Wallet Logo

Ballet Crypto Real

🔍 Last analysed 23rd March 2022 . Plain Keys when spending

This product eventually requires sharing private key material.

As part of our Methodology, we ask:

Does the device hide your keys from other devices at all time?

If the answer is "no", we mark it as "Plain Keys when spending".

These devices keep the user’s private key sealed until the seal is broken or removed.

In order for a transfer to commence, the private keys have to be brought onto a different system that might not be secure.

There are many viruses known to look for Bitcoin private keys in memory or hard drives.

While this aspect should not leave room for major exit scams, the handling of such devices is delicate and prone to loss of funds to hackers.

To redeem your funds safely, create your transaction on an offline machine and verify the signed transaction on a different machine before broadcasting it.

Help spread awareness for build reproducibility

Please help us spread the word discussing build reproducibility with Ballet Crypto Real  via their Twitter!

Do your own research!

Try out searching for "lost bitcoins", "stole my money" or "scammers" together with the wallet's name, even if you think the wallet is generally trustworthy. For all the bigger wallets you will find accusations. Make sure you understand why they were made and if you are comfortable with the provider's reaction.

If you find something we should include, you can create an issue or edit this analysis yourself and create a merge request for your changes.

What is a bearer token?

Bearer tokens are meant to be passed on from one user to another similar to cash or a banking check. Unlike hardware wallets, this comes with an enormous "supply chain" risk if the token gets handed from user to user anonymously - all bearer past and present have plausible deniability if the funds move. We used to categorize bearer tokens as hardware wallets, but decided that they deserved an altogether different category. Generally, bearer tokens require these attributes:

  • Secure initial setup
  • Tamper evidence
  • Balance check without revealing private keys
  • Small size
  • Low unit price
and either of these applies:
  • Somebody has a backup and needs to be trusted.
  • Nobody has a backup and funds are destroyed if the token is lost or damaged.

The Analysis 

Updated Analysis 2022-01-20

Ballet Crypto REAL is the original and first iteration of the Ballet Crypto Cards series. Subsequent items are:

Like the PRO and the PURE, the REAL’s private keys are printed on the item. It is encrypted and can be verified and decrypted through this process accessible via balletcrypto.org:

Step 1

Enter your wallet passphrase. Remove the tamper-evident scratch-off to get the wallet passphrase.

Step 2

Verify using BIP38 confirmation code. You can use the Ballet Crypto mobile app to get your wallet’s BIP38 confirmation code.


Decrypt using BIP38 encrypted private key. Peel off the top layer sticker and scan the encrypted private key QR code, which is set against a yellow sticker.


To ensure that the private keys are not copied by the manufacturer, Ballet Crypto has a manufacturing process called 2FKG (2-Factor Key Generation):

In the US

Using an offline computer, serial number, wallet passphrase, and intermediate code are generated in Ballet’s USA headquarters

Serial number and intermediate code are then electronically transmitted to Ballet’s office in China.

In China

Afterwards, the BIP38 process is used to randomly generate an encrypted private key (EPK) using the intermediate code data.

The corresponding public key and deposit addresses will be generated, along with a confirmation code, to be used for verification and additional checking afterwards. This encrypted private key is secure data, which is only stored once, on a hard disk drive.

In China, this two-layer QR code sticker is manufactured using an offline process in a secure printing facility The secure data is never transmitted to any external computers or system.

The secure data is transferred physically, on a hard disk drive.

Right after the printing process, the secure data is then deleted, overwritten, and physically destroyed.

The secure two-layer QR code sticker will then be securely applied to the physical wallets, without ever revealing the encrypted private keys.

Once finished, the partially assembled wallets are sent to the United States for final production. The confirmation codes are also electronically sent back to the United States.

This is for further verification to ensure that the encrypted private keys and decryption wallet passphrase does match up with the generated cryptocurrency deposit addresses.

Back in the US

The physical wallets and QR code stickers are verified and double checked in the United States according to their corresponding serial numbers.

The matching decryption wallet passphrase and serial number will then be laser etched onto the wallets. A strip of tamper evident scratch-off material is then applied on the wallet, to cover the wallet passphrase.

Companion app

It requires a companion app Ballet Crypto No Source!


Perhaps one of the main weaknesses of these cards is the lack of an interface and an input mechanism.

Previous Analysis 2021-08-08

This hardware device lacks a screen or a button, this device cannot provide basic security of hardware wallets.

(ml, dg)