The Digital Bitbox is a plug-and-play wallet and second-factor authenticator
that combines the highest security of cold storage with the convenience of software wallets.
For you, it gives simplicity and peace of mind.
Bitcoin (BTC) and Ethereum (ETH, ETC, and ERC20 tokens) cryptocurrencies are currently supported. We plan to add more coins in the future. Let us know your favorites!
If you had BTC on a Digital Bitbox before August 1st, 2017 and would like to access Bitcoin Cash (BCH), read here.
The Digital Bitbox is a FIDO Universal 2nd Factor (U2F) compatible authenticator. Secure your accounts on Google, Facebook, Dropbox, GitHub and more.
Existing Digital Bitboxes can add support for new coins and features by upgrading the firmware.
Not even during the initial setup or backup. The onboard microcontroller generates a wallet (BIP32) using a high-quality hardware random number generator to create entropy.
The onboard slot for a micro SD card allows offline backup and recovery. There is no need to expose your wallet while typing on a keyboard or displaying recovery information on a screen, leaving it susceptible to theft by key logging, screen captures, and cameras.
Unlike other hardware wallets, you can backup your wallet at anytime and as often as you like. Switch between different wallets in a snap.
We appreciate paranoia. Therefore, external entropy is added to the hardware random number generator in two ways. First, in order to remove the need to trust the hardware, some entropy is added by us through random bytes set during the factory installation. In order to remove the need to trust us, some more is automatically gathered from you when entering your device password. If that's not enough, load up your own keys either via the micro SD slot or the USB interface.
Some more specifications
"Do not think of what your enemy will do. Think of what they can do."
The raison d'être of hardware wallets is security, and we consider it at every level. Here are the gritty details.
They will also need to steal your password in order to steal your coins. If two-factor authentication is enabled, they will also need your second factor device (such as a mobile phone). After 15 unsuccessful attempts to guess the password, the Digital Bitbox will erase all secrets and reset*. This prevents brute force attacks.
* If reset by accident, simply reload the backup from the micro SD card to recover your wallet.
Hardware wallets are designed to prevent the majority of malware, such as key logging and file stealing, from allowing someone to get your coins. Even if someone learns the wallet password, the keys stay buried inside the hardware wallet. Using the keys requires physically pressing a touch button and, optionally, two-factor authentication (2FA) using a mobile app. With the mobile app, even handcrafted malware on a fully compromised computer, such as a man-in-the-middle attack (MITM), would be avoided.
Use plausible deniability. A secondary password can open a hidden wallet. Put some change there to add plausibility. Or, in case you are forced to recover a wallet from a backup, entering the wrong password will create a valid but different wallet.
Our smart verification mobile app, after cryptographically pairing it with the Digital Bitbox, allows your phone to be used as a large screen to securely verify transactions and addresses.
Improper cryptographic algorithms can leak secrets from only one signature. Thankfully, algorithms exist that make side-channel signals, such as power usage and electromagnetic waves, very hard to distinguish. The Digital Bitbox uses the same cryptographic library used in Bitcoin (secp256k1). It is carefully designed and tested to prevent known side-channel attacks.
All secrets (keys and passwords) are stored isolated on a separate high-security chip designed specifically to keep your secrets secret. From section 3.1.2 of the data sheet: "The device contains physical security features to prevent an attacker from determining the internal secrets. ATAES132 includes tamper detectors for voltage, temperature, frequency, and light, as well as an active metal shield over the circuitry, internal memory encryption, and other various features. The ATAES132 physical design and cryptographic protocol are designed to prevent or significantly complicate most algorithmic, timing, and side-channel attacks."
Furthermore, the primary microcontroller's memory is locked, and the JTAG pins are disabled. When using a Digital Bitbox, SRAM that temporarily holds secrets is zeroed immediately after use. Given enough effort and equipment, any device is susceptible to being cracked, but there should be plenty of time to transfer your coins to another wallet.
Any questions? Let us know!