#FlipBIP - Crypto Wallet

I've been working on a crypto wallet for Flipper Zero to see how much hardware wallet functionality is possible with the device. Check it out!

https://github.com/xtruan/FlipBIP

This project is amazing! Could you also use it to connect metamask?

when i open it it says api version missmatch

build it from source

This is sick.

yes

probably not nearly as safe as a single purpose hardware wallet

@tardy mist can you add a password to log in to ur flipbip ap

Yes this is the next thing I plan on adding

@tardy mist should I put underscores (_) after each word, when i am importing my mnemonic phrase?

No put spaces. You press and hold the underscore to input a space

Thanks!

The UI for import mnemonic is very basic. If you type it all in correctly you will get a short "happy" vibration. If there is a mistake in the import it will vibrate 3 times. I'm still working on building a more robust UI around that function

What can i use the crypto tool for?

Basically it works like an offline wallet. So if you have a wallet mnemonic phrase you can use it to generate the keys and addresses for that wallet without requiring a computer connected to the internet that could be used to steal your keys.

It doesn't have full hardware wallet functionality because of limited Flipper memory. So you can't use it as a full hardware wallet like Trezor or Ledger.

That’s a bit sad… but still a great application

I use it as a convenient way to generate addresses for paper wallets without needing a computer.

I know! I'm still looking for workarounds because I would like to be able to do full transaction signing and broadcasting. Maybe someday

Also because of the architecture of the Flipper, it is not as secure as a Ledger for example. I wouldn't use it to store thousands of coins 😂

you shouldn't trust a closed source ledger either

@tardy mist are you going to add functionality to see the amount of coins/tokens in the wallet?

@elfin arrow I recommend https://www.ledger.com/secure-hardware-and-open-source

Open source and secure hardware ain't that easy

@tardy mist that's nice work dude I really like the idea " The goal of this project is to see how much crypto functionality can be brought to the Flipper Zero."

It's truly nice to see initiatives like that and I'm curious to see what could come out if this had a few more contributors. Me too I'd like to explore more functionality on Flipper! I might be a slightly biased (working at Ledger) coming from a security background I don't think that the wallet itself should be the main functionality for flipper. Don't get me wrong it's nice to have and attack surface is way smaller than software wallets but as you said due to the architecture it won't be as secure as common hardware wallets. BTWI do think there is a sweet spot for very cheap hardware not super secure but this ain't the flipper case. However using it as a signer for a smart contract wallet such as ERC 4337 describes on Ethereum would be simply amazing. I am pretty sure whoever builds such feature will be hailed as a hero (at least by me and my fellow account abstraction friends)

So I'd like to explore features that are using the flipper in interaction with secure hardware. Could be various things the signer in smart contract wallet seems a no brainer but look let me list a few things I have in mind :
• Derivation path scanning for "recovery" purposes (Xpub scanning on BTC)
• Storing useful information such as descriptors from miniscripts as shown there https://www.youtube.com/watch?v=dkxIC1Ibz10&t=5s
• Handling / signing PSBT https://bitcoinops.org/en/topics/psbt/

It's a huge rabbit hole, talk about hardware security is endless. There is no hardware in the world that can be fully verified and therefore trusted (which can be purchased without any problems and huge costs). This is entirely my choice, I don't trust Secure Element for anything that contains important data

On a physical level, there is always the soldering iron option 🙂

I do agree there is no such thing as perfect hardware security. Then the "I don't trust a secure element for anything important" is debatable in terms of general recommendation but being a freedom maximalist I am perfectly fine with you storing your secrets however you want.