Digital Bitbox Review 2018
Table of Contents
- 1 First impression
- 2 The SD Card
- 3 Setting up the Digital Bitbox
- 4 Handling
- 5 Compatibility
- 6 Security
The Digital Bitbox is a small, inconspicuous hardware wallet from Switzerland. It was created by Douglas Bakkum and Bitcoin Core developer Jonas Schnelli.
The Digital Bitbox can be ordered from the manufacturer via their own webshop for 59,00 € (click here to check the current price). The payment methods credit card via Stripe and Bitcoin were available. For all customers outside Switzerland, FedEx offers the Priority Express shipping method. The shipment is quite expensive with 28 dollars, but the package was already there after two working days.
Digital Bitbox also has resellers all over the world who resell hardware wallets on behalf of Digital Bitbox.
Hardware wallets should preferably be ordered directly from the manufacturer or official resellers.
Dubious shops or private sellers on platforms such as ebay or amazon could manipulate the devices for their purposes or trick the buyer. This way the thieves can steal all coins from your hardware wallet at a later time. Unfortunately, there have been such cases in the past.
Packaging and contents
When you open the envelope, you will find a small box packed in a protective film. Next to the box there is a small card with information about the EU and FFC declaration of conformity and the guarantee.
After opening the protective film you hold a cardboard box in your hand, which is simply printed with the Digital Bitbox logo and still contains some legal information on the back.
Finally, when you open the box, you see the Digital Bitbox in the form of a USB stick and a Micro-SD card on the right side.
There are no instructions or other accessories, only the note on the cover to call up the page www.digitalbitbox.com/start/. Because here you are guided step by step through the facility.
The Digital Bitbox Hardware Wallet is pleasantly small (45x15x5mm) and weighs only a few grams. It has the Digital Bitbox logo engraved on the back and a small hole on the opposite side to attach a ring.
The back end of the front is slightly flattened. Behind this is an LED and the touch button for later accepting or rejecting actions.
The housing is filled with synthetic resin and made of the same material as bullet-proof glass. This makes Hardware Wallet very robust, which makes it easy to carry on a keychain.
The SD Card
The SD card is a Micro SDHC Class 4 from SanDisk with a size of 4GB. This is included in the price of the Hardware Wallet and it is intended for the backup of the Recovery Seed.
First impression: Conclusion
The first impression is already very positive. Ordering via the Bitbox Webshop was fast and smooth – just like shipping via FedEx.
I like the simple packaging in printed cardboard very much and even without instructions you know directly from the note in the lid how to proceed. The Hardware Wallet itself is inconspicuous and very robust. I particularly like the fact that no additional cable is required as with comparable hardware wallets.
Unfortunately I lack an SD card adapter, which is a pity, because hardly any device has a MicroSD card slot. To exchange backup PDFs, for example to restore a wallet or print a backup, it must be possible to read the data from the card directly.
For a normal use an adapter is not necessary, but a printout of the fuse in paper form is certainly interesting for many.
Setting up the Digital Bitbox
Never use a hardware wallet that is already set up. You must choose your own PIN code and write down the backup yourself. This is not given by anyone!
So I go to www.digitalbitbox.com/start/ and start setting up the Hardware Wallet step by step.
Download Desktop Application
The first step is to download the desktop application. This test uses the Windows App, which can be started after a short installation.
Configure Digital Bitbox
Now we have to configure the Hardware Wallet. To do this, connect it to the computer on which the software was previously installed. It is important to insert the SD card the first time you set it up. This is where the backup of the Wallet is stored.
But if you forget the SD card this is no problem, because you can also insert it after a hint without having to start again from the beginning.
The software reacts immediately after inserting the small stick, since no drivers are required, and a name for the wallet and a device password can now be specified.
Therefore, for each generated wallet, the current device password should be remembered or, if necessary, noted down in handwriting. With a click on “submit” the wallet is created and a backup is saved on the SD card. This is completely automatic and you don’t have to write down your own data! The extended private key is generated by random elements from the password as well as by random bytes during the installation of the factory settings.
If you don’t trust the random generation of the hardware wallet, you can also generate your own keys using data of your choice and load them onto the digital bitbox via the SD card.
Safeguard your backup
The backup in the form of a BIP32 master extended private key, additionally secured by the password used at the time of initialization, is now offline on the SD card. It does not use the familiar 12 or 24 word backup seed as known from Trezor or Ledger, for example.
Your recovery seed is the backup key to all your cryptocurrencies and applications. The recovery seed (backup) can only be displayed once. Never make a digital copy of the recovery seed and never upload it online. Keep the recovery seed in a safe place, ideally safe from fire and water, for example with Billfodl.
Nobody but yourself can be held liable for financial losses caused by improper handling of sensitive data.
