Topic: Bitfi wallet - most user-friendly functionality, does not store private keys (Read 651 times)

Vertbase and Digibyte are happy with the security Bitfi has TODAY, so I guess I will buy one, split my coins over trezor, ledger and bitfi

Read the thread.

Short summary:

• It is just a brainwallet, and we all know how bad brainwallets are..
• It had tons of vulnerabilities (no clue about the current state, but wouldn't expect it to be better now)
• The company is doing shady stuff
• It is just a brainwallet.

I think you can answer the question, whether it is better or worse than a regular hardware wallet, yourself.


P.s. Even a webwallet is more secure than this crap.

Is this wallet better or worst than nano ledger s?  Is there a reason why anyone would use any wallet besides trezor or nano ledger?

I´m not sure if I agree with you 100%, you focusing to much on the bounty IMO

The hackers were able to hack into the firmware, modified the whole device and only then do a transaction and tracing the seed out of the RAM as long as it was there in using a security whole in the device.
Am I wrong with that? They did not get into anything that already was on the device, didn´t do a withdrawl of the original transfered coins.
To me this is totally fine with the bounty rules. If they said, buy a new one, load it up with your coins yourself and try to hack it, that would be a different story, then they would have
lost the bounty.

Is it OK to not reward the bounty hackers with something after there experts didn´t find that RAM problem themself and actually produce the first Bitfi? Or did they find out themself???
I think rewards should get paid out if it can be proven. There was something paid so don´t know for what and if that front is cleared or not, lost overview with that 

So as I said before, we have 2 parties who are not 100% right or wrong. Doesn´t Bitfi have the right to correct themself even if they had a big mouth?

- I´m with you that a security device at first should not be hackable that easy and get root-access on top of that -- is this fixed? I don´t think so, is it feasible at all? I don´t know!
- Nothing in the device should store anything from a past transaction -- that was fixed, can anybody prove it is not so? That would solve the most important big problem IMO
- The Dashboard did not detect that the device was modified -- is a fix feasible? I don´t know, but this is a problem every device has and SURELY I WANT THEM ALL TO FIX THAT.
 
If your device can´t be 100% secured from a root-hack, your software/portal/dashboard, whatever !!! HAS TO DETECT THAT AND WORN YOU THAT THE DEVICE WAS COMPROMISED !!!
I don´t care how they do it but without that safety of our funds are at risk. You know how I shit myself when Komodo had their problem with the Agama Wallet? I sick of all that nonsense.
If I can´t be 100% sure that my device is 100% as the manufacturer produced it how secure can I feel then?

The real drive is we don't want newbies who don't know any better to be ripped off by buying a glorified brain wallet and end up losing all their hard earned bitcoin.

The only reason the bounty wasn't awarded is because Bitfi kept changing the goal posts and then cancelling it all together so they didn't have to pay out. The conditions were met several times by different people. They managed to extract the seed in plain text from the device, meaning all coins can be instantly stolen. Bitfi's claim was their wallet was "unhackable". I'm pretty sure extracting the seed counts as being hacked.

Even forgetting how horribly insecure their device is, even forgetting it had been hacked wide open multiple times, even forgetting the seed is extractable, even forgetting you can gain root access and install custom firmware; even forgetting all that, at the end of the day, it's still a brain wallet. Brain wallets are even worse than web wallets on the scale of "good security".

Buy one if you want, but realise that your funds are at constant risk of being stolen, and there is literally nothing it does that cannot be achieved more securely and for free with some freely available and open source software.

Oh boy I worked me through this thread and I don´t know what to think of all the posters attacking Bitfi with such a passion and wonder what their real drive is.
Come to the point guys.

As far as I understood there was NOBODY that did empty the delivered wallet, is that fact or not? Don´t come with the "but I got root-access sh..." that was clearly not the part of the deal.
If somebody found out that the device RAM was readable than he should just do the transaction and got the 250k.

So we have hackers who clearly can´t read bounty rules because they where only able to do sh... after modifing the device and then trace the RAM, but still the stored coins could not be extracted right?

On the other hand we have a company who did lean a bit to much out of the window, not knowing that the device RAM did store their private keys for some time.
I guess they did fix that with an firmware update for the first generation and on the getgo with the second generation.

To me, both claims are somekind of wrong, but in the end, Bitfi was more right, their claim could not be broken.
The product needed some more "optimization" as we learned and they delivered on that.

What else should be answered:
Who did found the weakness first?
Hacker of the bounty? Then this person might "deserve" a reward for saving Bitfis ass, this could have ended in a big scandale many years later.
It simply would be a nice gesture of Bitfi, with the help of the bounty they where able to optimize their product.

