The BitBoxBase integrates seamlessly with the BitBoxApp, which functions as control center for all node functionality, and supported hardware wallets. The two components discover each other within a local network without manual configuration and can then reconnect after initial pairing using different connection methods.
See dedicated documentation sections on the left for additional details.
The BitBoxBase runs as a headless appliance with a minimal status display. It is used and managed through the free and open-source BitBoxApp. Having the user interface in a seperate application simplifies many things, allowing for automatic network discovery, a setup wizard and secure remote management. This apporach also reduces the attack surface significantly, as no webserver needs to be exposed and port-forwarding can be avoided completely.
The BitBoxApp is hosted in a seperate GitHub repository: https://github.com/digitalbitbox/bitbox-wallet-app
Building a solution platform that focuses on security and performance, the BitBoxBase uses an ARM-based board with enough processing power to enable additional features in the future.
- Pine64 ROCKPro64 with fast 4GB memory and an internal 1TB SSD
- BitBox secure element: adapted BitBox 02 that drives trusted screen and buttons
The operating system is a custom-built Armbian image, with minimal functionality, running in read-only mode and allowing atomic updates with fallback.
- Armbian: custom built Linux operating system, mounted as read-only with tmpfs overlayfs from eMMC storage
- Mender.io: Over-the-air update management solution, enabling atomic full diskimage updates, using dual partitions for fallback
The following key applications are used:
- Bitcoin Core: full Bitcoin node, communicating directly with the peer-to-peer network, validating and broadcasting transactions
- c-lightning: Lightning Network client specifically built for backend usage
- electrs: Electrum Server to provide blockchain data to software wallets
The following services are exposed:
- NGINX: reverse proxy to handle all incoming traffic
- Base Middleware: custom middleware managing encrypted communication between BitBoxBase and App
Additional noteworthy components on the BitBoxBase:
- Base Supervisor: custom daemon for operational monitoring and control, providing system health information and node configuration
- Tor: external network connections exclusively use the privacy-focused Tor network
- Redis: in-memory key/value datastore, acting as central configuration repository
- Prometheus: monitoring of system and software components
- Grafana: visualization of system and network performance metrics
Connectivity from the Bitcoin wallet application to the node backend is a challenge. We provide the following complementary options to allow for privacy and ease-of-use:
- Local network: automatic detection using mDNS within the local network.
- Tor network: private connectivity without any router configuration, needs Tor installed on client device.
- Shift Connect: zero-knowledge Tor/Web proxy for use with any client device
Overall, we strive to make using our BitBox products as simple as possible.