Hardware wallets are considered to be the most reliable cryptocurrency storage solution of all. A special device that signs all of its owner’s blockchain operations offline looks so much more reliable than online storage or computer apps. After all, we hear news of hacks and bankruptcies of online cryptocurrency exchange platforms nearly every month, while apps are clearly vulnerable to regular computer threats like malware.
While these considerations are reasonable, investments can’t be totally safeguarded by simply having hardware crypto wallets, for their owners, too, are vulnerable to a number of attacks. Accordingly, these need safeguarding against…
Hot and cold, hardware and software wallets
Before we proceed to analyze the risks, let’s briefly recap the difference between the various types of wallets. For starters, no wallet stores the crypto assets themselves. The information about the assets is recorded in the blockchain, while a crypto wallet is just secure storage for the respective private (secret) key. The owner needs the key to record a new transaction to the blockchain — that is, to make a cryptocurrency transfer. Aside from the secret key, crypto wallets usually store a non-secret public key used to receive transfers.
There are multiple ways to store a private key:
- Encrypted on the server. These are online or custodial wallets offered by popular exchanges, including Binance and Coinbase.
- In a mobile app on a computer or smartphone.
- On a separate offline device.
- As an alphanumeric sequence written down on a sheet of paper.
In the first and second instances, the key storage is always online; therefore, the key can be used to sign a transaction in the blockchain at any time. These are “hot” wallets.
To send money using options three or four, certain extra actions are required: connecting your device to a computer or phone, or entering information from paper. These are “cold” wallets.
A dedicated stand-alone key-storage device is called a hardware wallet; applications designed to store keys on regular computers and smartphones are software wallets.
A hybrid of two and three makes for another viable — if somewhat exotic — option: storing the key in a separate smartphone always kept offline. The mix will produce a software wallet, albeit a cold one.
A few words about paper wallets. A paper wallet is a printout of your keys and/or seed phrase (more on it later), and its uses are limited to receiving money or serving as a backup. To spend your money, you have to submit your private key to an online software solution. That’s when your cold wallet turns into a hot one.
Types of hardware wallets
Hardware wallets most commonly look like USB memory sticks or bulky car keys. They usually feature a screen for checking transactions. To sign a transaction, you connect the wallet to a computer or smartphone, initiate a transfer from the computer or smartphone, verify the information on the wallet screen, and confirm the action by entering the PIN code or simply pressing a button. The main advantage of hardware wallets is that they sign operations without sending your private key to the computer — thereby protecting the data from the simple theft mechanisms.
In addition, many wallets contain extra functionality and can be used as hardware keys for two-factor authentication.
There are also wallets resembling a bank card, and wallets approaching the “offline phone” format, but these are less common. The latter have a fully functional screen and allow signing transactions with QR code scanning. Many of these models have no ports at all other than the charger port, so nothing connects them to the outside world except for the camera and screen.
Risk number one: loss or destruction
The hardware wallet owner’s most obvious risk comes from the possibility of losing the thing. To protect the wallet against unauthorized use — for example, if lost — use a PIN code or biometrics: these need to be activated in your wallet. Unlike phones and bank cards, long PINs can be used — up to 50 digits for some models; just remember: the longer – the better.
Physical destruction of the wallet also destroys the data stored on it, so it’s important to have a backup copy of your private keys. A backup is generated when the crypto wallet itself is created: you’ll see the so-called seed phrase represented by a string of 12 or 24 English words. By entering them in the right order you can re-generate both your public and private keys. Seed phrase generation has been standardized in most blockchain solutions (BIP39 algorithm), so even if, say, a Ledger wallet is lost, you can recover your data to a hardware wallet from another vendor, such as Trezor, or any of the “hot” software wallets.
It’s essential not to keep the seed phrase in any readily available digital form, such as a photo on your phone, a text file or the like. Ideally, it should be written down on paper and stashed away in a very safe place like a safe deposit box or a strongbox. It’s even more important never to reveal the seed phrase to anybody, because its sole function is that of recovering your lost crypto wallet.
Risk number two: phishing and scams
A hardware wallet provides no protection whatsoever against social engineering. If the victim voluntarily chooses to make a transfer or reveal their seed phrase to a fake “crypto wallet technical support specialist”, the money will be gone no matter what hardware protection levels are in place. People are ingenuous when it comes to scams: decoys keep changing all the time. Some shining examples include data breach emails sent to hardware crypto-wallet owners, and fake websites designed as exact replicas of well-known cryptocurrency exchanges or crypto-wallet providers.
It takes vigilance — and even paranoid (in the positive sense) mistrustfulness toward everything unexpected — to prevent the worst from happening. Another great source of help is the integrated cybersecurity system for computers and smartphones, which makes the risk of visiting a phishing site almost nil.
Risk number three: malware
A virus-infected computer or smartphone is a common cause for loss of cryptocurrency investments. If the victim uses an online (hot) wallet, the criminals can steal the private key and perform, all by themselves, any transactions they need to empty the wallet. The trick won’t work with a hardware wallet, but other attack vectors can be employed in this case. For example, the moment the victim makes a legitimate transfer, malware can substitute the destination wallet’s address to redirect the money to the criminals. To pull it off, malware monitors the clipboard and, as soon as a crypto wallet address is copied there, replaces it with the scammers’ wallet address.
The threat can be mitigated to some extent by carefully matching the addresses displayed in the hot wallet or on the cold wallet screen, but depending on the device some other issues may come into play: many hardware wallets have a screen that’s too small to adequately read long blockchain addresses. And knowing that the hardware wallet’s integration with the computer application can also be vulnerable to attacks, even the address displayed on the computer screen can be falsified.
The best strategy is to ramp up your computer or smartphone protection to keep malware at bay.
Risk number four: fake and modified wallets
Buying a hardware wallet is yet another matter to be approached with care: even as they leave the factory, these devices are already in the crosshairs of criminals. There are reports of crypto wallet buyers being sold USB memory sticks with Trojan payloads, fake units with modified firmware, or a “free replacement for a defective device under warranty”.
To avoid such threats, never buy hardware crypto wallets secondhand, from online classified ads, or at online auctions. Always try to order them from the vendors’ official online stores. When the package arrives, inspect the device for damage (streaks of glue, scratches, signs of tampering) and match it to the description provided on the official website, where they usually list the main authenticity features and give recommendations on how to recognize a fake.
Risk number five: physical hacking with memory analysis
This is the most exotic — yet not the most unlikely — threat. Many attacks on popular wallet models (one, two, three, four) are based on the fact that by physically breaking the unit apart and connecting its circuitry to special equipment one can manipulate the firmware, read from the memory, or interfere with data transfer among the unit’s components. As a result, it takes minutes to extract the private key or its lightly encrypted version.
Protection against this risk of is two-fold. First, pay particular attention to the physical security of your wallet, protect it from theft, and never leave it unattended. Second, you shouldn’t disregard extra protection measures, such as a passphrase in Trezor wallets.