“The radically innovative Bitfi wallet is the world’s first un-hackable device that is the quintessential expression of disruptive research and development.”
That’s the claim being made by Bitfi on their home page. They have offered an official bounty of $250,000 USD to anyone who can successfully hack and remove $10 worth of cryptocurrency from a Bitfi wallet.
John McAfee helped create the Bitfi wallet, which sold out on just 22 minutes after launching on June 25th 2018. The device costs $120 and the company impose a maximum order quantity of 3 per customer.
The wallet does not store the private keys to the wallet on the device itself, no and therefore cannot be hacked. Traditional cold storage methods such as paper wallets or offline computers are vulnerable to the risk of seizure or thefts. Since these methods directly store the private keys, the cryptocurrency is very vulnerable in the event of a theft.
The Bitfi wallet is claiming to be impossible to steal cryptocurrency from, even if the device is stolen.
If device is seized, lost, or stolen the funds are completely safe. User can just order a new device and continue to use their original secret phrase or use Bitfi open source resources to retrieve their private keys and access funds.
The Bitifi bounty campaign
The rules for claiming the bounty are simple:
- We deposit coins into a Bitfi wallet
- If you wish to participate in the bounty program, you will purchase a Bitfi wallet that is preloaded with coins for just an additional $10 (the reason for the charge is because we need to ensure serious inquiries only)
- If you successfully extract the coins and empty the wallet, this would be considered a successful hack
- You can then keep the coins and Bitfi will make a payment to you of $250,000
- Please note that we grant anyone who participates in this bounty permission to use all possible attack vectors, including our servers, nodes, and our infrastructure
Please note that if you wish to participate we may ask you to make the process public so that others in the digital asset community can follow the attempt to hack the Bitfi wallet. The above is what we consider a successful hack. Nothing else will qualify. Please also note that this is not a bug bounty program. This is strictly a bounty to hack into the Bitfi wallet to allow those who claim they can hack it to attempt to do so.
Bitfi wallet hacked?
Although nobody has successfully claimed the bounty reward and removed the cryptocurrency from the wallet, there have been many claims that the device can easily be hacked.
A 15 year old self professed Bitcoin hardware wallet breaker, @spudowiar posted a video showing him playing the video game DOOM.
In recognition of @Bitfi6 and @officialmcafee and their prestigious @PwnieAwards accolades, we’d like to show you @spudowiar playing DooM on his #BitFi secure wallet! Congratulations! pic.twitter.com/50qZZu1MnF
— Abe Snowman (@AbeSnowman) August 9, 2018
Bitfi threaten those attempting to hack the wallet, despite being asked to make the attempts public
Bitfi quite clearly request that those attempting to hack the wallet make the attempts public:
make the process public so that others in the digital asset community can follow the attempt to hack the Bitfi wallet.
To those who’ve followed Bitfi’s wishes and made their hacking attempts public, the company issued a sinister threat via Twitter:
It’s hard to imagine how a company would ask security researchers to attempt to hack the wallet, offering a $250,000 reward for anyone who can successfully pull it off, only to then threaten them with ‘consequences’ for doing so.
Follow the progress of our $10,000 Live crypto investment fund! – Follow on Telegram