Two chips, three secrets
Per BitBox documentation, an open microcontroller and secure chip work together, and unlocking the seed needs three secrets, including your password.
Enter your email to receive the free PDF checklist.
For subscriber questions or corrections, use the Contact / Corrections page.
Hands-On Hardware Wallet Review
I bought the original BitBox02 Bitcoin-only edition, set it up from a sealed package, used it with the BitBoxApp, made a microSD backup, wrote down the 24 words, and sent a small amount of Bitcoin in and back out.
The bottom line first
This is a capable, unusually transparent Swiss signing device with a few real limits. Knowing them before you buy is how you decide well, not faster.
I bought the original BitBox02 Bitcoin-only edition, opened it from a sealed package, installed the BitBoxApp, updated firmware, confirmed the pairing code, created a wallet, and tested the receive and send flow.
The microSD restore path is genuinely convenient, but the card is still complete recovery material. I also wrote the 24 words down by hand because a single tiny card is not a complete long-term backup plan.
The device is unusually transparent. Firmware, app, and hardware design are published, with reproducible builds a capable user can check. That is documentation-based, but the openness is real and rare.
My bottom line: for a desktop or Android holder who wants Bitcoin-only focus and can learn the touch controls, this is one of the easier devices to trust. If you are iPhone-first or air-gap-first, look elsewhere.
Per BitBox documentation, an open microcontroller and secure chip work together, and unlocking the seed needs three secrets, including your password.
The encrypted file is convenient for restore, but it can recover the wallet. Treat it like the 24-word phrase, not like an accessory.
This original model signs over USB-C. It has no camera, no battery, no iPhone support, and no fully offline QR workflow.
At a glance
The useful way to read it is through scope, connection, backup, software, and the hard workflow limits that decide fit.
Reader takeaway
The hardware is modest: a small screen, touch sliders, USB-C, and a light body. The trust argument is the open firmware, open app, published hardware design, and Bitcoin-only firmware that is locked at the factory.
Architecture
Dual-chip Per BitBox documentation, an open microcontroller stores encrypted wallet material and a secure chip hardens access. The security design is documentation-based, not something I verified by opening the device.Connection
USB-C The original BitBox02 connects to desktop or Android over USB-C. It has no camera, no battery, and no air-gap signing mode.Backup
microSD + 24 words Setup creates an encrypted microSD backup file and shows a 24-word phrase. Either path can restore the wallet, so both belong offline and protected.Firmware
Bitcoin-only locked The Bitcoin-only edition is locked at the factory and cannot later be switched to multi-coin. Confirm the exact edition before ordering.Affiliate route
Use this only after the device still looks like a fit for your setup. Prices, package contents, firmware behavior, availability, and regional shipping can change, so confirm current details directly at the official BitBox store before ordering.
Disclosure before click
Affiliate link. Bitcoin Plaster may earn a commission at no extra cost to you, and it does not change anything I say on this page.
How I tested it
The review is not built from specs alone. These are the practical steps I personally ran before turning the BitBox02 into a fit decision.
I started with the source and package state, because a hardware wallet review should not begin only when the app opens.
I used the BitBoxApp setup path, ran the firmware update, and treated the software source as part of the security model.
The device and app showed a pairing code. Confirming that match was the moment I knew I was talking to the device in my hand.
The password is entered on the BitBox02 itself, not typed into the computer. That kept the sensitive input off the connected machine.
The card backup is useful, but I also wrote the recovery words by hand because a single small card is not enough of a backup plan by itself.
That let me verify the receive flow, signing flow, address display, and fee confirmation on the device screen instead of relying on the app alone.
Reading discipline
The BitBox02 Bitcoin-only is easy to like if you care about transparency, Bitcoin-only firmware, and privacy tooling. That does not mean it fits every holder.
Useful way to read this page
Dangerous way to read this page
Who it fits
This is a single-device evaluation, not a best-wallet verdict. The question is whether this device fits how you actually hold Bitcoin.
You see fully closed secure-element designs as a downside, and the published firmware, hardware design, and reproducible builds matter to you.
