Hardware wallet

Overview

Hardware wallets are dedicated, special purpose devices that generate and store cryptocurrency private keys. These devices are only used to securely generate cryptocurrency keys and to sign transactions, and offer no other functionality like a typical mobile phone or laptop computer. In contrast, a software wallet is any wallet that generates your keys on a typical computing device such as a phone. Hardware wallets have advantages over software wallets, particularly when it comes to security. Let’s discuss some pros and cons of hardware wallets.

Pros of Hardware Wallets

The key advantage of hardware wallet devices is security. These devices offer the highest level of security that most cryptocurrency consumers will interact with. The reason for this security is the fact that crypto keys are generated and stored entirely offline.

On a normal software wallet, the keys are generated and stored on a device such as a mobile phone or PC. These are general purpose computing devices that connect to the internet. This means there is a higher attack surface — more ways that hackers can try and steal your cryptocurrency! For example, malware that scans your device looking for seed phrases or wallet files. There are also attacks such as malicious wallet software — where an attacker tricks you into installing a fake wallet that steals your coins.

With a hardware wallet, however, your keys are generated on a device that doesn’t do anything else — it only generates cryptocurrency keys and signs your transactions. The seed phrase should only ever be backed up on paper or metal. If this step is followed, the only way an attacker could steal your coins is to physically steal a copy of your seed phrase. This is still possible, but much less likely than widespread malware attacks.

Another advantage is that interacting with the device gives a user more time to “think twice” before entering a seed phrase or signing a transaction. For example, you may find it odd that a malicious website is asking for your Ledger seed phrase when it should only ever be entered into the device itself. Or, the act of fetching your wallet from a home safe may give you time to think about sending coins off to a “doubling scam”.

A third advantage of these wallets is that the software/firmware is most often open source and well-audited by the engineering community. People regularly review the source code and even attempt to break into the devices to find security flaws. This community effort can help prevent security holes in hardware wallets.

Cons

However, there are some cons to hardware wallet use. The first is simply a barrier to entry. You must purchase a device to start using the wallet. In contrast, anyone with a phone or PC can download a software wallet to start using cryptocurrency. Devices can cost anywhere from around fifty dollars to hundreds of dollars, which can be costly for some users.

Users may also find that hardware wallets are less usable for day-to-day transactions, such as online purchases or paying for coffee. Sending from a hardware wallet requires the device itself, plus a PC or laptop the device can connect to. Mobile wallets, for example, are more streamlined for daily purchases.

Another con is that hardware wallets don’t necessarily prevent phishing or other social engineering attacks against users. You may still be tricked into entering a hardware wallet seed phrase into a phishing website, for example, or tricked into signing a malicious transaction with the device. The only help a hardware wallet offers in terms of phishing prevention is time to “stop and think” while you fetch the physical device and seed copy from a safe location.

Hardware wallets can theoretically be vulnerable to supply chain attacks, where a malicious seller can replace the firmware on the device. This firmware could use a predefined set of seed phrases that the attacker has copies of, for example, allowing them to steal your coins at a later date.

One final challenge of hardware is the importance of diligent backups of the seed phrase. The seed phrase must only be stored offline — on a medium such as paper or metal. Users must ensure multiple copies are available and protected from fire, flood, or theft. It is more involved backing up a hardware wallet seed than a software wallet seed that might be easy to store in an encrypted password manager or other secure cloud service.

This article was written by our CryptoCurrency Essentials (CCE) Committee, with special thanks to committee member Josh McIntyre.

Disclaimer

The information presented in this article is for educational and informational purposes only. It does not constitute financial advice, investment recommendations, or any form of endorsement. 

The views and opinions expressed by individuals in this article are solely those of the speakers and do not necessarily represent those of C4 or any other organizations with which they are affiliated.

The mention or inclusion of any individuals, companies, or specific cryptocurrency projects in this video should not be considered as an endorsement or promotion.

Regulations and legal frameworks around cryptocurrencies may vary in different jurisdictions. It is your responsibility to comply with the applicable laws and regulations of your country or region. 

The CryptoCurrency Security Standard (CCSS) has been updated to version 9.0. See the updated CCSS here.

Systems certified under 8.1 are still valid.