I had no idea about this AOPP. But, how does this imply to users who've bought it with cash? As I've said, there's no way I'll ever have a hardware wallet delivered to my house; especially if it requires me to, essentially, submit KYC-kind of details.
It makes no difference to how you buy the hardware wallet.
AOPP was designed to make it easier for users to prove to centralized exchanges the addresses they are withdrawing to are owned by them. It is essentially KYC but for your own addresses and your own wallet. By doing this, you essentially have to ask permission from the exchange to be allowed to withdraw your coins to your own wallet. And any time permission has to be asked, it can be refused, and you can be censored. This is the exact opposite of what bitcoin stands for, namely self custody and censorship resistance. By implementing and supporting AOPP, then you are anti-privacy and pro-censorship as far as I am concerned. And BitBox don't just implement it - they developed it.
There is a good Twitter thread from Samourai about it here:
https://nitter.net/SamouraiWallet/status/1486771410949357571Thanks for that link, it helped me understand what AOPP is a little better. What I don't understand is what it has to do with BitBox being a decent HW wallet or not.
It has no major implications for the security of a BitBox, but it certainly has big implications for your privacy, and it says a lot about the principles of the company. Just as I'm never going to use Wasabi again since they started coordinating with blockchain analysis even if the wallet itself still works fine, I'm never going to use a hardware wallet which is implicit in undermining the very principles of bitcoin.