WTF is a hardware wallet, and why should you have one ?

in bitcoin •  2 years ago 


Source

Why not a Trezor?

I was on the fence with the Ledger Nano S and the Trezor for a while, I ended up going with a Ledger Nano S. The Trezor is a really popular device, but the Ledger Nano S seems to have better recommendations. I know not everyone will agree with this, but I think you are good to go either choice. The deciding factor for me was the previous exploit with Trezor where anyone can not only see your bitcoins but can actually steal them inside of 15 seconds just by having physical access to the device. I know every device can have vulnerabilities, but that was just too huge. It was patched in version 1.5.2.

The other deciding factor is it showed up for a brief second at $75 USD on Amazon Prime, they range from $75 USD to $300 on Amazon and frequently out of stock at anything sub $100. At $75 they are roughly the same price as shipping from Ledger directly after you factor in Euro conversion and the crazy shipping rates from Paris. I'm keeping an eye out for when another one is available.

I still want to try a Trezor and will try to get a hold of one to compare them. They are very popular, likely for a reason. I just have a hard time getting over how bad that previous exploit was.

Hardware wallet?

At some point in your life, when your shit coins mature you should consider getting a hardware wallet for cold storage. Before I go further, let me explain the difference between cold storage and a hot wallet and why this is important.

Hot Wallet

A hot wallet is similar to the wallet in your back pocket or in your purse. You use it for day to day activity and has enough spending money to handle anything you may need in the next few days or even a month. If you lost anything stored here, you wouldn't miss your mortgage payment. Meta mask for Ethereum and Bread Wallet for Bitcoin are good examples of hot wallets.

Cold Storage

Cold storage is what paper, hardware, and air-gap wallets try to solve. These wallets are designed for long term storage and/or highest levels of security. As a shit coin connoisseur I have to be my own bank. I am not protected by FDIC for $250,000 per account. If someone gains access to the keys to your wallet, hacks the Exchange your coins are stored on, or the Exchange decides to freeze your account, all your shit coins are gone. If you don't own the keys, you don't own the shit coins.

A simple solution for cold storage is a paper wallet, printing out the 12-24 seed words required to unlock your wallet. A paper wallet doesn't need to be paper, a popular option is a Steel wallet holding your seed words that can survive a fire. A paper wallet is an extremely secure method of securing your coins from all methods of attach except for physical access. If the paper wallet is lost, so are all your funds. Another advantage of a paper wallet is you can set it up right now and have it ready in five to ten minutes.


Source

An air-gap wallet is a machine or mobile device without Internet connectivity that is used to sign transactions but has no network connection. If you ever watched Battlestar Galatica, they used an air-gap network to prevent the Cylon's from compromising their network. There are wallets that can work in offline mode to sign transactions which later can be transfered via USB stick or other physical means. The important thing with an air-gap wallet is that the keys never leave the device, and they are never available on a networked device.

Hardware wallets are likely the most popular cold storage devices, but I'd question that claim as paper wallets are very popular. Hardware wallets act like an air-gap wallet where the keys never leave the device, and it is used to sign transactions via USB port connected to a hardware device.

The hardware devices are secure devices with very little interface to the real world. They typically have a small screen and two buttons and that is it. The only purpose of the screen and buttons is to enter your private pin and to select which wallet you want to access. The pin is the only way to access your funds once the device is initialized with the seed words. With a hardware wallet, you still have the physical access security concerns that come with a paper wallet. If anyone can read the seed words, they can access your wallet and ultimately your tokens.

A hardware wallet offers a little better security than a paper wallet as the seed words are not required once you initialize the device. You only need them if you have to recover your wallet or replace your hardware device. Day to day use only requires your pin, which should be something you remember and don't need to write down for daily use. This minimizes the amount of times your seed words are exposed to any third party.

Hardware wallet is only for Bitcoin right?

No, you can store quite a few coins in a single hardware wallet using a single set of seed words and accessed via your one pin code. At this time, the Ledger Nano S supports all the following tokens:

  • Bitcoin
  • Bitcoin Gold
  • Bitcoin Cash
  • Dash
  • Dogecoin
  • Ethereum
  • Komodo
  • Litecoin
  • Stratis
  • ZCash
  • Hello
  • Ripple
  • PoSW
  • Ark
  • Ubiq
  • Expanse
  • PIVX
  • Stealthcoin
  • Vertcoin
  • Viacoin
  • NEO
  • Stellar
  • Digibyte
  • HCash
  • Qtum

As you can see, the device can store a ton of different coins and more are added on a regular basis via hardware updates.

One limitation I noticed immediately with the Ledger Nano S is you can only have 4 apps installed. Each app represents another wallet, like Bitcoin, Etherum, Bitcoin Cash, and ZCash are my current selections. It only takes 5 seconds to remove and add a different application, but it is annoying. Your coins are still safe, it is just a convenience thing. The limitation on the Trezor seems to be much higher and may end up being a deal breaker for me. At minimum I would like access to Bitcoin, Bitcoin Cash, Litecoin, Ethereum, and ZCash.

One big advantage of a hardware wallet is you can use it as a Fido U2F device. U2F is a universal two factor hardware device. For example Google allows you to use a Fido U2F as a backup second factor authentication if you are unable to access your Google Authenticator device or as the primary second factor if you don't need to use devices that don't support hardware USB devices.

