Unverified Commit 19a1ba89 authored by Leo Wandersleb's avatar Leo Wandersleb
Browse files

bithd x3

parent 5039bd8d
......@@ -7,8 +7,8 @@ authors:
- leo
released: 2019-03-08
discontinued:
updated: 2021-08-09
version: v4.1.7
updated: 2021-12-14
version: v4.1.8
binaries: https://github.com/bithd/bithd-mcu/releases/
dimensions:
- 83
......@@ -26,10 +26,15 @@ issue:
icon: bithdrazor.png
bugbounty:
meta: ok
verdict: reproducible
date: 2021-12-11
verdict: nonverifiable
date: 2022-04-18
signer:
reviewArchive:
- date: 2021-12-11
version: "4.1.7"
appHash: a4a9a5584f1db23d745434c296aedd3c123fe506c49624076d4726417e900137
gitRevision: 5039bd8dc007690d50a6b60b5768c239255434af
verdict: reproducible
twitter:
social:
......@@ -46,98 +51,26 @@ social:
</p>
</div></div>
## Private keys can be created offline - ✔️
For the latest firmware version, we try the same as last time, wrapped
into [this script](https://gitlab.com/walletscrutiny/walletScrutinyCom/-/blob/master/scripts/test/hardware/bithdrazor.sh):
The [BitHD](https://bithd.com/BITHD-Razor.html) homepage affirms that the private keys are created offline.
The process goes as follows:
The BitHD Razor is paired with the BitPie app through bluetooth which can be downloaded on [their website.](https://bitpie.com/android/) and on Google Play.
- {% include walletLink.html wallet='android/com.bitpie' verdict='true' %}
The device then displays the seed phrases.
([Source: video](https://www.youtube.com/watch?v=nGm4_umShlg))
## Private keys are not shared - ✔️
The device has a security seal that displays the word VOID once opened. Since the device has to be paired with the user's app prior to seed generation, we can assume that the manufacturer will not have access to these.
## Device displays receive address for confirmation - ✔️
Yes. This can be corroborated in the [official documentation](https://docs.bithd.com/en/latest/razor/sendandreceive.html) page on sending and receiving coins.
Note that most of the interaction is done via the BitPie app on the phone.
## Interface - ✔️
The device has a 128*64 OLED display and two buttons. The display is used to:
1. Confirm transactions
2. Display the seed words
## Code and Reproducibility - ✔️
At the bottom of [their website](https://bithd.com) we can read:
> BITHD is based on Trezor source code; and we extend our appreciation and
gratitude to Trezor and BWallet.<br>
[Open source](https://github.com/bithd)
and indeed their repository [bithd-mcu](https://github.com/bithd/bithd-mcu)
contains build instructions for all three of their products:
* {% include walletLink.html wallet='hardware/bithdwatch1' verdict='true' %}
* {% include walletLink.html wallet='hardware/bithdwatch2' verdict='true' %}
* {% include walletLink.html wallet='hardware/bithdrazor' verdict='true' %}
In terms of being a Trezor fork, the repository is ...
> 209 commits ahead, 515 commits behind trezor:master.
meaning it probably has some exclusive features and might miss more recent
changes from Trezor.
Anyway, let's see if we can reproduce builds. The latest signed firmware is
[v4.1.7](https://github.com/bithd/bithd-mcu/releases/tag/v4.1.7). There we find
```
bithd-v4.1.7-signed.bin 0a89405429ea6aa5abe8533f538f45bbaff36044b62aefcaaa63ef52bffebde0
razor-v4.1.7-signed.bin a4a9a5584f1db23d745434c296aedd3c123fe506c49624076d4726417e900137
```
We assume the two watches use the same binary, while the razor uses the other.
So we get two binaries for three products ...
```
$ git clone https://github.com/bithd/bithd-mcu
$ cd bithd-mcu/
$ wget https://github.com/bithd/bithd-mcu/releases/download/v4.1.7/bithd-v4.1.7-signed.bin
$ wget https://github.com/bithd/bithd-mcu/releases/download/v4.1.7/razor-v4.1.7-signed.bin
$ echo '0a89405429ea6aa5abe8533f538f45bbaff36044b62aefcaaa63ef52bffebde0 bithd-v4.1.7-signed.bin' > shasums.txt
$ echo 'a4a9a5584f1db23d745434c296aedd3c123fe506c49624076d4726417e900137 razor-v4.1.7-signed.bin' >> shasums.txt
$ sha256sum --check shasums.txt
bithd-v4.1.7-signed.bin: OK
razor-v4.1.7-signed.bin: OK
$ cat build-firmware.sh # looks benign
$ pipenv --python 3 install
$ export VERSION_TAG=v4.1.7
$ export DEVICE_MODEL=BITHD_RAZOR
$ pipenv run ./build-firmware.sh $VERSION_TAG
$ cat script/prepare_firmware.py # looks benign
$ pipenv run ./script/prepare_firmware.py -f ./build/razor-$VERSION_TAG-unsigned.bin
Warning: Your Pipfile requires python_version 3.8, but you are using 3.9.7 (/home/leo/.local/share/v/b/bin/python).
