The BitBox02 is an absolute powerhouse of a hardware wallet that enables a substantial increase in financial privacy for its users. Proudly Swiss made, it sits atop of every other wallet we’ve tested in every aspect besides its build materials.
Introducing The BitBox02 Hardware Wallet
The BitBox02 is made by BitBox (formally Shift Crypto) and comes in two versions, the BitBox02 Bitcoin-only edition and the BitBox02 Multi edition. While the hardware for each is identical, the Bitcoin only firmware is entirely dedicated to Bitcoin (with no support for other cryptocurrencies) with the Multi edition supporting other cryptocurrencies as well as Bitcoin.
The reasons for this is simple, with less code comes less attack surface area resulting in a more secure product. For those that solely focus on Bitcoin and never intend to buy or store other altcoins, the Bitcoin only edition is a great options to have. It’s one of only two hardware wallets that scores perfect marks in all our tests and has support for a ton of great features.
Note: BitBox the company used to be called Shift Crypto but has recently undergone a brand overhaul to help make it clearer to their customers where they come from (Switzerland) and what they do (make Hardware Wallets).
What’s In The Box?
- BitBox02 Hardware Wallet
- MicroSD Card
- USB-C To USB-A Adapter
- USB-C Extension Cable
- Rubber Pulls
- BitBox02 Stickers
Quick BitBox02 Review
Design & Hardware
The BitBox02 is small and extremely low key. Designed to intentionally not draw any attention, it’s built to look like any ordinary USB drive or card reader. Coming in at 54.5 x 25.4 x 9.6 mm (13 cm³) it’s also one of the smallest hardware wallets out there. The only two that are smaller are the Ledger Nano S Plus (9 cm³) and Trezor One (11 cm³).
Due to this covert nature our first impressions of it was somewhat underwhelming. It’s really just a small black plastic USB drive, complete with a USB type C male connector that enables you to conveniently plug it directly into either a computer or mobile phone.
The only other feature is the slightly embossed logos on the front and back.
There’s no physical buttons on it as it uses touch sensors hidden in the top / bottom edges. This also allows the device to switch which direction the screen is facing which can come in quite handy, especially when using with a mobile.
The 1.38″, 128 x 64 pixel OLED display is quite large given its small size and displays text clear enough. We would however prefer addresses and text in general to be displayed a bit bigger, as it can be a bit of a struggle sometimes to read (even with 20/20 vision).
Overall the BitBox02 hardware seems to be durable enough, but it’s still just made out of plastic. While this isn’t necessarily bad, we would have preferred it to sport some more premium materials for it’s medium to high price tag.
The BitBox02 can only connect to phones or computers via its USB-C connector. There are no wireless communications such as Bluetooth or NFC, however it can still handle Partially Signed Bitcoin Transactions (PSBTs) via the microSD card slot that’s on the back of the device.
This microSD card is also used for backups which is a super useful feature for users. All you have to do is insert the provided SanDisk 8 GB microSD card and your seed phrase is automatically backed up on it for you.
This enables you to easily backup your seed phrase one or multiple times all without having to expose it to a potentially compromised computer or prying eyes. Restoring the BitBox02 from these backups is quick and easy providing a second way you can recover if the device is damaged, stolen or lost.
Advanced Features For Power Users
Beyond the basic features the BitBox02 is filled with more advanced features. For example it can be used as a Universal Second Factor (U2F) key for other online accounts and now also supports Miniscript.
The BitBox02 also supports a protocol called anti-klepto that stops the hardware wallet from secretly leaking your private keys through transactions it signs. While this is a lesser known attack vector, it’s no less real and shows how dedicated BitBox is to security.
It’s also full of a specialized solvent-resistant epoxy that’s applied all over the microcontroller and Secure Element chip. This means that if someone tries to pry open the actual hardware wallet casing, the chips will be physically ripped off the PCB.
The BitBox02 has a 2 year limited warranty, you can read the full details on their website.
Security & Privacy
The BitBox02 aces all of our security and privacy tests and then just keeps going. It fully end-to-end encrypts the USB communication between device and computer, has anti-klepto protection as already mentioned and numerous additional checks when it comes to Multisig wallets.
