Skip to content

Releases: BitBoxSwiss/bitbox-wallet-app

v4.45.0

10 Oct 05:06
v4.45.0
919489e
Compare
Choose a tag to compare

Release notes

  • Bundle BitBox02 firmware version v9.21.0
  • Bitcoin: add support for sending to silent payment (BIP-352) addresses
  • Prevent macOS from going to sleep on long running interactions with the BitBox

Verifying the release

Get a public key of security@shiftcrypto.ch with fingerprint DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE:

curl https://bitbox.swiss/download/shiftcryptosec-509249B068D215AE.gpg.asc | gpg --import

Download the app for your platform and the corresponding .asc file and place them in the same folder.

We will verify the signature of the macOS release as an example. The other files are verified in the same way by replacing the filename.

To verify the signature, execute:

gpg --verify BitBox-4.45.0-macOS.dmg.asc

You should see the following output:

gpg --verify BitBox-4.45.0-macOS.dmg.asc
gpg: assuming signed data in 'BitBox-4.45.0-macOS.dmg'
gpg: Signature made <DATE AND TIME>
gpg:                using RSA key DD09E41309750EBFAE0DEF63509249B068D215AE
gpg: Good signature from "ShiftCrypto Security <security@shiftcrypto.ch>" [ultimate]

(The [ultimate] could say [unknown] or something else depending on your trust level.)

v4.44.1

02 Oct 08:27
v4.44.1
6ae8f8d
Compare
Choose a tag to compare

Release notes

This is a patch release which fixes a few minor UI issues found in v4.44.0. The release notes of v4.44.0 are repeated here:

  • Add support for selling bitcoin in-app via Pocket
  • Bundle BitBox02 firmware version v9.20.0
  • Android: make Android back button go back instead of closing the app
  • Ethereum: display recipient address on the BitBox in the same case as the entered in the send screen

Verifying the release

Get a public key of security@shiftcrypto.ch with fingerprint DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE:

curl https://bitbox.swiss/download/shiftcryptosec-509249B068D215AE.gpg.asc | gpg --import

Download the app for your platform and the corresponding .asc file and place them in the same folder.

We will verify the signature of the macOS release as an example. The other files are verified in the same way by replacing the filename.

To verify the signature, execute:

gpg --verify BitBox-4.44.1-macOS.dmg.asc

You should see the following output:

gpg --verify BitBox-4.44.1-macOS.dmg.asc
gpg: assuming signed data in 'BitBox-4.44.1-macOS.dmg'
gpg: Signature made <DATE AND TIME>
gpg:                using RSA key DD09E41309750EBFAE0DEF63509249B068D215AE
gpg: Good signature from "ShiftCrypto Security <security@shiftcrypto.ch>" [ultimate]

(The [ultimate] could say [unknown] or something else depending on your trust level.)

v4.43.0

09 Jul 11:09
v4.43.0
be68613
Compare
Choose a tag to compare

Release notes

  • Bundle BitBox02 firmware version v9.19.0
  • Add support for exporting and importing transaction notes and account names
  • Android: enable transactions export feature
  • Use mempool.space as preferred fee estimation source for BTC
  • Add DMG installer for macOS
  • Format amounts using localized decimal and group separator
  • Support pasting different localized number formats, i.e. dot and comma separated amounts
  • Add Satoshi as an option in active currencies
  • Show address re-use warning and group UTXOs with the same address together in coin control.
  • Fix encoding of transaction notes on Windows
  • Add red dot in sidebar and on device settings tab to indicate that there is a firmware upgrade
  • Add specific titles to guides replacing the generic "Guide" previously used on all pages
  • New feature in advanced settings: Export logs

Verifying the release

Get a public key of security@shiftcrypto.ch with fingerprint DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE:

curl https://bitbox.swiss/download/shiftcryptosec-509249B068D215AE.gpg.asc | gpg --import

Download the app for your platform and the corresponding .asc file and place them in the same folder.

We will verify the signature of the macOS release as an example. The other files are verified in the same way by replacing the filename.

To verify the signature, execute:

gpg --verify BitBox-4.43.0-macOS.dmg.asc

You should see the following output:

gpg --verify BitBox-4.43.0-macOS.dmg.asc
gpg: assuming signed data in 'BitBox-4.43.0-macOS.dmg'
gpg: Signature made <DATE AND TIME>
gpg:                using RSA key DD09E41309750EBFAE0DEF63509249B068D215AE
gpg: Good signature from "ShiftCrypto Security <security@shiftcrypto.ch>" [ultimate]

(The [ultimate] could say [unknown] or something else depending on your trust level.)

v4.42.1

17 Jun 12:36
v4.42.1
f434791
Compare
Choose a tag to compare

Release notes

  • BitBox02: fix missing button to re-install firmware, fixing interrupted installs ("invalid firmware").
  • Fix Wallet Connect issue where account unspecified by the connecting dapp caused a UI crash.
  • Fix Wallet Connect issue with required/optionalNamespace and handling all possible namespace definitions.
  • Fix BitBoxApp crash on GrapheneOS and other phones without Google Play Services when scanning QR codes.

