Hardware Wallets. What is it and why do you need this?
Hardware wallets is a small devices that help you keep your bitcoins in safe. The hardware wallet generates your private keys securely in an offline environment.
Many online wallets generate private key on internet and left some information about user so hackers can use that information to hack wallet and steal your bitcoins.
Hardware wallet generates your private keys securely in an offline environment.
They have most of the security of paper wallets in that they are only vulnerable to physical theft but remove the process of having to load the private key in wallet import format to some software which is exposed to online vulnerabilities.
Hardware wallets are in two parts – one connected device and one disconnected.
The connected wallets use public keys and perform all the function of standard wallet by choosing which transactions to sign. However it can’t sign it as the offline device holds the private key.
Hardware wallets — physical devices created to keep your cryptocurrency safe. Some online wallets also support hardware wallets.
Most of hardware wallets:
- Generate and store on the device a private key
- All the operations and transactions are executed on the device. It can display only the result of it: a hash of each operation.
- Have a screen to display some information
- Have one or more physical buttons
- Display transaction information
- Require a manual confirmation of an operation using a hardware button
- Allow to create a backup of private keys if the device is broken, lost or stolen
- Require to install manufacturer-provided software
- Works on all modern versions of Windows, Linux, MacOS
- Doesn’t work on Android
- Doesn’t allow to install any software on the device
- Require to set up a PIN code (or even multiple PIN codes)
- Support only few top cryptocurrencies
Risks and Possible Vulnerabilities of Hardware Wallets
At present there is no one known tokens stole from a hardware wallet. In spite of the fact that they appeared quite recently, they showed a good security level.
However, it’s important to understand that using a hardware wallet couldn’t be a silver bullet. There are few possible vulnerabilities. It’s important to take it into consideration choosing a hardware wallet and how much tokens you are going to store on it.
Replacing receiver’s address. A hardware wallet can not prevent you from sending your tokens to a wrong address. For example, a virus on your desktop can track your transactions and replace the destination address one it detects a large transaction. To solve this problem, it’s recommended to use a 2 Factor Authentication to confirm a transaction.
A bad random number generator. Hardware wallets depend on their intern random number generators. Unfortunately, to generate a real random number isn’t that easy. A bad random number generator can create such values that could be predicted by a hacker.
Bugs. The security of any system — hardware or software is based on the quality of its realization. Hardware wallets are not an exception. Firmware bugs could give to an attacker the access to internal structure of a wallet.
Compromised manufacturing process. Even an ideal firmware and hardware can’t prevent from an intentional or an unintentional intrusion during the manufacturing.
Compromised delivery process. During the delivery, it’s even easier to remove or replace some hardware or software elements so that it won’t be evident to a customer. According to some sources, many governments intercept and change different hardware products to open a backdoor.
So, using a hardware wallet can’t prevent you from all risks but a choice of a trusted manufacturer with a good reputation can help to protect your wallet from much more vulnerabilities comparing to software wallets.
It seems the ideal solution is to use an open source software together with an open to general use hardware such as Raspberry Pi or Arduino and a trusted source of the entropy such as a dice.