$ ./scripts/test/hardware/bithdrazor.sh 4.1.8
...
784c7448e0b713ef7952ebd454d4e809b15adffd23ac84cfdd3af06358e7cfe2 razor-v4.1.8-signed.bin
...
Filename : build/razor-v4.1.8-unsigned.bin
Fingerprint : 338fa85b8e04093983c3d0f0de18ffb178211843acef7678035a344feb8f52ef
Size : 417972 bytes (out of 491520 maximum)
Warning: Your Pipfile requires python_version 3.8, but you are using 3.9.2 (/home/leo/.local/share/v/b/bin/python).
$ pipenv check will surely fail.
Prepare to add metadata ...
Firmware size 417940 bytes
Firmware fingerprint: 2f142a5bd6e4cd2d3309895a4ed6ed539d67f9969260c5cbec2f524406527e84
$ diff <(xxd build/razor-v4.1.7-prepared.bin) <(xxd razor-v4.1.7-signed.bin)
Firmware size 418228 bytes
Firmware fingerprint: 338fa85b8e04093983c3d0f0de18ffb178211843acef7678035a344feb8f52ef
1c1
< 00000000: 5452 5a52 945f 0600 0000 0001 0000 0000 TRZR._..........
< 00000000: 5452 5a52 b460 0600 0000 0001 0000 0000 TRZR.`..........
---
> 00000000: 5452 5a52 945f 0600 0304 0501 0000 0000 TRZR._..........
> 00000000: 5452 5a52 b460 0600 0304 0501 0000 0000 TRZR.`..........
5,16c5,16
< 00000040: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
......@@ -152,63 +85,50 @@ $ diff <(xxd build/razor-v4.1.7-prepared.bin) <(xxd razor-v4.1.7-signed.bin)
< 000000e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
---
> 00000040: 3a68 2f7d 8f3b 9d0a 855c 020c 925a 777d :h/}.;...\...Zw}
> 00000050: e9f9 ca1d df66 bebc 1692 9fe0 4d21 2b5d .....f......M!+]
> 00000060: a387 4242 6efb bf92 1baf 7f88 31a0 607a ..BBn.......1.`z
> 00000070: 70a0 7832 b203 915d c6fe 2b1b c0e9 b051 p.x2...]..+....Q
> 00000080: 7e42 3955 a18b 4d4c 109d edc9 d96c 5f75 ~B9U..ML.....l_u
> 00000090: ab25 510e 477e 0ff1 7402 9610 dd5a b1ad .%Q.G~..t....Z..
> 000000a0: db9d 87ca d82e d7c4 6215 c238 5c0d 2a9a ........b..8\.*.
> 000000b0: 1651 0194 0edc 3ccf c2de 1a58 f82c e7ef .Q....<....X.,..
> 000000c0: d60b 546a bf6c 3791 69b0 1e3c fbea 5bd8 ..Tj.l7.i..<..[.
> 000000d0: d889 7096 540d 28fa ff7e f0de f8ea 641f ..p.T.(..~....d.
> 000000e0: a47b aaa5 7529 8945 7bc1 e5f3 871a 4c34 .{..u).E{.....L4
> 000000f0: 4270 57cf 09e3 845a 38cc aac1 224d b386 BpW....Z8..."M..
```
On to checking the watches ...
```
$ export DEVICE_MODEL=BITHD_BITHD
$ pipenv run ./build-firmware.sh $VERSION_TAG
$ pipenv run ./script/prepare_firmware.py -f ./build/bithd-$VERSION_TAG-unsigned.bin
Warning: Your Pipfile requires python_version 3.8, but you are using 3.9.7 (/home/leo/.local/share/v/b/bin/python).
$ pipenv check will surely fail.
Prepare to add metadata ...
Firmware size 417788 bytes
Firmware fingerprint: 0f948e16337b0607d7b1218598e8af096b4a0566c54572c081ea5dded8ce9547
$ diff <(xxd build/bithd-v4.1.7-prepared.bin) <(xxd bithd-v4.1.7-signed.bin)
1c1
< 00000000: 5452 5a52 fc5e 0600 0000 0001 0000 0000 TRZR.^..........
