If you are still a user of the BitBox01 (aka Digital Bitbox), we strongly suggest that you stop using it and transition to a more secure hardware wallet that has an onboard screen, such as the BitBox02. Please act quickly especially if you are using the BitBox01 to control Ethereum funds or tokens via the MyEtherWallet integration, or are using the mobile 2FA app to verify wallet operations. These functions may not be available much longer.
Background
Over 3 years ago, we stopped selling the BitBox01 and on November 12th, 2019 published an end-of-life (EOL) announcement. A primary reason to EOL the BitBox01 was that your security will be better served by upgrading to a hardware wallet with a screen. You can read more in the blog article: https://shiftcrypto.ch/blog/announcing-the-bitbox01-aka-digital-bitbox-end-of-sale-and-end-of-life-dates-and-process/
EOL does not mean the BitBox01 would suddenly stop working, but instead that it would no longer get updates. Consequently, the BitBox01 will no longer be fully functional in the future since technical tools that the BitBox01 relies on such as MyEtherWallet, BitBoxApp, BitBox 2FA server continue to advance and evolve.
Am I affected?
You are at risk of being locked out of your funds if (i) you still store funds on a BitBox01 and (ii) you do not have access to your wallet’s backup. (Wallet backup = microSD card + wallet recovery password).
ETH on BitBox01 via MyEtherWallet
MyEtherWallet only supported the BitBox01 until version 5 of their app. Their latest app version 6 does not support the BitBox01. Until October 2022 both versions were accessible via the MyEtherWallet website but since then support for version 5 has been removed. This means there is no BitBox01 support on the MyEtherWallet website. As a temporary solution for affected customers, we deployed a copy of version 5. For access contact our customer support.
This is intended as a temporary solution, and we urge all customers who are still relying on this to move their ETH off their BitBox01.
BTC on BitBox01 with two-factor authentication (2FA) enabled
The BitBox01 has a two-factor authentication (2FA) feature that allows you to pair a BitBox01 to a smartphone in order to use the smartphone display to verify transaction details. This 2FA can only be disabled via factory resetting a BitBox01. As it has now been multiple years since the BitBox01 has been EOL’d, we plan to shut down the 2FA relay server and delist the 2FA app from the App Store and Google Play by mid 2023. This gives all users enough time to finally migrate their coins to a latest generation hardware wallet.
Who is affected?
Below is an overview of the different scenarios in relation to the 2FA feature.
If the 2FA was never enabled, or is already disabled: users are not affected.
If the 2FA is enabled:
- Users who migrate coins before the 2FA feature shutdown will not be affected.
- Users who DON’T migrate before the 2FA feature shutdown WILL be affected:
- Users with a wallet backup (microSD card + wallet recovery password) will be able to recover access to their wallet via the BitBox01 backup center (group A).
- Users WITHOUT a wallet backup will be locked out of coins as they won’t be able to either do a factory reset of the BitBox01 due to the missing backup nor send transactions due to the missing relay server (group B).
Additionally, there is a small group of users who are already locked out of their coins as they have lost their 2FA pairing configuration and also lost their wallet backup. These users can’t proceed with a factory reset due to the missing backup and can’t send transactions due to the missing 2FA pairing configuration files (group C).
I am among the affected users: What steps can I take to recover my BTC funds?
Please note that in most cases, you can prevent being affected if you migrate your funds out of the BitBox01 before the 2FA feature will be shut down. The easiest way for you to recover your BTC funds is to transition to a new hardware wallet with a screen, like the BitBox02, such that you can avoid taking any additional steps.
In case you are unable to transfer your funds, here are the steps you can follow based on the scenarios described above:
Group A
If you still have access to your backup, follow the instructions on the BitBox01 backup center to recover your funds: https://shiftcrypto.support/help/en-us/27-backup/123-how-to-use-the-bitbox01-backup-center
Group B and C
In order to be able to help the additional affected user groups locked out due to (B) missing backup & relay server shutdown or (C) missing backup & missing 2FA config file, we have decided to provide custom firmware that is specific to a single BitBox01. This dedicated version of the firmware will turn off the full 2FA lock feature on the specific user’s device, which would normally only be possible by doing a factory reset. This will allow those users to regain access to their coins and move them.
If you are one of these affected users, please reach out to us by sending an email to [email protected]. In order to be eligible for custom firmware while mitigating thievery, you will be asked to provide full know-your-customer (KYC) data such as your name and address, a picture of your passport and face, a utility bill, BitBox01 order confirmation, etc. In addition, there will be a 3-month waiting period from the date of this publication before custom firmware will be provided. We abhor collecting KYC data and you should too. So, if you are able to migrate your funds before the 2FA feature shutdown, please do so and we can avoid this situation.
To encourage you to move your coins, we continue to provide a special discount code in the BitBoxApp for upgrading to a BitBox02. Just open the BitBoxApp with your BitBox01 plugged in to view the code.
Don’t own a BitBox yet?
Keeping your crypto secure doesn't have to be hard. The BitBox02 hardware wallet stores the private keys for your cryptocurrencies offline. So you can manage your coins safely.
The BitBox02 also comes in Bitcoin-only version, featuring a radically focused firmware: less code means less attack surface, which further improves your security when only storing Bitcoin.
Shift Crypto is a privately-held company based in Zurich, Switzerland. Our team of Bitcoin contributors, crypto experts, and security engineers builds products that enable customers to enjoy a stress-free journey from novice to mastery level of cryptocurrency management. The BitBox02, our second generation hardware wallet, lets users store, protect, and transact Bitcoin and other cryptocurrencies with ease - along with its software companion, the BitBoxApp.