The Bitfi hardware wallet isn’t “unhackable”

Earlier this week, cryptocurrency news was full of stories about a new hardware wallet: the Bitfi.

What makes this one any different?

John McAfee claims it is “unhackable”. Not just “harder to hack”, but “unhackable”.

That’s a bold claim. They know it’s a bold claim, so they have set a bounty.

Sounds great, no?


The bounty deliberately only includes only one attack: key recovery from a genuine, unaltered device. And the device doesn’t store the key.

The only way to win the bounty is to recover a key from a device which doesn’t store a key.

There are many, many more attacks such a device is vulnerable to. The most obvious one: modifying the device so that it records and sends the key to a malicious third party. But this is excluded from the bounty.

Why is this?

Because the bounty is a sham. When it lays unclaimed, Bitfi can say “our device is unhackable”. What it actually means is “our device is not vulnerable to one specific attack”.

I’m going to put a challenge to them.

If their device is unhackable, then change your bounty terms:

  • A trusted intermediary is chosen e.g. a lawyer or judge.
  • We provide the trusted intermediary with three Bitfi devices, a laptop computer and a WiFi access point.
  • The trusted intermediary puts $1,000,000 directly onto each Bitfi device, using the laptop and WiFi access point we have provided.
  • They must follow the publicly available documentation, without interference from anyone.

These are much stronger security goals to meet, and much more accurately emulate the real world.

If Bitfi won’t change the terms, it’s clear to me that they don’t stand behind their claims that the device is unhackable.


24 thoughts on “The Bitfi hardware wallet isn’t “unhackable”

  1. Permalink  ⋅ Reply


    July 29, 2018 at 1:31pm

    Cybergibbons- you are awesome. Keep up the good work calling out sham programs hah.

    Love your Twitter feed about this too

  2. Permalink  ⋅ Reply


    August 2, 2018 at 5:41am

    You’re saying that if Bitfi doesn’t increase the bounty from $100k to $3m their claims are not credible.

  3. […] раскритиковали само задание bug bounty программы. Так, в блоге Cybergibbons известный исследователь Эндрю Тирни (Andrew Tierney) пишет, […]

  4. Permalink  ⋅ Reply

    Adrian Peirson

    December 4, 2020 at 3:38pm

    Is it true there are code sections in bitif android code that send data to Chinese Servers

Leave a Reply

Your email will not be published. Name and Email fields are required.

This site uses Akismet to reduce spam. Learn how your comment data is processed.