Fully open-source Swiss hardware wallet with ATECC608A secure element at $173, built by Shift Crypto with verifiable firmware and a minimalist single-purpose design.
BitBox02 is a solid mid-range hardware wallet at $173 with a strong open-source security posture. Fully open firmware, reproducible builds, and secure boot make it one of the more auditable options available. No Shamir Secret Sharing, no offline QR signing, and no Bluetooth limits flexibility for users needing air-gapped or multi-device workflows.
The BitBox02 uses a Microchip ATECC608A secure element, but with an important caveat: it is not used for private key storage. Instead, the device uses it for device attestation and to strengthen the PIN-derived key. Private keys are stored in the main MCU (STM32). This is a meaningful architectural distinction from competitors like the Ledger Nano X, which uses an ST33 CC EAL5+ certified secure element for direct key storage, or the Coldcard Mk4, which uses a ATECC608B in a more integrated key-protection role.
On the firmware side, BitBox02 supports reproducible builds — one of only a handful of hardware wallets that do. Firmware is signed by Shift Crypto, and the update mechanism requires explicit user confirmation on-device. Secure boot is implemented, preventing unsigned firmware from running.
Genuine device verification is supported: the BitBoxApp performs a cryptographic attestation check against Shift Crypto's servers on first connection. This guards against supply chain substitution attacks, though it does require a network call — meaning full offline verification is not possible without trusting the app.
The firmware and companion app are fully open source on GitHub, allowing independent audit. No critical vulnerabilities have been publicly disclosed as of this writing, though the non-SE key storage architecture means physical extraction attacks on the STM32 are a theoretical concern that a dedicated SE-based design mitigates more robustly.
SecurityKey Factor
The BitBox02 generates a 24-word BIP39 seed on-device during setup. It does not support SLIP39 (Shamir Secret Sharing), which means there is no native multi-share recovery option — a gap compared to the Trezor Model T, which supports SLIP39 natively.
Where BitBox02 differentiates itself is its microSD encrypted backup system. During setup, the device writes an AES-encrypted backup of the seed to a microSD card. Recovery on a new device requires inserting the microSD and entering the device password — no manual word entry required. This significantly reduces seed transcription errors, which are a common cause of permanent fund loss.
Passphrase support (BIP39 25th word) is available, enabling hidden wallets. The passphrase is entered via the BitBoxApp or on-device, depending on the variant.
Standard paper backup of the 24-word seed is also supported for users who prefer metal plate storage (e.g., Cryptosteel, Bilodeau). However, Shamir-based multi-location backup splitting is absent — users who want that must look at Trezor Model T or a Coldcard with SeedQR multi-share workflows.
If the device is lost or broken, recovery on any BIP39-compatible wallet (Electrum, Sparrow, BlueWallet, another BitBox02) is straightforward using either the microSD backup or the written seed phrase. The microSD backup is a practical advantage over competitors that rely solely on paper.
Recovery & backups
Initial setup takes approximately 5–10 minutes: install the BitBoxApp, connect via USB-C, create or restore a wallet, and write the microSD backup. There is no touchscreen — the BitBox02 uses capacitive touch areas on the sides of the device (left/right swipe and tap), which is unconventional but functional once learned. New users often need 5–10 minutes to internalize the gesture scheme.
The display is a monochrome OLED, small but readable for address verification. Compared to the Trezor Model T's color touchscreen or the Foundation Passport's larger display, the BitBox02 screen is minimal — sufficient for confirming addresses and amounts, but not comfortable for extended reading.
The BitBoxApp runs on Windows, macOS, Linux, Android, and iOS. It is clean and well-designed for beginners, with a clear transaction confirmation flow. Advanced features like coin control and multisig are present but require navigating deeper into settings. The app does not feel cluttered, which is a deliberate design choice.
Daily use for sending Bitcoin involves: open app → connect device → select account → enter recipient and amount → confirm on device. The workflow is comparable to Ledger Live in step count but without Ledger's frequent firmware update prompts.
The BitBox02 is well-suited for intermediate users who want open-source software with a clean interface. Pure beginners may find the touch gesture scheme confusing initially; power users may miss a larger screen or QR-based air-gap capability.