The USB-C connection fits those workflows cleanly. In my use, the device plugged straight into a laptop without a cable.
The firmware is Bitcoin-only and factory-locked. Less code means a smaller surface to reason about, and you do not want altcoin features you will never use.
Coin control, Tor routing, and connecting your own full node are here. They reward a holder who cares about address linkage.
The touch sliders take a short while to learn. They are fine once they click, but they are not instant.
This model cannot connect to an iPhone or iPad. If iOS is your main Bitcoin device, this is the wrong BitBox model for you.
Hands-on setup
The flow is straightforward. You install the BitBoxApp, plug the device in, update the firmware, and confirm a pairing code that appears both on the device and in the app. That pairing step is more than a formality. It is the moment you confirm you are talking to your real device.
The important detail is where the sensitive work happens. The password is entered on the device, and the recovery material is shown on the device, not on your computer. A keylogger or screen-capture tool on your machine does not get a clean look at what matters.
The touch controls take adjustment. There are no physical buttons. You use touch zones above and below the small screen to scroll, select, and confirm. The first few times I caught myself mis-tapping, especially while entering the password.
The dual-chip model
This section is largely based on BitBox documentation rather than something I can confirm by opening the device, so I am labeling it clearly.
Per BitBox documentation, most of your wallet secret lives encrypted on an open microcontroller. A separate secure chip stores one of the secrets needed to decrypt it and is built to resist physical attacks such as power analysis. Reaching your keys means defeating both chips plus your password.
BitBox also implements Anti-Klepto. I cannot personally verify the cryptography, but it is a documented protection aimed at preventing a malicious or buggy signing device from leaking key material through signatures.
Backups done right
During setup, the BitBox02 writes an encrypted backup file to a microSD card and shows you a 24-word phrase. The card is not a plain copy of your words. It holds an encrypted file that an offline recovery tool can turn back into your seed.
In my testing, the convenience is real and the restore path is simple. The trap is treating the card as a harmless accessory and leaning on it as your only backup. Do not do that.
Both the card and the words can fully restore your wallet, so each one is complete recovery material. The card is small, easy to lose, easy to damage, and not the most durable medium for storage measured in years. That is why I also wrote the 24 words down by hand.
Responsibility boundary
Knowing exactly where that line sits is what separates a secure setup from a false sense of safety.
What the device handles for you
What stays entirely on you
Fit checks
No hardware wallet is right for everyone. This one is strong on transparency and key isolation, and weaker on connectivity and physical isolation.
App and privacy tooling
The BitBox02 pairs with the open-source BitBoxApp. The app is deliberately minimal: portfolio view, receive, send, backup, firmware updates, and settings, without trying to become a trading platform.
On desktop, the app includes tooling that makes this device more interesting for privacy-aware holders: coin control, optional Tor routing, and the ability to connect your own full node so you are not handing address data to a third party. In my use, these were genuinely usable, not buried.
If you outgrow the BitBoxApp, the device also works with Sparrow, Electrum, and Specter for more advanced transaction building. That openness matters because you are not trapped in the manufacturer app.
What open really means
This section is documentation-based. Reproducing a build is something a capable reader can do. It is not something I am claiming to have personally verified for every release.
Per BitBox documentation, the firmware uses deterministic builds, so a capable user can compile it from source and confirm the binary matches what runs on the device. Beyond firmware, the circuit board design is published, so the secure chip, the microcontroller, and the traces are visible rather than hidden.
None of this means the device is flawless, and the secure chip itself is still a closed component. BitBox reduces the trust burden by making more of the system open, but open does not mean magic.
Before you fund it
Do these before you transfer meaningful funds, not after the device already feels familiar.
The Bitcoin-only firmware is locked at the factory and cannot later be switched to multi-coin. Confirm the exact edition, current package contents, and price at the official source before ordering.
Setup gives you a 24-word phrase and an encrypted microSD file. Either one can restore the wallet. Learn how both work, and how an optional passphrase changes recovery, before funding.
A genuine BitBox arrives uninitialized and never includes recovery words. Stop if it is preconfigured, arrives already set up, or asks for a seed on a connected screen.
