CRYPTO SECURITY: BitFlex FinTech X ShiftCrypto Security
Protect your crypto assets | BitBox02 Hardware Wallet
BitFlex FinTech and ShiftCrypto Security have partnered to improve the Security of Digital Assets for users in Zimbabwe and Africa.
ShiftCrypto Products will officially be available on the BitFlex store for customers in Zimbabwe and Africa!
What Does Crypto Security Mean?
Crypto-Security is a subset of communications security that deals with the development and implementation of techniques that lead to secure ciphers and codes that are used to safeguard encryption systems and methods against hostile detection, decryption, interception, and modification. This branch of communications security is responsible for protecting the secrecy and authenticity of messages and data.
Controlling your assets and data is essential in the cryptocurrency world. This entails guaranteeing that no unauthorized source can obtain or even discover the existence of the message. However, if the message is intercepted by unauthorized sources, it should be encrypted so that no information can be extracted. The Shift Crypto security discipline ensures that your digital assets and safe and secure.
What is ShiftCrypto Security?
ShiftCrypto is a Crypto security firm based in Switzerland that focuses on the safety and self — custody of users' digital assets.
They offer a range of products that enable crypto holders to secure their assets using the best security products on the market.
These range from hardware wallets, tamper-proof bags, and steel wallets.
Let's take a look at their products:
1. BitBox 02
BitBox 02 offers State of the art security designed by experts
The BitBox02 features a dual-chip design with a secure chip. The source code has been independently audited by security researchers and is fully open source.
You can easily backup and restore your wallets with a microSD card that's included.
Specifications
Connectivity: USB-C
Compatibility: Windows 7 and later, macOS 10.11 and later, Linux, Android
Input: Capacitive touch sensors
Micro-controller: ATSAMD51J20A; 120 Mhz 32-bit Cortex-M4F; True random number generator
Secure chip: ATECC608B; True random number generator (NIST SP 800–90A/B/C)
Display: 128 x 64 px white OLED
Material: Polycarbonate
Size: 54.5 x 25.4 x 9.6 mm including USB-C plug
Weight: Device 12g; with packaging and accessories 160g
DESIGN
We love the minimalist and discreet design of the BitBox as it looks like any other USB flash drive.
BitBox 02 Supports Bitcoin, Ethereum, Litecoin, Chainlink, BAT and 1500+ more coins.
BitBox hardware wallets began in 2015, and every enhancement and security improvement has led to the BitBox02 being available today. The BitBox02’s hardware and software were built from the ground up, prioritizing security, with multiple external security teams reviewing its design and implementation.
All of our products are Swiss-made and developed by our team of Bitcoin core developers and crypto native experts. You can help protect your financial sovereignty with the security features listed below.
Security features
Firmware & software security
Dual chip security architecture
A miniature computer (aka a micro-controller chip) inside the BitBox02 allows running open-source security code that is available from high-quality publicly-vetted repositories. A separate secure chip, the ATECC608B hardens access to your wallet in multiple ways. We pioneered the “dual chip” security concept in the original BitBox. Learn more about how it works in the BitBox02 by reading this blog article.
Read about the dual-chip security architecture
Wallet seed storage
Three secrets are needed to access the encrypted wallet seed stored on the micro-controller. For a thief to gain access to a wallet, they must get all these pieces of data: a random secret on the secure chip, a random secret on the micro-controller, and a random secret not on the device — your device password. The secure chip mitigates against a thief brute-forcing (aka guessing many times) a simple password. Learn more by reading the blog article mentioned above.
Open-source
Hide nothing by open sourcing everything, including the firmware on the BitBox02, the BitBoxApp, and x rays of the hardware, schematics.
Secure Bootloader
The BitBox02 accepts only firmware signed by Shift Crypto. The bootloader prevents firmware downgrades and installing firmware for a different edition of the BitBox02 (Multi or Bitcoin-only). The bootloader can also display the hash of the firmware before running it for binary transparency.
Device authenticity check
Each BitBox02 is loaded with a secret attestation key during factory setup. This means the BitBoxApp or any wallet it connects to can check if the BitBox02 is a genuine device every time you use it.