Usability / UX
The BitBox02 Multi edition supports Bitcoin, Ethereum, and a range of ERC-20 tokens, plus Litecoin, Cardano (ADA display only — vendor claimed, transaction signing not fully featured), and a small set of other assets. The Bitcoin-only edition is firmware-locked to Bitcoin exclusively, reducing attack surface. Exact supported coin count is not prominently published by Shift Crypto.
Third-party wallet compatibility is a strength: the BitBox02 works with Electrum, Sparrow Wallet, Wasabi Wallet (including CoinJoin), and BTCPay Server for Bitcoin. Ethereum integration works with MetaMask via USB. There is no WalletConnect support, which limits direct DeFi interaction compared to the Ledger Nano X (Bluetooth + WalletConnect via Ledger Live).
NFT management is not a feature of the BitBoxApp, though MetaMask integration allows NFT visibility. QR-code-based air-gap signing is absent — the device is USB-only, which rules out fully air-gapped workflows available on Coldcard (PSBT via SD card) or Passport (QR codes).
For Bitcoin-focused users, the third-party integration story is strong. For multi-chain DeFi users, the ecosystem is noticeably narrower than Ledger's offering.
Ecosystem & integrations
The BitBox02 requires no account registration to use — no email, no KYC, no Shift Crypto account. The BitBoxApp can be used with a self-hosted or third-party node (Electrum server, Bitcoin Core), keeping transaction data off Shift Crypto's infrastructure entirely.
By default, the app connects to Shift Crypto's Electrum servers. Users who want full privacy must manually configure a personal node — the option exists but is not the default, which is a mild privacy gap compared to Coldcard, which never phones home at all (fully air-gapped, no companion app required for signing).
The genuine device check on first setup does make a network call to Shift Crypto's attestation server, which logs a connection event. This is a one-time occurrence but worth noting for high-privacy users.
Tor compatibility: the BitBoxApp does not have native Tor routing, but running it behind a system-wide Tor proxy is functional. Wasabi Wallet integration enables CoinJoin directly with the BitBox02, which is a concrete privacy advantage over the Ledger Nano X, which has no CoinJoin-compatible third-party wallet support. Compared to Passport (Foundation), which ships with explicit Tor support in its companion app (Envoy), BitBox02 is behind on native privacy tooling.
Privacy
The BitBox02 retails at $173 USD (both Multi and Bitcoin-only editions are the same price). Direct competitors price as follows:
Ledger Nano X: ~$149 — cheaper, Bluetooth, larger ecosystem, but closed-source firmware and past data breach history
Trezor Model T: ~$179 — similar price, color touchscreen, SLIP39 support, but no secure element of any kind
Foundation Passport: ~$199 — more expensive, open hardware, QR air-gap, larger screen
At $173, the BitBox02 sits in the mid-to-upper range. The price is justified for users who specifically value reproducible builds + open source firmware + microSD backup in a single device — that combination is rare at any price point.
Best value for: Bitcoin and Ethereum users who want open-source software, clean UX, and don't need air-gap or Shamir recovery. Developers and technically literate users who will verify reproducible builds.
Consider alternatives if: you need multi-chain DeFi (Ledger Nano X is broader), you want Shamir recovery (Trezor Model T), you want a fully air-gapped Bitcoin setup (Coldcard Mk4 at $26 less), or you want open hardware alongside open software (Passport at $26 more).
Price & value
The BitBox02 is a well-engineered, privacy-focused hardware wallet that earns its place as a serious contender for security-conscious users, though its limited coin support and premium price point make it a deliberate choice rather than a universal recommendation.
Buy this wallet if:
You are a Bitcoin-only or small-altcoin holder who prioritizes open-source transparency — the fully open firmware, reproducible builds, and genuine-check features are rare at this price tier.
You want a desktop-first experience with solid cross-platform support (Windows, macOS, Linux, iOS, Android) and a clean companion app without bloat.
You value physical minimalism — at 12 grams and under 10mm thick, the BitBox02 is one of the most pocketable secure elements on the market, with an encrypted microSD backup as a practical recovery bonus.
