The Secure World of Hardware Wallets

Hardware wallets, unlike all the other kinds we have discussed so far, are a physical piece of equipment you’ll have to purchase and get delivered to your address. Hardware wallets are USB looking devices, whose purpose is to store your private key securely off the grid. The best-known hardware wallets on the market right now are Ledger and Trezor. The main advantages of hardware wallets over the other types are the fact the private keys are stored in a protected microcontroller and cannot be transferred out in plain text, their immunity to viruses and malware software that can steal from the software wallet, the fact the private key stored in the wallet does not have to touch potentially infected software thus making it less prone to viruses and hacking and the fact most of the time the software is open source, so more advanced users can inspect the code before committing to a wallet.

Ledger500 coins
100% Security^$98BUY NOW

Trezor500 coins
100% Security^$98BUY NOW

Whenever you want to do something in online banking for example, you need to enter your PIN code. Think of hardware wallets as external, physical PIN entering devices. You grab the hardware wallet to enter your PIN and move along doing what you were going to do in online banking. In crypto, the PIN is referred to as private keys. Hardware wallets protect the private key, which gives you access to your funds.

Now, in the digital world this may be a trickier task than one might think, so hardware wallets store those private keys on microprocessors. The microprocessors used to store the private key can be split into two types – the normal ones used in consumer drones, microwaves, cameras and the “secure” ones used in payment cards, POS devices, even passports. Those “secure” microprocessors are generally referred to as SE or Secure Elements.

The microprocessors used in hardware wallets are a lot more complex than the normal ones, using encrypted memory and physical reinforcement to prevent against attacks and unauthorized access. On top of all those hardware specifications, hardware wallets’ microprocessors have an operating system to control the processing environment, thus adding one more layer of security by further encryption. Some hardware manufacturers are going even one step further integrating a custom-designed operating system specifically made for the usage of their hardware wallet – the Ledger wallet is one such example.

A short overview now of three particular hardware models:

Hardware wallets are one of the most secure ways to store your crypto currencies. However, even they are not without risks. The list below discusses some of the potential problems hardware wallets might face:

• Bad random number generator (RNG) is the most plausible problem with hardware wallets. When you first start the wallet, you are presented with a seed and the private key. The private key is generated with the help of those random number generators. Now, if the RNG is not random enough it can lead to a weak link in the entire chain, thus making the hardware wallet the little bit more susceptible to attacks.
• Bad overall implementation is another reason to increase risks. The security of the hardware wallet depends on the proper implementation of the hardware components, firmware and software, so bugs in one or few of those levels may give attackers an opening to break into the wallet. This is where the tricky part comes, how can one objectively prove or disprove the correct implementation of everything.
• Compromised supply chain, as odd as it may sound is a legitimate problem with hardware wallets. Even if hardware, firmware and software are all implemented perfectly, there is still the question what is the “quality” of the “raw materials” used i.e. the chip and memory comprising the hardware for the hardware wallet. This is a problem for hardware wallets as it is for any other high risk financial or even military tech application.
• Improper shipping process may lead to initially proper hardware wallets being intentionally substituted with similar devices with backdoors or malicious components as well.

We already cleared there may be some cracks in the security of hardware walls. But what can be done to protect yourself? Following are a few of our suggestions.

In general, be very strict about security. For example, even if you are using a hardware wallet, which is very secure, the problem may come from the rest of the devices used to perform an action in the blockchain, namely a malware on your laptop may look for a high-level transaction to appear and switch the receiver’s authentic address with a malicious new address, controlled by the hacker. Even if everything with the hardware wallet itself was perfectly fine, at the end of the day you would still have suffered by this attack, so pay attention to the receiver’s address, displayed on the hardware wallet and check it by the original receiver’s address you had.

A continuation to the previous point, be wary of phishing attempts. Since hardware wallets are a bit more secure, attackers don’t want to hack you, they try to fool you with phishing tactics such as chat bots, in the official communication channels, pretending to be members of the core team giving you information or helping you and fake social media accounts impersonating either popular cryptocurrency investors or cryptocurrency pages. And of course, remember to create backups of your wallet and encrypt the wallet to provide extra security.