> 00000040: a069 4723 6fa4 c943 83b9 8042 bfbf 1880 .iG#o..C...B....
> 00000050: f758 4e20 7e54 8591 705a d597 6121 5df3 .XN ~T..pZ..a!].
> 00000060: 6d74 8911 cd98 072e f4ca 6a43 b6c1 daf5 mt........jC....
> 00000070: 05a5 f448 51b3 f6a0 c290 91a4 5000 69cf ...HQ.......P.i.
> 00000080: d710 cb5a d186 7b1b 44d8 7847 7e25 ce1c ...Z..{.D.xG~%..
> 00000090: 747a 2921 9b17 c2b6 d06c a513 9aa8 c878 tz)!.....l.....x
> 000000a0: 9f02 ac7f 8398 2941 e1d7 abc1 9a71 6488 ......)A.....qd.
> 000000b0: b882 aa63 086f 0bb1 81db 6afb 0030 55ee ...c.o....j..0U.
> 000000c0: 332c 8adf 71d9 89ab 1298 28f5 093b 1143 3,..q.....(..;.C
> 000000d0: 7388 18cf 8ea7 88ed db39 769c 1e6c ae67 s........9v..l.g
> 000000e0: 43b8 a0e4 7f8e f2f8 8b59 0f51 8205 caec C........Y.Q....
> 000000f0: 626b 33b3 f812 1b8a 8537 2675 726b f14e bk3......7&urk.N
425c425
< 00001a80: 3018 0408 0000 0020 95bc 0020 4218 0408 0...... ... B...
---
> 00000000: 5452 5a52 fc5e 0600 0304 0501 0000 0000 TRZR.^..........
5,16c5,16
< 00000040: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000060: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000070: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000080: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000090: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000a0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000b0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000c0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000d0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
> 00001a80: 4518 0408 0000 0020 95bc 0020 3018 0408 E...... ... 0...
12692,12694c12692,12694
< 00031930: 6269 7463 6f69 6e74 7265 7a6f 722e 636f bitcointrezor.co
< 00031940: 6d00 37cb c888 2133 3c8d 0c63 42b1 7fba m.7...!3<..cB...
< 00031950: 9e8d 84b3 757a 0050 696e 206d 6973 6d61 ....uz.Pin misma
---
> 00000040: ea75 7244 687a 9eb6 2acc cf55 e2fb 8f8f .urDhz..*..U....
> 00000050: a643 02b1 63ab c178 aa7e bd1b 547f 30b2 .C..c..x.~..T.0.
> 00000060: ef50 4e54 99ac d4b1 a1e4 ef04 77e8 5ac7 .PNT........w.Z.
> 00000070: 6967 21b8 e9d2 fad7 9ec8 36e8 a759 913a ig!.......6..Y.:
> 00000080: fec0 db08 68fc 4289 ac45 7330 c797 9380 ....h.B..Es0....
> 00000090: 7d9c b4a3 c0db 3ce5 c559 f463 f33b 75e8 }.....<..Y.c.;u.
> 000000a0: cc4d a067 4441 03fe 5299 6602 c431 d6ac .M.gDA..R.f..1..
> 000000b0: 4ab9 3d1a 1612 0d1e 7ec5 7c45 b91b f659 J.=.....~.|E...Y
> 000000c0: 8bad c208 9526 0da8 9627 5c53 c2e5 0ed3 .....&...'\S....
> 000000d0: b0ad bed4 1676 bab5 d190 8077 83b0 1c63 .....v.....w...c
> 000000e0: c3c7 2044 de40 21f2 ab85 8ae2 50a2 eb17 .. D.@!.....P...
> 000000f0: f149 9128 d745 65e3 af54 5dd3 418b f5ba .I.(.Ee..T].A...
> 00031930: f5f3 8317 45a6 190b 00fb 0262 b9c7 09af ....E......b....
> 00031940: 7618 49f8 0062 6974 636f 696e 7472 657a v.I..bitcointrez
> 00031950: 6f72 2e63 6f6d 0050 696e 206d 6973 6d61 or.com.Pin misma
```
So both the razor and the bithd firmware yields the expected diff from the
signatures. This firmware is **reproducible**.
This is a bigger diff than we expected. The first two chunks are ok as these
are
* a 3-byte diff in the very beginning, which might be due to different file
structure as per chunk #4 but probably nothing malicious.
* a signature-sized chunk where the compiled version holds zeros. This is
expected.
