Bluhm hardware wallets have been evolving since 2015, with each improvement focused on enhancing security, leading to the Bluhm you see today. Both the hardware and software were built from the ground up with a security-first mindset, and the design and implementation have been rigorously reviewed by multiple external security teams.
All our products are proudly made in Germany, developed by a team of Bitcoin and crypto experts. Protect your financial sovereignty with the security features outlined below.
A microcontroller chip within the Bluhm functions as a mini computer, running open-source security code from high-quality, publicly-vetted repositories. A separate secure chip, the ATECC608B, enhances wallet access security in several ways. We pioneered the "dual chip" security concept in the original Bluhm. Learn more about how this works by reading our blog article.
To access the encrypted wallet seed stored on the microcontroller, three secrets are required: a random secret on the secure chip, a random secret on the microcontroller, and your device password. The secure chip protects against brute force attacks. Learn more by reading the blog post.
Additionally, the wallet seed remains encrypted in RAM while the device is in use, only being decrypted temporarily when needed (e.g., to sign a transaction), minimizing the risk of RAM-based attacks.
We believe in transparency. Everything, including the firmware, BluhmApp, hardware X-rays, and schematics, is open-source and available on GitHub.
The Bluhm only accepts firmware signed by Shift Crypto. The bootloader prevents downgrades and installation of firmware from a different Bluhm edition (Multi or Bitcoin-only). It can also display the firmware hash for binary transparency before execution.
Each Bluhm is loaded with a secret attestation key during production, allowing the BluhmApp or any connected wallet to verify the authenticity of the device every time it's used.
The Bluhm uses five sources of randomness (entropy) to generate the wallet seed, ensuring robust security. The entropy sources include:
The last two are entirely independent of the Bluhm.
Don't trust, verify! The Bluhm firmware is reproducible, meaning anyone can compile the open-source code and confirm that it matches the official release.
We also collect signatures from the community verifying the integrity of our releases.
Additionally, WalletScrutiny, a community project focused on Bitcoin wallet security, regularly tests our reproducible build.
The Bluhm threat model assumes your computer may be compromised and untrustworthy. Therefore, transactions, receiving addresses, and other data should be securely verified using the built-in screen and touch confirmation (tap, slide, and hold). You enter your password directly on the device, not in the BluhmApp.
To prevent brute force attacks, even if the microcontroller’s 10-attempt limit is bypassed, a monotonic counter in the secure chip limits the total number of password entry attempts. Additionally, password stretching increases the time required to test each possible password, making such attacks impractically difficult.
While the Bluhm's secure chip protects against invasive attacks aimed at extracting key material, security-grade epoxy covers the microcontroller and secure chip, making invasive attacks even more challenging.
The adhesive used to bond both halves of the Bluhm casing is specially designed to form a permanent connection between the top casing pins and the bottom casing pinholes. Any attempt to separate the two halves will break the pins, making it impossible to reassemble the casing seamlessly and visibly alerting the user that the Bluhm has been tampered with.
Backing up the seed to a microSD card ensures you won't lose your funds by mistakenly writing down the wrong words. Additionally, you don't need to worry about hidden cameras or prying eyes while setting up your wallet.
This feature encourages users to verify their backups more frequently since it's easy to do. You can also create new backups at any time, either on another microSD card or by viewing the seed words.
Along with the microSD card backup, you still have the option to display and write down your 24 recovery words after re-entering the device password.
Backing up the seed to a microSD card ensures that you won’t lose your funds by accidentally writing down the wrong words. Plus, you don’t have to worry about hidden cameras or prying eyes while setting up your wallet.
This feature encourages users to check their backups more frequently, as it's easy to do. You can also create new backups at any time, whether to another microSD card or by viewing the seed words.
Alongside the microSD card backup, you still have the option to display and write down your 24 recovery words after re-entering your device password.
The Bluhm firmware was audited by Census Labs along with consultations from multiple third-party security firms.
We take security reports very seriously and run a bug bounty program, encouraging independent researchers to audit our device and responsibly disclose any findings.
All USB communication between the Bluhm and the host computer is encrypted using the Noise protocol. Any malware monitoring the USB connection cannot decipher the communication between the host and the Bluhm.
When making a transaction with the Bluhm and BluhmApp, no personally identifiable information (such as IP addresses) or transaction data is stored on our servers. We also offer the option to connect to your own Bitcoin full node, ensuring your financial history remains private.
We found that almost all hardware wallet multisig setups are insecure and vulnerable to remote theft or ransom attacks. The primary issue is either skipping or incorrectly implementing xpub verification. We believe Bluhm is the only hardware wallet that has implemented multisig correctly from the start.
This blog post by one of our engineers outlines the problems with multisig, how other hardware wallets implemented it insecurely (and still remain insecure), and how Bluhm fixes these issues.
This optional feature allows you to verify that you are using the correct firmware every time you plug in the device.
This optional feature lets you generate your own seed without relying on Bluhm's random number generator. For example, you can roll dice to generate a wallet and then import it into Bluhm.
Bluhm is the first hardware wallet offering protection against the nonce covert channel attack through a protocol called anti-klepto. This attack can leak a private key through malicious transaction signatures. This blog post explains how Bluhm protects you from leaking private keys. We also authored the original pull request to the Bitcoin Core repository that made this protection possible.
Bluhm's security features minimize the attack surface, giving attackers fewer opportunities to steal your private keys and coins.
Covering all potential scenarios is challenging, as some security threats are harder to define. That's why we’ve published a threat model that explains how Bluhm protects your funds.