Case Wallet Review
When I first heard about Case Wallet, I was intrigued. The fact that it used a 2-of-3 multi-sig setup like we do at BitGo made me interested to see if this product would be able to merge the security of multi-sig with the ease-of-use of a dedicated hardware device.
I realize I’m not the first to review the Case Wallet, but my device was delayed for several months due to a fault that was found while broadcasting transmissions in low signal areas. This was relevant to me since I live in a low signal area on the fringes of suburbia; I also wanted to check if any other early complaints had been addressed.
When you register the Case Wallet, you have two options for key storage, just like we offer at BitGo. You can choose to have your third key held by a Key Recovery Service (in Case’s case, Third Key Solutions which is owned by Andreas Antonopoulos) or you can hold the third key yourself. There are trade-offs between these choices. Self storage is technically the more secure solution because you don’t have to worry about Third Key Solutions colluding with Case to steal your bitcoins. But in reality, the chances that the average user will lose their third key or have their storage system compromised are orders of magnitude higher than Case and Third Key Solutions colluding or having both of their systems compromised. Self storage should only be chosen by technical experts who are meticulous about their security and backup practices.
I did choose to create and store my third key myself using my Mycelium Entropy; the steps I used were similar to those I wrote up in How to create a BitGo Wallet with Mycelium Entropy generated keys.
Unfortunately, my first attempt at registration failed. I tried registering half a dozen times at different locations inside and outside of my house, but couldn’t get a signal.
As I noted, I expected this to happen — it’s not Case’s fault. So I pinged Case support about data coverage. A mere 18 minutes later, I received a response:
AT&T and T-Mobile 2G coverage maps will give you the most accurate information of areas we operate in. Registration requires a slightly stronger signal than normal usage so being in an area with strong signal strength is only necessary during the first time setup.
I relocated downtown, where I was sure that there would be a strong signal. I was pleased to see 4 bars upon my arrival. Now, I must admit that this is the first device I’ve ever owned with a fingerprint scanner, so I’m a noob in this regard. Hopefully this means that my experience should be closer to what the average user would have. The registration process requires you to scan a fingerprint about 10 times. I initially started with my thumb, but received a lot of errors:
I quickly discovered that “poor swipe quality” generally meant “you swiped too slowly.” Once I started swiping in ~0.5 seconds rather than ~1 second, my error rate dropped significantly. However, upon completing all the swipes, my first registration cycle failed with the error “fingerprints don’t match.” I tried the next one using my index finger instead — it went more smoothly and I attribute this to the fact that while registering my (right) thumb I was holding the device in my right hand, resulting in my swipes being at slightly differing angles. With my (right) index finger I was holding the device in my left hand and getting more consistent swiping motions.
At last, I had a registered and working device! As for the operation of the device itself, I found it quite easy to use. The built-in camera is very good at picking up QR codes — it’s much more responsive than my Nexus 6. My main problem with the software on the device itself is that I can’t seem to find a way to view the wallet’s current balance… very odd. Instead of displaying their logo at the top of the home screen, perhaps Case should display the wallet’s balance.
In order to be thorough, I also wanted to walk through the recovery process. When I went to the “lost my device” page on Case’s web site, I was greeted with this:
It looks like the recovery process is simple enough, though it also appears that Case is only currently supporting the condition in which the user loses their device. I’d also like to see them support the condition in which Case ceases to be operational, like we do at BitGo. An open source recovery tool that supports using the key on the device and the third offline key to transfer funds to a new address without touching Case’s servers would greatly boost my confidence in the entire system.
I do have a few minor gripes with the hardware: for example, I think that the charging cord too short — it’s only 2 feet. Also, Case recommends using an AC adapter to charge the device but none is included. I happen to have an AC USB adapter, but had to relocate it to my kitchen because the USB cord was too short to reach from an outlet at the bottom of a wall up to a table. This is just slightly annoying, but it could be easily fixed by spending an extra ~$0.50 on a longer cord.
The inductive charging station is a nice touch, though be warned that when picking up the device after is has been actively charging, the back of the wallet will be fairly warm. It’s not quite hot enough to be unpleasant in my opinion, plus the device cools down once it is fully charged even if it is still on the charging pad.
The built-in GSM access is great (if you aren’t in the boonies) - Case says that their wallet works with 183 mobile carriers in 109 countries and has free global Internet access for the life of the device. But I wondered: who pays for the GSM data access? Will it stop working if Case goes out of business? I sent another email to Case support early on a Saturday morning and received a response in a mere 20 minutes!
We indeed have a contract with providers overseas which allows our device to be accessed in so many countries. The only way for the device to stop working would be if the carriers themselves halted support of that specific frequency band. We plan to continue contractual agreement with our providers and any change would be to broaden our operating scope. There is no contract required from our users as we absorb that cost.
If these are monthly or annual contracts then it seems to me that if Case were to stop paying, the carriers would stop allowing the devices to use their networks. I think it’s an important point to note because this is a single point of failure. If the carriers stopped allowing the device to use their networks but Case still existed, then users could recover their funds with the existing recovery process. But if Case ceased to exist and thus stopped fulfilling the terms of the contracts, users could lose access to their funds.
In general, the device seems to be very good at doing what it claims to do. But at the $250 price point, I’d really like to see the disaster scenario addressed. How does a user recover their bitcoins if Case ceases to exist?
This is the first hardware Bitcoin wallet I’ve purchased because I felt like it was an all-in-one solution as opposed to other wallets that still require the use of a computer. I think this is a great start and I look forward to seeing what the future holds!
Update: after a month of field testing I have encountered other issues:
- No service available in places like Hong Kong, Taiwan, even many areas of San Francisco and the Bay Area
- Difficult to use in low light conditions because the screen is not backlit
- If a transaction fails due to lack of 2G coverage, the device turns off. There is no retry option!