Wallet Logo

Ballet Crypto Bitcoin Block

🔍 Last analysed 18th May 2022 . Provided private keys

Jump to verdict 

Help spread awareness for build reproducibility

Please help us spread the word discussing build reproducibility with Ballet Crypto Bitcoin Block  via their Twitter!

Do your own research!

Try out searching for "lost bitcoins", "stole my money" or "scammers" together with the wallet's name, even if you think the wallet is generally trustworthy. For all the bigger wallets you will find accusations. Make sure you understand why they were made and if you are comfortable with the provider's reaction.

If you find something we should include, you can create an issue or edit this analysis yourself and create a merge request for your changes.

What is a bearer token?

Bearer tokens are meant to be passed on from one user to another similar to cash or a banking check. Unlike hardware wallets, this comes with an enormous "supply chain" risk if the token gets handed from user to user anonymously - all bearer past and present have plausible deniability if the funds move. We used to categorize bearer tokens as hardware wallets, but decided that they deserved an altogether different category. Generally, bearer tokens require these attributes:

  • Secure initial setup
  • Tamper evidence
  • Balance check without revealing private keys
  • Small size
  • Low unit price
and either of these applies:
  • Somebody has a backup and needs to be trusted.
  • Nobody has a backup and funds are destroyed if the token is lost or damaged.

The Analysis 

Background

The Ballet Crypto Bitcoin Block is another product from Ballet Crypto

Product Description

Bitcoin BLOCKs contain the entire coinbase reward of a newly-mined block. This includes both the base block reward of 6.25 BTC as well as all transaction fees mined in that block.

“Virgin Bitcoins”

The bitcoins come straight from our mining pool partner, mined directly from the coinbase transaction in each block, straight to your physical Bitcoin BLOCK, with no intermediate hops. These bitcoins have no prior transaction history, and thus provide the highest level of privacy.

The concept the provider is getting at here is “taint” and goes back to a Case Law ruling in England of 1758 (Miller vs. Race). “Does the recipient have to care about the origin or history of a bank note?” Judges ruled “No!” as otherwise bank notes simply wouldn’t work as money. Bitcoin today has no such ruling in its favor and some actors already seize or reject Bitcoins that by their assumptions are the proceeds of illegal activities. The provider here is offering “virgin” as in “freshly minted” Bitcoins under the assumption that those are without any history attached.

The claim that these coins “provide the highest level of privacy” obviously is false as the provider knows the identity of the buyer. If those coins themselves now are used in a crime, law enforcement would have a name and address to go ask about it. That is the opposite of “privacy”.

Private Keys

Bitcoin BLOCKs are made using Ballet’s innovative Two-Factor Key Generation (2FKG) process, which utilizes the industry standard BIP38 process to split the private key into two components (the BIP38 passphrase and the encrypted private key). Bitcoin BLOCKs are manufactured in two separate steps in two different locations around the world. This provides what we consider to be the highest level of private key security for the customer.

Included in the block are the following:

  1. Block number
  2. Block reward
  3. Serial number
  4. Bitcoin address (QR code)
  5. Bitcoin address (text)
  6. Tamper-evident scratch-off
  7. BIP38 passphrase
  8. Encrypted private key (QR code)
  9. Encrypted private key (text)
  10. Honeycomb pattern indicating tampering

Unlike other Ballet Crypto products, potential buyers would have to contact Ballet if they are interested. This is not available in their online store.

Analysis

Ballet Crypto’s 2FKG process has been tackled before in the reviews noted above. The CEO, Bobby Lee even put up a hacking challenge for 2 BTC.


In the challenge, he displays 2 Ballet Crypto Real cards. One with the encrypted private key in full display and the other with the passphrase displayed. Hackers would try to find the passphrase for the former, and the private key for the other.

The premise is that ‘collusion’ between two parties in the manufacturing process is in the realm of possibility. As to the BIP-38 encrypted passphrase, the $5 wrench attack does have the potential to coerce the owner to give up his passphrase under duress.

This leads us to a similar verdict about the dangers of having the private keys printed on the bearer token.

(dg)

Verdict Explained

The device gets delivered with private keys as defined by the provider!

As part of our Methodology, we ask:

Provided Keys!

Are the keys never shared with the provider?

If the answer is "no", we mark it as "Provided private keys".

The best hardware wallet cannot guarantee that the provider deleted the keys if the private keys were put onto the device by them in the first place.

There is no way of knowing if the provider took a copy in the process. If they did, all funds controlled by those devices are potentially also under the control of the provider and could be moved out of the client’s control at any time at the provider’s discretion.

The product cannot be independently verified. If the provider puts your funds at risk on purpose or by accident, you will probably not know about the issue before people start losing money. If the provider is more criminally inclined he might have collected all the backups of all the wallets, ready to be emptied at the press of a button. The product might have a formidable track record but out of distress or change in management turns out to be evil from some point on, with nobody outside ever knowing before it is too late.