Fix was implemented, has since then anybody came out proving they are able to move coins out???
Was someone able to root-hack, modify device and trace the RAM again???

Is the device still rootable?
The device is branded with a unique ID great, but how can I be 100% sure the firmware was not modified?
Is there somekind of an online check today where we can see and be sure that the device was not modified on the way or anytime later.
In the past hackers did modify with root-access and the Bitfi Dashboard didn´t even detected that. Is it even possible to protect yourself from that
or is this technically not possible? Would be bad if not, the integrity of the device is super important.

All in all I would say this is great alternative on the market. I´m using both trezor and ledger at the moment and as far as I know, using the trezor with extra 25th phrase is as secure
as you can get. I´m not scared about losing my fund on them. So I´m not in a hurry to buy an Bitfi but in the next few month I think I will buy one.

I see no reason in debating with you. All you do is trying to make your wallet looking good. No matter what we say

The real question is whether you are REALLY believing that shit you are saying, or whether you just want your wallet to look good.



You do not understand that the whole concept of the bitfi wallet is trash.




The 'key' to your BTC has to be stored somewhere.
It is better to store them on a device, than in your own head (= brainwallet).

Brainwallets are bad. This is a fact.
There is 0 sense in using a bitfi wallet if you are going to store coins on a brain wallet. Might as well use free software instead.

Quite funny that people still were able to extract private keys from a bitfi 
They can't extract private keys from a 'software brain wallet'...

So YOUR brain wallet is even worse than a standard brain wallet. Congratulations.


This was my last post in this thread. You are obviously just making provocative online posts. Call it trolling or not.

Hi Bob123,

The definition of a troll is: “a person who makes a deliberately offensive or provocative online post.”

When we have taken to the time to patiently answer every comment & question.

1) Please advise what logical argument are we not understanding or ignoring?

2) So your logic is, that a wallet that contains no private keys and therefore cannot be seized even by the NSA is a one of the worst possible ideas in crypto?

If that’s your logic then ok.

Thanks,

Bitfi Team

I know you are right, but I would hate for all their nonsense to go uncorrected and even one newbie lose their funds to this device. When they open the thread with phrases like "stealing from it [is] impossible" and it "surpasses all other hardware wallets", it is obvious they are targeting newbies who don't know any better. It is obviously false to the majority of the community, as you say, but the majority of the community is not their target audience.

o_e_l_e_o, please..  don't feed the troll.

The majority of this community knows what 'kind of wallet' the bitfi wallet is.
Only newbies without much information and people who want to find another vulnerabilities are going to buy a bitfi wallet.

Here is not the right place to inform newbies about why this wallet is one of the worst possible ideas to be used for crypto.


They are obviously not capable of understanding (or ignoring) each logic argument.
They will never admit that their wallet is broken by design (and additionally implemented badly). It is just a waste of time.

This says nothing about the points you have been making, namely that Bitfi is immune to a $5 wrench attack and the only wallet that can store multiple wallets at once, neither of which are true.

That article simply documents a supply chain attack on Ledger. All wallets, yours included, are vulnerable to supply chain attacks. Ledger have long ago addressed this (https://www.ledger.com/2018/03/20/firmware-1-4-deep-dive-security-fixes/), showing that private keys were never at risk, and patching the exploit regardless.

We understand what you are saying. But we are not sure if you understand what we are trying to say. This sheds some light on the issues we have been discussing: https://ciphertrace.com/ledger-bitcoin-wallet-hacked/

I was referring to a $5 wrench attack. Every wallet, every hardware wallet, every brain wallet, is vulnerable to a $5 wrench attack, yours included. Using multiple passphrases like you can on a Ledger or Trezor can help to mitigate it, but your wallet is not invulnerable to it as you claim.

Again, that's not accurate. On my Ledger I choose my passphrase myself, it is not stored on the device, I only enter it in to the device and not a computer, and I don't use a second PIN code. I have multiple passphrases unlocking multiple wallets.

1) You are still wrong here. Bitfi is just as vulnerable as any other hardware wallet. I don't know how many other ways I can try to explain this.

Well all the ways you have explained so far have been false because you are using vulnerability from a year ago to demonstrate your point. But how is it just as vulnerable now? Let’s assume for a moment, if you are willing to keep an open mind, that we are not lying about fixing those vulnerabilities. Then what specifically would you point out that makes it just as vulnerable?

2) This is true of Ledger and Trezor devices as well. Owning a Ledger/Trezor doesn't guarantee a wallet is on it, and with the use of passphrases, I could have 100 different wallets on the same Ledger/Trezor at the same time.

