As the value of your bitcoin grows, so does your need for secure key storage. One such solution is a hardware wallet, a physical device that allows you to securely hold the keys to your bitcoin. But hardware wallets aren’t the only option for storing your bitcoin keys—there are also software wallets, paper wallets, and even “brain wallets.” So why specifically choose a hardware wallet?
1. Keep your keys offline, protected from remote attacks
Hardware wallets enable you to generate and hold the keys to your bitcoin entirely offline, known as cold storage. This stands in contrast to hot wallets, which are more susceptible to remote attacks such as malware and SIM swap attacks (still more secure than a custodian or an exchange!).
You can think of this as similar to building a ship in a bottle. Your wallet’s seed, which is used to generate the keys to your bitcoin, is generated inside the device and cannot be digitally exported. At no point do the keys ever leave the device. Even if a hardware wallet is connected to a virus-infected computer (which is not recommended), the keys would still be protected, often in a secure element.
When you want to move your bitcoin, you author a transaction using wallet software, send it to the hardware wallet, sign it on the hardware wallet itself using your private keys, and then send it back to the internet-connected wallet software for it to be broadcast to the bitcoin network.
2. Protect against physical attacks
If someone were to gain physical access to your hardware wallet, there are unique features hardware wallets offer that help you defend against attacks. Some of these security features include a secure element, firmware verification, and PINs for first-layer defense.
Secure elements
A secure element is a microprocessor used to isolate, store, and protect sensitive data. In a hardware wallet, a secure element provides a higher level of protection against physical compromise compared to the standard environment on a mobile phone, desktop, or laptop. For example, this makes it more difficult to compromise your device via fault attacks, side-channel attacks, and cold boot attacks.
Firmware verification
Firmware verification is a way to verify the validity of a hardware wallet’s onboard software. This protects against counterfeit versions and supply-chain attacks. Verifying the firmware ensures the use of a genuine, unaltered version of the hardware. Wallet software from manufacturers like Trezor, Ledger, and others verify the device firmware every time you connect them to your PC.
Access PINs
Access PINs in many hardware wallets help prevent anyone but the owner from getting immediate access to the ability to sign with the keys stored on the device. In most cases, the penalty for failing to properly enter the PIN over a certain number of tries is an increasing delay between incorrect guesses. With some hardware wallets, exceeding the number of allowable PIN guesses can result in a factory reset of the device or even render it permanently unusable.
Duress PINs
A duress PIN is a security feature that can help protect your bitcoin in the event of a $5 wrench attack. Duress PINs are particularly important for hardware wallets (due to them being used to secure larger amounts of bitcoin), and the available functionality is particularly robust in some cases.
For example, the Coldcard hardware wallet offers three types of duress PINs: one that unlocks a decoy wallet, one that destroys the seed upon entry, and one that creates a countdown to customizable “brick modes”. If you end up in a duress scenario, these tools offer you confidence that attackers won’t be able to access your primary bitcoin keys—if any at all.
3. Provides a smaller attack surface
It’s possible to store your keys offline with a laptop or desktop and secure them from physical attacks. However, the general-purpose architectures of these devices present a larger attack surface for skilled attackers. This means there are more ways for attackers to exploit software, firmware, and hardware to engineer ways to steal your private keys.
In contrast, hardware wallets are built with specialized hardware that simplifies their functionality to very specific tasks and limits their connectivity to the internet and other devices. Even with a secure element to keep key data behind a firewall, some hardware wallets restrict the way they physically connect with external devices—air-gapped hardware wallets primarily interface with other devices via microSD card. Many manufacturers also offer bitcoin-only firmware to further simplify functionality.
Hardware wallets may be more limited in functionality and convenience than general purposes devices, but that limited functionality also means limited vulnerability. This also has the side benefit of creating less risk for new holes to be discovered that manufacturers must plug with firmware updates or hardware revisions.
4. Prepare for increasing values
You may think you don’t own enough bitcoin for it to be worth the effort to buy a hardware wallet and learn how to securely hold your keys offline. One reason to get a hardware wallet now is to prepare for bitcoin’s upward price swings.
