What's a Digital Bitbox

The Digital Bitbox is a plug-and-play wallet that combines the highest security of cold storage with the convenience of software wallets.

For you, it gives simplicity and peace of mind.

  Unique advantages of the Digital Bitbox
  • Offline, anytime backup and recovery with a micro SD card.
  • Native software client avoids security risks of browser-based clients.
  • Plausible deniability with hidden wallets and backups.
  • Tor and Tails OS compatible to protect your privacy.
  • Private keys kept on a high-security chip that prevents physical extraction (50 year lifespan).
  • Portable, extremely durable case filled with epoxy and packed with security.
  • Subtle design avoids unwanted attention.
  • Multisig out-of-the-box (optional to use).
  • Smart verification and second-factor authentication mobile app (optional to use).
  • Fully open source.
  • Swiss ideals - quality, privacy, no backdoors.

  Private keys never touch your computer or the internet

Not even during the initial setup or backup. The onboard microcontroller generates a wallet (BIP32) using a high-quality hardware random number generator to create entropy.

The onboard slot for a micro SD card allows offline backup and recovery. There is no need to expose your wallet while typing on a keyboard or displaying recovery information on a screen, leaving it susceptible to theft by key logging, screen captures, and cameras.

Unlike other hardware wallets, you can backup your wallet at anytime and as often as you like. Switch between different wallets in a snap.

We appreciate paranoia. Therefore, external entropy is added to the hardware random number generator in two ways. First, in order to remove the need to trust the hardware, some entropy is added by us through random bytes set during the factory installation. In order to remove the need to trust us, some more is automatically gathered from you when entering your device password. If that's not enough, load up your own keys either via the micro SD slot or the USB interface.

    Three ways to create or load a wallet:

onboard       micro SD         USB

  Some more specifications

Secure against thieves

"Do not think of what your enemy will do. Think of what they can do."

The raison d'être of hardware wallets is security, and we consider it at every level. Here are the gritty details.

What happens if someone steals my Digital Bitbox?

They will also need to steal your password in order to steal your coins. If two-factor authentication is enabled, they will also need your second factor device (such as a mobile phone). After 15 unsuccessful attempts to guess the password, the Digital Bitbox will erase all secrets and reset*. This prevents brute force attacks.

* If reset by accident, simply reload the backup from the micro SD card to recover your wallet.

How do you protect against malware and key loggers?

Hardware wallets are designed to prevent the majority of malware, such as key logging and file stealing, from allowing someone to get your coins. Even if someone learns the wallet password, the keys stay buried inside the hardware wallet. Using the keys requires physically pressing a touch button and, optionally, two-factor authentication (2FA) using a mobile app. With the mobile app, even handcrafted malware on a fully compromised computer, such as a man-in-the-middle attack (MITM), would be avoided.

What if a government or bully forces me to open my wallet?

Use plausible deniability. A secondary password can open a hidden wallet. Put some change there to add plausibility. Or, in case you are forced to recover a wallet from a backup, entering the wrong password will create a valid but different wallet.

How can I verify that the correct transaction is being signed?

Our smart verification mobile app, after cryptographically pairing it with the Digital Bitbox, allows your phone to be used as a large screen to securely verify transactions and addresses.

What about side-channel attacks to discover a key?

Improper cryptographic algorithms can leak secrets from only one signature. Thankfully, algorithms exist that make side-channel signals, such as power usage and electromagnetic waves, very hard to distinguish. The Digital Bitbox uses the same cryptographic library used in Bitcoin (secp256k1). It is carefully designed and tested to prevent known side-channel attacks.

Can the thief break open a Digital Bitbox and physically extract private data, for example, by probing the chip's pins or de-capping the chip? (i.e. reverse engineering)

All secrets (keys and passwords) are stored isolated on a separate high-security chip designed specifically to keep your secrets secret. From section 3.1.2 of the data sheet: "The device contains physical security features to prevent an attacker from determining the internal secrets. ATAES132 includes tamper detectors for voltage, temperature, frequency, and light, as well as an active metal shield over the circuitry, internal memory encryption, and other various features. The ATAES132 physical design and cryptographic protocol are designed to prevent or significantly complicate most algorithmic, timing, and side-channel attacks."

Furthermore, the primary microcontroller's memory is locked, and the JTAG pins are disabled. When using a Digital Bitbox, SRAM that temporarily holds secrets is zeroed immediately after use. Given enough effort and equipment, any device is susceptible to being cracked, but there should be plenty of time to transfer your coins to another wallet.

Any questions?    Let us know!