After setup, the SD card should be kept separate from the device for security reasons and inserted only to manage the wallets.
If you don’t want to rely on the durability of your SD card, you can also print out a paper backup. To do this, read out the Micro SD card or connect it directly to the printer. The subfolder /digitalbitbox/ contains.pdf files of all wallets created so far. These can be printed out and, if necessary, the device password used at the time of wallet generation can even be noted down directly.
At this point you should be aware that connecting the SD card to a computer or printer always carries a certain risk, since the wallet backup could be visible to attackers, for example by logging the printouts or similar.
Now the wallet is ready for use.
The basic setup of the Hardware Wallet was easy and understandable and completed in a few minutes.
It is also faster than any other hardware wallet, as the backup is automatically written directly to the SD card.
Now that the wallet has been set up, a closer look at various functions of the hardware wallet and the client is taken.
To perform a transaction with the Digital Bitbox yourself, you must first receive coins.
To do this, navigate to the “Receive” tab and send some bitcoins to the address that appears. After a short time you have an account balance of 0.001 BTC according to the “Available Balance” display.
To send the received bitcoins again, navigate to the “Send” tab.
Now you can specify a recipient address, the number of bitcoins to be sent and the amount of the charges. Click on the “Create Transaction” button to send the transaction to the Hardware Wallet for verification.
Now the LED of the Hardware Wallet starts flashing and you have 30 seconds to cancel or accept the transaction. To accept the transaction, press the touch button for more than 3 seconds and the transaction will be sent to the network.
Since the digital bitbox does not have a display, you have to trust with the standard configuration that the correct transaction has actually been verified and not manipulated. Later, the possibility of smart verification and two-factor authentication, in which the smartphone comes into play as a display, is described.
The Digital Bitbox Wallet offers the following additional functions.
Unlike other hardware wallets, with the Digital Bitbox you can back up your current wallet at any time and as often as you like. In addition, you can switch between different wallets with one click, as all necessary recovery information (except the password) is stored on the SD card.
So you don’t have to type in a recovery seed as you know it from Ledger or Trezor, but the digital bitbox is no less secure because all information is also stored offline, but digitally.
To manage your wallets, you have to click the “Manage Backups” button with the SD card inserted. Here you can use the restore button to switch between individual wallets or select a self-generated wallet that you have previously imported manually. With the “Verify” button you can test a selected backup to see if it actually represents a backup of the current wallet.
Change device password
You can also change your device password at any time using the options. To do this, select the “Change Password” button.
Here, too, the message appears that a changed password does not change the backup password of old backups. This password is always the one that was used during wallet initialization.
Now enter the old and the new password, which must consist of at least four characters. This action must also be confirmed again using the touch button. This password is now the backup password of all future wallets.
Generate new wallet
With these options “Create new Wallet” you can generate a new Wallet at any time.
To do this, a name is specified for the wallet. The current device password is automatically used as the backup password. This action must also be confirmed directly via the touch button. The note that the current Wallet is overwritten because the Hardware Wallet can only manage one Seed in the configuration at a time. Therefore you should check beforehand whether there is a working backup of the previous wallet if you want to switch back to it.
If you have not inserted an SD card during this time, you will be notified that the backup could not be created. In this case, however, you can easily create one manually using the “Manage Backups” function as soon as the SD card is inserted again.
Perform firmware upgrade
At the time of the test, version 2.1.1 is up to date, which can also be seen on the Options tab in the lower right corner.
The current firmware version is available in the online download directory of Digital Bitbox. Download the latest version and click on “Upgrade Firmware” in the Digital Bitbox software. First select the downloaded.bin file.
Then confirm the action and disconnect and reconnect the Hardware Wallet from the USB slot once. Now you have a few seconds to press the touch button briefly so that the upgrade can start.
After a short time the upgrade is finished and you have to reconnect the Digital Bitbox to complete the process. This time, however, you should not press the touch button, otherwise you will enter bootloader mode.
Now you can enter your password as usual. After logging in, however, you have to confirm another action using the touch button to prevent unintentional upgrades in the future.
List addresses and generate public keys
The generated addresses are based on the BIP44 standard, so if you know more about it, you will be happy about this option.
The “List Addresses” option can be used to generate addresses using parameters of your choice. This is interesting for example if you want to transfer bitcoins to a second account of the same wallet.
Or if you want to generate the extended public key for your entire account, for example to monitor your account balance with an app.
Reset to factory settings
If you want to reset your device to the factory settings, for example to deactivate two-factor authentication, you will also find an option in the settings.
After resetting, the wallet is set up again in the same way as the first time. Afterwards you can use the “Manage Backups” function to restore old backups, since they are not deleted during the reset.
Digital Bitbox provides a small Java tool, which offers additional and not everyday functions. You can either download it from GitHub and run it offline locally, or you can trust the corresponding “Backup Center” page on the official homepage and run the same tool there online.
