bithdwatch1.md 9.65 KB
Newer Older
Matthew Lamb's avatar
Matthew Lamb committed
1
---
Leo Wandersleb's avatar
Leo Wandersleb committed
2
title: BITHD Watch 1
Matthew Lamb's avatar
Matthew Lamb committed
3
4
5
appId: bithdwatch1
authors:
- kiwilamb
Daniel Andrei R. Garcia's avatar
Daniel Andrei R. Garcia committed
6
- danny
Leo Wandersleb's avatar
Leo Wandersleb committed
7
8
- leo
released: 2017-12-30
Leo Wandersleb's avatar
Leo Wandersleb committed
9
discontinued: 
Leo Wandersleb's avatar
Leo Wandersleb committed
10
updated: 2021-08-09
Leo Wandersleb's avatar
Leo Wandersleb committed
11
version: v4.1.7
Leo Wandersleb's avatar
Leo Wandersleb committed
12
binaries: https://github.com/bithd/bithd-mcu/releases/
Leo Wandersleb's avatar
Leo Wandersleb committed
13
14
15
16
dimensions:
- 42
- 37
- 14
Matthew Lamb's avatar
Matthew Lamb committed
17
weight: 
Leo Wandersleb's avatar
Leo Wandersleb committed
18
provider: BitHD
Leo Wandersleb's avatar
Leo Wandersleb committed
19
providerWebsite: https://bithd.com
Matthew Lamb's avatar
Matthew Lamb committed
20
21
website: https://bithd.com/BITHD-watch-1.html
shop: https://bithd.com/BITHD-watch-1.html
Leo Wandersleb's avatar
Leo Wandersleb committed
22
country: CN
Matthew Lamb's avatar
Matthew Lamb committed
23
price: 
Leo Wandersleb's avatar
Leo Wandersleb committed
24
repository: https://github.com/bithd/bithd-mcu
Leo Wandersleb's avatar
Leo Wandersleb committed
25
issue: 
Matthew Lamb's avatar
Matthew Lamb committed
26
icon: bithdwatch1.png
Leo Wandersleb's avatar
Leo Wandersleb committed
27
bugbounty: 
Leo Wandersleb's avatar
Leo Wandersleb committed
28
meta: ok
Leo Wandersleb's avatar
Leo Wandersleb committed
29
30
verdict: reproducible
date: 2021-12-11
Leo Wandersleb's avatar
Leo Wandersleb committed
31
32
33
34
signer: 
reviewArchive: 
twitter: 
social: 
Leo Wandersleb's avatar
Leo Wandersleb committed
35

Matthew Lamb's avatar
Matthew Lamb committed
36
37
---

Leo Wandersleb's avatar
Leo Wandersleb committed
38
39
40
41
42
43
44
45
46
47
48
<div class="alertBox"><div>
<p>There is currently several red flags about this product.

<ul>
<li>Companion app with terrible rating and accusations</li>
<li>No social media links</li>
<li>Out of stock product with no word on plans to re-stock</li>
</ul>
</p>
</div></div>

Daniel Andrei R. Garcia's avatar
Daniel Andrei R. Garcia committed
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
{{ page.title }} is the first-generation BitHD watch. As said on Bitpie's [Medium article:](https://medium.com/bitpie/where-can-you-purchase-bithd-hardware-wallet-be5b43dea016)

> The BitHD watch was unveiled December 30th 2017 as the first generation; the second generation — {% include walletLink.html wallet='hardware/bithdwatch2' %} was launched on January 18th 2019.

## Interface

We assume that this product functions similarly to its successor. It is a wearable hardware wallet with a 0.96 screen display and must be paired with the Bitpie app via Bluetooth.

It's not clear what the exact difference between the two generations is, but [a post from Bitpie Wallet on bitcointalk.org](https://bitcointalk.org/index.php?topic=5104019.0) implies that it is more involved with the external design of the watch.

> Compare to the first generation, the new generation is lighter, thinner, much more comfortable to wear and come with a magnetic wireless fast charger. It also has a longer battery life and a higher waterproof level.

The bitcointalk.org post linked above links to [this article](https://www.cybtc.com/article-3225-1.html) concerning {{ page.title }}. The article is a guide for setting up this specific product.

## Private keys can be created offline - ✔️

This wallet must be paired with Bitpie via **Bluetooth** before the user is allowed to create a wallet or generate the seed.