It comes in a custom, vacuum sealed tamper evident bag, has a simple but powerful device authenticity check procedure when connected to the BitBoxApp (more on that later) and has even more protections when it comes to firmware upgrades.
They’ve had external security audits done, have a bug bounty program and you can purchase the device directly from them using Bitcoin to protect your real world identity.
Code Openness & Reproducibility
The firmware for the BitBox02 is fully open source and covered by an Apache license ensuring there’s no hidden code anywhere. You can view the GitHub for it here and their builds are fully reproducible too.
BitBox02 scores absolute top marks in this section as everything, from the circuit board to the entire code base is free, open, transparent and reproducible. This is amazing work and is the gold standard for crypto wallets as far as we’re concerned.
Also paramount to a crypto wallets security is precisely how it generates your private keys as this is what everything is derived from. The BitBox02 hits it out of the park again by using 5 different entropy sources!
To add redundancy and failsafes, the BitBox02 uses five sources of randomness (aka entropy) to generate the wallet seed instead of a single source. Each source is cryptographically combined such that the overall entropy is at least as strong as the strongest of all, not the weakest of allBitBox
Those five entropy sources are:
- A true random number generator on the secure chip
- A true random number generator on the microcontroller
- A static random number set during factory installation and unique to each BitBox02
- Host entropy provided by the app running on your computer, e.g. from /dev/urandom
- A cryptographic hash of the device password
You can also create your own seed phrase using dice rolls and import it with them providing a full guide here on it too. This, together with the multiple unpredictable physical processes used to generate the seed words ensures excellent security for your new wallet.
A securely generated seed means nothing if it’s not managed and stored properly. Here the BitBox02 uses a rather unique storage method. While the device does have a Secure Element chip (ATECC608B) that’s built to withstand physical attacks and tampering with, your seed phrase isn’t actually stored on it.
This is because secure elements are not open source and are thus a security risk. While they’re great for protecting against physical attacks, they cannot be fully trusted as the user cannot see what software is being run on it due to its closed source nature.
Instead the BitBox02 encrypts your recovery words and stores it on the flash of the MCU (the general purpose microcontroller). To decrypt the seed, three individual secrets are necessary:
- A random secret that’s generated and stored on the Secure Element chip
- The device password you choose
- A random “salt” generated and stored on the MCU
The overall result is that BitBox gets to use the physical protection capabilities of a secure chip without having to trust it at all with your seed phrase. This means your private keys are protected excellently.
Interface & Ease Of Use
While other hardware wallets usually use physical buttons or touch screens, the BitBox02 interface consists of touch sensors on the top and bottom of the device. You can use the sensors to tap, hold and slide making interacting with the cryptocurrency wallet simple and straight forward.
The hardware wallet doesn’t actually come with any software installed on it (so many security features!) so to begin with you have to download the BitBoxApp. This then takes you through a simple setup wizard that updates your firmware for you and reboots the device.
The wizard continues by setting up the end-to-end encrypted USB connection by having you confirm a pairing code. This only has to be done once and you’re then taken to the main wallet setup screen.
Here you can either restore your backup from a microSD card, restore from a mnemonic or create a brand new wallet. After that you choose a name for your hardware wallet, set your password and finally create your wallet backup.
Compatibility & Connectivity
For those wanting to purchase the BitBox02 Multi edition, it supports Bitcoin as well as over 1,500 other coins and tokens. However as mentioned countless times before, we strongly advise readers not to buy other cryptocurrencies due to the huge risks associated with them.
Compatibility with other third party software wallets is excellent with support for many of the top ones including Electrum, Specter, Wasabi and Sparrow Wallet. If you want to use the BitBox02 exclusively with a third party wallet and never touch the BitBoxApp you can, however to update the firmware on the device you’ll need to get your hands a bit dirty.
The main way to update the firmware on the BitBox02 is via the BitBoxApp which offers a completely seamless experience. Just open the BitBoxApp, connect the BitBox02 and click update.
Updating it without the app though requires a special Python CLI tool, provided by BitBox, located here. You’ll have to be comfortable with things like installing Python packages and running (and likely debugging) Python scripts, but the option is technically there which is greeat to see.