Skip this wallet if:
You hold a large, diverse altcoin portfolio — the BitBox02's coin support is narrow. Consider the Ledger Nano X ($149) or Trezor Model T ($219) for broader asset coverage.
You need wireless or air-gapped signing — there is no Bluetooth, NFC, or QR-based offline signing. The Keystone Pro ($169) or Passport ($259) are better fits for air-gap workflows.
You require Shamir Secret Sharing for advanced backup redundancy — the Trezor Model T ($219) supports SLIP39 natively.
If choosing between the BitBox02 and the Ledger Nano X ($149): The BitBox02 wins on open-source credibility and reproducible builds; the Nano X wins on coin breadth and Bluetooth mobility. If choosing between the BitBox02 and the Trezor Model One ($59): The BitBox02 justifies its $114 premium with a secure element, encrypted microSD backup, and a more polished physical design — worthwhile for users who want that extra hardware security layer.
At $173, the BitBox02 is a focused, trustworthy device built for users who know exactly what they want. Its rating reflects strong security fundamentals and open-source integrity, tempered by limited versatility.
✓ Our Verdict
The BitBox02 is a well-engineered, privacy-focused hardware wallet that earns its place as a serious contender for security-conscious users, though its limited coin support and premium price point make it a deliberate choice rather than a universal recommendation.
Buy this wallet if:
You are a Bitcoin-only or small-altcoin holder who prioritizes open-source transparency — the fully open firmware, reproducible builds, and genuine-check features are rare at this price tier.
You want a desktop-first experience with solid cross-platform support (Windows, macOS, Linux, iOS, Android) and a clean companion app without bloat.
You value physical minimalism — at 12 grams and under 10mm thick, the BitBox02 is one of the most pocketable secure elements on the market, with an encrypted microSD backup as a practical recovery bonus.
Skip this wallet if:
You hold a large, diverse altcoin portfolio — the BitBox02's coin support is narrow. Consider the Ledger Nano X ($149) or Trezor Model T ($219) for broader asset coverage.
You need wireless or air-gapped signing — there is no Bluetooth, NFC, or QR-based offline signing. The Keystone Pro ($169) or Passport ($259) are better fits for air-gap workflows.
You require Shamir Secret Sharing for advanced backup redundancy — the Trezor Model T ($219) supports SLIP39 natively.
If choosing between the BitBox02 and the Ledger Nano X ($149): The BitBox02 wins on open-source credibility and reproducible builds; the Nano X wins on coin breadth and Bluetooth mobility. If choosing between the BitBox02 and the Trezor Model One ($59): The BitBox02 justifies its $114 premium with a secure element, encrypted microSD backup, and a more polished physical design — worthwhile for users who want that extra hardware security layer.
At $173, the BitBox02 is a focused, trustworthy device built for users who know exactly what they want. Its rating reflects strong security fundamentals and open-source integrity, tempered by limited versatility.
Ready to buyBitBox02?
We may earn a commission if you purchase through our links. This doesn't affect our editorial independence.
Impermanent loss happens when asset prices in a liquidity pool diverge from external markets, reducing the value of liquidity providers' holdings compared to simply holding the assets.
EAL Certification (Evaluation Assurance Level) from Common Criteria rates the security of hardware components, like secure chips in crypto hardware wallets. Higher levels, such as EAL5+ or EAL6+, indicate stronger resistance to attacks.
Reproducible Builds refer to the process where the same source code consistently produces identical binary outputs, ensuring verifiable and trustworthy software in blockchain and crypto projects.
Cryptocurrency is a digital or virtual currency secured by cryptography, operating on decentralized blockchain networks to enable secure, peer-to-peer transactions.
A block confirmation is the process of verifying a new block in the blockchain network, confirming its validity and preventing double-spending or fraud.
Secure Boot is a security feature that ensures only trusted software runs on a device by verifying its integrity during startup, preventing unauthorized code execution in crypto systems.
Firmware Attestation is the process of verifying the authenticity of a device's firmware to ensure it has not been tampered with, commonly used in hardware wallets for security.
A companion app is a software application used to manage and interact with cryptocurrency wallets or blockchain networks, typically offering features like transactions and security controls.
BIP39 is a standard for generating mnemonic seed phrases that are used to create deterministic wallets and securely back up cryptocurrency private keys.
