Thursday, March 23

iOS Bitcoin Client: Bither

An interesting iOS bitcoin wallet has just hit the app store: Bither.
You can use Bither as a regular hot wallet for your day-to-day pocket change, or you can use it on two separate devices in two different modes: one will act as the hot wallet that’s connected to the net and the other one is run in cold wallet mode and only runs when the device is offline (e.g. in airplane mode), adding some additional security.
In that mode you would keep larger funds on the (offline) cold wallet while doing your day-to-day transactions from the hot wallet. You can keep an eye on the contents of the cold wallet by adding a watch-only address to your hot wallet.
Spending from the cold wallet is also possible by following this workflow:
  1. Hot wallet: initiate a send from a cold wallet watch-only address. The hot wallet then displays a QR code that contains an unsigned transaction.
  2. Cold wallet: you scan the QR code off the hot wallet, sign the transaction with the hot wallet key by entering your password. The cold wallet then displays the QR code with the signed transaction.
  3. Hot wallet: you scan the QR code off the cold wallet. This sends the transaction to the bitcoin network.
At the moment, this approach seems to be a great trade-off between convenience and security. It allows you to keep at least some level of savings on the cold wallet while being able to access them when needed while keeping an air-gap between the Bitcoin network and the cold wallet.
So far so good. I’m a bit cautious though because at this point I don’t have any indication how the private keys on the cold wallet are encrypted and Bither doesn’t seem to allow me to export my private keys. The only way to get the keys off the device seems to be to clone them (via QR scan) to a different device running Bither. For peace of mind, I’d appreciate a way to export BIP38 encrypted private keys.
I think at this point the usability of the hot wallet alone is just fine for most users, but to use the two-device hot/cold workflow you’d have to be a bit more tech-minded and have an understanding of terms like “sign transaction”. This is an area where Bither might need a bit more improvement.
Also at this point the source code for the app is not available to the public, but the developers have announced that it will soon be placed on github.
I’m going to keep an eye on this app, it looks promising and the developers seem to be responsive on github.

++ first iOS hot/cold wallet solution with two-device air-gap support
+ simple user interface for the hot wallet

– initial mode selection needs to be explained to new users
– no sweeping of private keys, only import
– usability in hot/cold wallet scenario needs better explanation
– not clear how keys are encrypted
– no export of private keys
The devs announced to introduce more advanced private key management in future versions as well as the ability to choose different denominations.