We already discussed the 25th passphrase option at length. There is just a lot more to it. One of the wallets you cite the 25th word or phrase is entered into a computer (where it’s acting like a hot wallet on top of a cold storage wallet) and in the second device the 25th word is auto generated and on device itself making it accessible via a second pin code. And there is much more to take into consideration. We are not here to trash other wallets. We think that these cold storage device and the companies behind them are doing a wonderful job with their specific solution. We are providing an entirely different technology. We are not asking you to use the Bitfi Wallet. But it would be nice to engage in constructive discussion where we both learn something (we don’t know everything, obviously). There is a lot more to security than just what we are discussing here.

3) I honestly cant fathom why you keep claiming Bitfi is the only device with this functionality, when both Ledger and Trezor had this functionality before your device even existed.

Please note that the Bitfi device does not have any data at all. No seed, no private keys, nothing to ever recover, nothing to ever download or install, and many other things. The security mechanism of Bitfi is also completely different. It may not be for you. Not everyone has an iPhone. It’s a good product but some people just love their Blackberry.

You are still wrong here. Bitfi is just as vulnerable as any other hardware wallet. I don't know how many other ways I can try to explain this.

This is true of Ledger and Trezor devices as well. Owning a Ledger/Trezor doesn't guarantee a wallet is on it, and with the use of passphrases, I could have 100 different wallets on the same Ledger/Trezor at the same time.

Again, this is true of Ledger and Trezor.

I honestly cant fathom why you keep claiming Bitfi is the only device with this functionality, when both Ledger and Trezor had this functionality before your device even existed.

Hi o_e_l_e_o,

Good to hear from you again.

1) This is true of all storage methods, including all hardware wallets and also including your brain wallet.

Yes, this is true of all storage methods and all hardware wallets, except Bitfi. First, as already explained Bitfi is not a brain wallet. Here is a brain wallet: https://keybase.io/warp/warp_1.0.9_SHA256_a2067491ab582bde779f4505055807c2479354633a2216b22cf1e92d1a6e4a87.html - as you can see all it does is generate one Bitcoin address, it does not have any way to send coins, it has no way to view your balances, it does not show your transaction history, it does not allow you to sign messages with your private key, it does not lets you store an unlimited number of coins, tokens, and files under a single salt & phrase, and so on. Calling Bitfi a brain wallet, is like saying that a car is just a horse that can go slightly faster.

Second, the Bitfi device is just a private key generator. So it is impossible to know if a user has 10 wallets or even has a wallet at all. Its like finding a Texas Instruments calculator. A thief cannot target you because it is impossible for him to know what you have or don't have. We want to again make it clear that we are not saying our method has reached perfection. Some people, even if they have set proper protections from a wrench attack, if they are easily frightened and have a gun to their head they will panic and give over all the information anyway. But the ones who are a little calmer can give the attacker a wallet they specifically created for this situation so the attacker thinks they cleaned them out. There is just no way to know about any other wallets and it pointless for thief to take the device itself since it has no data.

2) There is literally video evidence I provided higher in this thread of an attacker extracting the passphrase from one of your devices.

First, as we have indicated already several times this vulnerability has been fixed. Second, the passphrase that was extracted was one that the hacker himself set and retrieved in an evil made attack. It works like this: you have a Bitfi Wallet, then some experienced hacker breaks into your house while you are away and then injects the device with code, and then when you use it next he will get your passphrase. This is not the same as taking a wallet you have used previously and then extracting the passphrase. This relies on capturing your passphrase when you use it next (assuming you don't know it has been modified). But again, we can show your hundreds of attacks on the wallets you currently use in the last few years but you won't accept them as evidence that your wallet has these issues because your will rightfully think that probably the manufacturer fixed these vulnerabilities when they were discovered. So why keep saying over and over again that you have proof of something from a year ago? We have same proof of your wallet but a hundred times over. We are not denying that the evidence you presented is real (despite the fact that the person who presented this never disclosed any reproducible method). We are telling you that devices that people are using today, do not have this vulnerability including the people who purchase the very first batch of devices. Why do you keep repeating over and over that this can be done on our wallet because of vulnerability found a year ago? It has been fixed. Really, it has been fixed.

3) This is true of any wallet which isn't a web/exchange wallet, not just Bitfi.

Yes. You are right. We are just trying to take this a bit further. Your current bank can be seized by the government, that much we are sure you understand. Bitfi cannot be seized.

4) This seems like a pretty big flaw to me. So you are saying it is possible for an attacker with the same Device ID to spam fraudulent requests, and they would all get pushed to my device? So when I try to make a transaction, an attacker with the same Device ID could quickly try to make a different transaction, it would be pushed to my device, and I could end up signing it by mistake?

