experts.
Most wallets support more than just one cryptocurrency, but only generate one backup. Nevertheless, this one backup is sufficient to restore all cryptocurrencies as all private keys of the different wallets result from the seed that is backed up as a backup during setup.
Hardware Wallets such as the Ledger Nano X, TREZOR Model T, BitBox02 or KeepKey all work according to the same principle. They are a special form of a so-called wallet, which is used to manage cryptocurrencies. A hardware wallet is a physical device that securely and inisolationly generates the private keys to the cryptocurrencies. Due to the extra hardware, they have some advantages over software wallets:
- Private keys are often stored in a protected area of a microcontroller and cannot be transferred out of the device in clear text.
- Hardware wallets are immune to computer viruses that steal from software wallets.
- They can be used securely and interactively, private keys never need to come into contact with potentially vulnerable software.
- The software is in most cases open source, so that the user or professionals can validate the entire operation of the device.
However, it is important to understand that hardware wallets are an attractive target for attackers and depend on several assumptions to maintain security. They are not a miracle weapon, and there are several realistic ways to hack a hardware wallet Especially if someone has physical access to the device.
A new cryptocurrency is rarely supported directly by a hardware wallet at the beginning. However, most providers such as Ledger or TREZOR are constantly working to support new cryptocurrencies. Therefore, it is often worth waiting until the desired currency is supported by your hardware wallet.
Are my cryptocurrencies stored in the hardware wallet, or where exactly are they? This is a very good question because the answer defines what your wallet actually needs to protect.
Cryptocurrencies are so named because they are secured by cryptography. For this you need a set of digital keys, for example your (very secret) private key. With this key you can encrypt and digitally sign things.
Let’s take Bitcoin as an example (other cryptocurrencies work in a similar way). The entire Bitcoin network is kept up to date by a common data structure called the blockchain. It contains records of all transactions ever made and is publicly accessible online, so anyone can read it. When you receive some bitcoins, say 0.1 BTC, you see them in your bitcoin wallet, listed under a bitcoin address.
At the same time, the bitcoins are not actually stored in the wallet, they are just an entry in the public blockchain. What the wallet stores is your secret private key that belongs to that address. Since you control that private key, you can spend those Bitcoins again: that’s how “Bitcoin ownership” is defined. Anyone can see these bitcoins, but only you can spend it, so they are yours. But that also means that *anyone* with the right private key can spend those bitcoins. Therefore, it is very important to keep this key secret.
What stops the manufacturer of your hardware from using a backdoor and simply stealing your cryptocurrencies? How much do you have to trust hardware wallet manufacturers?
While a completely “trustless” solution is probably not possible, manufacturers are doing everything they can to minimize the need to trust them.
Most of the software code of many hardware wallet manufacturers is open source, i.e. publicly available. Anyone can check how the device works and how secrets are handled. Of course, not everyone has the ability to review code: that’s why independent researchers are often encouraged to analyze, and are often rewarded by bug bounty programs when they find something. This does not limit their ability to publish a full independent report without permission.
The essentials to go: A wallet manages your secret private keys and requires full access to them. You can and should demand full transparency about how a wallet works and ensure that independent public audits are encouraged.
Ask your question about the product. The question will be published here together with the answer after a few days. You will be notified by e-mail.
|Compatibility||Copay, Electrum, MyEtherWallet, FIDO/U2F, Tor, Tail OS|
|Cryptocurrencies||Bitcoin, Bitcoin Cash, Litecoin, Ethereum, Ethereum Classic, ERC-20 Tokens|
|Input Options||Touch Button|
|Platform||Windows, Linux, Mac|
|FIDO U2F Authenticator|
User Reviews 2