{"id":41126164,"url":"https://github.com/embetrix/satobox","last_synced_at":"2026-04-18T01:06:06.710Z","repository":{"id":274338592,"uuid":"921844476","full_name":"embetrix/satobox","owner":"embetrix","description":"Satobox is an open-source Yocto-based, privacy-focused and secure bitcoin full node solution designed for embedded linux devices.","archived":false,"fork":false,"pushed_at":"2026-01-30T16:42:28.000Z","size":10823,"stargazers_count":2,"open_issues_count":7,"forks_count":0,"subscribers_count":1,"default_branch":"scarthgap","last_synced_at":"2026-01-31T07:44:28.680Z","etag":null,"topics":["anonymity","bitcoin","bitcoin-node","bitcoin-wallet","cryptocurrency","cryptography","embedded","hardware-wallet","linux","raspberry-pi","security","toronionproxy","wallets","yocto","yocto-layer"],"latest_commit_sha":null,"homepage":"","language":"BitBake","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/embetrix.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-01-24T18:13:01.000Z","updated_at":"2026-01-23T17:36:17.000Z","dependencies_parsed_at":"2026-01-22T02:02:09.142Z","dependency_job_id":null,"html_url":"https://github.com/embetrix/satobox","commit_stats":null,"previous_names":["embetrix/meta-satobox","embetrix/satobox"],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/embetrix/satobox","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/embetrix%2Fsatobox","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/embetrix%2Fsatobox/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/embetrix%2Fsatobox/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/embetrix%2Fsatobox/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/embetrix","download_url":"https://codeload.github.com/embetrix/satobox/tar.gz/refs/heads/scarthgap","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/embetrix%2Fsatobox/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29193997,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-07T07:37:03.739Z","status":"ssl_error","status_checked_at":"2026-02-07T07:37:03.029Z","response_time":63,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anonymity","bitcoin","bitcoin-node","bitcoin-wallet","cryptocurrency","cryptography","embedded","hardware-wallet","linux","raspberry-pi","security","toronionproxy","wallets","yocto","yocto-layer"],"created_at":"2026-01-22T18:05:55.064Z","updated_at":"2026-02-07T12:00:48.509Z","avatar_url":"https://github.com/embetrix.png","language":"BitBake","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![CI](https://github.com/embetrix/satobox/actions/workflows/ci.yml/badge.svg)](https://github.com/embetrix/satobox/actions/workflows/ci.yml)\n\n\n## Overview\n\n\u003cp align =\"left\"\u003e\u003cimg src=images/satobox.png width=180 height=105 /\u003e\u003c/p\u003e\n\nSatobox is a privacy-first, open-source embedded Linux distribution purpose-built for secure Bitcoin self-custody. Built on Yocto/OE-Core, it delivers a minimal, hardened operating system optimized for running a Bitcoin node with strong privacy defaults and hardware wallet integration.\n\nMost existing Bitcoin node solutions (e.g., Umbrel, RaspiBlitz) rely on general-purpose Debian/Ubuntu systems and large collections of precompiled packages, which can introduce additional supply-chain and security risks. Satobox takes a different approach: a small, reproducible, security-hardened OS built from source, designed to minimize attack surface and maximize transparency and user sovereignty.