The BitBox02 is a hardware wallet that simplifies secure handling of crypto coins through storing private keys and signing transactions. The content of this repository is the bootloader and firmware used on the device. The BitBox02 is meant to be used primarily with the BitBox App, although third party integration is possible through the BitBox02 API.
The main functionality of the firmware is the following:
- Safely receive and send coins.
- Interacting with the user through touch sliders and a display.
- Back up the seed to a microSD card.
- Back up the seed by displaying the mnemonic encoding on the screen.
- Generate a random seed from multiple strong sources of entropy.
- Protect the seed from attackers.
- Derive keys from the seed according to BIP39 and BIP32.
- Return the extended public key for a keypath so that the app can find all unspent transaction outputs.
- Display the receive address for the keypath, coin and script/address type.
- Display the receive address, transaction amount and network fee and sign each input after confirmation.
The main chip on the device is the microcontroller from Microchip (atsamd51j20a). This chip is used for communication to the BitBox App via USB, the User via the sliders and to the secure element (atecc608a) via I2C.
The sliders along the edges of the device are used for user input. There are three input gestures:
- Slide, and
- Hold to confirm.
The USB communication is implemented using the request-response pattern with enecrypted protobuf messages. The encryption protocol used is Noise with out-of-band authentication.
Reporting a Vulnerability
See our security policy.