Get it from https://shiftcrypto.ch/download.
Salbit
Our update features the name of the Salbit mountain hut in central Switzerland. The Salbitschijen mountain is a climber’s paradise, with rough ridges and challenging routes. The hut nearby is therefore not a casual hiker’s cabin, the day usually begins at 4 a.m. with an early breakfast. We think that’s fitting for a BitBox update with many crucial changes.
The Salbit bridge is a sight to behold. It makes the passage along the Salbitschijen possible for a wider group of hikers without climbing equipment, just like the BitBox02 doesn’t require you to be a pro to secure your coins.
You just need a bit of a stomach to avoid vertigo, like we need to get accustomed to some steep price drops.
But they are totally worth it afterwards, when you look back from the top!
Multisig
The BitBox02 already has one of the most secure Bitcoin multi-signature implementations. It safeguards your whole multisig setup by storing metadata relevant for secure sending and receiving directly on the device (as explained in our hands-on Electrum multisig article).
Legacy multisig
As a modern device, we started directly with native Segwit multisig (bech32), resulting in bc1...
addresses. But not all services already support this address type. This is why we now added legacy multisig as well, so you can use the BitBox02 in a multisig setup that uses backwards-compatible 3...
addresses.
HWI support for xpub format
To support HWI and projects depending on it, the BitBox02 is now also able to show all supported multisig extended public keys in the xpub
format instead of the Electrum-style Ypub
and Zpub
formats.
Signing
Progress bar
About a month ago, Jameson Lopp tested the signing performance of hardware wallets for multisig. He deliberately created a huge transaction with 100 inputs to sign, putting a sweat on most wallets.
The BitBox02 performed very well, but Jameson noted that there’s no progress indication on the device, which can be a bit unnerving when you wait several minutes. A fair point: removing all sorts of anxiety-inducing experiences is one of our goals. Challenge accepted!
And here is the result, with our beautiful new progress bar if signing should take a bit longer than usual.
Signing messages
The BitBox02 is now able to sign messages with your private keys. This is important to prove that you are in physical possession of an address and its keys, as used by various online exchanges for regulatory reasons.
For instance, the Swiss exchange Bity uses this to allow their customers to buy and withdraw up to 5000 Swiss Francs (~5000 USD) of cryptocurrencies without any KYC requirements.
For Bitcoin, signing messages is currently possible with Electrum wallet. You can use MyEtherwallet to sign Ethereum-based messages.
Mnemonic U2F
When using U2F on a website that is unknown to the BitBox02, instead of a long and cryptic “unknown site” identifier, four mnemonic words are shown instead, e.g. slogan tone around chicken
. This makes it much easier to recognize the same site in the future.
This is an open-source contribution by My1, many thanks for this! 🔥
Screensaver
Some of our users rely on the BitBox02 in everyday work and leave it on for long periods of time. To avoid burning the BitBox02 logo into the screen, which is a possibility with OLED displays showing the same images for hours a day, we added a screensaver.
Open-source contributor My1 took our first MVP and made it look even nicer. Although his first improvement, shown here, did not make it into production, he then made our logo bounce around tirelessly. Thanks again!
Did you spot the final result it in the video above?
On-device UX
The touch sliders allow for a very versatile user interface. But improving the overall experience never ends, so we continue to make the BitBox02 easier and more intuitive to use:
- When restoring from your 24 recovery words, entries are now automatically completed as soon as the word is unique after the first two to four characters.
- If you notice an error when entering the recovery words, for instance if you forgot a word, you now have the option to go back and fix previously entered words.
- With our Unified Accounts, you don’t need to worry about different Bitcoin address formats. This is why we could drop the word
bech32
from the receive screen. It’s just “Bitcoin”.
Porting more code from C to Rust
We also made a lot of progress in our ongoing journey to port more and more of our C codebase to the programming language Rust, with the goal to phase out C completely over time.
This makes the code safer because Rust is a memory-safe language. The compiler can reason about memory usage and impose heavy restrictions on how device memory can be accessed by the program securely. Additionally, it also makes the code easier to review and lowers the technical hurdles for open-source contributors. And because Rust is 100% interoperable with the C programming language, we can gradually replace parts of the current software without the need to rewrite everything from scratch.
In this release, we ported the following API calls to Rust: DeviceInfo
, DeviceName
, SetPassword
, Reset
, SetMnemonicPassphraseEnabled
, InsertRemoveSdcard
, CheckSdcard
, CheckBackup
, CreateBackup
, ShowMnemonic
. All of these are now called asynchronously. This will allow you to cancel actions on the BitBox02 from the BitBoxApp in the future, further improving usability.
How can I stay up-to-date?
We encourage you to sign up to the BitBox news to stay up to date with our latest news, including release notes and bug fixes.
As always, please do not hesitate to contact us at [email protected] if you have any questions.
Thank you for your continued support.
Shift Team
Shift Crypto is a privately held company based in Zurich, Switzerland. Our international team of specialists across engineering, cryptosecurity and Bitcoin core development build the BitBox products and provide consulting services. The BitBox02, a second generation hardware wallet, equips individuals to easily store, protect, and transact cryptocurrencies. Its companion, the BitBoxApp, provides an all-in-one solution to securely manage your digital assets with ease.