When choosing a hardware wallet (signing device) for your cold storage, it’s really important to find one from a manufacturer that has proven to be trustworthy, and the same goes for the software and the marketing team. You don’t want a setup that collects analytics on your activity, or one that stores your personal information on an insecure database that creates a very attractive honeypot.
The first one I ever used was called a KeepKey, launched in early 2015 by a company led by CEO Darin Stanchfield and CTO (this is his actual name, I shit you not) Ken Hodler. It was a slick-looking device about the size of an Apple TV remote that connected to your computer using a browser extension to view balances and broadcast transactions.
On Christmas Day in 2016, Darin was sim-swapped and hackers compromised his email account, as well as the company’s social media account, and its marketing database, exposing customer data.
In 2017, KeepKey was acquired by ShapeShift, an exchange run by Erik Voorhees, an early pioneer in bitcoin who has since pivoted to shitcoins. Within a short time, they began pushing new updates to KeepKey to turn it into a full “crypto” wallet, and replaced the original browser extension with a new website (that also doubled as an exchange) to manage the device.
By that point, I absolutely knew it was time to move on, and I opted for a new bitcoin-only device. Much to my surprise, when I first attempted to migrate from KeepKey to the new setup, I got an error saying that the transaction could not be broadcasted. I tried in a different browser, and on a different computer, with no luck. Before going into a panic, I sent an email to ShapeShift support. I got the following autoresponse from them:
“I’d like to apologize for the delay in response. As a crypto enthusiast, you must have noticed what a crazy time it has been in our industry! We’ve seen an all-time high in demand, and with it, needs for extra support.” 🤮
A few days later, a reply came, saying that there were “known issues” with the platform that affected certain legacy wallets (i.e., pre-acquisition) and that I should use the device directly with Electrum. I did some research, and after a few more days, was finally successful in getting off of this platform. It was a hair-raising moment that made me realize that even self custody has the potential to get rugged, even if you thought you were making the most informed decisions you could at the time.
Be careful out there!
I used a Trezor and a Ledger, long time ago.... for testing mostly. Once I saw that are useless for me, I gave them as a gift to a noob.
I never went to use ANY hardware wallet anymore. I have better ways.
For me... waste your money on them... more sats for me.
reply
It's part of the evolution of a bitcoiner.
reply
reply
I wish Trezor had not gone the shitcoin route, but overall feel they are a valuable group to have. Their open source libraries are what is behind a lot of other hardware wallets like Coldcard and Passport. Not sure if Seedsigner uses anything from them. Regardless, I still see value in Trezor, Seedsigner, Passport, and other bitcoin-only hardware wallets as part of a multisig setup to reduce dependency on any one vendor or component.
I haven't gone fully down the paper wallet route.
Stay away from Ledger though!
reply
If you read my guides (no joke or bullshit) you will find out that life is much easier without any hardware wallet.
People are throwing money on them for nothing. But I am totally fine with people buying expensive plastic shit, thinking that are giving them "security".... is like wearing a fucking mask in your car.
MORE SATS FOR ME SUCKERS!
reply
I'm going to read All that you have to offer. Right now I'm in two large projects but your next.
reply
reply
Subscribed.
reply
no need to "subscribe" man... it's all free just read them. I do not do this for followers or money. I just want people to use bitcoin and learn more about
reply
Do you consider Seedsigner in the same category?
reply
Thoughts on how even Luke Dashjr managed to mess up a non-standard cold storage setup and be hacked?
reply
I found quite strange that story. I incline to think it was just another "boating accident" method.
reply
You really should not “leave” your keys in the wallet. Generate seed, write it down, wipe. Recover whenever you need to do tx, do the tx, wipe. For the hodl stash it definitelly should not be this easy tho but the wipe step is always mandatory.
reply
This is the most important function of a hw device, generate a secure seed offline. Why would you leave it on there?
reply
Exactly. Daily tipping, small cash in mobile wallet. Mid-size stash for trading / few months of expenses in single sig offline wallet with easy recovery but always wipe. Hodl stash always multisig or whatever treasure hunt scheme.
