Hardware Wallets Explained, Reviewed and Compared

00:00

What are hardware wallets?

00:02

Are they really the safest way to store Bitcoins and other cryptocurrencies?

00:05

Can they be hacked?

00:06

And what happens if I lose my hardware wallet?

00:09

Are my coins lost?

00:10

Well, stick around.

00:11

Here on Bitcoin Whiteboard Tuesday, we’ll tackle these questions and more.

00:21

Hi, I’m Nate Martin from 99Bitcoins.com

00:23

and welcome to Crypto Whiteboard Tuesday

00:26

where we take complex cryptocurrency topics,

00:28

break them down and translate them into plain English.

00:31

Before we begin, don't forget to subscribe to the channel

00:33

and click the bell so you’ll immediately get notified

00:36

when a new video comes out.

00:38

Today’s topic is hardware wallets.

00:40

But before we dive deep into hardware wallets

00:43

we need to understand how any Bitcoin wallet works in general.

00:46

The term Bitcoin wallet is a bit misleading,

00:49

as a Bitcoin wallet doesn’t really hold any Bitcoin.

00:52

Technically speaking,

00:53

a Bitcoin wallet is a software that holds passwords,

00:56

sometimes referred to in cryptographic terms as keys.

01:00

These keys give your wallet access to the Bitcoins allocated to it

01:03

on the Bitcoin transaction ledger called the blockchain.

01:07

So when you use any Bitcoin wallet,

01:09

you’ll encounter two important terms.

01:12

The first is a Bitcoin address,

01:14

this is what you send to people who want to pay you in Bitcoin,

01:16

kind of like an email address.

01:18

The second is a private key.

01:20

The private key allows you to access and control the Bitcoins you own.

01:25

For our email account analogy,

01:26

you might think of your private key as the password to your email account.

01:30

Aside from holding your private key,

01:32

the wallet also signs Bitcoin transactions on your behalf

01:35

using your private key,

01:36

and broadcasts them to the Bitcoin network.

01:39

Let me explain:

01:40

When you want to send Bitcoins to someone else,

01:42

you need to prove ownership of those Bitcoins to the whole network

01:45

so it will agree to change the ledger of transactions.

01:48

To achieve this,

01:49

your Bitcoin wallet takes your requested transaction,

01:51

signs it on your behalf using your private key

01:54

and broadcasts this digital signature to the network.

01:57

In a nutshell,

01:58

a digital signature is a way to prove you own a certain private key

02:01

without needing to expose it.

02:03

It’s done through the use of complex mathematical rules

02:06

known as cryptography.

02:08

This whole process is kind of similar to you signing a check

02:11

authorizing the transfer of money from your account.

02:14

Once a transaction is signed,

02:16

the wallet then broadcasts it to the whole network

02:18

which validates its authenticity.

02:20

Eventually,

02:21

this transaction will be entered by Bitcoin miners on to the blockchain,

02:24

and the transaction will be considered complete.

02:27

So, what does this all have to do with hardware wallets?

02:30

If my wallet is just a piece of software,

02:32

why can’t I just have it on my computer, like any other software I use?

02:36

Well, as you probably know,

02:38

stealing a piece of information from a computer

02:40

isn’t that hard these days.

02:42

And if the computer running your Bitcoin wallet

02:44

is infected with malware

02:45

it may expose your private key to bad actors.

02:49

Hackers may be able to take control over your computer

02:51

or see what’s displayed on your screen.

02:54

And once your private key is exposed,

02:56

your Bitcoins are no longer under your control.

02:58

They could be easily transferred to anywhere the hacker chooses.

03:02

In order to avoid this situation you have two options:

03:05

First -

03:06

You could make sure your computer is completely malware free.

03:09

While this may sound easy,

03:10

most viruses are either disguised as legitimate software

03:13

or have a way to avoid detection by Antivirus software.

03:17

The other option would be to use a wallet that is “immune” to malware,

03:21

so to speak, keeping your private key safe.