Later chunks though are harder to interpret.
* Chunk #3 it is again a 2 byte change, where one byte might have moved,
indicating some sorting inconsistency ... maybe
* The last chunk again has some sequences moved but it gets hard to interpret as
it's slightly bigger.
In summary, this makes the firmware **not verifiable** although it all looks
pretty harmless as in "too small to actually be malicious".
Now we would love to get in touch with the provider but their issue tracker is
not open. Given their repository has not seen any update in months, together
with the lack of social accounts, this product feels pretty unmaintained.
......@@ -7,8 +7,8 @@ authors:
- leo
released: 2017-12-30
discontinued:
updated: 2021-08-09
version: v4.1.7
updated: 2021-12-14
version: v4.1.8
binaries: https://github.com/bithd/bithd-mcu/releases/
dimensions:
- 42
......@@ -26,10 +26,15 @@ issue:
icon: bithdwatch1.png
bugbounty:
meta: ok
verdict: reproducible
date: 2021-12-11
verdict: nonverifiable
date: 2022-04-18
signer:
reviewArchive:
- date: 2021-12-11
version: "4.1.7"
appHash: 0a89405429ea6aa5abe8533f538f45bbaff36044b62aefcaaa63ef52bffebde0
gitRevision: 5039bd8dc007690d50a6b60b5768c239255434af
verdict: reproducible
twitter:
social:
......@@ -46,101 +51,25 @@ social:
</p>
</div></div>
{{ page.title }} is the first-generation BitHD watch. As said on Bitpie's [Medium article:](https://medium.com/bitpie/where-can-you-purchase-bithd-hardware-wallet-be5b43dea016)
> The BitHD watch was unveiled December 30th 2017 as the first generation; the second generation — {% include walletLink.html wallet='hardware/bithdwatch2' %} was launched on January 18th 2019.
## Interface
We assume that this product functions similarly to its successor. It is a wearable hardware wallet with a 0.96 screen display and must be paired with the Bitpie app via Bluetooth.
It's not clear what the exact difference between the two generations is, but [a post from Bitpie Wallet on bitcointalk.org](https://bitcointalk.org/index.php?topic=5104019.0) implies that it is more involved with the external design of the watch.
> Compare to the first generation, the new generation is lighter, thinner, much more comfortable to wear and come with a magnetic wireless fast charger. It also has a longer battery life and a higher waterproof level.
The bitcointalk.org post linked above links to [this article](https://www.cybtc.com/article-3225-1.html) concerning {{ page.title }}. The article is a guide for setting up this specific product.
## Private keys can be created offline - ✔️
This wallet must be paired with Bitpie via **Bluetooth** before the user is allowed to create a wallet or generate the seed.
## Private keys are not shared - ✔️
From the [product page:](https://bithd.com/BITHD-watch-1.html)
> Assets are stored in cold model, completely kept away from internet. Base on mature technical solution of hardware wallet.
From [bitcointalk.org:](https://bitcointalk.org/index.php?topic=5104019.0)
- Unauthorized physical access to wallet protected by PIN
- Password account – (protect private key leak)
- No private keys leak risk in case of theft
## Device displays receive address for confirmation - ✔️
As shown in the guide linked in a previous section, you can see that the device will display the receive address for confirmation.
## Code and Reproducibility - ✔️
At the bottom of [their website](https://bithd.com) we can read:
> BITHD is based on Trezor source code; and we extend our appreciation and
gratitude to Trezor and BWallet.<br>
[Open source](https://github.com/bithd)
and indeed their repository [bithd-mcu](https://github.com/bithd/bithd-mcu)
contains build instructions for all three of their products:
* {% include walletLink.html wallet='hardware/bithdwatch1' verdict='true' %}
* {% include walletLink.html wallet='hardware/bithdwatch2' verdict='true' %}
* {% include walletLink.html wallet='hardware/bithdrazor' verdict='true' %}
In terms of being a Trezor fork, the repository is ...
> 209 commits ahead, 515 commits behind trezor:master.
meaning it probably has some exclusive features and might miss more recent
changes from Trezor.
Anyway, let's see if we can reproduce builds. The latest signed firmware is
[v4.1.7](https://github.com/bithd/bithd-mcu/releases/tag/v4.1.7). There we find
```
bithd-v4.1.7-signed.bin 0a89405429ea6aa5abe8533f538f45bbaff36044b62aefcaaa63ef52bffebde0
razor-v4.1.7-signed.bin a4a9a5584f1db23d745434c296aedd3c123fe506c49624076d4726417e900137
```
We assume the two watches use the same binary, while the razor uses the other.
