Thin Bitcoin Wallet. Built with React Native and Electrum.
Website: bluewallet.io
Community: telegram group
- Private keys never leave your device
- Lightning Network supported
- SegWit-first. Replace-By-Fee support
- Encryption. Plausible deniability
- And many more features...
Please refer to the engines field in package.json file for the minimum required versions of Node and npm. It is preferred that you use an even-numbered version of Node as these are LTS versions.
To view the version of Node and npm in your environment, run the following in your console:
node --version && npm --version
- In your console:
git clone https://github.com/BlueWallet/BlueWallet.git
cd BlueWallet
npm install
Please make sure that your console is running the most stable versions of npm and node (even-numbered versions).
- To run on Android:
You will now need to either connect an Android device to your computer or run an emulated Android device using AVD Manager which comes shipped with Android Studio. To run an emulator using AVD Manager:
- Download and run Android Studio
- Click on "Open an existing Android Studio Project"
- Open
build.gradlefile underBlueWallet/android/folder - Android Studio will take some time to set things up. Once everything is set up, go to
Tools->AVD Manager.- 📝 This option may take some time to appear in the menu if you're opening the project in a freshly-installed version of Android Studio.
- Click on "Create Virtual Device..." and go through the steps to create a virtual device
- Launch your newly created virtual device by clicking the
Playbutton underActionscolumn
Once you connected an Android device or launched an emulator, run this:
npx react-native run-android
The above command will build the app and install it. Once you launch the app it will take some time for all of the dependencies to load. Once everything loads up, you should have the built app running.
- To run on iOS:
npx pod-install
npm start
In another terminal window within the BlueWallet folder:
npx react-native run-ios
- To run on macOS using Mac Catalyst:
npm run maccatalystpatches
Once the patches are applied, open Xcode and select "My Mac" as destination.
npm run testMIT
Grab an issue from the backlog, try to start or submit a PR, any doubts we will try to guide you. Contributors have a private telegram group, request access by email bluewallet@bluewallet.io
We accept translations via Transifex
To participate you need to:
- Sign up to Transifex
- Find BlueWallet project
- Send join request
- After we accept your request you will be able to start translating! That's it!
Please note the values in curly braces should not be translated. These are the names of the variables that will be inserted into the translated string. For example, the original string "{number} of {total}" in Russian will be "{number} из {total}".
Transifex automatically creates Pull Request when language reaches 100% translation. We also trigger this by hand before each release, so don't worry if you can't translate everything, every word counts.
Builds automated and tested with BrowserStack
Found critical bugs/vulnerabilities? Please email them bluewallet@bluewallet.io Thanks!
All Android release artifacts are built by CI and published to GitHub Releases. Each release includes a signed AAB with Android Code Transparency so anyone can independently verify that the code delivered by Google Play matches what was built from source.
Each release ships (not in this repo—download from the release page):
DFX-Btc-Wallet-<tag>.apk— release APKDFX-Btc-Wallet-<tag>.apk.idsig— detached APK Signature Scheme v4 signature for the APKDFX-Btc-Wallet-<tag>.aab— Play-ready bundle with code transparencyDFX-Btc-Wallet-<tag>-transparency-cert.pem— public certificate for that transparency signatureSHA256SUMS— SHA-256 checksums for the published release assets
Each release tag also includes a link to the GitHub Actions pipeline that generated and uploaded the artifacts. GitHub artifact attestations are published for the release APK, AAB, APK signature, transparency certificate, and SHA256SUMS. See the official GitHub documentation for artifact attestations and attestation verification.
The release APK can also be checked together with its detached .idsig file using Android's apksigner and APK Signature Scheme v4:
apksigner verify --verbose --print-certs \
--v4-signature-file DFX-Btc-Wallet-vX.Y.Z.apk.idsig \
DFX-Btc-Wallet-vX.Y.Z.apkUse the AAB and PEM from the same tag. Verification (bundletool):
bundletool check-transparency \
--mode=bundle \
--bundle=DFX-Btc-Wallet-vX.Y.Z.aab \
--transparency-key-certificate=DFX-Btc-Wallet-vX.Y.Z-transparency-cert.pemThe app installed from Play on a connected device can be verified using adb and bundletool's connected_device mode. See Google's documentation: Verify code transparency of an app.
bundletool check-transparency \
--mode=connected_device \
--package-name="swiss.dfx.bitcoin" \
--transparency-key-certificate=DFX-Btc-Wallet-vX.Y.Z-transparency-cert.pemCertificate fingerprint (compare with tooling output):
openssl x509 -in DFX-Btc-Wallet-vX.Y.Z-transparency-cert.pem -noout -fingerprint -sha256Reproducible builds: use the same Git tag as the artifacts you downloaded; CI builds from that tag.