Ballet Wallet — a critical look
At the North American Bitcoin Conference in January 2020 in Miami, I ran into Bobby Lee. Bobby Lee has been involved in bitcoin mining and recently launched a physical wallet called the Ballet Wallet. (Bobby Lee’s brother Charlie Lee created Litecoin). Bobby asked me to give a review of the Ballet Wallet, which follows.
The Ballet Wallet is a beautiful metal card, packaged in environmentally friendly cardboard. It pairs with a mobile app with a nicely designed UI. It is for sale at $35 in the US. Unfortunately, the downsides outweigh all of that. The number one downside is that the private key is pre-generated. This means that you never know if funds stored on the card will be stolen. The second downside is that the physical object does not have the ability to send transactions, thus a mobile software wallet is required, meaning the private keys must be exposed to the mobile device.
A fixed deposit address encourages address reuse (damages privacy of the user as well as indirectly damages the privacy of others).
Using stickers for the private key means that funds can be lost due to fire (the card is metal but the important information is just printed on sticky paper). This is a metaphor for the wallet itself. There are products available where you can put a private seed onto steel yourself, giving your backup fire resistance. Putting a private seed on a sticker and sticking it to metal does not add security. Having a “cold” hardware wallet but using a mobile wallet with the private key in software also defeats the point. There are proper hardware wallets like the Coldcard, Trezor, and Ledger, which generate the private key on the device, do not reuse addresses, and allow you to generate transactions without exposing the private key. These devices are similarly priced to the ballet wallet. A paper wallet, which is similar in function and security to the ballet wallet, is essentially free.
If there is a factory defect and the private key is not provided or complete under the sticker, then any funds sent to the public address QR code could be irretrievably lost.
How could the private keys be leaked? The sticker could conceivably be scanned and resold. Alternately, the original manufacturer could choose to keep copies of the private keys at both location with the option of taking funds at a later date. A rogue employee at each location could exfiltrate the partial private keys, combining them at a later point. A third party could install surveillance equipment at each location or analyze discarded hardware from each location to get the partial keys.
It might seem that the card, intended for small amounts, would not be a big enough target to warrant the attack. Consider if 1 million cards are sold and loaded with $50 on average. Someone who could access the private keys could effortlessly steal $50 million dollars (after quitting a job at the factory and disappearing). In a traditional heist, the thief steals, then disappears. In this case, the thief disappears first, then commits the theft. The thief could be long gone by the time anyone notices that something is wrong. If bitcoin were to appreciate 10-fold, the total amount in the wallets could rise to $500 million. This is an amount that may draw the interest of more sophisticated criminals.
In conclusion, while the Ballet Wallet and App may have good intentions, I cannot recommend their use for any purpose.