The BitBoxApp and firmware must come from official channels. A real device used with fake software can still produce a dangerous setup.
Decide how you would recover from a lost device, a damaged microSD card, a missing written backup, or a forgotten passphrase before moving serious Bitcoin.
Trust, but check
A genuine setup is the foundation. The seal matters, but the app-side authenticity check matters more.
The device ships in tamper-evident packaging, and that is a useful first signal. I would not treat the seal as the real check by itself.
Per BitBox documentation, the stronger verification happens in the app. When you connect the device, the software checks that it is an authentic BitBox. That matters more than the wrapper, because packaging can be replaced more easily than a cryptographic check can be faked.
A genuine device arrives uninitialized. It does not come preloaded with a wallet, and it never shows recovery words that someone else could have seen. If a new device asks you to use a seed it provides, arrives already set up, or pushes you into an odd setup flow, do not fund it.
If it still fits
Use this route only after the original BitBox02 Bitcoin-only still fits your platform, backup, connection, and privacy needs.
Disclosure before click
Affiliate link. Bitcoin Plaster may earn a commission at no extra cost to you, and it does not change anything I say on this page.
Go deeper
These are the pages to read if the BitBox02 interests you because of Bitcoin-only scope, open-source posture, backup handling, or privacy tooling.
Learn why Bitcoin Plaster evaluates wallets through a Bitcoin self-custody lens, not a broad crypto feature list.
Compare trust designs without reducing hardware-wallet safety to a single feature label.
Understand what the backup does, why it matters, and where many self-custody failures actually happen.
Handle firmware updates with official-source discipline and without exposing your seed phrase.
Right after you buy
The first work after a BitBox arrives is authenticity, a careful setup, and a clear recovery plan. These three guides cover that ground.
Check source, packaging, setup state, firmware warnings, and seed-phrase red flags before trusting any hardware wallet.
Avoid the beginner errors that turn a good device into a weak self-custody setup.
Separate device access, recovery words, and optional passphrase risk before adding complexity.
Bottom line
After buying this device and living with it, here is where I land.
As a Bitcoin-only signing device, the BitBox02 earns trust the honest way: through openness you can check, key isolation that keeps sensitive moments off your computer, and Bitcoin-only firmware that is genuinely locked rather than cosmetic.
The two conditions are the iPhone limit and the air-gap question. If you manage Bitcoin from an iPhone, this model cannot reach it. That is a hard stop. If you need a fully air-gapped workflow, this is not that device.
And whatever you do, do not let the convenient microSD card become your only backup. Write your 24 words down and store them well. For a desktop or Android holder who wants Bitcoin-only focus and will take the time to learn the controls, this is one of the easier hardware wallets to recommend looking at seriously.
Final check
If the BitBox02 Bitcoin-only still fits after the tradeoffs above, check the current official product page, price, stock, package contents, firmware notes, platform support, and setup guidance directly at BitBox.
Disclosure before click
Affiliate link. Bitcoin Plaster may earn a commission at no extra cost to you, and it does not change anything I say on this page.
FAQ
Straight answers on testing, Nova confusion, dual-chip design, the microSD backup, iPhone support, air-gap limits, and the affiliate relationship.
Yes. I bought the original BitBox02 Bitcoin-only edition, opened it from a sealed package, installed the BitBoxApp, ran a firmware update, confirmed the pairing code, created a wallet, set the password on the device, made a microSD backup, wrote the 24 words down by hand, and sent a small amount of Bitcoin in and back out.
What this review is
This is a hands-on review based on my own purchase, setup, firmware update, pairing, backup creation, receive/send test, privacy-tooling review, and physical use of the original BitBox02 Bitcoin-only edition.
It does not rank wallets, name a universal winner, promise a discount, or tell you what to buy. Chip architecture, Anti-Klepto, reproducible builds, hardware publication, and secure-chip behavior come from BitBox documentation and are labeled as such.
Nothing on this page is financial advice or a recommendation to buy, sell, or hold Bitcoin. It evaluates a tool and explains who it fits. The decision, and the responsibility for your keys and backups, stays with you.