Oddbean new post about login | logout What are your favorite hardware wallets, among the latest generation of them? And are there any that you really don’t like?
1) Yes. 2) Yes, anything shitcoin enabled.
Cold card is cool but not great if you need regular access. The nano s was my old fav but I’m going to see if the jade can replace the nano, so fare the jade has been nice but I have only had it for a day or two.
One thing I’ve always wondered about hardware wallets is are they valued at the cost of the technology + market + distribution etc, or is there a ‘crypto premium’ added which is reflective of the value they protect? I would have expected given the free market AND the range on offer, that they’d be considerably cheaper by now on a per unit basis.
Ps. Opsec says no to answering this Q.
you can build your own HW wallet using LNbits for just the cost of the hardware (~$20)
My coding experience extends only so far as to being able to just about spell python
Any HWW that can connect to the internet is garbage IMHO.
Why? There's no known hack of a HWW through such connection.
Bc it’s completely unnecessary. I want my keys offline.
Again, there must be communication to the internet... Usb, qr codes, smoke signals... To your offline keys.
That’s what watchonly wallets are for.
ColdCard, Keystone, SeedSigner These are the ones that support total airgap via microSD, or camera/QR. Technically Specter DIY also meets this criteria, but you have to solder it yourself. If these were available pre-fab they’d be on my list. If there are other fully airgappable vendors I’d like to hear about them.
Passport is great https://foundationdevices.com/passport/ Thank you @Seth For Privacy for your work on this Jade is great. https://blockstream.com/jade/ @Blockstream I don't like anyways wallets that are not Bitcoin only. Coldcard is a notable mention for the more advanced. @NVK
#jade wallet impress me on highest level
Who provides the most objective reviews of the various hardware wallets?
Whichever you can talk about publicly without decreasing your security. Avoid those which talk about themselves publicly without your consent though. (Looking at you Ledger)
They all suck. Till we make more breakthroughs, probably via FROST, COLDCARD and TAPSIGNER make my preferred tradeoffs.
what's your opinion on Jade's model of removing the secure element from the device?
Had a Ledger Nano X for 2 yrs. Really liked it, especially the interface; however the recent scares about a back door led me to swap to Coldcard + Sparrow + Umbrel. Coldcard has lots of interesting features. Question for the pros: is multisig all it's cracked up to be in regard to safety? It seems like you are creating more vulnerabilities in terms of long-term loss of keys. Where do you store all these keys? In a bank vault? With friends? With a pirate's map? Seems like it's adding ways to make an error. If I die, ensuring my kids get my keys is increasingly hard when using multi-sig. With one key, it seems simpler. Obviously it's a personal choice. Just curious to hear everyone's thoughts. Maybe I've overlooked something.
If you are asking about potential problems with multisig you are probably going to have them. NVK (Coldcard creater) talks about this. You are much better off creating a Passphrase and keeping it separate from your Seedphrase. This is much safer for average users & if someone has your 24 words they won't be able to access or even see your bitcoin without the Passphrase I store my seedphrase on paper and a metal plate (lots of options available I bought mine from Coinkite) & my Passphrase is digital (& in my head!)
Jade is cool in that it allows temporary seed phrase login. So it works as a signing device for any number of seeds. A bit like seedsigner.
Jade by Blocksteam. As a side note: I had an "Aha moment" today when I was studying your Unified Theory of Money today. Thank you.
Loving Blockstream Jade. Used Ledger in the past but got nervous about the ‘back door’ issues
Just use Krux with Sparrow once... You can test drive with Krux app, without spending a single sat. https://github.com/odudex/krux_binaries/tree/main/Android It's simple and objective, big QR codes and touchscreen. Later, for a few sats you can buy an Amigo(ready to use), just flash the firmware and have the same touch UX, on a dedicated device without OS and wifi/BLE.
i like cold card! i don’t really know much about any other ones, but cold card is the only one i trust
One guy created an easy to read comparison table of 40+ HWWs https://thebitcoinhole.com You'll find out all specs in minutes. There are several great wallets. What you don't get is how easy to use are they. IMO nothing beats BitBox02 here.
