What is a hardware wallet
A hardware wallet is a special type of cryptocurrency wallet which stores the user’s private keys in a secure hardware device.
They have major advantages over standard software wallets:
- private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext
- immune to computer viruses that steal from software wallets
- can be used securely and interactively, private keys never need to touch potentially-vulnerable software
- much of the time, the software is open source, allowing a user to validate the entire operation of the device
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.
However, it’s important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.
How a hardware wallet could fail to protect your Bitcoin:
Malware swaps recipient Bitcoin addresses: a hardware wallet won’t protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient’s authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient’s Bitcoin address is recommended.
Insecure RNG (Random Number Generator): hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet’s private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating pseudo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.
Imperfect implementation: the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.
Compromised production process: even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a real concern for high risk financial and military applications.
Compromised shipping process: a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors are known to exist.
- While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., Ledger, TREZOR).
- Cold storage solutions implemented with open source software and general purpose hardware (e.g., BitKey, Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).
The top 1o reason for using a hardware wallet
The top reason people use hardware wallets is fear of hacking and cyber theft. A report of a major new cyberattack or altcoin theft appears in the news almost every day.
Some of the biggest names in cryptocurrency have been cleaned out by cyber predators. Users of the popular Parity digital wallet lost 150,000 Ethereum coins, worth an estimated $30 million to hackers in July, Business Insider reported. The crooks apparently cracked Parity by going through gaming sites including Swarm City and Edgeless Casino.
That means any wallet, exchanges, mining site, or retailer might be hacked at any time. The growing number of altcoin Visa and MasterCard accounts and wallets makes such piracy even more likely in the future.
Major new security holes will appear as solutions like TenX, Uquid, Change Bank, Omise and Shakepay that allow users to spend Bitcoins, DASH and Ethereum at brick and mortar retailers become common place. The level of security at Coinbase or a major cryptocurrency exchange might be high, but what about the protections at our corner bar or the dollar store?
As the number of places where cryptocurrency can be spent grows, so will the level of vulnerability. More opportunities for spending altcoins will give the bad guys more chances to steal your altcoins.
Using a hardware wallet can reduce your exposure to the cryptocurrency ecosystem because it is not connected to the grid. Since Bitcoin or DASH stored in a TREZOR, or Ledger Neo, is offline it is totally safe from hackers until connected.
Protection from failure of the internet
Another danger some people worry about is the failure of the internet. This might include cyber attacks, such as the one the Russian government allegedly launched against the United States in October 2016.
Other dangers include power outages, natural disasters, war, cyberterrorism and solar storms. Some scientists believe that a massive solar storm might destroy the internet, Network World reported. That would make it impossible to access cryptocurrency unless it was stored in a hardware wallet.
Something to keep in mind is that a lot of the cryptocurrency infrastructure is located in distant countries. Some of the major mining operations are located in Iceland. Others are in China, and there is also talk of major altcoin storage operations in Russia. What would happen to your coins if revolution broke out in either of those countries?
Owning a hardware wallet will mean that your coins are safe in a peaceful, free and law-abiding country like Canada or the United States. It means you won’t have to worry every time you see reports of war or political unrest in the news.
Protecting cryptocurrency from the government
Another reason why many people are turning to hardware wallets is to protect their cryptocurrency from the government. Some people are afraid of the taxman, while others are afraid of currency controls or efforts to ban cryptocurrencies.
Politicians might try to ban all cryptocurrency in an effort to force everybody to use the government’s paper money. Leaders might take such a step because they can always print more paper money if they need it. Governments often take such steps when inflation or deflation destroys the value of the fiat currency.
History buffs know that such fears are hardly irrational, even democratic governments have tried to ban alternatives to fiat currencies in the past. Back in 1933, U.S. President Franklin D. Roosevelt or FDR (who is still regarded as a hero by many) issued Executive Order 6102 which required all citizens to turn gold bullion into the federal government. Roosevelt took that step to force Americans to put their money in dollars whether they wanted to or not.
More recently in 2013, the European Union seized all deposits of more than $119,187.50 (€100,000) in the second largest bank in Cyprus, The Guardian reported. Persons with smaller accounts had their money transferred to the Bank of Cyprus against their will.
The action was taken to enable Cyprus to pay back the European Central Bank. It is not hard to imagine governments seizing cryptocurrency or digital wallets in the future or simply shutting them down. Authorities in some countries including Venezuela have already targeted Bitcoin miners for raids and arrest.
Yet another danger that many people fail to think about seizure by a foreign government. Assets in Canada and the United States are protected by law, but what about assets in servers in other countries.
Another threat would be something like the Great Firewall of China which would stop people from getting access to their altcoin wallets. The Great Firewall is a barrier that is supposed to stop Chinese from accessing websites not approved by the Communist Party.
Hardware wallets vs. government seizure
A hardware wallet can provide the ultimate protection from government seizure. A person can simply stuff such a wallet in his pocket, and take it with him when he leaves the country.
It might be possible to hide such a wallet in your luxury when you board a train or plane or bring it along in your car. Since the wallets are tiny, authorities would have a hard time finding them.
Hardware wallets might be easy to hide in your home, potential hiding places include under the floor, in heating vents, furniture and in safes. Another great place to hide a hardware wallet is in a safety deposit box at a bank or in a safe in your storage locker.
How to keep hardware wallets safe?
Hardware wallets provide protection but they can be vulnerable to floods, moisture, fire, theft, and other hazards. A good way to keep your cryptocurrency safe is to always store your hardware wallet in a locked, fireproof container that is airtight and watertight – in other words, a safe, when you are not using it.
A good hardware wallet can provide an extra layer of security and protection for your cryptocurrency if you use it properly.