Bitfi: Rise and Fall of the Unhackable Wallet
Sep 07, 2018
As cryptocurrencies gain popularity with new users and investors flocking to the digital currency ecosystem, the question of reliable security remains unanswered. Horror stories of individual crypto wallets, along with entire exchanges being hacked, are cited as a major drag on wide scale adoption.
Air-gapped computers have always been considered one of safest methods for the storage of funds. When private keys are stored on them, the hardware is never connected to the internet and they are also physically isolated, giving air-gapped computers high marks for security. However, considering governments, militaries and hospitals have been the primary users, it’s not unreasonable to think they might be a little complicated and out of reach for the average crypto investor.
Hardware wallet purveyors like Ledger and Trezor started to address the security question when Bitfi appeared on the scene in June of this year. The newcomer claimed its version of the hardware wallet was more secure than a bank’s vault, while at the same time as easy to use as an ATM.
The big selling point of the Android powered Bitfi is that it does not (and could not) store private keys, so your wallet is not hardware dependent -- it simply has no internal storage. Previous hardware wallets stored a 24-word memory key, but Bitfi appears to go the opposite direction. It centers its accessibility around a unique passphrase, created by Diceware, and finishes with an 'anchor' phrase unique to the wallet holder (cell number, SSN, email etc.) As long as the complete phrase was never shared or written down, the wallet could not be hacked.
A computer powerful enough to make a trillion guesses a second would still need 27-million years to guess a Diceware set passphrase. But when inputted by the holder, a powerful internal processor turned the phrase into a private key used to verify ownership and give access.
If you lose your Bitfi, you could easily order a new one and log in with the same coded verbal phrase – compared to losing your air gapped computer or having it stolen, likely causing maximum loss. At USD$120, Bitfi is also a fraction of the cost of an air gapped computer and much easier to use. The uniqueness of the Bitfi wallet is the fact it’s open sourced, meaning if the company ever went bankrupt, wallet holders could still be in complete control of their funds.
In July, Bitfi was grabbing more headlines when Mr. Antivirus, John McAfee, joined the team as an executive and famously labeled it an ‘unhackable device’. He offered a six figure bug bounty, albeit with very constrained parameters, to anyone who could break into a Bitfi wallet. While it did grab headlines, many viewed the challenge and reward with skepticism.
By August, reports were coming in of successful ‘root access’ hacks. Cybersecurity experts had dismantled a Bitfi only to find it was a stripped-down Android phone, complete with an empty SIM card slot. They realized that inputs from the screen digitizer used the I2C protocol, which could easily be intercepted. Because Bitfi hadn’t randomized the layout of keys, a logic analyzer was all that was needed to capture finger movements and the passphrase. The secret phrase that Bitfi had lauded as the cornerstone of their security turned out to be a weak link. The group noted a significant lack of tamper protection, suggesting the company had been more focused on securing modern software than old school basics.
What all this meant in theory was that a Bitfi manufacturer could gain access to the wallet’s internals and replace the battery with a smaller piece. The extra space could then be filled with some mal-hardware to capture unprotected information.
The company claimed this initial hack did not meet bounty requirements for a payout, but were obviously rattled as McAfee quickly narrowed the goalposts and reissued the challenge. He offered an increased bounty offer with more select rules, serving only to validate the community’s initial skepticism while Bitf accused competitors like Trezor and Ledger for organizing an ‘army of trolls’ to damage their reputation.
This did more harm than good and the sharks continued to circle. Before September had begun, a group of cybersecurity experts claimed to have gained access. This time the hackers went with a ‘cold boot’ attack which can provide access without having to dismantle the hardware. It’s typically seen where a wallet ends up in the wrong hands, for example, by being left unattended and temporarily stolen. If still switched on, a cold reboot allows access while if switched off, allowing a hacker to install an ‘evil maid’ payload and steal info within minutes.
Saleem Rashid, who led the second hack, claims it can be done in less than 2 minutes. Crypto enthusiasts will recognize Rashid as the 15-year-old who exposed shortcomings in both the Trezor and Ledger wallets - predecessors of Bitfi. Andrew Tierney, who was a part of the first Bitfi hack, has also verified the success of the second hack and indicated that no specialist hardware is required.
Unhackable Wallets remain a Chimera for now
The hackers were quick to point out on Twitter that other hardware wallets offered strong hard and soft protections against both the types of hacks that brought Bitfi and their now infamous claim back to earth. Bitfi has come down from its high horse and thrown in the towel as a result, removing the ‘unhackable’ description from their branding.
Despite all of this, McAfee is still claiming the reported hacks do not count, as no coins were taken from the wallet. He continues to taunt some of the hackers with personal offers of $20 million if they complete a hack, with even more stringent requirements.
McAfee and the company’s replies were so mismanaged and defensive, they picked themselves up a Pwnie award for ‘Lamest Vendor Response’ at the Black Hat security conference. Those looking for a happy ending to the Bitfi fiasco can find some solace in the fact that Rashid and his team have indicated they have no plans to exploit their advantage. This will give some peace of mind to the thousands already using Bitfi.
Bitfi, meanwhile, has already hired a new security consultant as they try to repair the damage done. For now, it looks like crypto security companies are all keeping their heads down in the search for an actual unhackable wallet.