Jade is excellent, I just ignore all the Liquid stuff since it’s not useful to me.
@Foundation Passport and @BitBox BitBox02 - Bitcoin only Edition
You don't need one.. with bluewallet you can setup a miltisig wallet with an old phone. I can have a wallet set up and use old phone for multisig on bluewallet..
why not Trezor ? nobody is talking about it here, even thought they make the most progress not only BIP39, BIP44, now working on TropicSquare-open source chip, but also towards being privacy friendly and open source as fuck
Yeah man, I was thinking the same.
Coldcard + Sparrow wallet combo = top tier for me. Also Seedsigner is a fun little project.
Also you can get a phone and never put a sim card in and run off wi fi and that phone never leaves your house and thats like your bank.. the phone will be online for what like 5 minutes to move funds for availabilitie. 5 minutes is a long time but on off you good
Someone needs to point out this is a terrible idea for any real amount for a very very long list of reasons. I know I won't change your mind but I don't want a noob to see this idea go by unopposed.
Everyone has their own ways and she asked. Untill sha-256 gets broken my btc is safe.. no btc has ever been hacked only erc-20 tokens.. this is my way. She asked I answered.. all shipping addresses can get compromised no company is perfect 👌
If you are worried about supply chain issues similar to the ledger hacks, check out @SeedSigner Device built from generic robot parts available from multiple non bitcoin related suppliers.
And of course a 4 out of 4 multisig is not for a noob I agree.
4 of 4 following none of the current best practices... I look forward to your donation to the scarcity of my sats.
Hahaha sure buddy 🤣 😂 😆
I am obviously biased, but I think your engineering brain would appreciate some of the design choices we have made with our project. If you’re curious to learn more, you can read more about our approach here: https://seedsigner.com/seedsigner-independent-custody-guide/
I am using (for educational reasons only) @SeedSigner , #bitbox02 and #coldcard. These are my favorites. I don't like #ledger I think I could a positive opinion for #Jade but I haven't use t still.
Coldcard SeedSigner Jade is good but be sure to flash the firmware before generating a seed (or ideally importing your own rolled seed) and then keep it airgapped after that, since there is no physical security to prevent a supply chain attack and @Portland.HODL has been able to compromise the Jade by opening, inserting a compromised chip and closing the device such that you’d never know, and it still works with Green wallet (Jades companion software wallet). Wish they’d add better physical security (like making plastic parts break upon opening) because I like that it’s a more affordable for those who need such ✌️
My favorite is Coldcard. I really don't like Ledger or Trezor.
Don't like the fact whatever hard wallet device one gets, one can be tracked they have the device. Remember the Ledger hack. I'm sure those companies will knuckle under to any entity requesting sale information. Given that, I prefer to roll my own cold storage solution.
Seedsigner
People can go on about the pros and cons of various hardware wallets, but in the end, the instruction manual for the wallet is going to tell you to write down your seed phrase on a piece of paper. That’s going to be your primary threat. You can put the piece of paper in a (easily seizable) safe deposit box, or bury it, or keep it in a safe, or try to get fancy by engraving the seed words into a piece of metal instead of paper. But at the end of the day, you’ll end up with some clunky physical analog item, aside from the device itself, which you’ll have to protect. Yes, you can enter some kind of multi signature arrangement with the wallet provider. It’ll require no more than a quick phone call from a government agency to get them to cough their side your key set. Then, even if you’re ok with all of that, some wallet providers (but not all) can push out firmware updates, which is basically the same thing as a back door. Not trying to dissuade you from hardware wallets at all. Just trying to say that you have a lot to think through. It’s not the security slam-dunk that many assume.
The alternative is giving someone else custody of your assets. If you feel comfortable w/that, then you'll choose to leave it w/your exchange. But if you want to custody assets yourself, you'll need to sign transactions w/some kind of device. There are tradeoffs.