This is a huge advantage as Google Authenticator has no backup and if your phone is lost, stolen, corrupt, broken you can be locked out of all accounts that use it as a second factor. I believe there is going to be a large amount of users very pissed when their device is lost, stolen, or broken and they lose access to all accounts secured by Google Authenticator. There is no recover option outside of using backup codes for every service you use two factor with. You can also use these devices to with SSH and PGP encryption, although I don't think many do this.

What if I lose my hardware wallet?

Both the Ledger Nano S and Trezor are able to be recovered via the seed keys, either with another Ledger Nano S or Trezor, or any software wallet that support BIP39/BIP44. In fact, you can restore a Ledger Nano S to a Trezor device and vice versa.

I will get a Trezor when I have the ability to get one, they are currently on back order until Febuary 2018. Hopefully I can get one sooner, the only real issue I have right now that makes me want to try something else is the 4 active wallets.

themarkymark.png

My recent popular posts



Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

I hope Ledger wallet can extend their support for steem storage as well. So far I am using it to store my bitcoin, ethereum and ripple.

There are other options as well but we can only store 5 coins at a time so I am researching and will add 1 from Ark or Pivx very soon.

It can only store 4 coins as far as I can see.

Thanks @themarkymark.... just realized it's quite important to have this hardware wallet. Will sure to buy one !

dude, thanks, i was just looking and ledger nano S on amazon.com, and then saw an episode of "CryptoVerse"on youtube, dude seemed pretty cool and is a steemian using ledger nano. i'm kinda jumping ahead of myself because all i hold is STEEM, but it would kind of push me to get more diversified // peace out / resteem / perfect article !!

is it right

Technically, can there be a wallet that stores just about any coins?

As long as support is added yes but there is new coins daily and most of them are not worth the effort and these devices have limited space.

Hmm, so if it's not a hardware wallet, let's say a universal wallet proposed by the likes of http://ethos.io/ is ultimately very unsafe?

I am not familiar with that wallet, but many of the software wallets are in fact unsafe. For example Jaxx a very popular wallet has had issues and you never know what may crop up at any point in time.

I use Bread wallet for the iPhone because I know it has a very good track record, but I wouldn't touch any wallet on Android due to security concerns with Android in general.

It's good to know I'm not the only one with all the questions (-: In an evolving universe, there are more questions than answers / awesome times

thank you for the information and understandable article! give you an upvote.

(Upvoting this comment will help street children of Manila, Philippines this Christmas season) Docu here: https://steemit.com/life/@rashley01/iskolar-marie-simple-wishes

Bought myself a Nano Ledger S for Christmas :) Will set it up asap :) Great article! I'm glad I learned about the meta mask app (though it seems the name has changed to Ethereum Wallet (can u confirm?)

I will definitely try
useful article

What do you think about the bitcoin depreciation? Will it rise again?

Yes, but I think there is a near future where Bitcoin Cash overtakes Bitcoin. Bitcoin is having a lot of issues right now, and I don't see any progress to a solution.

Then again, refer to my advice What every investor should know

thank you so much. you are very knowledgeable about this issue 😊

Nah. Just got lots of opinions.

Thanks for info. A lot to take in for novice.

I see dogecoin 😋

If you ever watched Battlestar Galatica, they used an air-gap network to prevent the Cylon's from compromising their network.

See, now I understand it. :)

Thanks for the in-depth review. I am actually thinking of getting one because most of my shitcoins that are not steem are on exchanges or hosted wallets right now, and I am not loving it.

sounds like a hassle

Life is full of hassles.

This post has received gratitude of 2.46 % from @appreciator thanks to: @themarkymark.

steem is on fire....
i think steem is crypto king :)

Nice write-up. Just picked up some trezors myself, so I look forward to a review once you get your hands on one.

Nice, where you get them?

Direct from trezor.io

I looked earlier and said Feb 2018 :(

Thanks for this @themarkymark. I have been looking into the hardware wallets, but I don't know anyone who has one.
This is super useful for me.

I need to bite the bullet and get a hardware wallet. I've been doing the paper route 🗒️. 😔

I tried a method for creating a slightly less hot wallet, but I'm not sure the efficacy.

Thanks for the review on Ledger @themarkymark.

interesting​ post i go to get one , follow you

thank you very much for being a very helpful and understandable article .

Oh i see. Now i know more abt it. I will buy one when I have invested quite an amt maybe. For now I only have very small investments so I don't think I will need one yet. 😁

Reading this post of yours which I'm sure is still very helpful to those who wants to gain/increase knowledge about these sorts of info. Thank you.

How easy do you think it is to tamper with a ledger nano before it is shipped and then one day the use the recovery phrase to steal all your coins?

How can you trust them?

The key thing with these devices you have to make sure you initialize the device yourself, this sets the seed words and thus the encryption key.

This is very safe, but there is a tiny chance someone has created some sophisticated clone but that would take megabucks to build something like that. Buying from a reputable source (new) is very safe.

I now own Trezor and a Ledger, and I very much prefer the Trezor. Much better experience. Only problem is the lack of native ETH tooling, you have to use MyEtherWallet which I am not happy about, but they will have a native ETH tool soon.