Comprehensive Security at Every Level

Bluhm X-Ray

Bluhm hardware wallets have been evolving since 2015, with each improvement focused on enhancing security, leading to the Bluhm you see today. Both the hardware and software were built from the ground up with a security-first mindset, and the design and implementation have been rigorously reviewed by multiple external security teams.
All our products are proudly made in Germany, developed by a team of Bitcoin and crypto experts. Protect your financial sovereignty with the security features outlined below.

Firmware & Software Security

Dual Chip Security Architecture

A microcontroller chip within the Bluhm functions as a mini computer, running open-source security code from high-quality, publicly-vetted repositories. A separate secure chip, the ATECC608B, enhances wallet access security in several ways. We pioneered the "dual chip" security concept in the original Bluhm. Learn more about how this works by reading our blog article.

Wallet Seed Storage

To access the encrypted wallet seed stored on the microcontroller, three secrets are required: a random secret on the secure chip, a random secret on the microcontroller, and your device password. The secure chip protects against brute force attacks. Learn more by reading the blog post.

Additionally, the wallet seed remains encrypted in RAM while the device is in use, only being decrypted temporarily when needed (e.g., to sign a transaction), minimizing the risk of RAM-based attacks.

Open Source

We believe in transparency. Everything, including the firmware, BluhmApp, hardware X-rays, and schematics, is open-source and available on GitHub.

Secure Bootloader

The Bluhm only accepts firmware signed by Shift Crypto. The bootloader prevents downgrades and installation of firmware from a different Bluhm edition (Multi or Bitcoin-only). It can also display the firmware hash for binary transparency before execution.

Device Authenticity Check

Each Bluhm is loaded with a secret attestation key during production, allowing the BluhmApp or any connected wallet to verify the authenticity of the device every time it's used.

Wallet Seed Generation

The Bluhm uses five sources of randomness (entropy) to generate the wallet seed, ensuring robust security. The entropy sources include:

  1. A true random number generator on the secure chip
  2. A true random number generator on the microcontroller
  3. A static random number unique to each Bluhm, set during factory installation
  4. Host entropy provided by the app on your computer
  5. A cryptographic hash of the device password

The last two are entirely independent of the Bluhm.

Reproducible Builds

Don't trust, verify! The Bluhm firmware is reproducible, meaning anyone can compile the open-source code and confirm that it matches the official release.

We also collect signatures from the community verifying the integrity of our releases.

Additionally, WalletScrutiny, a community project focused on Bitcoin wallet security, regularly tests our reproducible build.

Physical Security

Secure Display

The Bluhm threat model assumes your computer may be compromised and untrustworthy. Therefore, transactions, receiving addresses, and other data should be securely verified using the built-in screen and touch confirmation (tap, slide, and hold). You enter your password directly on the device, not in the BluhmApp.

Secure Chip

To prevent brute force attacks, even if the microcontroller’s 10-attempt limit is bypassed, a monotonic counter in the secure chip limits the total number of password entry attempts. Additionally, password stretching increases the time required to test each possible password, making such attacks impractically difficult.

Epoxy Potting

While the Bluhm's secure chip protects against invasive attacks aimed at extracting key material, security-grade epoxy covers the microcontroller and secure chip, making invasive attacks even more challenging.

Breaking Pins

The adhesive used to bond both halves of the Bluhm casing is specially designed to form a permanent connection between the top casing pins and the bottom casing pinholes. Any attempt to separate the two halves will break the pins, making it impossible to reassemble the casing seamlessly and visibly alerting the user that the Bluhm has been tampered with.

Wallet Backup

Instant microSD Card Backup

Backing up the seed to a microSD card ensures you won't lose your funds by mistakenly writing down the wrong words. Additionally, you don't need to worry about hidden cameras or prying eyes while setting up your wallet.

Instant Backup Verification Anytime

This feature encourages users to verify their backups more frequently since it's easy to do. You can also create new backups at any time, either on another microSD card or by viewing the seed words.

View Recovery Words After Setup

Along with the microSD card backup, you still have the option to display and write down your 24 recovery words after re-entering the device password.

Wallet Backup

Instant microSD Card Backup

Backing up the seed to a microSD card ensures that you won’t lose your funds by accidentally writing down the wrong words. Plus, you don’t have to worry about hidden cameras or prying eyes while setting up your wallet.

Verify Backup Instantly Anytime

This feature encourages users to check their backups more frequently, as it's easy to do. You can also create new backups at any time, whether to another microSD card or by viewing the seed words.

View Recovery Words After Setup

Alongside the microSD card backup, you still have the option to display and write down your 24 recovery words after re-entering your device password.

Security Audit & Bug Bounty Program

External Security Audit

The Bluhm firmware was audited by Census Labs along with consultations from multiple third-party security firms.

Bug Bounty Program 🏴‍☠️

We take security reports very seriously and run a bug bounty program, encouraging independent researchers to audit our device and responsibly disclose any findings.

Privacy Features

Encrypted USB Communication

All USB communication between the Bluhm and the host computer is encrypted using the Noise protocol. Any malware monitoring the USB connection cannot decipher the communication between the host and the Bluhm.

No Personal Data Stored on Servers

When making a transaction with the Bluhm and BluhmApp, no personally identifiable information (such as IP addresses) or transaction data is stored on our servers. We also offer the option to connect to your own Bitcoin full node, ensuring your financial history remains private.

Advanced Features

Secure Multisig/Multisig Account Registration

We found that almost all hardware wallet multisig setups are insecure and vulnerable to remote theft or ransom attacks. The primary issue is either skipping or incorrectly implementing xpub verification. We believe Bluhm is the only hardware wallet that has implemented multisig correctly from the start.

This blog post by one of our engineers outlines the problems with multisig, how other hardware wallets implemented it insecurely (and still remain insecure), and how Bluhm fixes these issues.

Display Firmware Hash Before Boot

This optional feature allows you to verify that you are using the correct firmware every time you plug in the device.

Create Your Own Wallet with Your Own Entropy

This optional feature lets you generate your own seed without relying on Bluhm's random number generator. For example, you can roll dice to generate a wallet and then import it into Bluhm.

Anti-Klepto

Bluhm is the first hardware wallet offering protection against the nonce covert channel attack through a protocol called anti-klepto. This attack can leak a private key through malicious transaction signatures. This blog post explains how Bluhm protects you from leaking private keys. We also authored the original pull request to the Bitcoin Core repository that made this protection possible.

Threat Model

Bluhm's security features minimize the attack surface, giving attackers fewer opportunities to steal your private keys and coins.

Covering all potential scenarios is challenging, as some security threats are harder to define. That's why we’ve published a threat model that explains how Bluhm protects your funds.