03:24

This is exactly what hardware wallets are designed to do.

03:27

Simply put,

03:28

hardware wallets are computers

03:30

that have been stripped down of all logic

03:32

except for a small screen, a button or two

03:34

and the simple action of storing keys and signing transactions.

03:38

Hardware wallets look like small USB devices,

03:41

and they offer a minimalist approach to security.

03:44

This is based on the logic that the more complex a device is,

03:47

the more opportunities hackers have to infiltrate it.

03:50

In the case of hardware wallets, the device is so “dumb”

03:53

it’s practically impossible to hack or infect it with anything.

03:56

Due to that simple design,

03:58

hardware wallets can’t connect to the Internet

04:00

or run complicated apps.

04:02

They are just a form of storing your private key offline.

04:05

This approach is known as cold storage,

04:08

unlike devices that connect to the Internet, which are called ‘hot wallets’.

04:12

So how do hardware wallets work exactly?

04:15

Well, let’s say you want to send a Bitcoin transaction

04:17

using a hardware wallet.

04:19

The first thing to know is that

04:20

because a hardware wallet is such a simple device

04:22

that can only sign transactions,

04:24

it needs to use a more sophisticated computer

04:26

for all other functions,

04:27

such as preparing the transaction and broadcasting it to the network.

04:31

So in order to use a hardware wallet

04:32

you’ll need to connect it to your personal computer

04:35

and download a program that can communicate with it.

04:37

We’ll call this program a bridge.

04:40

The bridge will allow you to prepare your transaction for signing.

04:43

The hardware wallet allows only very specific types of data

04:46

to pass through to it, such as cryptocurrency transactions.

04:49

Once it receives a transaction from the bridge program,

04:52

it signs it on the hardware wallet itself

04:54

and then sends it back to the bridge program.

04:56

Your private key never leaves the hardware wallet.

04:59

The only thing that gets transferred

05:01

between your computer and the hardware wallet

05:03

is the unsigned and signed transaction.

05:05

Because of its minimalistic and simple design,

05:08

a hardware wallet can be used with any computer

05:10

without fear of being hacked or infected -

05:12

even a public library computer or your mom’s laptop :)

05:16

The only thing you’ll need to do to make sure your Bitcoins are safe

05:19

is to make sure the transaction you’re approving

05:21

on the hardware wallet’s screen

05:22

matches the transaction your bridge program is showing

05:25

on your personal computer.

05:26

Today there are over a dozen companies that offer hardware wallets on the market,

05:30

with the three market leaders being Ledger, TREZOR and KeepKey.

05:34

Each company offers different models with different features.

05:37

If you’d like to read all about the different models on our site,

05:40

there’s a link in the description below.

05:42

There are many features to compare between the different hardware wallets.

05:45

Some things to consider, aside from company reputation,

05:48

include how many different coins the device can support,

05:50

and whether you can control it from your mobile phone

05:53

as well as from your computer.

05:54

Setting up a hardware wallet is fairly easy.

05:57

The main thing to do is write down the set of words you’ll be given

06:00

when initializing the device.

06:02

These words,

06:03

also known as a seed phrase or mnemonic phrase

06:05

are a way to restore any private key your hardware wallet generates.

06:09

This also means that whoever might get a hold of these words

06:12

would also control your Bitcoin,

06:13

so it's important to keep your seed phrase written offline

06:16

and in a safe place.

06:18

Before we conclude today’s episode,

06:20

I want to go over some common hardware wallet risks

06:22

you should be aware of,

06:23

and how to avoid them when possible.

06:25

The first risk is that someone may tamper with your device

06:28

when its onroute to your home for the first time.

06:31

To avoid this,

06:32

all reputable hardware wallet manufacturers

06:34

use a special holographic sticker to prove the wallet was never opened.

06:38

If you receive a wallet and this sticker isn’t in tact,

06:41

don’t use that wallet.

06:43

While some wallets also run a self tampering test when initializing,

06:46

it’s better to stay on the safe side.

