The BitBoxBase integrates seamlessly with the BitBoxApp, which functions as control center for all node functionality, and supported hardware wallets. The two components discover each other within a local network without manual configuration and can then reconnect after initial pairing using different connection methods.

User interface

The BitBoxBase runs as a headless appliance with a minimal status display. It is used and managed through the free and open-source BitBoxApp. Having the user interface in a seperate application simplifies many things, allowing for automatic network discovery, a setup wizard and secure remote management. This apporach also reduces the attack surface significantly, as no webserver needs to be exposed and port-forwarding can be avoided completely.

The BitBoxApp is hosted in a seperate GitHub repository:


Building a solution platform that focuses on security and performance, the BitBoxBase uses an ARM-based board with enough processing power to enable additional features in the future.

  • Pine64 ROCKPro64 with fast 4GB memory and an internal 1TB SSD
  • BitBox secure element: adapted BitBox 02 that drives trusted screen and buttons

Operating system

The operating system is a custom-built Armbian image, with minimal functionality, running in read-only mode and allowing atomic updates with fallback.

  • Armbian: custom built Linux operating system, mounted as read-only with tmpfs overlayfs from eMMC storage
  • Over-the-air update management solution, enabling atomic full diskimage updates, using dual partitions for fallback


The following key applications are used:

  • Bitcoin Core: full Bitcoin node, communicating directly with the peer-to-peer network, validating and broadcasting transactions
  • c-lightning: Lightning Network client specifically built for backend usage
  • electrs: Electrum Server to provide blockchain data to software wallets

The following services are exposed:

  • NGINX: reverse proxy to handle all incoming traffic
  • Base Middleware: custom middleware managing encrypted communication between BitBoxBase and App

Additional noteworthy components on the BitBoxBase:

  • Base Supervisor: custom daemon for operational monitoring and control, providing system health information and node configuration
  • Tor: external network connections exclusively use the privacy-focused Tor network
  • Redis: in-memory key/value datastore, acting as central configuration repository
  • Prometheus: monitoring of system and software components
  • Grafana: visualization of system and network performance metrics


Connectivity from the Bitcoin wallet application to the node backend is a challenge. We provide the following complementary options to allow for privacy and ease-of-use:

  1. Local network: automatic detection using mDNS within the local network.
  2. Tor network: private connectivity without any router configuration, needs Tor installed on client device.
  3. Shift Connect: zero-knowledge Tor/Web proxy for use with any client device

Overall, we strive to make using our BitBox products as simple as possible.