Shamir Secret Sharing (SSS) divides a secret, like a crypto wallet seed, into multiple shares. A threshold number of shares reconstructs it, enhancing security as in SLIP-39 backups.
Recovery is the process of restoring access to a cryptocurrency wallet using its seed phrase or mnemonic backup if the original wallet is lost or inaccessible.
A backup in cryptocurrency is a secure copy of a wallet's seed phrase or private keys. It enables recovery of funds if the original wallet is lost or damaged.
A passphrase is an additional security layer for cryptocurrency wallets, acting as a 25th word in the BIP39 seed phrase, protecting access to hidden wallets.
Coldcard is an air-gapped hardware wallet for Bitcoin, made by Coinkite, that stores private keys offline and signs transactions without internet exposure.
Electrum is a lightweight Bitcoin wallet that allows users to store, send, and receive Bitcoin securely. It is known for its speed and low resource usage.
BlueWallet is a mobile Bitcoin wallet that allows users to securely store, send, and receive Bitcoin. It offers features like Lightning Network support and multi-sig capabilities.
Address Verification confirms the receiving address shown on a hardware wallet's screen matches the one on the computer or app, preventing malware from altering it.
Coin Control is a feature that allows users to manually select which unspent transaction outputs (UTXOs) to use in a transaction, giving more control over privacy and fees.
Multisig (multi-signature) is a security feature that requires multiple private keys to authorize a transaction, enhancing protection against unauthorized access in blockchain networks.
Bitcoin (BTC) is the first decentralized cryptocurrency, launched in 2009. It uses blockchain technology for secure, peer-to-peer digital transactions without intermediaries.
Ledger Live is a software application that manages cryptocurrency assets and interacts with Ledger hardware wallets for secure transactions and portfolio management.
Ethereum is a decentralized blockchain platform that enables smart contracts and decentralized applications (dApps). Its native cryptocurrency is Ether (ETH).
Litecoin (LTC) is a peer-to-peer cryptocurrency forked from Bitcoin in 2011, offering faster block times (2.5 minutes) and using the Scrypt hashing algorithm.
Cardano is a proof-of-stake blockchain platform that prioritizes research-driven development, scalability, and sustainability. Its native cryptocurrency is ADA.
UTXO (Unspent Transaction Output) is a unit of cryptocurrency from a previous transaction that remains unspent and serves as input for new transactions in blockchains like Bitcoin.
CoinJoin is a privacy technique in cryptocurrency where multiple users combine their transactions, making it harder to trace individual senders and receivers.
WalletConnect is a protocol that enables secure communication between decentralized applications (dApps) and mobile wallets through QR code scanning or deep linking.
DeFi (Decentralized Finance) refers to a set of financial services, such as lending and trading, built on blockchain technology without traditional intermediaries like banks.
An NFT (Non-Fungible Token) is a unique digital asset stored on a blockchain, representing ownership of a specific item, such as artwork, music, or virtual goods.
PSBT (Partially Signed Bitcoin Transaction) is a Bitcoin transaction format that allows multiple parties to sign a transaction incrementally before finalizing it.
KYC (Know Your Customer) is the regulatory process where cryptocurrency exchanges verify users' identities using documents like ID or proof of address to prevent fraud and money laundering.
Open Source Firmware refers to firmware in hardware devices, like wallets, where the source code is publicly available, allowing transparency, auditability, and customization.
HODL is cryptocurrency slang for holding assets long-term despite price volatility, rather than selling. It originated from a 2013 forum post misspelling 'hold' as 'I AM HODLING.'
Offline Signing refers to signing cryptocurrency transactions on a device that is not connected to the internet, ensuring private keys remain secure from online threats.
BitBox02 uses a certified Secure Element chip to store private keys in tamper-resistant hardware. Even if the device's software were compromised, the Secure Element isolates your keys from extraction. The firmware is open-source, meaning security researchers worldwide can audit the code for vulnerabilities. The device has been independently security audited.
What if BitBox goes out of business?
BitBox's firmware is open-source — even if the company disappears, the community can maintain the software. Your seed phrase works with any BIP39-compatible wallet, so your funds are always recoverable.
What if I lose my BitBox02?