06:48

In order to minimize this risk even more,

06:50

always buy a hardware wallet straight from the manufacturer’s website.

06:54

If you want to buy from a reseller,

06:56

make sure that he’s an authorised trustworthy reseller

06:59

by contacting the manufacturer first.

07:01

Closely related to this issue is the fact that your seed phrase

07:04

should be generated at random by your wallet upon setup

07:07

and is not sent to you with the device.

07:09

There’s a good reason for taking all these safety measures seriously.

07:13

For example, one unfortunate user bought a hardware wallet

07:16

from a bad actor on Amazon

07:18

and received a wallet with a card containing a preconfigured seed phrase.

07:22

He was instructed to initiate the device using this existing seed phrase.

07:26

The user wasn’t very tech savvy and did what he was instructed,

07:30

only to find out that once he deposited coins

07:32

into that hardware wallet

07:33

they were quickly removed by the hacker that had knowledge

07:36

of the preconfigured seed.

07:38

Another risk to be aware of is that

07:40

your hardware wallet device may be stolen

07:42

or physically accessed by unwanted individuals,

07:44

also known as the evil maid attack.

07:47

Most, if not all hardware wallets today, include a PIN protection.

07:51

So even if your device is stolen

07:52

it may take the thief a while before he can access your coins.

07:56

Once you notice your device is stolen

07:58

you should immediately use your seed phrase

08:00

to recover your Bitcoins

08:01

and send them to a new wallet with a different seed phrase.

08:04

This will basically drain your stolen wallet from all of its funds

08:07

and allow you to keep safe control over your Bitcoins.

08:11

Another very unusual but possible attack is the “$5 wrench attack”.

08:16

This refers to when someone physically threatens to hurt you,

08:19

with a $5 wrench,

08:20

if you don’t hand over your hardware wallet

08:22

and unlock it with your PIN code.

08:24

In order to protect from these kinds of physical attacks

08:27

certain wallets, such as TREZOR,

08:29

allow you to add another layer of protection called a passphrase.

08:32

This means you’ll be requested to add an additional passphrase

08:35

after the PIN code.

08:37

However, you can set it up

08:38

so that different passphrases will show only certain accounts

08:41

on your wallet.

08:42

So imagine having a dummy account on your wallet

08:45

with only a small amount of coins

08:47

and a real account with the majority of your funds.

08:50

When someone forces you to unlock your wallet

08:52

you can use the dummy passphrase

08:54

and it will seem that the wallet only holds a small amount of coins,

08:57

not revealing your complete holdings.

09:00

A very common fear people usually express

09:02

regarding hardware wallets is

09:04

what happens if the wallet manufacturer goes out of business?

09:07

Well, the seed phrase technology used in most hardware wallets today

09:11

is compatible with multiple wallets:

09:13

it’s not unique to any specific company.

09:16

Therefore, if a certain company goes out of business

09:18

you can recover your Bitcoins directly to another company’s wallet

09:21

using your seed phrase.

09:23

As you probably understand by now,

09:25

your seed phrase has a lot of power

09:26

and it can be used in many cases to recover your Bitcoins,

09:30

including if your hardware wallet breaks or gets damaged.

09:33

Well, that’s it for today’s episode of Crypto Whiteboard Tuesday.

09:35

Hopefully by now you understand what a hardware wallet is -

09:39

A small device that holds your private keys

09:41

and signs transactions offline keeping your Bitcoins safe.

09:44

You may still have some questions.

09:46

If so, just leave them in the comment section below.

09:48

And if you’re watching this video on YouTube,

09:50

and enjoy what you’ve seen, don’t forget to hit the like button.

09:52

Then make sure to subscribe to the channel

09:54

and click that bell

09:55

so that you’ll be notified as soon as we post new episodes.

09:58

Thanks for joining me here at the Whiteboard.

09:59

For 99bitcoins.com, I’m Nate Martin, and I’ll see you…in a bit.