Bowser DIY Hardware WalletLatest release: 1 ( 11th May 2021 ) 🔍 Last analysed 11th April 2022 . Do-It-Yourself Project
Help spread awareness for build reproducibility
Please help us spread the word discussing build reproducibility with Bowser DIY Hardware Wallet via their Twitter!
Do your own research!
Try out searching for "lost bitcoins", "stole my money" or "scammers" together with the wallet's name, even if you think the wallet is generally trustworthy. For all the bigger wallets you will find accusations. Make sure you understand why they were made and if you are comfortable with the provider's reaction.
The Analysis ¶
The Bowser DIY Hardware Wallet comes with a Tetris game to playfully mask its character as a wallet. It uses the following libraries on a M5Stack ESP32:
- uBitcoin (Arduino library created by Stepan Snigirev)
- M5Stack Library
- lvgl GUI for Arduino
Initial options for the Bowser Wallet include:
- Display PubKey
- Sign Transaction
- Export ZPUB
- Show Seed
- Wipe Device
- Restore from Seed
Can the private keys be created offline?
Yes. The user can take out the SD card, and put it in a laptop to key in the command ‘HARD RESET’ in the bowser.txt file. Putting the SD card back in the device, allows for the creation of new seed phrase. Once the seed is verified, this information is saved in the SD card. The user is then asked to create a pin using Morse code.
Are the private keys shared?
No. Non-custom-built, general purpose hardware ensures that there is no manufacturer with the explicit intent to store or reproduce the private keys.
Does the device display the receive address for confirmation?
Does the interface have a display screen and buttons which allows the user to confirm transaction details?
Yes, but … as can be seen in their tutorial, the user is not presented with any useful information during the signing of transactions. State of the art hardware wallets show which amount is leaving the wallet and which amount is being sent back to the same wallet as change. Neither of those is visible on this device.
Is it reproducible?
Bowser is a diy-project.
This project is not meant for non-technical end users.
As part of our Methodology, we ask:Is the product meant to be ready for use "out of the box"? If not, we tag it DIY
Many hardware wallet projects aim to be as transparent as possible by using only off-the-shelf hardware with an open design and open code. If the product reviewed is not available in an assembled form - if the user has to source his own hardware to then maybe solder and compile software to install on the device it falls into this category.
Share onTwitter Facebook LinkedIn
Or embed a widget in your website
<iframe src="https://walletscrutiny.com/widget/#appId=hardware/bowser&theme=auto&style=short" name="_ts" style="min-width:180px;border:0;border-radius:10px;max-width:280px;min-height:30px;"> </iframe>
<iframe src="https://walletscrutiny.com/widget/#appId=hardware/bowser&theme=auto&style=long" style="max-width:100%;width:342px;border:0;border-radius:10px;min-height:290px;"> </iframe>