Restoring a Wallet
If you lose your Digital Bitbox or can no longer use it due to a defect, you can use this tool to restore the wallets generated with Digital Bitbox with the help of the backups.
To do this, first enter the wallet backup in the form, which can be found on the SD card or the printed.pdf file. After you have also entered your device password used at the time of initializing the wallet, you can generate the BIP32 extended master private key as well as a special Electrum Recovery Key via the “Generate” button.
With the help of these keys you can restore your HD Wallet with any compatible software, so that you have access to all Child Keys with your new software, online or hardware wallet. Of course you can also simply insert the SD card into a new digital bitbox to restore it. Via the Options tab in the Digital Bitbox software via the “Mange Backups” button you can now switch to the backup of your previous wallet.
Generate a random wallet yourself
If you don’t trust the random generation of your private key by the hardware wallet, you can also generate a wallet yourself using this open source Java program.
To do this, enter random data in the first text field and then click on the Generate button. At the end of the form you now define a name for this wallet (no spaces or special characters) and click on “Export PDF”.
Copy this.pdf file to the Micro SD card in the subfolder /digitalbitbox/ to the other backups.
Using the Options tab in the Digital Bitbox software via the “Mange Backups” button, you can now switch to this self-generated wallet by clicking the Restore button.
In the following window you will be asked for a password. Since none was specified during generation, one is now selected. Part of the BIP39 protocol is that each password opens a valid but different wallet. So as long as you use the same thing every time you restore, you can access the same bitcoins.
FIDO Universal 2nd Factor Device
With firmware version 2.1.1, the Digital Bitbox is also an official FIDO security key for use as a second factor, for example with Dropbox or Google.
To do this, register the digital bitbox with the corresponding service, in my example with Google.
Next time you log in, you have to connect the Digital Bitbox in addition to your user name and password and touch it once.
The Digital Bitbox can be a member of a Copay Multisignature Wallet for each generated Wallet.
To do this, download the Copay Client and create a multi-signature HD Wallet without registration. This wallet can now be shared with other copayers or with a digital bitbox.
If you now want to send bitcoins from this wallet, several participants must agree to the transaction, depending on the settings set.
A box with all necessary information then appears in the digital bitbox. Now you have 24 hours to approve the transaction. To do this, the transaction must be verified as usual using the touch button on the hardware wallet.
With the Digital Bitbox itself you cannot make any transactions via the Multisig Wallet, but only agree or reject them. Even if the Multisignature Wallet exists alongside the actual Wallet, it is also backed up via the same backup.
I like the fact that the software was written directly for the corresponding operating system and that you don’t need a special browser, for example.
The basic functions “Send” and “Receive” of bitcoins are easy to use and fast. Confirmation via the touch button on the device itself is always reliable. However, I miss here (still) basic things like converting the amounts used directly into a “conventional” currency such as euros or selecting all available coins in a transaction. However, Douglas Bakkum told me that these features are already being worked on.
Many useful options are also offered, such as the possibility of managing several wallets simultaneously with one hardware wallet and switching quickly between them, only with the help of the wallet password. You can also generate addresses yourself using the BIP44 protocol or use the Digital Bitbox as a participant in a multi-signature wallet via Copay. I also like the possibility of using the Digital Bitbox as a universal second factor (U2F).
The Digital Bitbox supports Bitcoin and since version 2.2.2 the crypto currency Ethereum (ETH, ETC, and ERC20 tokens).
For this the software MyEtherWallet is used and not the own client. In this case it is only needed for the setup or just to manage its bitcoins. For more information on using Ethereum via the Digital Bitbox, please visit the official website.
The Digital Bitbox is compatible with all common operating systems:
Only the Windows client has been tested.
For mobile operating systems there is an official app for smart verification and two-factor authentication. To perform an action, however, a client installation must always exist under the operating systems mentioned above. Independent mobile use on a smartphone via an OTG adapter is therefore not possible.
The Digital Bitbox is also compatible with other services and wallets:
Digital Bitbox started as a pure Bitcoin Hardware Wallet, but now also supports Ethereum and more crypto currencies will follow. Support for the Tor network, multi-wallets via Copay or the use as a universal second factor are other great features.
The only negative aspect is that the Hardware Wallet is not yet mobile to use.
In the last section of the test, the safety functions offered by the Digital Bitbox are discussed.
The digital bitbox manufactured in Switzerland advertises itself as a “Swiss” hardware wallet and is therefore said to stand for quality and privacy without back doors.
As with any hardware wallet, the keys are generated offline by the device, making you dependent on the hardware used.