So we get two binaries for three products ...
For the latest firmware version, we try the same as last time, wrapped
into [this script](https://gitlab.com/walletscrutiny/walletScrutinyCom/-/blob/master/scripts/test/hardware/bithdwatches.sh):
```
$ git clone https://github.com/bithd/bithd-mcu
$ cd bithd-mcu/
$ wget https://github.com/bithd/bithd-mcu/releases/download/v4.1.7/bithd-v4.1.7-signed.bin
$ wget https://github.com/bithd/bithd-mcu/releases/download/v4.1.7/razor-v4.1.7-signed.bin
$ echo '0a89405429ea6aa5abe8533f538f45bbaff36044b62aefcaaa63ef52bffebde0 bithd-v4.1.7-signed.bin' > shasums.txt
$ echo 'a4a9a5584f1db23d745434c296aedd3c123fe506c49624076d4726417e900137 razor-v4.1.7-signed.bin' >> shasums.txt
$ sha256sum --check shasums.txt
bithd-v4.1.7-signed.bin: OK
razor-v4.1.7-signed.bin: OK
$ cat build-firmware.sh # looks benign
$ pipenv --python 3 install
$ export VERSION_TAG=v4.1.7
$ export DEVICE_MODEL=BITHD_RAZOR
$ pipenv run ./build-firmware.sh $VERSION_TAG
$ cat script/prepare_firmware.py # looks benign
$ pipenv run ./script/prepare_firmware.py -f ./build/razor-$VERSION_TAG-unsigned.bin
Warning: Your Pipfile requires python_version 3.8, but you are using 3.9.7 (/home/leo/.local/share/v/b/bin/python).
$ ./scripts/test/hardware/bithdwatches.sh 4.1.8
...
Filename : build/bithd-v4.1.8-unsigned.bin
Fingerprint : 7c3126aaff2e983c89f621fa7a3d269385832aeeccc3f13ddd1e540656b059d2
Size : 417820 bytes (out of 491520 maximum)
Warning: Your Pipfile requires python_version 3.8, but you are using 3.9.2 (/home/leo/.local/share/v/b/bin/python).
$ pipenv check will surely fail.
Prepare to add metadata ...
Firmware size 417940 bytes
Firmware fingerprint: 2f142a5bd6e4cd2d3309895a4ed6ed539d67f9969260c5cbec2f524406527e84
$ diff <(xxd build/razor-v4.1.7-prepared.bin) <(xxd razor-v4.1.7-signed.bin)
Firmware size 418076 bytes
Firmware fingerprint: 7c3126aaff2e983c89f621fa7a3d269385832aeeccc3f13ddd1e540656b059d2
90d795380fa7def90f4924a672b64d086b55892266be8baae12c63871ab6598b bithd-v4.1.8-signed.bin
1c1
< 00000000: 5452 5a52 945f 0600 0000 0001 0000 0000 TRZR._..........
< 00000000: 5452 5a52 1c60 0600 0000 0001 0000 0000 TRZR.`..........
---
> 00000000: 5452 5a52 945f 0600 0304 0501 0000 0000 TRZR._..........
> 00000000: 5452 5a52 1c60 0600 0304 0501 0000 0000 TRZR.`..........
5,16c5,16
< 00000040: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
......@@ -155,63 +84,50 @@ $ diff <(xxd build/razor-v4.1.7-prepared.bin) <(xxd razor-v4.1.7-signed.bin)
< 000000e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
---
> 00000040: 3a68 2f7d 8f3b 9d0a 855c 020c 925a 777d :h/}.;...\...Zw}
> 00000050: e9f9 ca1d df66 bebc 1692 9fe0 4d21 2b5d .....f......M!+]
> 00000060: a387 4242 6efb bf92 1baf 7f88 31a0 607a ..BBn.......1.`z
> 00000070: 70a0 7832 b203 915d c6fe 2b1b c0e9 b051 p.x2...]..+....Q
> 00000080: 7e42 3955 a18b 4d4c 109d edc9 d96c 5f75 ~B9U..ML.....l_u
> 00000090: ab25 510e 477e 0ff1 7402 9610 dd5a b1ad .%Q.G~..t....Z..
> 000000a0: db9d 87ca d82e d7c4 6215 c238 5c0d 2a9a ........b..8\.*.
> 000000b0: 1651 0194 0edc 3ccf c2de 1a58 f82c e7ef .Q....<....X.,..
> 000000c0: d60b 546a bf6c 3791 69b0 1e3c fbea 5bd8 ..Tj.l7.i..<..[.