All true. So what do you do the secure your bitcoin then?
I have coldcard, ledger and keystone. My favorite is coldcard.
I want to get one
Although a bit too DIY’ish for a consumer market product, IMO Jade is the best overall right now. When Bitkey comes out, everything will change as it will be the first product to apply end-to-end world class design across SW, HW & UX. Are you on the beta @LynAlden ?
BitBox 02
So far I dislike all of them because i don't really understand their advantage. They add just two more parties you have to trust where things can go corrupt. Would only considsr if i would do payments onchain. But this is what we don't want to. we have Lightning for it. So short term we will need a lightning hardware solution. May the purple light always shine on you Mateusz
bitbox 02
Very much depends upon timeframe Lyn: If you’re looking to safely secure over a handful of years, hardware wallets are a good option and there are many to choose from I contend they are a poor choice for long term (decades or generations) because hardware devices *and their interfaces* are notoriously short lived If bitcoin had been around when i started in IT, the most secure storage was archive-quality mag-tape. Step back just a decade, and the best was likely CD/DVDs .. now think about the last two computers you acquired - does either have a DVD drive? What about SD card readers? They were popular for a while and many computers included slots for them - today, not so much. Core point is that todays hardware wallet, may be difficult to access in a decade or two simply because tech and interfaces evolve. As a recent example consider the new iPhone which has now finally switched to a standard USB-C port instead of the apple proprietary one. So for short/medium term, hardware wallets are useful as signing devices, but never to be relied upon for long term security. IMO, for that longer term security you must store the seed and passphrases on very low-tech solutions.
As long as BIP39 is supported by signing devices of the future, I don't think this is so much of an issue. I see signing devices as a convenient way of recieving & spending bitcoin. If long term custody is required, you extract the xpub & wipe the signing device. Your seed words then become your only significant threat to exclusive access. For the average user, I think the Bitbox 02 or Jade would be my recommended wallet. I trust the Cold Card security more but I think the average user is better off with something simpler.
You can take your seed phrase from an old device and recreate the wallet in a new device when technology advances to the point your old device is difficult to use.
Absolutely! So if you’re reviewing every 2-3 years and acting accordingly you’ll be fine If you want to create storage for your unborn grandchildren that will survive half a century without intervention you’ll need a different approach
I put all my favorites in this wallet guide. I really don't like Ledger because their software is closed source and the CEO has admitted they can extract your private key! https://bitcoin.rocks/wallets
Hardware wallets are expensive, impractical, unsecure and dangerous.
Jade is my favorite, it should be cheap, nothing fancy, and it is built by a Bitcoin genius (Adam Back) versus some marketing guy pointing finger guns at you. I just got my buddy onto Jade, he's 75. He understands, the BlueTooth is dropping on it, annoying but I am telling him it's the cheapest and cold storage is sort of a one and done forget it. Further, I had to do a 'factory reset' at one point, with the 12 words to 'recover' it. SO EASY. I love it. No frills.
Seedsigner for sure. One device and you can create multiple singlesig OR multisig wallets. This makes multisig accessible to anybody, It dramatically increases understanding of seeds and wallets. It also causes you to focus on the security of your seedwords, not rely on secure elements - after all, it doesn’t matter what wallet you have, you still have the words written down somewhere. It’s important to break down the purpose of a hardware device: 1. Sign PSBT and transmit to wallet (compulsory). 2. Verify wallet descriptors/address (compulsory). 3. Store seed (optional). Remove it the ‘store’ requirement opens up lots of other possibilities. I nearly dismissed Seedsigner when I first found out it didn’t store seed, but then I realised the genus of it. If I wanted to store the seed in a wallet, Coldcard.
Jade was super easy to setup, Seed Signer was super easy to build
Passport by @Foundation
Trezor Model T is my favourite. Ease of use and fully open source hardware, firmware and works with open-source software like Sparrow Wallet. Cold Card and some of the others here like ledger use use a proprietary secure element. No Thank you.
