hardware wallet

BitBox02

The BitBox02 features a dual-chip design, invisible touch sensors, and a fully open-source architecture.[source]

📍 Global

Go to BitBox02

What you should know about BitBox02

Dual-chip security with a secure element and open-source firmware for transparent protection.
Easy backup and restore via microSD card (no manual seed phrase writing required).
Intuitive touch-slide sensors on the device edges for interaction and verification.
Features a unique anti-klepto protection and transaction fee safeguards.

Pros & Cons

Strengths

+ Swiss-made quality and focus on privacy
+ Fully open-source firmware and application
+ Instant microSD card backup is extremely user-friendly
+ Dual-chip architecture provides robust physical security
+ Invisible touch sensors for a sleek interface

Weaknesses

- No native iOS support (requires newer BitBox02 Nova model)
- Limited coin support compared to some competitors (e.g., Ledger)
- Requires physical connection (not air-gapped)

Facts about the BitBox02

Supported Assets

BTC, ETH, LTC, ADA, 1500+ ERC20 tokens

The Multi edition supports Bitcoin, Ethereum, Litecoin, Cardano, and over 1500 ERC20 tokens natively or via 3rd-party integrations.[source]

Storage Capacity

Unlimited keys

The device does not store full transaction history, only the private keys derived from the seed, allowing management of a virtually unlimited number of accounts and assets.[source]

Connectivity

USB-C,USB-A

The device features a native USB-C connector and includes a USB-A adapter. It also works with Android devices via USB-C OTG.[source]

Secure Element

ATECC608B

Utilizes the ATECC608B secure chip in a dual-chip architecture to protect against physical attacks and unauthorized access, combined with open-source firmware.[source]

Supported Platforms

Windows,macOS,Linux,Android

Compatible with Windows, macOS, Linux, and Android. Note: The standard BitBox02 does not support iOS; the newer Nova model is required for iPhone/iPad support.[source]

Backup Method

MicroSD & BIP39

Features a unique instant backup to a microSD card, while also supporting the industry-standard BIP39 24-word recovery phrase.[source]

Display

OLED (128x64 px)

Includes a white OLED screen for on-device transaction verification, controlled via invisible capacitive touch sensors (tap, slide, hold).[source]

Editions Available

Bitcoin-only and Multi editions

Available as a Multi edition for various coins and a Bitcoin-only edition with reduced firmware complexity for maximum security.[source]

Open Source

Yes

Firmware and the BitBoxApp are fully open-source and audited, ensuring high transparency and security.[source]

Staking

Yes

Supports staking for Cardano (ADA) via NuFi/AdaLite and Ethereum (ETH) via integrations with services like Lido (via Rabby/MEW).[source]

Price (USD)

119-149

The retail price typically ranges between 19 and 49 depending on the vendor and region.[source]

Air-gapped

The BitBox02 is not air-gapped; it connects directly to the host device via a physical USB connection.[source]

Security Standard

Dual-chip (Secure Element + MCU)

Uses a dual-chip design combining a secure element for secret storage and a microcontroller for the open-source firmware.[source]

BitBox02 Topics

BitBox02 App

Topic

Explore →

Bitbox02 Multi Edition

Topic

Explore →

BitBox02 Bitcoin Only

Topic

Explore →

BitBox02 Setup

Topic

Explore →

Loading Arena... 🚀

BitBox02 FAQ

Does the BitBox02 implement an air-gapped security model, and how does its connection method impact its attack surface?

The BitBox02 is not an air-gapped device. It connects directly to your computer or Android smartphone via its native USB-C connector. While air-gapped devices eliminate direct communication channels, the BitBox02 mitigates risks by relying on its dual-chip architecture—featuring an ATECC608B secure element—and a fully open-source microcontroller to isolate private keys. The USB connection uses an encrypted channel with the BitBoxApp, ensuring keys never leave the hardware.

How does the dual-chip architecture involving the ATECC608B secure element enhance physical security?

