Du kannst diesen Artikel auch auf Deutsch lesen.

Get the latest BitBoxApp here: bitbox.swiss/download

Today we have prepared a substantial update for the BitBoxApp. This release contains security improvements, optimizes usability and adds new features for advanced users.

Let’s start with the most important thing: security.

Encrypted seed in RAM

While the security of the BitBox02 is already exceptional, we approach security with a “defense in depth” mindset. By that, we mean that even if a vulnerability in one security mechanism has been found, there are other layers of security that prevent a catastrophic failure (e.g private key exfiltration). Because of this we continue to add new security mechanisms, even if there are no known vulnerabilities to the existing architecture. Examples for this include reproducible builds, our dual chip architecture, the anti-klepto protocol and our USB communication encryption.

With this newest firmware release, we are adding another layer of security by keeping the seed encrypted most of the time that it is in the volatile working memory (RAM). Up until now, the seed was held in RAM in a decrypted state after unlocking. With this update, it is only decrypted for a short period of time when the seed is needed, for example for signing and verification operations.

The micro controller needs the stretched key A to decrypt the seed

After unlocking the BitBox02, the seed is encrypted with a temporary random key that is stored in RAM, which is then stretched by the secure element. This means that even if someone was able to read out the RAM of the BitBox02, they will not be able to retrieve the seed, because they would also need the secrets stored in the secure element.

Automatic account synchronization

The used accounts are automatically found

When connecting your BitBox02 to a new host device or when restoring a backup, the BitBoxApp will now automatically scan the balances of the first 5 Bitcoin and Litecoin accounts and display further ones that have a transaction history on them. Account names and transaction notes still have to be added manually.

Removed account limit

Power users that require more than 5 accounts in the BitBoxApp can rejoice! You can now add as many Bitcoin and Litecoin accounts as you like, provided that you have used the previous account.

This means that to add a 6th account, you will have to have at least one transaction in the 5th account. The reason for this limitation is that the BitBoxApp will stop scanning accounts when it finds an unused account.

Redesigned settings page

In our continued effort to make the BitBoxApp easier to use, we have redesigned the settings page. Different kinds of settings are now grouped in tabs at the top of the page.

The settings page received a fresh redesign

“Settings” also now incorporates the “Manage device” page and features an overall improved layout, so you can quickly find what you are looking for!

Advanced setup settings

For experienced users, we have added two advanced setup options. When creating a new wallet on the BitBox02, you can now choose between a 12 and a 24 word seed.

The advanced backup options

You can also choose to skip the microSD backup. Skipping the microSD backup will require the user to write down the recovery words and confirm them on the device before finishing the setup.

Additional improvements

Other improvements to the BitBox02 experience include:

  • Mitigate Ethereum address poisoning attack by hiding zero amount ERC20 transactions
  • Improve satoshi amount readability adding thousands separator
  • Added support for Czech Crown and Czech language
  • Added support for Polish Zloty
  • Show transaction notes in coin control to make UTXO management easier. Such as when sending Ordinals.

You can find an exhaustive list of changes in the app changelog on GitHub.

‌How can I stay up-to-date?

We encourage you to sign up to the BitBox news to stay up to date with our latest news, including release notes and bug fixes.

Thank you for being part of the BitBox family!

Shift Crypto is a privately-held company based in Zurich, Switzerland. Our team of Bitcoin contributors, crypto experts, and security engineers builds products that enable customers to enjoy a stress-free journey from novice to mastery level of cryptocurrency management. The BitBox02, our second generation hardware wallet, lets users store, protect, and transact Bitcoin and other cryptocurrencies with ease - along with its software companion, the BitBoxApp.