Benma is one of the people who get very little praise for their work, but do something that makes everybody’s bitcoins more secure. As a software developer and researcher at ShiftCrypto, he is responsible for using Schnorr signatures to create the anti-klepto system which prevents hardware wallets from leaking private keys. But he’s also found vulnerabilities in the Coldcard wallet, which he ethically disclosed to the Coinkite developers so they can fix the issue.
In this episode, Benma talks about the BitBox02’s position on the hardware wallet market, his work on development and security, why ShiftCrypto believes that the future is mobile, and the current state of multisig setups. We also go through a round of questions in which he must say something nice about competing hardware wallets and also explains in which regards the BitBox02 is better.
The episode is a continuation of last year’s interview with Bitcoin Core developer and maintainer Jonas Schnelli and ShiftCrypto CEO Douglas Bakkum. But while some of the questions have remained the same, the answers have slightly changed. Even though the hardware wallets that we buy are the same, the software has significantly improved – and it’s thanks to all the open source research taking place that we get better security.
In the aftermath of the unfortunate Ledger customer database hack, we also talk about some privacy steps that hardware wallet buyers should take to avoid unpleasant leaks. Essentially, you should never order at your house while using your full name. Ideally, you should also pay with bitcoins, so no credit card information which links to your identity gets stored.
Listen to Benma on Apple Podcasts and Spotify!
If you’re looking for a free and private way of listening to the interview, use the RSS feed.
You have a direct download button which allows you to get the audio file on any device, and the minimalistic design should also take the minimum amount of bandwidth. It’s also a private way of listening to the episode, as you can access it with the Tor browser and I don’t collect any kind of information about your identity.
This episode is sponsored by Vaultoro and Wasabi Wallet.
If you would like to support the show and you’re into trading hard money like bitcoin, gold, and silver, then sign up to Vaultoro using my referral link. Vaultoro will help you forget about shitcoins and focus on sound money. They also allow you to pick up your gold bars or have them shipped to your address, so you don’t have to trust any custodian with your money. Keep in mind that you are responsible for your own decisions and I am not providing you financial advice.
And if you would like to increase your network and transaction privacy, you should download Wasabi Wallet on your computer. It routes your connection through the Tor network to hide your IP, it downloads block filters so you validate your own transactions locally without appealing to a trusted third party, and it also connects to your own full node to boost your financial sovereignty. Wasabi is best known for its link-breaking CoinJoins, which are giving a hard time even to the EuroPol. Use the wallet to increase your financial sovereignty, but don’t do any illegal stuff – use your financial sovereignty with responsibility (also read the Wasabi terms of service).
0:00 – 04:00: Intro
04:00 – Why Benma wouldn’t call himself a hardware wallet hacker, despite disclosing a vulnerability in the Coldcard Mk3.
04:30 – The BitBox02’s journey since getting launched in late 2019.
07:30 – Typing on the BitBox02
09:30 – What makes the BitBox02 unique?
12:15 – Connecting your Bitcoin full node to the BitBoxApp and other power user features
14:10 – The anti-klepto feature on the BitBox02 and how it involved Schnorr signatures, and the review of Blockstream’s Jonas Nick and Andrew Poelstra
22:36 – BitBox02’s encrypted communication with the computer and mobile phone
24:00 – Connecting your BitBox02 to Android devices
27:53 – BitBoxApp on ChromeOS and Chromebooks?
29:00 – BitBox02 vs Trezor Model T
33:12 – BitBox02 vs Ledger Nano S/X
36:33 – BitBox02 vs Coldcard
40:40 – PSBT and security
41:55 – When does an airgapped cold storage help?
48:40 – BitBox02 vs Cobo Vault and other new hardware wallets
50:55 – Multisig
56:00 – Shamir Secret Sharing
1:00:00 – Replacing hardware wallets with improvized setups
1:05:30 – Why hardware wallet alternatives are not really feasible
1:06:30 – Hardware wallets and privacy
1:13:00 – What is next for BitBox02 and ShiftCrypto?
Questions that I asked to Benma:
- The BitBox02 was launched in 2019 and has brought some really useful research to the hardware wallet market. How has the journey been so far?
- Let’s talk about BitBox02’s position in the hardware wallet market. What makes the device unique, as compared to the others?
- Recently, you have launched the Anti-klepto feature through a firmware update. It aims to protect you from leaking your private keys. How does that work?
- Let’s talk about the BitBoxApp and the mobile integration. It’s interesting to see that you can connect your BitBox02 to both a computer and an Android phone, but what are the major differences in terms of usability and security?
- This is the part of the interview where I’m doing to ask you to compare the BitBox02 with other popular hardware wallets on the market. Don’t worry, everyone gets these questions. I’ll begin with Trezor’s Model T: can you say something you like about it and something that you think the BitBox02 does better?
- What about Ledger’s Nano S & X? Is there anything that they do better than the BitBox02? And what it BitBox02’s competitive advantage?
- I’ve noticed that ShiftCrypto’s security department is responsible for disclosing lots of Coldcard vulnerabilities. What would you say is a feature that Coldcard does well, and in which respect does the BitBox02 beat it?
- What about the Cobo? What do you like about it and what does the BitBox02 do better?
- There are lots of new hardware wallets that are about to get launched or are still in the delivery process. You have the Foundation Devices Passport, Blockstream’s inexpensive Jade, the Specter wallet, and many others. Is there any one of them which caught your attention for doing something great?
- Let’s talk about PSBT, air-gapped devices, camera devices which scan QR codes. Do you believe that these solutions are better than connecting your device via USB cable?
- What are some of the security advancements that get you most excited?
- There are some people like JW Weatherman who tell people not to use hardware wallets at all and instead get old laptops that can run Bitcoin Core. There are also people like Arman the Parman who recommend open-source solutions that you can build with a Raspberry Pi Zero. What do you think about their approaches and why should people still buy hardware wallets?
- After the Ledger database leak, there have been concerns about the privacy of people who buy hardware wallets. What do you think is the best way to buy hardware wallets and what is ShiftCrypto’s policy for customer data to avoid leaks?
- In Jameson Lopp’s multisig comparison test, the BitBox02 came first in terms of speed. Do you believe that multisig is the silver bullet for security? What do you think about stuff like Shamir Secret Sharing to replace the need for multisigs? Also, do you think that multisig setups will get better standards?
- What’s next for BitBox02 and when is ShiftCrypto going to launch some of the other projects (the BitBoxBase node and everything else you announced)?