It’s common bitcoin wisdom to treat your holdings as if they’re worth 10x what they are today—historically, a move like this can come quickly and unexpectedly. Additionally, if your bitcoin holdings would be uncomfortably large for standard singlesig self-custody at a 10x value increase, it may be time to consider a more secure self-custody model such as multisig.
5. Confirm addresses on-device
Because bitcoin transactions are irreversible, it’s important to be certain when you send bitcoin that it goes to the correct address. This is important for both sending bitcoin to someone else and sending bitcoin to a wallet controlled by the keys on the hardware wallet(s) you own.
With software wallets, malware could replace a real address with an attacker’s address in the UI, making it difficult to verify its authenticity. There’s also “clipper” malware, which switches the receiving address in your computer’s clipboard, and other attack vectors.
Hardware wallets help with this by including a physical screen that displays the address you want to send funds to, allowing you to verify it prior to spending. As long as your device hasn’t been physically compromised, you can be confident that the address you’re shown is controlled by the keys stored offline on the device. If you’re sending funds to a remote recipient, it’s best to confirm the address you’re sending to through multiple channels.
6. An ideal environment to generate your own entropy
All bitcoin wallets depend on entropy—randomness—to generate seeds, and seeds are the master secret that generates your bitcoin private keys. Entropy can be generated in many ways, from basic on-device random number generators, to long strings of random text entry, to dice rolls or playing cards.
Dice rolls are widely considered one of the best ways to generate your own entropy, minimizing the involvement of third-parties in generating the randomness needed to initialize a bitcoin wallet. Some hardware wallets, such as Coldcard, allow you to enter dice rolls on-device to generate a seed phrase. You can press 1–6 for each roll and it will use the rolls to generate your seed.
While you don’t need a hardware wallet to generate your own entropy (you could do so on a permanently offline laptop, for example), hardware wallets uniquely allow you to do so in a way that’s convenient and secure. Generating your own entropy in the physical world can be fun and a great learning exercise, but it’s pointless without the right environment to help you preserve the marginal security you may obtain by doing so.
7. Travel more securely
Traveling with small amounts of bitcoin can be easily done with a mobile phone or another less secure device, but larger amounts of bitcoin require more forethought. Traveling with keys on a laptop computer or mobile device is risky because these devices are usually hot (internet-connected), have more limited physical protections, and have larger attack surfaces.
Hardware wallets offer convenience and security if you need to keep one or more bitcoin keys on your person while traveling.
You don’t have to worry about sketchy WiFi connections or USB ports, you can use duress features as described above if someone were to physically attack you, and you’re more protected if your device becomes lost, stolen, or confiscated (attackers would have to do defeat the hardware wallet’s purpose-built security). And they still offer convenient access if you need to spend.
8. Enhance the security of multisig setups
Multisig wallets are built by combining multiple keys (versus singlesig wallets that use just one). Requiring more than one key to spend bitcoin adds security and redundancy to your wallet, making them useful for securing larger amounts of bitcoin.
The more secure the individual keys involved in constructing a multisig wallet are, the more secure the multisig wallet is itself. Hardware wallets enable you to conveniently build a multisig wallet with clearly delineated keys securely held offline. Like with singlesig, hardware wallets also let you verify multisig addresses offline when sending bitcoin.
Using multiple hardware wallets is a natural fit for multisig because multisig is often used for maximizing security and redundancy for large amounts of cold storage bitcoin, a goal which physical devices and seed phrase backups also help you to achieve.
Start with self-custody
The first step to upgrading your bitcoin security is always to take self-custody, whether hot or cold, to eliminate the risk involved with trusting custodians such as exchanges. From there, you can explore additional security tools, such as multisig, to find the right balance of security and accessibility for your circumstances.
Originally published on Unchained.com.
Unchained Capital is the official US Collaborative Custody partner of Bitcoin Magazine and an integral sponsor of related content published through Bitcoin Magazine. For more information on services offered, custody products, and the relationship between Unchained and Bitcoin Magazine, please visit our website.