> 000000d0: d889 7096 540d 28fa ff7e f0de f8ea 641f ..p.T.(..~....d.
> 000000e0: a47b aaa5 7529 8945 7bc1 e5f3 871a 4c34 .{..u).E{.....L4
> 000000f0: 4270 57cf 09e3 845a 38cc aac1 224d b386 BpW....Z8..."M..
```
On to checking the watches ...
```
$ export DEVICE_MODEL=BITHD_BITHD
$ pipenv run ./build-firmware.sh $VERSION_TAG
$ pipenv run ./script/prepare_firmware.py -f ./build/bithd-$VERSION_TAG-unsigned.bin
Warning: Your Pipfile requires python_version 3.8, but you are using 3.9.7 (/home/leo/.local/share/v/b/bin/python).
$ pipenv check will surely fail.
Prepare to add metadata ...
Firmware size 417788 bytes
Firmware fingerprint: 0f948e16337b0607d7b1218598e8af096b4a0566c54572c081ea5dded8ce9547
$ diff <(xxd build/bithd-v4.1.7-prepared.bin) <(xxd bithd-v4.1.7-signed.bin)
1c1
< 00000000: 5452 5a52 fc5e 0600 0000 0001 0000 0000 TRZR.^..........
> 00000040: 2d28 206f 38de d998 bd9d 96d4 b845 35ae -( o8........E5.
> 00000050: 758c b6ae e8ea 6c32 3028 94d7 4300 d300 u.....l20(..C...
> 00000060: fc0c c4db c3dd 4a54 d2d7 8922 267a 7cb4 ......JT..."&z|.
> 00000070: 8032 f675 79c3 e527 54dc 8e8b 3bd2 8460 .2.uy..'T...;..`
> 00000080: 9444 0f18 3490 e32c dc62 aeb4 8ba9 c903 .D..4..,.b......
> 00000090: 675c 7e43 810d d87e bb72 1ac0 4757 a27f g\~C...~.r..GW..
> 000000a0: f9a8 b6f2 2d28 0f51 83ff bc81 89de a39d ....-(.Q........
> 000000b0: 4631 332b dce9 b3d2 38c4 fa80 cde0 3fde F13+....8.....?.
> 000000c0: 09ae 5bcb 7b6e 53dd b391 61a3 de1b 9a06 ..[.{nS...a.....
> 000000d0: d74e 0c37 5d89 7c42 0051 05e0 cd80 edcc .N.7].|B.Q......
> 000000e0: 1200 16f8 56bf c8c9 e14d dcc6 fd91 2159 ....V....M....!Y
> 000000f0: 35a2 6832 ca7d a678 11c8 48d2 17f1 2c2b 5.h2.}.x..H...,+
425c425
< 00001a80: 8019 0408 0000 0020 c5bc 0020 9219 0408 ....... ... ....
---
> 00000000: 5452 5a52 fc5e 0600 0304 0501 0000 0000 TRZR.^..........
5,16c5,16
< 00000040: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000060: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000070: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000080: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000090: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000a0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000b0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000c0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000d0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
> 00001a80: 9519 0408 0000 0020 c5bc 0020 8019 0408 ....... ... ....
12713,12715c12713,12715
< 00031a80: 6269 7463 6f69 6e74 7265 7a6f 722e 636f bitcointrezor.co
< 00031a90: 6d00 37cb c888 2133 3c8d 0c63 42b1 7fba m.7...!3<..cB...
< 00031aa0: 9e8d 84b3 757a 0050 696e 206d 6973 6d61 ....uz.Pin misma
---
> 00000040: ea75 7244 687a 9eb6 2acc cf55 e2fb 8f8f .urDhz..*..U....
> 00000050: a643 02b1 63ab c178 aa7e bd1b 547f 30b2 .C..c..x.~..T.0.
> 00000060: ef50 4e54 99ac d4b1 a1e4 ef04 77e8 5ac7 .PNT........w.Z.
> 00000070: 6967 21b8 e9d2 fad7 9ec8 36e8 a759 913a ig!.......6..Y.:
> 00000080: fec0 db08 68fc 4289 ac45 7330 c797 9380 ....h.B..Es0....
> 00000090: 7d9c b4a3 c0db 3ce5 c559 f463 f33b 75e8 }.....<..Y.c.;u.
> 000000a0: cc4d a067 4441 03fe 5299 6602 c431 d6ac .M.gDA..R.f..1..
> 000000b0: 4ab9 3d1a 1612 0d1e 7ec5 7c45 b91b f659 J.=.....~.|E...Y
> 000000c0: 8bad c208 9526 0da8 9627 5c53 c2e5 0ed3 .....&...'\S....