The device combines a general-purpose microcontroller with an ATECC608B secure element. Instead of storing the seed directly on the secure element, which would require trusting a closed-source component, the BitBox02 uses the secure element to encrypt the seed stored on the open-source microcontroller. It also enforces a hardware rate-limit on PIN entry attempts, preventing brute-force attacks in case of physical theft while keeping core cryptography auditable.

What makes the microSD backup method structurally different from traditional BIP39 seed phrase backups?

During setup, the BitBox02 automatically creates an instant backup of your wallet directly onto an included microSD card. This bypasses the need to write down a 24-word BIP39 recovery phrase, though seed words can still be displayed if desired. The microSD backup mitigates the risk of human error during transcription and protects against physical surveillance like hidden cameras. The card itself remains an unencrypted bearer instrument and must be stored securely offline.

Can the BitBox02 natively interact with decentralized applications and smart contracts?

The BitBox02 Multi edition supports Bitcoin, Ethereum, Litecoin, and over 1,500 ERC-20 tokens. While it does not feature a native dApp browser within the BitBoxApp, it integrates securely with third-party interfaces such as MetaMask and Rabby. By connecting the device to these Web3 wallets, users can seamlessly sign complex smart contract interactions and manage DeFi positions while private keys remain isolated on the hardware.

Is there a distinct security advantage to choosing the Bitcoin-only edition over the Multi edition?

Yes. The BitBox02 Bitcoin-only edition features a significantly reduced firmware footprint. All code related to Ethereum, altcoins, and smart contract functionalities has been entirely removed. This strict minimization drastically reduces the potential attack surface and eliminates risks associated with complex altcoin parsing, offering a dedicated and highly secure environment for users who strictly self-custody Bitcoin.

BitBox02 FAQ

How does the dual-chip architecture of the BitBox02 enhance its resistance against physical side-channel attacks compared to single-chip designs?

The BitBox02 employs a unique dual-chip architecture combining a standard microcontroller (MCU) with a specialized ATECC608B secure element. While the open-source MCU handles the complex cryptographic operations and USB communications, ensuring the code can be fully audited by the community, the secure element acts as a hardened vault for the master seed. This separation of concerns significantly increases the device's physical security. If an attacker gains physical access, the secure element mitigates side-channel attacks like power analysis and fault injection, while the MCU prevents the secure element from being a black-box attack vector, offering a balanced, highly secure threat model.

In what specific ways does the Bitcoin-only edition of the BitBox02 reduce the overall attack surface relative to the Multi edition?

The Bitcoin-only edition of the BitBox02 runs a specialized, radically stripped-down firmware that exclusively supports the Bitcoin protocol. By removing the codebase required to support Ethereum, Litecoin, and thousands of ERC20 tokens, the firmware size and complexity are drastically reduced. This minimal footprint inherently lowers the probability of software bugs or unforeseen vulnerabilities being exploited. Furthermore, it completely eliminates the risk of cross-chain signature attacks and ensures that the hardware resources are dedicated solely to Bitcoin's specific cryptographic requirements, appealing to strict Bitcoin maximalists seeking the smallest possible attack surface.

What cryptographic mechanisms does the BitBox02 use to secure the microSD card backups, and how does this differ from standard BIP39 mnemonic phrases?

Unlike standard BIP39 hardware wallets that force users to write down 24 recovery words on paper—a process prone to human error, theft, and physical degradation—the BitBox02 allows instant, localized backups directly to a standard microSD card. This backup is not simply a plaintext file; it is cryptographically secured and bound to the device. While the exact seed is stored on the card, it provides a much more robust physical backup method that avoids the pitfalls of paper. Users who still prefer the traditional method can optionally display and record the BIP39 seed words, providing dual-layer backup flexibility.

How do the invisible capacitive touch sensors mitigate the mechanical failure risks inherent in traditional hardware wallet buttons?