\n\n\n### Key Features\n\n- Bitcoin full node: [Bitcoin Core](https://github.com/bitcoin/bitcoin) with RPC and hardware wallet support\n- Privacy: Integrated [Tor](https://gitlab.torproject.org/tpo/core/tor) for Bitcoin traffic privacy\n- Transaction indexing: [Electrs](https://github.com/romanz/electrs) server for fast wallet indexing\n- Wallet management: Integrated via [Specter Desktop](https://specter.solutions/desktop) with support for all major [hardware wallets](https://hwi.readthedocs.io/en/latest/devices/index.html#support-matrix)\n- Security: Hardened with best practices\n- Flexible deployment: Runs on QEMU emulation or any Linux hardware with enough RAM/CPU resources\n- Reproducible builds: Yocto for consistent and reliable builds from source\n\n\n\u003cp align =\"center\"\u003e\u003cimg src=images/satobox_overview.png width=512 height=340 /\u003e\u003c/p\u003e\n\n## Security\n\n- Minimal system configuration with only required components and least-privilege principles\n- Built entirely from source using Yocto / OE-Core (reproducible builds)\n- Firewall enabled by default\n- USBGuard to restrict unauthorized USB devices\n- Hardened compiler and linker security flags\n- Read-only root filesystem\n- No SSH or login on mainnet images\n\nAdditional security mechanisms may be introduced in the future (e.g. secure/measured boot, secure storage, file system encryption) if there is community interest or real-world demand.\n\n## Build\n\nThis layer can be integrated in your layers or built standalone using [kas-tool](https://github.com/siemens/kas):\n\nPrerequisites:\n\n- Container runtime: Docker or Podman\n- `kas` + `kas-container`\n\n```\npip3 install kas\n```\n\nTo perform a build:\n\n```\nKAS_MACHINE=\u003cMACHINE\u003e kas-container build kas-satobox.yml\n```\n\nExample for raspberrypi5:\n\n```\nKAS_MACHINE=raspberrypi5 kas-container build kas-satobox.yml\n```\n\nBy default Satobox is configured to use the `signet` test network.\n\nTo enable `mainnet`, set the environment variable `BTC_CHAIN=\"mainnet\"`:\n\n```\nKAS_MACHINE=raspberrypi5 kas-container --runtime-args \"-e BTC_CHAIN=mainnet\" build kas-satobox.yml\n```\n\n`mainnet` requires dedicated fast storage for the full blockchain and indexing.\nFor Raspberry Pi deployments, use a Raspberry Pi 5 with an [M.2 HAT](https://www.raspberrypi.com/documentation/accessories/m2-hat-plus.html) and an NVMe SSD with at least **2TB** capacity.\n\n## Flash SD Card\n\nFlash image on a SD Card (at least 32GB) using [bmap-tools](https://github.com/yoctoproject/bmaptool):\n\nIf you are not building from scratch, you can download the prebuilt image artifacts from [GitHub Releases](https://github.com/embetrix/satobox/releases) and flash those instead.\n\nWarning: double-check the target device before flashing (this will overwrite the selected disk).\n\n```\nsudo bmaptool copy \\\n     build/tmp/deploy/images/raspberrypi5/satobox-image.wic.bz2 \\\n     /dev/mmcblk0\n```\n\n## Run \n\nInsert the flashed SD card into the Raspberry Pi, connect it to your network, and power it on.\n\nIf an NVMe drive is detected (for example via an M.2 HAT), it will be automatically formatted and used for data storage.\nWarning: this will erase all data on that NVMe drive.\n\nFind the device IP address (for example from your router/DHCP leases), then open the Specter Desktop wallet management UI at:\n\n```\nhttps://\u003cIP\u003e/specter\n```\n\nAlternatively, you can access it via the device hostname:\n\n```\nhttps://\u003cHOSTNAME\u003e/specter\n```\n\nDefault credentials: username `admin`, password `admin` (change this after first login).\n\nNote: your browser will warn about the HTTPS self-signed certificate.\n\n\n![specter-desktop](./images/specter-desktop.gif)\n\n\n\n## Networking\n\nUse an Ethernet connection for best Network stability and throughput.\nNetworking via DHCP is configured by default, just plug in Ethernet and the device will obtain an IP address automatically.\n\nWi-Fi is currently not supported.\n\n\n## Documentation\n\n- [Usage Guide](USAGE.md) Wallet operations, transaction management, and CLI commands\n- [Disclaimer \u0026 Legal](DISCLAIMER.md) Important legal information\n\n## Contributing\n\nIf you want to contribute changes, open a pull request at:\n\nhttps://github.com/embetrix/satobox/pulls\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fembetrix%2Fsatobox","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fembetrix%2Fsatobox","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fembetrix%2Fsatobox/lists"}