> 000000d0: b0ad bed4 1676 bab5 d190 8077 83b0 1c63 .....v.....w...c
> 000000e0: c3c7 2044 de40 21f2 ab85 8ae2 50a2 eb17 .. D.@!.....P...
> 000000f0: f149 9128 d745 65e3 af54 5dd3 418b f5ba .I.(.Ee..T].A...
> 00031a80: f5f3 8317 45a6 190b 00fb 0262 b9c7 09af ....E......b....
> 00031a90: 7618 49f8 0062 6974 636f 696e 7472 657a v.I..bitcointrez
> 00031aa0: 6f72 2e63 6f6d 0050 696e 206d 6973 6d61 or.com.Pin misma
```
So both the razor and the bithd firmware yields the expected diff from the
signatures. This firmware is **reproducible**.
This is a bigger diff than we expected. The first two chunks are ok as these
are
* a 3-byte diff in the very beginning, which might be due to different file
structure as per chunk #4 but probably nothing malicious.
* a signature-sized chunk where the compiled version holds zeros. This is
expected.
Later chunks though are harder to interpret.
* Chunk #3 it is again a 2 byte change, where one byte might have moved,
indicating some sorting inconsistency ... maybe
* The last chunk again has some sequences moved but it gets hard to interpret as
it's slightly bigger.
In summary, this makes the firmware **not verifiable** although it all looks
pretty harmless as in "too small to actually be malicious".
Now we would love to get in touch with the provider but their issue tracker is
not open. Given their repository has not seen any update in months, together
with the lack of social accounts, this product feels pretty unmaintained.
......@@ -7,8 +7,8 @@ authors:
- leo
released: 2019-01-18
discontinued:
updated: 2021-08-09
version: v4.1.7
updated: 2021-12-14
version: v4.1.8
binaries: https://github.com/bithd/bithd-mcu/releases/
dimensions:
- 42
......@@ -26,10 +26,15 @@ issue:
icon: bithdwatch2.png
bugbounty:
meta: ok
verdict: reproducible
date: 2021-12-11
verdict: nonverifiable
date: 2022-04-18
signer:
reviewArchive:
- date: 2021-12-11
version: "4.1.7"
appHash: 0a89405429ea6aa5abe8533f538f45bbaff36044b62aefcaaa63ef52bffebde0
gitRevision: 5039bd8dc007690d50a6b60b5768c239255434af
verdict: reproducible
twitter:
social:
......@@ -46,91 +51,25 @@ social:
</p>
</div></div>
{{ page.title }} is described as a wearable and open source cold wallet. It can be paired with the {% include walletLink.html wallet='android/com.bitpie' verdict='true' %} wallet via Bluetooth.
## 📄 Link to [Official Documentation](https://docs.bithd.com/en/latest/)
## Private keys can be created offline - ✔️
Prior to creating a wallet and thus generating the seed, the [device must first be paired with the bitpie app](https://docs.bithd.com/en/latest/bithd/initialize.html#id3).
After creating a BitHD account, the wallet can then be created.
## Private keys are not shared - ✔️
- Unauthorized physical access to wallet protected by PIN
- Password account – (protect private key leak)
- No private keys leak risk in case of theft
## Device displays receive address for confirmation - ✔️
The device display is [big enough to show the address](https://twitter.com/BitcoinWalletz/status/1464200501650542594) prior to transaction confirmation.
## Interface - ✔️
The watch has a [0.96 inch display](https://bitcointalk.org/index.php?topic=5104019.0)
## Code and Reproducibility - ✔️
At the bottom of [their website](https://bithd.com) we can read:
> BITHD is based on Trezor source code; and we extend our appreciation and
gratitude to Trezor and BWallet.<br>
[Open source](https://github.com/bithd)
and indeed their repository [bithd-mcu](https://github.com/bithd/bithd-mcu)
contains build instructions for all three of their products:
* {% include walletLink.html wallet='hardware/bithdwatch1' verdict='true' %}
* {% include walletLink.html wallet='hardware/bithdwatch2' verdict='true' %}
* {% include walletLink.html wallet='hardware/bithdrazor' verdict='true' %}
In terms of being a Trezor fork, the repository is ...
> 209 commits ahead, 515 commits behind trezor:master.
meaning it probably has some exclusive features and might miss more recent
changes from Trezor.