Your cryptocurrency is stored on the blockchain, not on the device. If you lose your BitBox02, you can recover full access using your seed phrase on any compatible wallet.
How long will BitBox02 receive security updates?
BitBox actively maintains BitBox02 with regular firmware updates.
Is the BitBox02 safe to use?
The BitBox02 is considered a highly secure hardware wallet. It features an ATECC608A secure element (Microchip) for tamper resistance, a secure boot process, and fully open-source firmware with reproducible builds — meaning anyone can verify the code running on the device. It also supports a genuine check to confirm the device hasn't been tampered with. The companion app, BitBoxApp, is also open source. One nuance: the secure element is used for attestation, not direct key storage, which some advanced users note. Overall, the security architecture is transparent and well-audited.
BitBox02 vs Ledger Nano X: which is better?
The two wallets serve different priorities:
BitBox02 is fully open source, has no Bluetooth (reducing attack surface), costs less ($173 vs ~$149 for Nano X), and offers encrypted microSD backups. Its firmware is reproducible and auditable.
Ledger Nano X supports a much wider range of coins, has Bluetooth for mobile use, and a larger ecosystem of third-party apps.
If you prioritize transparency and open-source security, BitBox02 wins. If you need broad altcoin support or wireless connectivity, Ledger has the edge.
How do I set up the BitBox02 and back up my seed?
Setup takes about 10 minutes using the BitBoxApp (available on Windows, macOS, Linux, Android, and iOS). The device connects via USB-C. During initialization you generate a 24-word BIP39 seed phrase, which you should write down and store securely. Uniquely, the BitBox02 also supports an encrypted microSD card backup — a second copy of your seed stored on a microSD chip, protected by your device password. BIP39 passphrase support adds an extra layer. There is no Bluetooth or NFC, so all communication is wired.
Has the BitBox02 ever been hacked or had known vulnerabilities?
No major real-world exploits have been publicly reported against the BitBox02. Security researchers have previously disclosed theoretical vulnerabilities in earlier BitBox versions, and Shift Crypto (the Swiss company behind BitBox) responded promptly with firmware patches — a positive sign of responsible disclosure handling. The open-source, reproducible-build model means vulnerabilities are more likely to be caught by the community. The device does not store private keys in the secure element directly, which has been a point of academic discussion, but the overall design has held up well under scrutiny.
Is the BitBox02 worth the $173 price tag?
At $173, the BitBox02 is priced in the mid-to-premium range for hardware wallets. For that price you get:
Fully open-source hardware and firmware
Reproducible builds for independent verification
Encrypted microSD backup (a rare feature)
Secure element with genuine check
Clean, minimalist design at just 12 grams
It is worth the price if you value transparency and auditability above all else. Users who need broad altcoin support or advanced features like Shamir Secret Sharing may find competitors more suitable for the cost.
What cryptocurrencies does the BitBox02 support?
The BitBox02 comes in two editions: the Multi edition supports Bitcoin, Ethereum, ERC-20 tokens, Litecoin, and a selection of other coins. The Bitcoin-only edition supports exclusively Bitcoin and has a reduced firmware attack surface by design. The wallet does not support the extremely wide altcoin range that Ledger or Trezor do. If your portfolio is primarily BTC and ETH, coverage is solid. Always check the official Shift Crypto website for the current supported coin list before purchasing.
Can I trust the company behind the BitBox02?
Shift Crypto is a Swiss company founded in 2015, making it one of the longer-standing hardware wallet manufacturers. Switzerland's strong privacy laws and the company's commitment to open-source development are positives. The firmware, hardware schematics, and companion app are all publicly available on GitHub. Reproducible builds mean you are not required to trust Shift Crypto's compiled binaries — you can build and verify them yourself. The company has a track record of transparent security disclosures. No major trust incidents have been reported to date.
Some links on this page are affiliate links. If you purchase through them, I may earn a commission at no additional cost to you. This helps support the site and allows me to continue creating detailed, independent reviews.
Our testing methodology is evolving. Ratings and assessments will be refined as we improve our scoring framework to reflect the most accurate results.
Ready to get BitBox02?
Long-term support • Secure Element • Security audited • Open source