## Private keys are not shared - ✔️

From the [product page:](https://bithd.com/BITHD-watch-1.html)

> Assets are stored in cold model, completely kept away from internet. Base on mature technical solution of hardware wallet.

From [bitcointalk.org:](https://bitcointalk.org/index.php?topic=5104019.0)

- Unauthorized physical access to wallet protected by PIN
- Password account – (protect private key leak)
- No private keys leak risk in case of theft

## Device displays receive address for confirmation - ✔️

As shown in the guide linked in a previous section, you can see that the device will display the receive address for confirmation.

Leo Wandersleb's avatar
Leo Wandersleb committed
83
84
85
86
87
88
89
90
91
## Code and Reproducibility - ✔️

At the bottom of [their website](https://bithd.com) we can read:

> BITHD is based on Trezor source code; and we extend our appreciation and
  gratitude to Trezor and BWallet.<br>
  [Open source](https://github.com/bithd)

and indeed their repository [bithd-mcu](https://github.com/bithd/bithd-mcu)
Leo Wandersleb's avatar
hithd    
Leo Wandersleb committed
92
contains build instructions for all three of their products:
Leo Wandersleb's avatar
Leo Wandersleb committed
93
94
95

* {% include walletLink.html wallet='hardware/bithdwatch1' verdict='true' %}
* {% include walletLink.html wallet='hardware/bithdwatch2' verdict='true' %}
Leo Wandersleb's avatar
hithd    
Leo Wandersleb committed
96
* {% include walletLink.html wallet='hardware/bithdrazor' verdict='true' %}
Leo Wandersleb's avatar
Leo Wandersleb committed
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217

In terms of being a Trezor fork, the repository is ...

> 209 commits ahead, 515 commits behind trezor:master.

meaning it probably has some exclusive features and might miss more recent
changes from Trezor.

Anyway, let's see if we can reproduce builds. The latest signed firmware is
[v4.1.7](https://github.com/bithd/bithd-mcu/releases/tag/v4.1.7). There we find

```
bithd-v4.1.7-signed.bin 	0a89405429ea6aa5abe8533f538f45bbaff36044b62aefcaaa63ef52bffebde0
razor-v4.1.7-signed.bin 	a4a9a5584f1db23d745434c296aedd3c123fe506c49624076d4726417e900137
```

We assume the two watches use the same binary, while the razor uses the other.

So we get two binaries for three products ...

```
$ git clone https://github.com/bithd/bithd-mcu
$ cd bithd-mcu/
$ wget https://github.com/bithd/bithd-mcu/releases/download/v4.1.7/bithd-v4.1.7-signed.bin
$ wget https://github.com/bithd/bithd-mcu/releases/download/v4.1.7/razor-v4.1.7-signed.bin
$ echo '0a89405429ea6aa5abe8533f538f45bbaff36044b62aefcaaa63ef52bffebde0 bithd-v4.1.7-signed.bin' > shasums.txt
$ echo 'a4a9a5584f1db23d745434c296aedd3c123fe506c49624076d4726417e900137 razor-v4.1.7-signed.bin' >> shasums.txt
$ sha256sum --check shasums.txt 
bithd-v4.1.7-signed.bin: OK
razor-v4.1.7-signed.bin: OK
$ cat build-firmware.sh            # looks benign
$ pipenv --python 3 install
$ export VERSION_TAG=v4.1.7
$ export DEVICE_MODEL=BITHD_RAZOR
$ pipenv run ./build-firmware.sh $VERSION_TAG
$ cat script/prepare_firmware.py   # looks benign
$ pipenv run ./script/prepare_firmware.py -f ./build/razor-$VERSION_TAG-unsigned.bin
Warning: Your Pipfile requires python_version 3.8, but you are using 3.9.7 (/home/leo/.local/share/v/b/bin/python).
  $ pipenv check will surely fail.
Prepare to add metadata ...
Firmware size 417940 bytes
Firmware fingerprint: 2f142a5bd6e4cd2d3309895a4ed6ed539d67f9969260c5cbec2f524406527e84
$ diff <(xxd build/razor-v4.1.7-prepared.bin) <(xxd razor-v4.1.7-signed.bin)
1c1
< 00000000: 5452 5a52 945f 0600 0000 0001 0000 0000  TRZR._..........
---
> 00000000: 5452 5a52 945f 0600 0304 0501 0000 0000  TRZR._..........
5,16c5,16
< 00000040: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 00000050: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 00000060: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 00000070: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 00000080: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 00000090: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000a0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000b0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000c0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000d0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000e0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000f0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
---
> 00000040: 3a68 2f7d 8f3b 9d0a 855c 020c 925a 777d  :h/}.;...\...Zw}
> 00000050: e9f9 ca1d df66 bebc 1692 9fe0 4d21 2b5d  .....f......M!+]
> 00000060: a387 4242 6efb bf92 1baf 7f88 31a0 607a  ..BBn.......1.`z
> 00000070: 70a0 7832 b203 915d c6fe 2b1b c0e9 b051  p.x2...]..+....Q
> 00000080: 7e42 3955 a18b 4d4c 109d edc9 d96c 5f75  ~B9U..ML.....l_u
> 00000090: ab25 510e 477e 0ff1 7402 9610 dd5a b1ad  .%Q.G~..t....Z..
> 000000a0: db9d 87ca d82e d7c4 6215 c238 5c0d 2a9a  ........b..8\.*.
> 000000b0: 1651 0194 0edc 3ccf c2de 1a58 f82c e7ef  .Q....<....X.,..
> 000000c0: d60b 546a bf6c 3791 69b0 1e3c fbea 5bd8  ..Tj.l7.i..<..[.
> 000000d0: d889 7096 540d 28fa ff7e f0de f8ea 641f  ..p.T.(..~....d.
> 000000e0: a47b aaa5 7529 8945 7bc1 e5f3 871a 4c34  .{..u).E{.....L4
> 000000f0: 4270 57cf 09e3 845a 38cc aac1 224d b386  BpW....Z8..."M..
```