Traditional hardware wallets often rely on tactile, mechanical buttons for user input and transaction confirmation. Over time, these physical components are susceptible to wear, tear, and eventual mechanical failure, potentially locking users out of their funds if the buttons become unresponsive. The BitBox02 mitigates this physical degradation vector by integrating invisible capacitive touch sensors directly into the device's casing. These sensors require no moving parts, drastically increasing the physical longevity and durability of the wallet while providing intuitive tap, slide, and hold gestures for navigating the interface.

Given its non-air-gapped nature, how does the BitBox02 secure USB communications against malware on the host machine?

Although the BitBox02 connects directly to a host computer or smartphone via USB-C rather than relying on air-gapped methods like QR codes or SD card file transfers, it employs robust protocols to secure this connection. All communication between the BitBoxApp on the host machine and the BitBox02 hardware is encrypted using the noise protocol framework. This end-to-end encryption ensures that even if the host machine is compromised by sophisticated malware attempting to eavesdrop on or manipulate the USB traffic, the attacker cannot decipher the communication or alter transaction details without the user explicitly verifying the correct data on the device's OLED screen.

BitBox02 FAQ

How does the dual-chip architecture of the BitBox02 enhance security compared to single-chip designs?

The BitBox02 employs a unique dual-chip design that pairs a standard microcontroller with an ATECC608B secure element. This architecture ensures that the device benefits from the open-source transparency of the microcontroller while utilizing the secure element to harden the wallet against physical tampering and brute-force attacks, providing a robust defense mechanism without relying entirely on a closed-source component.

What are the specific operational differences between the Multi edition and the Bitcoin-only edition of the BitBox02?

The Multi edition is designed for broader portfolio management, supporting Bitcoin, Ethereum, Litecoin, and over 1,500 ERC-20 tokens. In contrast, the Bitcoin-only edition features restricted firmware dedicated exclusively to Bitcoin. By removing the code required for altcoin and smart contract support, the Bitcoin-only edition significantly reduces the attack surface, making it an ideal choice for strict Bitcoin maximalists seeking maximum security.

How does the microSD backup method mitigate the risks associated with traditional written seed phrases?

Unlike standard hardware wallets that force users to write down a 24-word BIP39 recovery seed, the BitBox02 allows for instant, offline backups directly to an included microSD card. This method eliminates the risk of physical observation, transcription errors, or loss associated with paper backups, though standard BIP39 seed words can still be displayed and recorded if the user prefers traditional redundancy.

Why is the BitBox02 not considered fully air-gapped, and how does it manage network risks over its USB-C connection?

The BitBox02 connects directly to a host device (computer or Android smartphone) via USB-C, meaning it does not rely on air-gapped communication methods like QR codes or SD card file transfers for signing transactions. However, it manages network risks by ensuring that private keys never leave the secure boundary of the device. All transaction data is passed to the hardware for isolated signing, and only the cryptographically signed transaction is returned to the connected device for broadcasting.

How do the invisible touch sensors function alongside the OLED screen for transaction verification?

The BitBox02 replaces physical buttons with invisible capacitive touch sensors integrated into the sides of the device. Users interact with the wallet by tapping, sliding, and holding these sensors to navigate menus and enter passphrases. When verifying a transaction, the crisp OLED screen displays the exact details, and the touch sensors require deliberate physical confirmation, ensuring that malware on the host computer cannot authorize transactions without the user's explicit physical consent.

Why buy the BitBox02

The BitBox02 stands out through its unique dual-chip architecture, which bridges the gap between the transparency of Trezor and the hardware security of Ledger. Unlike the Ledger Nano series, which uses a closed-source Secure Element, the BitBox02 combines an open-source microcontroller with a dedicated secure chip (ATECC608B) to protect your seed. This approach allows for a fully auditable open-source firmware while still providing high-grade physical protection against extraction attacks.

Furthermore, the BitBox02 offers a superior user experience for privacy-conscious users compared to standard Trezor or Ledger devices. It features native support for connecting your own full node, an easy-to-use microSD card backup system that eliminates the immediate need to write down recovery words, and a "Bitcoin-only" edition that further reduces the attack surface by stripping out all non-Bitcoin code.