reply
Mfers would rather spend hundreds of thousands of sats on an artisan calculator than use TailsOS on a USB or a spare phone from the phone drawer.
reply
Hundreds of thousands of sats is nothing when you're trying to secure tens of billions of sats.
reply
You're not wrong, but DIY is scary for newcomers. Now I'm building nodes and consider myself experienced enough to do this stuff on my own.
reply
Its only scary because hardware wallet manufacturers spread fear to sell more ewaste
You'll never hear an influencer read an ad for a DIY solution. That's not because the DIY route is difficult. Its because they won't get paid to shill DIY.
reply
deleted by author
reply
What about the "airgap" ?
reply
Mfers actually think you need to spend hundreds of thousands of sats to airgap
TailsOS starts in offline mode by default and has electrum preinstalled.
Install grapheneOS on an old android and never connect it to WiFi. Sideload Samourai wallet and shuffle PSBTs over USB. .
reply
Ideal: Hodl amounts:
  • Seed generated randomly with dice, using SeedSigner or Coldcard offline to generate it from your dice. Add a passphrase.
  • Generate an xpub/ypub/zpub from these, which you can use to add funds in a way that doesn't expose the secrets.
  • Store the secrets (seed and passphrase) in a secure place using engravings in metal (maybe washers attached to a screw, or plates).
Spendings / amounts you can't stand to lose
  • any hardware wallets are fine for that purpose
  • lower risk having the seeds still on the device
  • can still use passphrases and other security methods
  • Lightning wallets are for excellent even lesser amounts
reply
When did you do this And what did you do to migrate? Do you mean sweep it to another wallet? I have a keepkey also 👀
reply
There is a guide here showing how to connect the device using Electrum. https://shapeshift.zendesk.com/hc/en-us/articles/360060952191-Electrum-Integration-with-KeepKey
reply
I share similar sentiment. If hardware wallet contains private key behind some pin number, its always security-by-obscurity.
Obviously it's VERY OBSCURE (like you need research team and some ultra precise laser slicing machine to break it), but still security-by-obscurity. Everything that exists as a physical object in physical reality is breakable somehow.
I lean towards SeedSigner.
reply
How does seedsigner help with that besides privacy and diy?
reply
Seedsigner is ONLY for signing. It doesn't store seed on-device. If you turn it off memory gets wiped.
It ofc means that storing/securing seed is a separated responsibility in SeedSigner setups. So it's part of a tradeoff here.
I'd say it's suitable for ultra-cold-storage setups where you transfer out funds very rarely. Because it's poor UX to provide seed everytime you make transaction.
reply
Thanks didn’t know memory got wiped after. That’s great.
reply
An old phone...something with good security like a pixel can be used offline with blue wallet to make a cold storage wallet. Bonus too that it doesnt look like anything special 🤙
reply
You didn't have the keys on paper ?
reply
Do you need help? We got a lot of do it yourself guides out there and that practice (even if you don't ultimately use it after setting it up) will help you understand self-custody in a way that you can't be rug pulled (no reliance on customer support, no reliance on company software updates, and full understanding of how to take care of yourself)
reply
No, I’m good now. Thanks! But please do link your guides so others can benefit from them.
reply
Also, sparrow actually shows you what all the parts of a Bitcoin wallet are (derivation path, xpub, script type, seed phrase) when you create wallets with it.
Also, I need to add this to the repo. We have wallets with bad entropy from time to time: https://armantheparman.com/dicev1/
reply
The instructions on GitHub for hardware wallets is fun to read.
The guide goes like: "How to assemble SeedSigner", while any other is: "How to rip off component X from device Y'. 🤣
reply
Signing device companies keep putting wireless on their devices what else is there to say XD
reply
They might be better off making custodial services instead of deceiving people, it would be clear what their true objective is...
reply
deleted by author
reply
deleted by author
reply
Very good suggestion, it's something I didn't want to approach until I had done enough research but now it seems like the best time.
reply
deleted by author
reply
deleted by author
reply
deleted by author
reply