On to checking the watches ...

```
$ export DEVICE_MODEL=BITHD_BITHD
$ pipenv run ./build-firmware.sh $VERSION_TAG
$ pipenv run ./script/prepare_firmware.py -f ./build/bithd-$VERSION_TAG-unsigned.bin
Warning: Your Pipfile requires python_version 3.8, but you are using 3.9.7 (/home/leo/.local/share/v/b/bin/python).
  $ pipenv check will surely fail.
Prepare to add metadata ...
Firmware size 417788 bytes
Firmware fingerprint: 0f948e16337b0607d7b1218598e8af096b4a0566c54572c081ea5dded8ce9547
$ diff <(xxd build/bithd-v4.1.7-prepared.bin) <(xxd bithd-v4.1.7-signed.bin)
1c1
< 00000000: 5452 5a52 fc5e 0600 0000 0001 0000 0000  TRZR.^..........
---
> 00000000: 5452 5a52 fc5e 0600 0304 0501 0000 0000  TRZR.^..........
5,16c5,16
< 00000040: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 00000050: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 00000060: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 00000070: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 00000080: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 00000090: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000a0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000b0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000c0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000d0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000e0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
< 000000f0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
---
> 00000040: ea75 7244 687a 9eb6 2acc cf55 e2fb 8f8f  .urDhz..*..U....
> 00000050: a643 02b1 63ab c178 aa7e bd1b 547f 30b2  .C..c..x.~..T.0.
> 00000060: ef50 4e54 99ac d4b1 a1e4 ef04 77e8 5ac7  .PNT........w.Z.
> 00000070: 6967 21b8 e9d2 fad7 9ec8 36e8 a759 913a  ig!.......6..Y.:
> 00000080: fec0 db08 68fc 4289 ac45 7330 c797 9380  ....h.B..Es0....
> 00000090: 7d9c b4a3 c0db 3ce5 c559 f463 f33b 75e8  }.....<..Y.c.;u.
> 000000a0: cc4d a067 4441 03fe 5299 6602 c431 d6ac  .M.gDA..R.f..1..
> 000000b0: 4ab9 3d1a 1612 0d1e 7ec5 7c45 b91b f659  J.=.....~.|E...Y
> 000000c0: 8bad c208 9526 0da8 9627 5c53 c2e5 0ed3  .....&...'\S....
> 000000d0: b0ad bed4 1676 bab5 d190 8077 83b0 1c63  .....v.....w...c
> 000000e0: c3c7 2044 de40 21f2 ab85 8ae2 50a2 eb17  .. D.@!.....P...
> 000000f0: f149 9128 d745 65e3 af54 5dd3 418b f5ba  .I.(.Ee..T].A...
```

So both the razor and the bithd firmware yields the expected diff from the
signatures. This firmware is **reproducible**.