1. Coldcard; Airgapped and great support materials. 2. Jade; Airgapped and when coupled with qr seeds, hardware doesn't hold any private keys so if you lose it, no big deal. It is a pain to upgrade though. Takes me several attempts. When it works though, its great. However the signing devices are useless if you can't audit your entropy. That's why anyone with a substantial stack should be using https://www.rudefox.io/burrow/. Created by '@bjdweck' on twitter, it's a system you can use to manually verify the dice roll using an airgapped computer.
Sparrow on Tails OS running on a vintage lenovo laptop
Coldcard FTW! If not tech savvy, @Blockstream jade.
coldcard - ensure you verify the firmware and any wallet/node software you're using too.
In general don’t use a device dedicated to storing bitcoin to store bitcoin. Any hardware wallet that isn’t (a) exclusively multisig or (b) is designed to not be able to leak your keys via nonce (I believe only bitboxv2 and Jade) should be considered incompetent at best.
This is confusing
I want to know what you mean but this note is confusing. Can you clarify? 🤙
Fantastic advice matt, really helping.
So why haven’t you implemented provable randomness in the nonce yet? https://damus.io/note1xl5tvtlr9tc9yhyfcy28a4f9uglth9r320y80gp5sadlwsqrkxlszh5gkl
Because it breaks the air gap barrier and it's pointless over engineering
Can’t you generate your own provable randomness with 256 dice rolls with the cold card? Seems Matt is way off-base here.
Point is the signature nonce, not the private key itself
Signature is worthless without the private key 🤷♂️
Signature can leak the private key to an attacker via the nonce :)
Interesting. Would require physical possession though?
Nope, just compromised firmware/hardware.
It seems like the trade off is to either trust your wallet software to not generate leaking nonce or to trust your hardware wallet to not leak via nonce. IMO trusting the hardware wallet is the better option as that is the device that you are trusting to not be compromised already
Nope! There’s no tradeoff, what I’m proposing allows you trust that *both* need to be compromised, instead of just the hardware wallet.
Interesting. This is definitely above my technical expertise, but good to see this being discussed. I think we can all agree that any hardware wallet (ledger included 🤢) are better than trusting custodians
Ah okay. So you’re saying hardware wallet would use the nonce unless it thought the nonce was leaking, in which case it wouldn’t sign. The change is just that software _could_ specify the nonce to use as an additional security measure
The “air gap barrier” isn’t broken lol. The computer is sending instructions (in the form of amount/address) and the hardware wallet is responding. I’m just saying add a nonce to those instructions.
If the HW device doesn't simply use the provided nonce as-is (seems undesirable due to sensitivity of nonces), can't the HW device still grind it's portion of the nonce to exfil? It seems like an extra round of communication is unavoidable? (but likely worthwhile!)
Did you type this drunk?
Seems oddly bait and switch given RFC6979 advises to use deterministic nonce (which secp256k1 has ecdsa support for and Coldcard Mk4 uses?) while folks are trying to redo nonce impl’s for Schnorr signing because DN https://github.com/randombit/botan/issues/2939 https://github.com/BlockstreamResearch/secp256k1-zkp/issues/172 https://github.com/bitcoin-core/secp256k1/pull/1140 Btw can also do deterministic build of Coldcard firmware and flash
Problem is you have a device that you cannot realistically audit the supply chain of, and which is at incredibly high risk of supply chain attacks. Deterministic nonces are great but they’re not auditable - there’s high risk of the machine telling you its doing a deterministic nonce when it is instead leaking your private key with an attacker-derivable nonce! The point of deterministic nonces is “include a hash of the private key and message in the nonce so that you know you didn’t screw up”, that’s great, but you can also build on top. The computer driving the hardware wallet can input randomness which the hardware wallet can prove was incorporated into the selected nonce. This allows the device to prove to the computer its not leaking your private key, requiring an attacker to compromise *both* your computer and the device, not just the device! Hardware wallets that don’t use such a protocol should absolutely be considered, at best, incompetent, maybe malicious.
