Wallet Logo

BitBox02

latest release: 9.7.0 ( 6th September 2021 ) last analysed  5th October 2021 Reproducible when tested 

Jump to verdict 

Older reviews (show 1 of 1 reproducible)

Help spread awareness for build reproducibility

Please follow BitBox02 and thank them for being reproducible  via their Twitter!

Disclaimer

The following Analysis is not a full code review! We plan to make code reviews available in the future but even then it will never be a stamp of approval but rather a list of incidents and questionable coding practice. Nasa sends probes to space that crash due to software bugs despite a huge budget and stringent scrutiny.

Do your own research!

Try out searching for "lost bitcoins", "stole my money" or "scammers" together with the wallet's name, even if you think the wallet is generally trustworthy. For all the bigger wallets you will find accusations. Make sure you understand why they were made and if you are comfortable with the provider's reaction.

If you find something we should include, you can create an issue or edit this analysis yourself and create a merge request for your changes.

The Analysis 

We wrapped the findings from prior reviews in a test script which gave us these results:

$ scripts/test/hardware/bitBox2.sh 9.7.0
...
997fa9ab985d61473cb191d1c3bba2a291fb91861e215c005b133aec1e87d493  firmware-btc.v9.7.0.signed.bin
...
59f3442ac524c5e158405fc4710c8d264876c8d7ec82a3d3cc090cdee56689c7  temp/build/bin/firmware-btc.bin
59f3442ac524c5e158405fc4710c8d264876c8d7ec82a3d3cc090cdee56689c7  firmware-btc.v9.7.0.bin

The result in summary:

appId:        bitBox2
variant:      firmware-btc-only
version:      v9.7.0
fileHash:     997fa9ab985d61473cb191d1c3bba2a291fb91861e215c005b133aec1e87d493
firmwareHash: 59f3442ac524c5e158405fc4710c8d264876c8d7ec82a3d3cc090cdee56689c7

Sadly the hash 5f38987cf70ef7978163e6095a27543cd476ca35578ce2f728fa647154dc0ff5 published by the provider which also can be verified during update on the device is not as trivially reproducible as advertised here.

Following these instructions:

$ find . | grep describe_sig
./releases/describe_signed_firmware.py
./temp/releases/describe_signed_firmware.py
$ (cd temp/releases/; ./describe_signed_firmware.py ../../firmware-btc.v9.7.0.signed.bin)
bitbox02 module not found; please see bitbox02-firmware/py/README.md
Traceback (most recent call last):
  File "/tmp/bitbox02-firmware/temp/releases/./describe_signed_firmware.py", line 78, in <module>
    sys.exit(main())
  File "/tmp/bitbox02-firmware/temp/releases/./describe_signed_firmware.py", line 45, in main
    magic, sigdata, firmware = parse_signed_firmware(binary)
NameError: name 'parse_signed_firmware' is not defined
$ (cd releases/; ./describe_signed_firmware.py ../firmware-btc.v9.7.0.signed.bin)
bitbox02 module not found; please see bitbox02-firmware/py/README.md
Traceback (most recent call last):
  File "/tmp/bitbox02-firmware/releases/./describe_signed_firmware.py", line 78, in <module>
    sys.exit(main())
  File "/tmp/bitbox02-firmware/releases/./describe_signed_firmware.py", line 45, in main
    magic, sigdata, firmware = parse_signed_firmware(binary)
NameError: name 'parse_signed_firmware' is not defined
$ cat py/README.md
# Python scripts

To use the scripts (`send_message.py`, `load_firmware.py` for example) go into the `bitbox02`
directory and run `pip3 install .`.

If you plan to work on the scripts run `pip3 install -e .` instead.
$ find . | grep '/bitbox02/'
...
./py/bitbox02/CHANGELOG.md
...
./py/bitbox02/bitbox02/__init__.py
...
./py/bitbox02/bitbox02/bitbox02/__init__.py
...
./src/rust/bitbox02/.gitignore
...
./temp/py/bitbox02/CHANGELOG.md
...
./temp/py/bitbox02/bitbox02/__init__.py
...
./temp/py/bitbox02/bitbox02/bitbox02/__init__.py
...
./temp/src/rust/bitbox02/.gitignore
...
$ (cd py/bitbox02; pip3 install )
ERROR: You must give at least one requirement to install (see "pip help install")
$ (cd py/bitbox02/bitbox02; pip3 install )
ERROR: You must give at least one requirement to install (see "pip help install")
$ (cd py/bitbox02/bitbox02/bitbox02; pip3 install )
ERROR: You must give at least one requirement to install (see "pip help install")

For the predecessor we worked our way around using the python scripts but those should also just work. What are we doing wrong?

Anyway, back to manual mode …

$ head -c 588 firmware-btc.v9.7.0.signed.bin > p_head.bin
$ tail -c +589 firmware-btc.v9.7.0.signed.bin > p_firmware.bin
$ cat p_head.bin | tail -c +$(( 8 + 6 * 64 + 1 )) | head -c 4 > p_version.bin
$ cat p_version.bin | xxd -p
17000000
$ wc -c p_firmware.bin
460940 p_firmware.bin
$ echo $(( 884736 - 460940 ))
423796
$ dd if=/dev/zero ibs=1 count=423796 | tr "\000" "\377" > p_padding.bin
423796+0 records in
827+1 records out
423796 bytes (424 kB, 414 KiB) copied, 0.0737553 s, 5.7 MB/s
$ cat p_version.bin p_firmware.bin p_padding.bin | sha256sum | cut -c1-64 | xxd -r -p | sha256sum | cut -c1-64
5f38987cf70ef7978163e6095a27543cd476ca35578ce2f728fa647154dc0ff5

So, the result looks good. The BitBox02’s firmware version 9.7.0 with hash 997fa9ab985d61473cb191d1c3bba2a291fb91861e215c005b133aec1e87d493 is reproducible. The bootloader should show the hash 5f38987cf70ef7978163e6095a27543cd476ca35578ce2f728fa647154dc0ff5 during update.

(lw)

Verdict Explained

The binary provided was reproducible from the code provided.

As part of our Methodology, we ask:

Does the binary we built differ from what we downloaded? If not, we tag it Reproducible 

If we can reproduce the binary we downloaded from the public source code, with all bytes accounted for, we call the product reproducible. This does not mean we audited the code but it’s the precondition to make sure the public code has relevance for the provided binary.

If the provider puts your funds at risk on purpose or by accident, security researchers can see this if they care to look. It also means that inside the company, engineers can verify that the release manager is releasing the product based on code known to all engineers on the team. A scammer would have to work under the potential eyes of security researchers. He would have to take more effort in hiding any exploit.

“Reproducible” does not mean “verified”. There is good reason to believe that security researchers as of today would not detect very blatant backdoors in the public source code before it gets exploited, much less if the attacker takes moderate efforts to hide it. This is especially true for less popular projects.