Anyway, let's see if we can reproduce builds. The latest signed firmware is
[v4.1.7](https://github.com/bithd/bithd-mcu/releases/tag/v4.1.7). There we find
For the latest firmware version, we try the same as last time, wrapped
into [this script](https://gitlab.com/walletscrutiny/walletScrutinyCom/-/blob/master/scripts/test/hardware/bithdwatches.sh):
```
bithd-v4.1.7-signed.bin 0a89405429ea6aa5abe8533f538f45bbaff36044b62aefcaaa63ef52bffebde0
razor-v4.1.7-signed.bin a4a9a5584f1db23d745434c296aedd3c123fe506c49624076d4726417e900137
```
We assume the two watches use the same binary, while the razor uses the other.
So we get two binaries for three products ...
```
$ git clone https://github.com/bithd/bithd-mcu
$ cd bithd-mcu/
$ wget https://github.com/bithd/bithd-mcu/releases/download/v4.1.7/bithd-v4.1.7-signed.bin
$ wget https://github.com/bithd/bithd-mcu/releases/download/v4.1.7/razor-v4.1.7-signed.bin
$ echo '0a89405429ea6aa5abe8533f538f45bbaff36044b62aefcaaa63ef52bffebde0 bithd-v4.1.7-signed.bin' > shasums.txt
$ echo 'a4a9a5584f1db23d745434c296aedd3c123fe506c49624076d4726417e900137 razor-v4.1.7-signed.bin' >> shasums.txt
$ sha256sum --check shasums.txt
bithd-v4.1.7-signed.bin: OK
razor-v4.1.7-signed.bin: OK
$ cat build-firmware.sh # looks benign
$ pipenv --python 3 install
$ export VERSION_TAG=v4.1.7
$ export DEVICE_MODEL=BITHD_RAZOR
$ pipenv run ./build-firmware.sh $VERSION_TAG
$ cat script/prepare_firmware.py # looks benign
$ pipenv run ./script/prepare_firmware.py -f ./build/razor-$VERSION_TAG-unsigned.bin
Warning: Your Pipfile requires python_version 3.8, but you are using 3.9.7 (/home/leo/.local/share/v/b/bin/python).
$ ./scripts/test/hardware/bithdwatches.sh 4.1.8
...
Filename : build/bithd-v4.1.8-unsigned.bin
Fingerprint : 7c3126aaff2e983c89f621fa7a3d269385832aeeccc3f13ddd1e540656b059d2
Size : 417820 bytes (out of 491520 maximum)
Warning: Your Pipfile requires python_version 3.8, but you are using 3.9.2 (/home/leo/.local/share/v/b/bin/python).
$ pipenv check will surely fail.
Prepare to add metadata ...
Firmware size 417940 bytes
Firmware fingerprint: 2f142a5bd6e4cd2d3309895a4ed6ed539d67f9969260c5cbec2f524406527e84
$ diff <(xxd build/razor-v4.1.7-prepared.bin) <(xxd razor-v4.1.7-signed.bin)
Firmware size 418076 bytes
Firmware fingerprint: 7c3126aaff2e983c89f621fa7a3d269385832aeeccc3f13ddd1e540656b059d2
90d795380fa7def90f4924a672b64d086b55892266be8baae12c63871ab6598b bithd-v4.1.8-signed.bin
1c1
< 00000000: 5452 5a52 945f 0600 0000 0001 0000 0000 TRZR._..........
< 00000000: 5452 5a52 1c60 0600 0000 0001 0000 0000 TRZR.`..........
---
> 00000000: 5452 5a52 945f 0600 0304 0501 0000 0000 TRZR._..........
> 00000000: 5452 5a52 1c60 0600 0304 0501 0000 0000 TRZR.`..........
5,16c5,16
< 00000040: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 00000050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
......@@ -145,63 +84,50 @@ $ diff <(xxd build/razor-v4.1.7-prepared.bin) <(xxd razor-v4.1.7-signed.bin)
< 000000e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
< 000000f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
---
> 00000040: 3a68 2f7d 8f3b 9d0a 855c 020c 925a 777d :h/}.;...\...Zw}
> 00000050: e9f9 ca1d df66 bebc 1692 9fe0 4d21 2b5d .....f......M!+]
> 00000060: a387 4242 6efb bf92 1baf 7f88 31a0 607a ..BBn.......1.`z
> 00000070: 70a0 7832 b203 915d c6fe 2b1b c0e9 b051 p.x2...]..+....Q
> 00000080: 7e42 3955 a18b 4d4c 109d edc9 d96c 5f75 ~B9U..ML.....l_u
> 00000090: ab25 510e 477e 0ff1 7402 9610 dd5a b1ad .%Q.G~..t....Z..