My Authors
Read all threads
1) We are receiving many inquiries about the differences between the original Bitfi & the new Bitfi.2. Here is a brief summary. Of course both devices share the unique security mechanism where private key only exists for split second during transaction.
2) We developed Bitfi to address very serious security concerns that go well beyond what you will see with other wallets. With the design of the Bitfi.2, we removed any physical access (USB Data/Access to internal components) without those attempts visibly destroying the device
3) or making it obvious it was tampered with. We accomplished this through a series of modifications to original design. It is sealed & filled with a thermal shedding, heat resistant resin which bonds to the internal components after provisioning. One of the properties of this
4) resin is its high thermal resistance. The case & screen have a lower melting point than the resin which would stop attempts to access the device via a heat gun or hotplate. Both devices do not transmit any keys whatsoever (Transactions are built & signed on the device).
5) The Wi-Fi Drivers have been source code reviewed & fuzzed extensively. There are a variety of verification & validation mechanisms for ensuring that it only "talks" to our systems & use a 3 layered encryption method (SSL Pinning, ECDSA based communication Verification, & of
6) course the transactions themselves are encrypted although they contain no sensitive information. We’ve gone through AOSP hardening & the device isn't allowed to communicate with any other services beyond the ones designated as part of the Bitfi solution. All device features
7) & functions are stripped or completely locked out. We have gone through extensive dynamic and static code analysis (source code is available on Bitfi.dev for review). On both devices, keys are never permanently stored & there are several layers built into the
8) device to ensure memory is properly & immediately cleared. We moved to native libraries with V114 after going through a public source code review to address "in memory" side-channel attacks. USB/JTAG/UART/SPI are inaccessible & as mentioned above cannot be accessed
9) & board cannot be modified without destroying it. All devices have a unique hash which is calculated as the user begins typing their salt every time & is not stored on the device. This hash allows users to ensure their device has not been tampered with from a programmatic
10) perspective & is managed by a second administrative app which is verified by our services for integrity. Firmware updates are pulled by the device when they are made available, it then hashes all bytes to perform ECDSA check. These hash checks are performed server-side to
11) ensure they match with our update package & has not been tampered with. ALL transactions including updates with their corresponding signatures are available at bitfi.dev. Any attempt to flash the devices lower level bootloader or operating system OTA would
12) require an OTA update package specially built for our devices as well as the OTA secure update keys. These are not publicly available & even if they were lost or stolen the OTA update packages are not enabled on the device, rendering them useless. If attacker was able to get
13) our entire source code for our preloader, bootloader, OS, APP &even gained access to our servers & our admin application which monitors all wallet &device activity & prevents any communications or other changes to the device, they would still not be able to push a malicious
14) update because the update would require a signing key, & any attempt to push lower-level code changes will immediately wipe out the unique identifier & force the device into a default unprovisioned state. Provisioning is impossible without a special service & a series of keys
15) that are tightly controlled & air-gapped from all other systems. All application code compilation is done using deterministic builds & code signing is done on an air-gapped system & hashes are checked to verify they match after upload & by device & server when a device pulls
16) the update. As can be seen above these processes and the steps we have taken, while simplistic, are highly effective. We will be publishing more information and details on this innovative technology in the near future.
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Bitfi - open source: bitfi.dev

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!