Wallet seed generation
To add redundancy and failsafe’s, the BitBox02 uses five sources of randomness (aka entropy) to generate the wallet seed instead of a single source. Each source is cryptographically combined such that the overall entropy is at least as strong as the strongest of all, not the weakest of all. This mitigates against attacks even when four of the sources are compromised, or even when all five sources are compromised if they are compromised by more than one party. The entropy sources are:
- A true random number generator on the secure chip
- A true random number generator on the micro-controller
- A static random number set during factory installation and unique to each BitBox02
- Host entropy provided by the app running on your computer, e.g. from /dev/urandom
- A cryptographic hash of the device password
The latter two are completely independent of the BitBox02.
Reproducible builds
Don’t trust, verify! The BitBox02 firmware is reproducible, meaning anyone can compile the open-source firmware themselves and verify that the binary is exactly the same as the official release. You can find instructions and more details on how the reproducible builds work on our Github .
We also gather signatures from the community asserting the correctness of our releases.
Physical Protection
Secure display
The BitBox threat model assumes your computer can be compromised and should not be trusted. Therefore, securely verify transactions, receive addresses and other data using the built-in screen and touch confirmation (tap, slide and hold). Enter your password directly on the device instead of in the BitBoxApp.
Secure chip
As a fallback to avoid brute force attacks if the 10-attempt limit imposed by the microcontroller is somehow bypassed by a thief, a monotonic counter in the secure chip limits the total attempts of device-password entries. In addition, password stretching increases the amount of time needed to test each possible password, making such attacks infeasibly difficult.
Epoxy potting
A specialized solvent-resistant epoxy is applied over the microcontroller and secure chip to completely encapsulate it. Once dry, the epoxy bonds the chips to the casing of the BitBox02. If the casing is opened to access the chips, the chips will be physically ripped off the PCB, thus destroying the BitBox02.
Breaking pins
The glue used to attach both halves of the BitBox02 casing is specially chosen to create a permanent bond between the pins of the top casing and the pinholes of the bottom casing. An attempt at separating both halves of the casing will physically break the pins. Two halves can no longer cleanly re-attach, thus making it obvious to the user that the BitBox02 has been opened.
Wallet backup
Instant microSD card backup
Backing up the seed to a microSD card ensures that you won’t lose funds by accidentally writing down the wrong words. Furthermore, you do not need to watch out for hidden cameras or wondering eyes watching you set up your wallet.
Instantly verify backup at anytime
This feature promotes people to check their backups more often since it is easy to do. In addition, you can make new backups at any time, either on another microSD card or by viewing the seed words.
View recovery words after setup
In addition to the microSD card backup, you still have the option to display and write down your 24 recovery words after re-entering the device password.
External Security Audit
The BitBox02 firmware was audited by Census Labs along with consulting done by multiple third-party security firms.
Bug bounty program 🏴☠️
We take security reports very seriously: we run a bug bounty program and encourage independent researchers to audit our device and responsibly disclose any findings.
CLICK HERE to participate in the Shift Crypto bug bounty program
Privacy features
Encrypted USB channel
All USB communication between the BitBox02 and the host computer is encrypted using the noise protocol. Any malware sniffing the USB bus cannot decipher what communication is happening between the host and the BitBox02.
User data not stored on servers
When making a transaction using the BitBox02 and BitBoxApp, no personal identifiable data (such as an IP address) or transaction data is stored on our servers. We offer an option to connect to your own Bitcoin full node such that your financial history can remain private.
Advanced features
Secure multisig/multisig account registration
Almost all hardware wallet multisig setups are insecure and are likely vulnerable to remote theft or ransom attacks. The main issue is they either skip over or incorrectly implement xpub verification. We believe the BitBox02 is the only hardware wallet to have correctly implemented multisig safely since the beginning.
Here is a blog post on the issues with multisig, how other hardware wallet vendors implemented them insecurely (and are still insecure now), and how the BitBox02 fixes them.
Show firmware hash before boot
This optional feature allows you to verify that you are using the correct firmware every time you plug in the device.
Create your own wallet with your own entropy
An optional feature that lets you create your own seed without the use of the BitBox02 random number generation. For example, a user could roll dice to generate a wallet and then import it into BitBox02. See how in this article .
Anti-klepto
The BitBox02 is the first hardware wallet that offers protection against the nonce covert channel attack, by supporting a protocol called anti-klepto. This attack can leak a private key via malicious transaction signatures. This blog post explains how the BitBox02 protects you against leaking private keys. We wrote the original pull request to the Bitcoin Core repository that made this possible.