Verifying the release

Get a public key of security@shiftcrypto.ch with fingerprint DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE:

curl https://bitbox.swiss/download/shiftcryptosec-509249B068D215AE.gpg.asc | gpg --import

Download the app for your platform and the corresponding .asc file and place them in the same folder.

We will verify the signature of the macOS release as an example. The other files are verified in the same way by replacing the filename.

To verify the signature, execute:

gpg --verify BitBox-4.42.1-macOS.zip.asc

You should see the following output:

gpg --verify BitBox-4.42.1-macOS.zip.asc
gpg: assuming signed data in 'BitBox-4.42.1-macOS.zip'
gpg: Signature made <DATE AND TIME>
gpg:                using RSA key DD09E41309750EBFAE0DEF63509249B068D215AE
gpg: Good signature from "ShiftCrypto Security <security@shiftcrypto.ch>" [ultimate]

(The [ultimate] could say [unknown] or something else depending on your trust level.)

v4.42.0

22 Apr 10:28
v4.42.0
a4476b1
Compare
Choose a tag to compare

Release notes

  • Bundle BitBox02 firmware version v9.18.0 and intermediate version v9.17.1
  • Add support for BIP-85 derived child keys
  • Preselect backup when there's only one backup available
  • Show QR scanner video in fullscreen on mobile
  • Android: fix file upload forms in MoonPay
  • Replace the existing BIP69 lexicographical sorting of tx inputs/outputs with a randomized sorting approach
  • Android: fix app crash after close and re-open
  • Fix a bug that caused the exchange selection page to go blank if no region was selected

Verifying the release

Get a public key of security@shiftcrypto.ch with fingerprint DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE:

curl https://bitbox.swiss/download/shiftcryptosec-509249B068D215AE.gpg.asc | gpg --import

Download the app for your platform and the corresponding .asc file and place them in the same folder.

We will verify the signature of the macOS release as an example. The other files are verified in the same way by replacing the filename.

To verify the signature, execute:

gpg --verify BitBox-4.42.0-macOS.zip.asc

You should see the following output:

gpg --verify BitBox-4.42.0-macOS.zip.asc
gpg: assuming signed data in 'BitBox-4.42.0-macOS.zip'
gpg: Signature made <DATE AND TIME>
gpg:                using RSA key DD09E41309750EBFAE0DEF63509249B068D215AE
gpg: Good signature from "ShiftCrypto Security <security@shiftcrypto.ch>" [ultimate]

(The [ultimate] could say [unknown] or something else depending on your trust level.)

v4.41.0

08 Feb 11:45
v4.41.0
067df72
Compare
Choose a tag to compare

Release notes

  • New feature: insure your bitcoins through Bitsurance
  • Add support for Ethereum EIP-1559 transactions: https://eips.ethereum.org/EIPS/eip-1559
  • Replace deprecated Ethgasstation with Etherscan for fee estimation (including base + priority fee for EIP-1559)
  • Fixed a bug where the portfolio chart could show wrong values in an Ethereum account containing failed transactions
  • Bundle BitBox02 Bitcoin-only firmware version 9.16.0
  • Bundle BitBox02 Multi firmware version 9.16.0

Verifying the release

Get a public key of security@shiftcrypto.ch with fingerprint DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE:

curl https://bitbox.swiss/download/shiftcryptosec-509249B068D215AE.gpg.asc | gpg --import

Download the app for your platform and the corresponding .asc file and place them in the same folder.

We will verify the signature of the macOS release as an example. The other files are verified in the same way by replacing the filename.

To verify the signature, execute:

gpg --verify BitBox-4.41.0-macOS.zip.asc

You should see the following output:

gpg --verify BitBox-4.41.0-macOS.zip.asc
gpg: assuming signed data in 'BitBox-4.41.0-macOS.zip'
gpg: Signature made <DATE AND TIME>
gpg:                using RSA key DD09E41309750EBFAE0DEF63509249B068D215AE
gpg: Good signature from "ShiftCrypto Security <security@shiftcrypto.ch>" [ultimate]

(The [ultimate] could say [unknown] or something else depending on your trust level.)

v4.40.0

18 Dec 16:08
v4.40.0
addd2b6
Compare
Choose a tag to compare

Release notes

  • Add support for watch-only - see your accounts and portfolio without connecting your BitBox02
  • Ability to connect Ethereum (mainnet) wallets to dapps using WalletConnect
  • Add amounts hiding feature to enhance privacy when using the app in public
  • Android: new setting to enable screen lock authentication when accessing the app
  • Drop support for SAI token
  • Log JavaScript console messages in the app log.txt

Verifying the release

Get a public key of security@shiftcrypto.ch with fingerprint DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE:

curl https://bitbox.swiss/download/shiftcryptosec-509249B068D215AE.gpg.asc | gpg --import

Download the app for your platform and the corresponding .asc file and place them in the same folder.

We will verify the signature of the macOS release as an example. The other files are verified in the same way by replacing the filename.

