BitBox02 Review

This article is not sponsored and contains no referral links to any products. I acquired all mentioned hardware wallets at my own cost.

TL;DR: BitBox02 is a quality and well balanced hardware wallet good for general public and small-to-medium funds. There are some controversial design choices. Power users will still prefer Coldcard MK3.

What I find nice

• Similar to Coldcard, BitBox02 employs the “best of both worlds” approach to open-source vs secure-element and packages it into a less scary (but less powerful) UX.
• BitBox App (desktop/mobile) is exemplary with respect to security copywriting and security usability. It carefully onboards and teaches a newbie user on key principles along the way. Accompanying online docs are also very clear. The whole App feels like quality engineering.
• BitBox App has full node support, Tor proxy support, Bech32 by default, and even basic coin control. Glad to see Shift Crypto is serious about Bitcoin best practices. However, after initial setup I recommend using a proper, established wallet.
• Encrypted device-to-wallet communication with reliable pairing.
• Website and checkout process are Tor Browser compatible. Payment gets recognized immediately.
• Appealing, premium packaging.
• The microSD card is included (SanDisk 8GB) as well as thick USB cable and *two* USB A/C adapters.
• Convenience random number generator (256 bits displayed as hexadecimal string). I will probably never use it but cool anyway :)

What I find troubling

• Unclear how am I supposed to HODL the BitBox device in my hand. The long edges are all active with invisible touch buttons. Whether on cable or plugged in the laptop, there is no firm way to hold and operate it.
• The default microSD backup will end badly for some users. Electronics fragility aside, the tiny-tiny microSD is simply too easy to get lost. Thanks to “no paper” the setup is quick, convenient and refreshing. But it does feel like cheating. One idea would be to add a beautifully branded case for the microSD card. This way it is at least less likely to get lost. BitBox02 does support classic paper backup but the default microSD backup is what 90%+ users will follow. If you have BitBox02, I strongly recommend going the classic way with recovery words backed up on paper or in steel.
• Anonymous delivery is significantly hindered. Firstly, UPS does not deliver to PO Box (human recipient required) and it is the only option. Secondly, the package won’t fit the common/standard PO Box as it is too large. Counter-intuitively, Coldcard/Trezor/Ledger cheap packaging schemes are advantageous here.
• Anti-tampering bag is not unique per device (it has no unique number). At least it is specific to Shift Crypto (has Shift logotypes on the edges). There are plans to improve on that.
• Device setup requires official “BitBox App” (desktop or mobile). While the app is beneficial for newbie users, power users would prefer to not install another potentially compromised piece of cryptocurrency software. Ideally, the setup step should not require a computer at all.
• The swipe gesture isn’t really a swipe you know from smartphones. It’s more like a drag but one can quickly adjust the habits. No big deal.
• When reviewing transaction on device you cannot go back to address verification. You can only “scroll further” or decline and start over. Annoying.

Issues aside, BitBox02 impressed me as modern and well thought out hardware wallet. Refreshing balance of Bitcoin principles, security and usability. Just be sure to backup recovery words on paper. Do not rely solely on microSD.