BitBoxApp, Simple Yet Powerful
BitBoxApp is the companies app for the BitBox02 and has a number of powerful features that thankfully don’t end up making it overly complex. The user experience is similar in usability to Ledger Live which is generally regarded as being very beginner friendly.
The BitBoxApp supports all major operating systems including MacOS, Windows and Linux. It also supports multiple crypto assets as well as multiple accounts and has plenty of excellent guides to help you through everything.
Another major perk of the Swiss made software is that you can buy crypto assets directly inside the BitBoxApp via Pocket Bitcoin and MoonPay and have it sent directly to your cold storage hardware wallet to be stored safely.
Under advanced settings you can easily enable coin control, custom fees, a Tor proxy and connect it to your own Bitcoin node. These are all very important features that enable users to enhance the privacy and security and it’s great to see that BitBox haven’t dumbed things down so much as to not include them.
You can change currencies, enable dark mode and change how the units are displayed. There’s also a wide range of supported languages including English, German, French, Hebrew, Hindi, Italian, Japanese, Malay, Persian, Portuguese, Russian, Slovenian, Spanish, Turkish, Bulgarian and Chinese.
The app will also notify you of updates for both the app itself and your hardware wallet device. After using the BitBoxApp along side the BitBox02 for quite a while we found it to have a simple and clear user interface and workflow.
There wasn’t a single time when we were confused or didn’t know what we were supposed to do, even when configuring the advanced features.
One thing we would like to see from BitBox is for them to have the BitBoxApp calculate and display the firmware hash during the upgrade process. Similarly, once the firmware has been copied to the BitBox02 it should independently calculate the hash and display it on its screen before performing the upgrade. This would allow the user to ensure the firmware they’re upgrading exactly matches the one posted in their Github.
No iOS App Support
While all desktop operating systems are supported (except for Chrombooks), there is no BitBoxApp for iPhone or iPad. BitBox states that this is because Apple is very restrictive with what is allowed to be done with the USB port.
There is a fully featured Android version though and you can even install it without using the Google Play store.
Who Is This Wallet For?
- Users who want the highest level of privacy, security and features
- Users who want a Bitcoin only wallet
- Users who insist on using open source software and hardware
- Users who want great Multisig wallet support
While there’s a number of top competitors that stand out, the BitBox02 is the top of the pack along side the Foundation Passport. For those looking for even more security features there’s the COLDCARD Mk4 while the Blockstream Jade is great too at about half the price.
If you’re trying to decide between the BitBox02 and a Ledger device let us stop you right now. There’s no competition. The BitBox02 wipes the floor with all of them enabling far superior security and privacy even before we consider their atrocious “Ledger Recover” program.
Should You Buy The BitBox02 Hardware Wallet?
Absolutely. BitBox have managed to put bleeding edge, advanced security into a totally noob friendly point and click package. Inside its deceptively simple and ordinary packaging, they’ve brought a world class Bitcoin hardware wallet experience to the table and it should be at the top of everyone’s list when it comes to storing your crypto assets.
We hope that BitBox might consider increasing the text size to make things a bit easier to read, but besides that we really can’t fault it for much of anything. While many point out that the price is quite high given its not so premium quality plastic design, it seems obvious that you’re paying for the software skills that have gone into making this one of the best hardware wallets out there.
What Coins Does The BitBox02 Multi Edition Support?
The BitBox02 Multi edition supports Bitcoin as well as over 1,500 other coins and tokens. Some of the main ones include Ethereum, Litecoin, Cardano, BNB and ERC20 tokens.
Can I Use Multiple BitBox With The Same BitBoxApp?
Yes. The BitBoxApp supports having multiple different BitBox02 devices connected to it, even if they have different wallets on them.
Which Devices And Operating Systems Are Supported By BitBox02?
The BitBox02 needs the companion BitBoxApp to activate and update the software and supports all major operating systems including Windows, Linux and MacOS. The BitBox02 can also be used with a number of third party wallets as well.
Who Makes BitBox?
The BitBox02 is made by BitBox, a Swiss company that was previously called Shift Crypto until their recent brand change.