To verify the signature, execute:

gpg --verify BitBox-4.40.0-macOS.zip.asc

You should see the following output:

gpg --verify BitBox-4.40.0-macOS.zip.asc
gpg: assuming signed data in 'BitBox-4.40.0-macOS.zip'
gpg: Signature made <DATE AND TIME>
gpg:                using RSA key DD09E41309750EBFAE0DEF63509249B068D215AE
gpg: Good signature from "ShiftCrypto Security <security@shiftcrypto.ch>" [ultimate]

(The [ultimate] could say [unknown] or something else depending on your trust level.)

v4.39.0

23 Aug 11:26
v4.39.0
8c61e86
Compare
Choose a tag to compare

Release notes

Verifying the release

Get a public key of security@shiftcrypto.ch with fingerprint DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE:

curl https://bitbox.swiss/download/shiftcryptosec-509249B068D215AE.gpg.asc | gpg --import

Download the app for your platform and the corresponding .asc file and place them in the same folder.

We will verify the signature of the macOS release as an example. The other files are verified in the same way by replacing the filename.

To verify the signature, execute:

gpg --verify BitBox-4.39.0-macOS.zip.asc

You should see the following output:

gpg --verify BitBox-4.39.0-macOS.zip.asc
gpg: assuming signed data in 'BitBox-4.39.0-macOS.zip'
gpg: Signature made <DATE AND TIME>
gpg:                using RSA key DD09E41309750EBFAE0DEF63509249B068D215AE
gpg: Good signature from "ShiftCrypto Security <security@shiftcrypto.ch>" [ultimate]

(The [ultimate] could say [unknown] or something else depending on your trust level.)

v4.38.0

29 Jun 10:51
v4.38.0
c652d29
Compare
Choose a tag to compare

Release notes

  • Bundle BitBox02 Bitcoin-only firmware version 9.14.1
  • Bundle BitBox02 Multi firmware version 9.14.1
  • Automatically discover used Bitcoin and Litecoin accounts
  • Add advanced setup with skip microSD card or 12-word seed options
  • Revamp settings page for improved UX and aesthetics
  • Improve sats amount readability adding thousands separator
  • Add support for Czech Crown (CZK) and add Czech translation
  • Add support for Zloty (PLN)
  • Hide 0 amount ERC20 transactions to partially mitigate Address Poisoning Attack
  • Changed Litecoin block explorer to Blockchair
  • Show notes in coin control
  • Update minimum supported Ubuntu version to 20.04+

Verifying the release

Note: the public key 1AA6 2C17 C56D 4275 A541 2320 9CD5 646C 0AD5 161E used to sign previous releases was revoked and replaced with the key DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE for operational reasons. The new key is now hosted on the bitbox.swiss webserver.

Get a public key of security@shiftcrypto.ch with fingerprint DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE:

curl https://bitbox.swiss/download/shiftcryptosec-509249B068D215AE.gpg.asc | gpg --import

Download the app for your platform and the corresponding .asc file and place them in the same folder.

We will verify the signature of the macOS release as an example. The other files are verified in the same way by replacing the filename.

To verify the signature, execute:

gpg --verify BitBox-4.38.0-macOS.zip.asc

You should see the following output:

gpg --verify BitBox-4.38.0-macOS.zip.asc
gpg: assuming signed data in 'BitBox-4.38.0-macOS.zip'
gpg: Signature made <DATE AND TIME>
gpg:                using RSA key DD09E41309750EBFAE0DEF63509249B068D215AE
gpg: Good signature from "ShiftCrypto Security <security@shiftcrypto.ch>" [ultimate]

(The [ultimate] could say [unknown] or something else depending on your trust level.)

v4.37.1

19 Jun 04:56
v4.37.1
c4abfa7
Compare
Choose a tag to compare

Release notes

  • Fix BitBoxApp crash when processing BTC/LTC transactions containing too large witness items

Verifying the release

Note: the public key 1AA6 2C17 C56D 4275 A541 2320 9CD5 646C 0AD5 161E used to sign previous releases was revoked and replaced with the key DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE for operational reasons. The new key is now hosted on the shiftcrypto.ch webserver.

Get a public key of security@shiftcrypto.ch with fingerprint DD09 E413 0975 0EBF AE0D EF63 5092 49B0 68D2 15AE:

curl https://bitbox.swiss/download/shiftcryptosec-509249B068D215AE.gpg.asc | gpg --import

Download the app for your platform and the corresponding .asc file and place them in the same folder.

We will verify the signature of the macOS release as an example. The other files are verified in the same way by replacing the filename.

To verify the signature, execute:

gpg --verify BitBox-4.37.1-macOS.zip.asc

You should see the following output:

gpg --verify BitBox-4.37.1-macOS.zip.asc
gpg: assuming signed data in 'BitBox-4.37.1-macOS.zip'
gpg: Signature made <DATE AND TIME>
gpg:                using RSA key DD09E41309750EBFAE0DEF63509249B068D215AE
gpg: Good signature from "ShiftCrypto Security <security@shiftcrypto.ch>" [ultimate]

(The [ultimate] could say [unknown] or something else depending on your trust level.)