Threat model
The BitBox02 security features reduce the attack surface, which means attackers have fewer options to steal your private keys and your coins.
Covering all possible scenarios is not trivial, there are situations where the security threats are harder to define. This is why we’ve published a threat model, where we explain what the BitBox02 protects your funds against.
Read the BitBox02 threat model
You can learn more about the features HERE
BitBoxApp
The BitBox02 Device works in tandem with the Desktop App or the Android Mobile App. It is a simple yet powerful desktop app that is at the center of the BitBox ecosystem. An all-in-one solution to securely manage your digital assets with ease.
2. STEEL WALLET
The Shift Crypto Steel Wallet is an Apocalypse-proof Bitcoin backup
A Bitcoin wallet backup that lasts forever OFFLINE
Creating a backup of your Bitcoin and crypto wallet is important. It ensures that your funds can be restored even if you lose or break your hardware wallet.
Regular backups need to be protected against the elements. The Steelwallet helps you take your Bitcoin backup endurance to the next level and make sure it can survive a house fire or whatever else nature throws at it.
WATCH: How to set up a Steelwallet
Features
i) Simple
Clear instructions, low-tech, no additional tools needed
Easy to set up
ii) Heavy-duty
Made of stainless steel to resist almost everything, including mechanical force, fire, radiation and corrosion
High-quality stainless steel
iii) Everlasting
Ageing-resitant backup for your future generations
Store your savings
iv) Universal
For all cryptocurrency wallets that use up to 24 recovery words
BIP-39 compatible
3. BACKUP CARD
Backup your hardware wallet
Creating a backup of your Bitcoin and crypto wallet is important. It ensures that your funds can be restored even if you lose or break your hardware wallet.
By default, the BitBox02 creates a backup on a microSD card. You can create an additional analog backup by writing down 24 recovery words. This is a great option because this backup is interoperable, transparent, and — depending on the material — will last for generations.
Backup card
The ShiftCrypto Back-Up Card makes it easy to create a handwritten backup. It is printed on age-resistant cardboard and can be laminated without a lamination machine for additional protection. Privacy is important, so the card does not mention Bitcoin or cryptocurrencies on the outside. But the instructions inside, as well as the included booklet, guide you through every step of backing up your wallet.
There are 2 VERSIONS of the BACK-UP CARD
i) PROFESSIONAL VERSION (Order from the Shop)
The professional Backup Card version is printed on ageing-resistant cardboard and uses no-machine lamination for added protection. Perfect for securing your long-term wallets.
ii) FREE VERSION (Print yourself)
The free community version of the Backup Card.
JUST DOWNLOAD and print it to secure your everyday wallets
CLICK HERE TO DOWNLOAD
5. TAMPER-EVIDENT BAGS
Protect your Bitcoin backups against undetected access and hidden tampering.
ShiftCrypto’s Tamper-Evident Bags offer secure storage for peace of mind. You can store your Wallet Back-Ups in these bags and deposit them in a safety deposit box and be sure that your back up is secure and tamper-proof.
Why use a Tamper-evident security bag?
Is your Bitcoin backup safe? You might have stored it in a safe place, but how do you know that it has not been compromised?
Creating a backup of a cryptocurrency wallet is very important, but anyone who gains access to it can take possession of all the coins in your wallet. This does not even need to happen right away, it’s possible to remotely move your funds months after someone made a copy of your backup, without physical access to your wallet.
ShiftCrypto’s Tamper-evident bags erase any doubt whether your Bitcoin backup has been accessed or not:
FEATURES
i) Comprehensive security
360-degree protection against all forms of undetected access, including safeguards against mechanical access, steam and moisture, heat, freezing and solvents
ii) Easy to use
Quick to seal, with a unique numbering and tear-off receipt, transparent material to check the content
iii) Durable
Strong seal, security seams, and tear-resistant foil
iv) Universal application
Generic layout, transparent for visual checks, and plenty of space for different items
BACK UP OPTIONS AT A GLANCE
You will soon be able to order ShiftCrypto Products on the BitFlex Crypto Store in Zimbabwe 🇿🇼 and shipping across Africa! ✈️
ALL IN ALL
STAY SAFE in the crypto space DYOR (Do Your Own Research) and BACK UP your wallets