So your proposed alternative is the average user does what exactly—use airgapped laptops w/ bitcoin core for everything?
Hmm? No, the average user uses a hardware wallet and corresponding software control wallet which implements such a protocol completely transparently to them.
Most people today are using Sparrow with HWW of choice via PSBT (air-gapped or usb). Maybe specter after that…
Okay? Add an extension to the PSBT with requested nonce. This is really trivial stuff.
Agreed and we have suggested adding as a new field 🤝
Jade is my go-to _o/
SlimFold Simple. Durable. Perfect. https://www.slimfoldwallet.com/collections/soft-shell
1. Foundation Devices Passport. Trending 2.Blockstream Jade. Trending 3. Seed Signer. Neutral-hold rating. All 100% air gapped. Jade has Bluetooth/ possibly a ding.
Coldcard. Maybe a steeper learning curve than others. When used in conjunction with Sparrow on desktop there really isn't a compelling reason to use any other combination. If on a budget then just use tailsOS, install Sparrow. While tailsOS is technically not a hardware wallet, it has been battle tested for years with electrum and gets the job done. AND it's free.
BitBox02, but I'm obviously biased as I'm working on it. Open source, has Anti-Klepto, Miniscript, Taproot, advanced multisig and is super easy to use. https://void.cat/d/M4UHhzS3sZ8fnoesYRw7Np.webp
Cold card x Sparrow is so great. Used Ledger for a good while, but fell into NVKs funnel, but having a bigger display, actual number buttons and it looking just like a goofy calculator. Watching Natalie Brunell’s video helped heaps (couldn’t find her npub) can recommend
Trezor T for me for sure.
Trezor One, open source 💪🏻
Personal story: since the Ledger's leak and didn't like Coldcard (sorry, not for me), I decided to take another path: use a very old Android phone, took everything out and just left with two wallets: Bluewallet with the Vault and Samourai Wallet. First, receive my sats in Samourai and send to Whirpool, after several days, send partially to Vault to where I'm stacking sats. And then, I'm going to take this phone directly to a lake where I'm going to fish with my phone. Rumor I've been told is fish love phone with private seeds. nostr:note183qrxphd7e70ec5u65f7d0k2qe6xg0v68ru64ynv6aak0jewevkqql3k4z
CC
Jade is great from a Bitcoin only and price perspective, removing the secure element from the device could be smart, but I guess time will tell. Seedsigner is great if you are even slightly technically inclined, as you get multiple layers of assurance that your seed isn't accessible by anyone. Coldcard is the GOAT so far. Trezor caters to far too many altcoins, which divert dev resources away from Bitcoin related security work. Ledger is dead to me.
BitBox. No opinion on others.
1) keystone pro, jade 2) ledger
@SeedSigner is best! Ledger is a scam,; CEO himself Said He will extract your Keys from the Wallet via remote If a government Calls him Up. Bitbox is so far ok, but i really hate their Touch Panel, Drives me crazy. Once again, Open source Community products Like seedsigner are best; No one can force Updates on your seedsigner; Even bitbox devs could force Updates onto your device without telling you. So better don't Trust - verify!
🧡
1 more Thing to add: You will want to start with single Signature. But in the end you will do multisig. You get redundancy and Higher security. Most Hardware Wallets cannot do multisig. So you buy twice. @SeedSigner is Made for single and multisig. The device and their Webpage will teach you everything. I really recommend it. It is amazing knowledge for free.
Important conversations, however, loathe to discuss specific personal details: Don't trust, verify is great advice because bitcoin is so verifiable Lots of testing of combos of hardware and software can be employed and compared, prioritize testing of backups as nvk implores Sadly, the IT/gov industrial complex has made computing/networks so insecure... So education, practice and vigilance are key
