BitBox02latest release: 9.7.0 ( 6th September 2021 ) last analysed 5th October 2021 Reproducible when tested
Older reviews (show 1 of 1 reproducible)
Help spread awareness for build reproducibility
Please follow BitBox02 and thank them for being reproducible via their Twitter!
The following Analysis is not a full code review! We plan to make code reviews available in the future but even then it will never be a stamp of approval but rather a list of incidents and questionable coding practice. Nasa sends probes to space that crash due to software bugs despite a huge budget and stringent scrutiny.
Do your own research!
Try out searching for "lost bitcoins", "stole my money" or "scammers" together with the wallet's name, even if you think the wallet is generally trustworthy. For all the bigger wallets you will find accusations. Make sure you understand why they were made and if you are comfortable with the provider's reaction.
The Analysis ¶
We wrapped the findings from prior reviews in a test script which gave us these results:
$ scripts/test/hardware/bitBox2.sh 9.7.0 ... 997fa9ab985d61473cb191d1c3bba2a291fb91861e215c005b133aec1e87d493 firmware-btc.v9.7.0.signed.bin ... 59f3442ac524c5e158405fc4710c8d264876c8d7ec82a3d3cc090cdee56689c7 temp/build/bin/firmware-btc.bin 59f3442ac524c5e158405fc4710c8d264876c8d7ec82a3d3cc090cdee56689c7 firmware-btc.v9.7.0.bin
The result in summary:
appId: bitBox2 variant: firmware-btc-only version: v9.7.0 fileHash: 997fa9ab985d61473cb191d1c3bba2a291fb91861e215c005b133aec1e87d493 firmwareHash: 59f3442ac524c5e158405fc4710c8d264876c8d7ec82a3d3cc090cdee56689c7
Sadly the hash
published by the provider which also can be verified during update on the device
is not as trivially reproducible as advertised
Following these instructions:
$ find . | grep describe_sig ./releases/describe_signed_firmware.py ./temp/releases/describe_signed_firmware.py $ (cd temp/releases/; ./describe_signed_firmware.py ../../firmware-btc.v9.7.0.signed.bin) bitbox02 module not found; please see bitbox02-firmware/py/README.md Traceback (most recent call last): File "/tmp/bitbox02-firmware/temp/releases/./describe_signed_firmware.py", line 78, in <module> sys.exit(main()) File "/tmp/bitbox02-firmware/temp/releases/./describe_signed_firmware.py", line 45, in main magic, sigdata, firmware = parse_signed_firmware(binary) NameError: name 'parse_signed_firmware' is not defined $ (cd releases/; ./describe_signed_firmware.py ../firmware-btc.v9.7.0.signed.bin) bitbox02 module not found; please see bitbox02-firmware/py/README.md Traceback (most recent call last): File "/tmp/bitbox02-firmware/releases/./describe_signed_firmware.py", line 78, in <module> sys.exit(main()) File "/tmp/bitbox02-firmware/releases/./describe_signed_firmware.py", line 45, in main magic, sigdata, firmware = parse_signed_firmware(binary) NameError: name 'parse_signed_firmware' is not defined $ cat py/README.md # Python scripts To use the scripts (`send_message.py`, `load_firmware.py` for example) go into the `bitbox02` directory and run `pip3 install .`. If you plan to work on the scripts run `pip3 install -e .` instead. $ find . | grep '/bitbox02/' ... ./py/bitbox02/CHANGELOG.md ... ./py/bitbox02/bitbox02/__init__.py ... ./py/bitbox02/bitbox02/bitbox02/__init__.py ... ./src/rust/bitbox02/.gitignore ... ./temp/py/bitbox02/CHANGELOG.md ... ./temp/py/bitbox02/bitbox02/__init__.py ... ./temp/py/bitbox02/bitbox02/bitbox02/__init__.py ... ./temp/src/rust/bitbox02/.gitignore ... $ (cd py/bitbox02; pip3 install ) ERROR: You must give at least one requirement to install (see "pip help install") $ (cd py/bitbox02/bitbox02; pip3 install ) ERROR: You must give at least one requirement to install (see "pip help install") $ (cd py/bitbox02/bitbox02/bitbox02; pip3 install ) ERROR: You must give at least one requirement to install (see "pip help install")
For the predecessor we worked our way around using the python scripts but those should also just work. What are we doing wrong?
Anyway, back to manual mode …
$ head -c 588 firmware-btc.v9.7.0.signed.bin > p_head.bin $ tail -c +589 firmware-btc.v9.7.0.signed.bin > p_firmware.bin $ cat p_head.bin | tail -c +$(( 8 + 6 * 64 + 1 )) | head -c 4 > p_version.bin $ cat p_version.bin | xxd -p 17000000 $ wc -c p_firmware.bin 460940 p_firmware.bin $ echo $(( 884736 - 460940 )) 423796 $ dd if=/dev/zero ibs=1 count=423796 | tr "\000" "\377" > p_padding.bin 423796+0 records in 827+1 records out 423796 bytes (424 kB, 414 KiB) copied, 0.0737553 s, 5.7 MB/s $ cat p_version.bin p_firmware.bin p_padding.bin | sha256sum | cut -c1-64 | xxd -r -p | sha256sum | cut -c1-64 5f38987cf70ef7978163e6095a27543cd476ca35578ce2f728fa647154dc0ff5
So, the result looks good. The BitBox02’s firmware version
9.7.0 with hash
is reproducible. The bootloader should show the hash
5f38987cf70ef7978163e6095a27543cd476ca35578ce2f728fa647154dc0ff5 during update.
The binary provided was reproducible from the code provided.
As part of our Methodology, we ask:Does the binary we built differ from what we downloaded? If not, we tag it Reproducible
If we can reproduce the binary we downloaded from the public source code, with all bytes accounted for, we call the product reproducible. This does not mean we audited the code but it’s the precondition to make sure the public code has relevance for the provided binary.
If the provider puts your funds at risk on purpose or by accident, security researchers can see this if they care to look. It also means that inside the company, engineers can verify that the release manager is releasing the product based on code known to all engineers on the team. A scammer would have to work under the potential eyes of security researchers. He would have to take more effort in hiding any exploit.
“Reproducible” does not mean “verified”. There is good reason to believe that security researchers as of today would not detect very blatant backdoors in the public source code before it gets exploited, much less if the attacker takes moderate efforts to hide it. This is especially true for less popular projects.
Share onTwitter Facebook LinkedIn
Or embed a widget in your website
<iframe src="https://walletscrutiny.com/widget/#appId=hardware/bitBox2&theme=auto&style=short" name="_ts" style="min-width:180px;border:0;border-radius:10px;max-width:280px;min-height:30px;"> </iframe>
<iframe src="https://walletscrutiny.com/widget/#appId=hardware/bitBox2&theme=auto&style=long" style="max-width:100%;width:342px;border:0;border-radius:10px;min-height:290px;"> </iframe>