Digital Bitbox indicates that all cryptography is performed on the microcontroller and this code is completely open source. However, the random number generator of the ATAES132A used is a BlackBox. But you can avoid this by generating a wallet with your own random data via the backup tool.
In terms of privacy, Digital Bitbox Tor and Tails offers OS compatibility.
The device is password protected, as is any backup.
If the device password is entered incorrectly 15 times, the device is reset. This prevents brute-force attacks.
If you are forced to give out the recovery password of a wallet, you can simply call it a false one. Because each password generates its own working wallet, to which you can also transfer coins.
The current device password can also be protected by a hidden wallet.
Smart Verification and Two-Factor Authentication
You can use a smartphone as a large screen for securely verifying transactions and addresses created by the digital bitbox. This prevents man-in-the-middle attacks on computers that have been completely compromised, possibly manipulating the display of addresses.
Optionally, the mobile phone can also be used as a second authentication device.
To set this up, you must first download the appropriate app from the App Store. The links can be found on the Digital Bitbox website.
Now open the app and follow the instructions.
Pairing is started by scanning a QR code issued by the client software.
Additional security during pairing is ensured by the transmitted information via the LED. You simply count as long as you want the LED to flash and then confirm the action by clicking the touch button once.
If the pairing was successful, an encrypted connection has been established between the hardware wallet and the smartphone. In simple terms, this means that the smartphone is now the hardware wallet screen.
With Smart Verification, information displayed in the software can be verified again on the smartphone display.
If the smartphone has an Internet connection, click on the “Verify Address Securely” button at the recipient address. If the two addresses match, you can be sure that the address is correct.
When sent, the information is automatically sent to the smartphone. Here you can also use the Details button to learn more about the transaction, such as outputs, inputs and hashes to sign.
Two-Factor Authentication (2FA)
In addition to Smart Verification, two-factor authentication can be activated. This means that you always need your paired smartphone to confirm the output of bitcoins.
To activate 2FA, click on “Enable Full 2FA” in the options. Since the SD card slot is deactivated by 2FA, it is important that the smartphone is already connected to the hardware wallet and backups of all wallets are available. If you are aware of this, you can continue with “Yes”.
The action must be confirmed by pressing the touch button. Afterwards, the Digital Bitbox is in a closed state until it is reset to the factory settings, which means that not all functions are available anymore.
If you now make a transaction, this must also be released via the smartphone before you confirm via the touch button as usual.
This means that no transaction can be performed without a paired smartphone with an Internet connection. If you delete the app or lose your mobile phone, you have to reset the Digital Bitbox to factory settings and restore your wallet from the backup.
If you are forced to give out your current device password, a hidden wallet can be helpful. Instead of a real password, a different, pre-defined password is issued, which opens a second wallet.
To set up a hidden wallet, go to Options > Expert Settings > Hidden Wallet Password and set the second password. As always, the action must be confirmed with the touch button. If you reconnect the device and enter the hidden password, you will not get an error but a normal wallet will open. Like a two-factor authentication wallet, this is in a locked state so that no backups can be viewed.
You can transfer money to this hidden wallet via the “Receive” tab as usual.
Confirming an action on the Hardware Wallet itself is done by simply touching the button. Since the Hardware Wallet itself has no display, a lot of security is lost in this standard mode: Because without activated Smart Verification or two-factor authentication you cannot determine whether the transaction was manipulated and not a completely different transaction on the device is verified.
On the positive side, the smartphone as a “Hardware Wallet Display” offers considerably more display options: You can already see all the important information for an upcoming transaction at a glance, which is not possible on a small display such as the Nano S ledger, for example. If one thinks even further ahead, the verification of entire documents, for example, is not a problem. And since you almost always carry your smartphone with you anyway, this approach is certainly more interesting than a large and expensive device like the Ledger Blue with integrated display.
On the other hand, the password required to recover a wallet is always entered using a normal keyboard. As a result, this can fall into the wrong hands due to infected computers. While access to the recovery files on the SD card is still necessary, this poses a certain risk.
On the positive side, the Digital Bitbox is completely open source and even offers the possibility to avoid the random generation of wallets by the Digital Bitbox and to generate one yourself on the basis of your own random data.
Because instead of switching between different accounts based on the same seed, a wallet compromise does not apply to all accounts.
If you use your Digital Bitbox at least in connection with Smart Verification and keep your SD card with the backups in a safe place, I think the Digital Bitbox is very well secured.
User Reviews 1
|Platform||Windows, Linux, Mac|
|Compatibility||Copay, Electrum, MyEtherWallet, FIDO/U2F, Tor, Tail OS|
|Input Options||Touch Button|
|Supported Coins||6 Coins|
|FIDO U2F Authenticator|
|Cryptocurrencies||Bitcoin, Bitcoin Cash, Litecoin, Ethereum, Ethereum Classic, ERC-20 Tokens|