It doesn't work like that at all. If someone pushes a request to your device from their Dashboard (because they know your device ID, which is ok for them to know) your device will receive a pop-up requesting salt & phrase. But the request is for the wallet of the individual that pushed the request (lets say to send 1 BTC), so then the only way for that BTC to go out is for you to sign the request with HIS/HER salt & phrase. And even if you knew this random individuals salt & phrase (which of course you don't) and signed with it, all it would do is send THEIR BTC out, not yours. If you somehow get confused and actually sign that request with your salt & phrase you will get an error because the private key the device would generate is not the correct private key for that persons wallet. In other words, in this whole exercise, nothing you do (even if you are very sloppy and confused) would result in any loss of funds to you.

5) If this were true at all, phishing sites would simply not exist. You again demonstrate a lack of understanding surrounding basic security and attacks.

We think you are twisting words. Obviously what we are saying is that it is a massive undertaking to not only counterfeit the device, but then to also build the entire infrastructure around it so that everything works exactly the same, all in the hopes that some very clueless person goes to a different URL and actually sets up this fake wallet and uses it. Phishing attempts are looking for a quick way to scam someone. Like gain access to some account on some website. Because its easy, inexpensive, and you can target many people at the same time. But to set up the entire infrastructure, manufacture an identical device, make it work in an identical way, basically spend millions of dollars on development then set-up distribution for people to buy this device all in the hopes that a few individuals get duped into creating their wallet on the wrong URL is far fetched. We are not saying it's impossible. But its about as likely to happen as Craig Wright admitting he is not Satoshi Nakamoto.

This is true of all storage methods, including all hardware wallets and also including your brain wallet.

There is literally video evidence I provided higher in this thread of an attacker extracting the passphrase from one of your devices.

This is true of any wallet which isn't a web/exchange wallet, not just Bitfi.

This seems like a pretty big flaw to me. So you are saying it is possible for an attacker with the same Device ID to spam fraudulent requests, and they would all get pushed to my device? So when I try to make a transaction, an attacker with the same Device ID could quickly try to make a different transaction, it would be pushed to my device, and I could end up signing it by mistake?

If this were true at all, phishing sites would simply not exist. You again demonstrate a lack of understanding surrounding basic security and attacks.

Hi HCP,

1) Ask the Electrum devs how good users are at "checking if the URL is correct"...

This is true. Ultimately someone will get scammed, especially if they are not careful. We hope that our comments are not misinterpreted to mean that we believe that we have perfect or foolproof systems. Far from it. If we did, we can just send all the engineers home, yet our development is ongoing and only just beginning. But since it is impossible to evaluate a product in a vacuum, competitors products are used as a frame of reference. So to clarify, we are simply saying that it is much more difficult to counterfeit Bitfi compared to other hardware wallets and it is much more difficult for a counterfeiter to sell them. We are not saying it is impossible. It is just not worth the effort for counterfeiters.

2) Do you have (or are you planning to release) Linux and MacOSX versions of the recovery tools? As far as I can see... all that is available is a couple of Windows .exe/.dll binaries? Also, given these tools are available from "many other places", are these recovery tools digitally signed, or is there any other way to verify that they are legitimate and not malware or fake versions designed to simply steal passphrases+salts?

Yes, we will release MacOSX version. Linux not sure, will have to ask. We are sorry for the inconvenience and that it is only available for Windows at this time.

Yes the tools are digitally signed. For instance, The MD5 Hash for ToolV2.exe is: MD f422c50d68b9fe1435892523a6af6580 or SHA256:   1926c3af7566efc4ce8b1405dc71c77e6c699f80e864c41391cefe469f4d3273.

However, even if the tools were not digitally signed, you operate the program offline. If its not running the correct algorithm it just wouldn't generate the correct private key. So the only danger would be that it has malware designed to steal users salt & phrase when they reconnect to the internet. For this reason we have dozens of warnings on this website: https://www.btknox.org


3) Except for the fact that you need some executable Windows binaries, developed I assume by Bitfi, to recover your funds should your device be unusable for whatever reason... is that correct?

We recommend that users download and save a copy of these recovery tools and keep them in many places. And of course thousands of other Bitfi users have done the same. So there will always be a copy out there to generate your private keys should devices not be available. All you ever need is your salt & phrase.  

4) We thought this might be of interest to bones261 & o_e_l_e_o: https://twitter.com/danheld/status/1116326374166364160 People underestimate how many innocent people are affected by this every day and this is what is fueling the development of Bitfi.

