Besides tamper-evident packaging, the better way is via the device authenticity check. Briefly, each BitBox02 has a unique key on its secure chip, that is generated and signed during factory installation.
The BitBox App automatically verifies authenticity using a challenge-response process to this key. If the device fails to prove it's genuine, a clear warning is shown to the user.
Yes! We have a blog post on this topic:
https://blog.bitbox.swiss/en/supply-chain-attacks/
Besides tamper-evident packaging, the better way is via the device authenticity check. Briefly, each BitBox02 has a unique key on its secure chip, that is generated and signed during factory installation.
The BitBox App automatically verifies authenticity using a challenge-response process to this key. If the device fails to prove it's genuine, a clear warning is shown to the user.