Thank you,

Bitfi Team

Ask the Electrum devs how good users are at "checking if the URL is correct"...


Do you have (or are you planning to release) Linux and MacOSX versions of the recovery tools? As far as I can see... all that is available is a couple of Windows .exe/.dll binaries?

Also, given these tools are available from "many other places", are these recovery tools digitally signed, or is there any other way to verify that they are legitimate and not malware or fake versions designed to simply steal passphrases+salts?


Except for the fact that you need some executable Windows binaries, developed I assume by Bitfi, to recover your funds should your device be unusable for whatever reason... is that correct?

Hi bones261,

Thank you for asking these thoughtful questions and having a civil discussion with us. Maybe other people will read this and learn a bit about what Bitfi is doing.

1) Wouldn't the government's courts be able to compel you to give up your passpharse as a condition of your plea deal? I suppose that this only protects you if you are exonerated or are willing to go to trial and risk a more harsh sentence.

There are hundreds of governments at country level and millions at state and city level. We are not just considering the conditions in the USA. The bottom line is that Bitfi makes you into your own bank. So what you do is entirely up to you. But what matters is that you have that choice to decide what you will or will not do and what you will or will not agree to. You have the leverage. One of the biggest abuses of power in the United States is that the government puts a freeze on your assets and your close relatives assets (lets say you are a really good person but you imported a container of mangos under the wrong license). The reason they do this is because then you don't have funds to hire an attorney and you are going to get a court appointed clueless lawyer fresh out of law school which pretty much guarantees a win for the government and a long prison sentence.

This is a violation of your Sixth Amendment rights of the US Constitution which states “in all criminal prosecutions, the accused shall enjoy right to have assistance of counsel for his defense.” But this has become nothing more than empty words. Cryptocurrency is so important because it restores people's constitutional rights. Secondly, we often get accused of things like "you are making technology that helps criminals!" Well, all technologies help criminals including encrypted communications, internet, boats, airplanes, etc. If we blocked every technology that helps crime, we would still be riding horses (although it can be argued that even horses can be used in criminal activity).

2) Does the device not function properly without a valid device ID? I thought that you assured me earlier that I could still access my coins if your company went defunct and my device is on the fritz. Also, if my device is no longer functioning, am I going to not be able to access my coins until I get a replacement? Furthermore, what is to prevent the counterfeiter from simply making their own user ids and providing instructions to go to their similar looking web page? Also, why would this counterfeiter care about angry customers? If they sold 10000 units, I'm sure they would get a few suckers to steal from and then make a proper exit scam. Furthermore, when I am going to buy a hardware wallet or similar device, I'd prefer to buy this straight from the manufacturer. Buying from anyone else is just asking for trouble.

It's important to understand that Bitfi is not a storage device. It is a computing device, a private key generator. Therefore it is not a device dependent wallet. The Bitfi device you see in pictures is not the wallet and neither is the Dashboard interface. The wallet is quite literally your salt & phrase. It is irrelevant what happens to your device. The reason each device has a unique ID is because it tells the Dashboard which device to send requests to. It works like this: lets say you want to send some Bitcoin; in your Dashboard you click send and in the send window you enter address you are sending to and the amount (lets say 1 Bitcoin), as soon as you press "submit" your device instantly receives a pop-up asking you for your salt & phrase. When you enter your salt & phrase the device then calculates the private key for that currency, signs with the key, and then transmits the approval to the blockchain. The private key instantly dissapears. So this is the sole purpose of the Device ID. If you had 10,000 devices with the same Device ID then when you do this, all 10,000 would get this pop-up request. It would be unusable and all developers around the world would see it happening immediately. Here you can see on our open source platform, we have a transparent web service which is a real time stream of each devices activity: https://bitfi.dev/NoxMessages/History.aspx?NOXWS=ServiceEvents you can see that each device has a unique public key. So since the platform is open to developers all over the world, everyone would see instantly that there are multiple devices with the same ID being used and then many frustrated users getting pop-up requests they didn't initiate.

If a counterfeiter creates an entire infrastructure to not only make the devices but even the Dashboard the devices work with, then this would not work at all because to log into the Bitfi Dashboard you need to go to https://bitfi.com/knox. So if you are being asked to go to any other URL, its pretty obvious that you are being scammed.

Finally, if no device is available at all you would just use the recovery tools to generate all your private keys with your salt & phrase and then import them into any other wallet. These tools can be downloaded on https://www.btknox.org and many other places. We show here how easily this is done: https://twitter.com/TheBitfi/status/1111434686645960707

So you are not dependent on any device and you are not dependent on Bitfi in any way. You are your own bank. Thanks again,

Bitfi Team