hardware wallet thoughts
2011 sats \ 18 comments \ @crrdlx 16 Dec 2023 bitcoin
Truth be told, I've never understood the allure of fancy hardware wallets. Mainly, I simply don't see how they're an improvement over something as simple as seed words stamped onto metal. Or, if you really must have a "hardware wallet," I don't see how they're better than a good old USB.
A cheap (or free if you can find a gimme) USB can hold a simple text file with your seed words or your private keys. Or, next level, you can load a wallet like Electrum onto the USB and run your wallet directly from there.
I think...
  • Fancy hardware wallets also have an app that allows one to send some hot funds while most stay cold. Okay, that's a use case
  • Fancy hardware wallets have multi-sig stuff. Okay, that's a use case too, though it sounds to me like a possible hurdle one day. Could be wrong on this though, not sure.
I'm sure I'm missing something here, perhaps something big. Still, a slab of metal and/or a USB seem useful and simple...two good things.
write
preview
related posts
427 sats \ 1 reply \ @pillar 16 Dec 2023 freebie
You are missing the point and comparing apples with flamethrowers.
The point of a hardware wallet is not to hold keys offline. It's to sign transactions while holding keys offline.
Obviously, if you don't want to sign transactions, the HW has no advantage over a piece of titanium with the seedphrase on it.
But the piece of titanium can't sign transactions. This is why people buy HW, because they want to sign transactions while keeping their keys offline.
You don't sign transactions very frequently from your cold storage, do you?
reply
0 sats \ 0 replies \ @sime 17 Dec 2023
This guy signs.
reply
100 sats \ 2 replies \ @dtonon 16 Dec 2023
The main goal of a HW is to keep the seed always offline, while make it available to sign transactions. Of course this cannot be replaced by a USB memory. Eventually a PC without any wireless hardware, that has never been online, can be a solution.
reply
10 sats \ 1 reply \ @crrdlx OP 16 Dec 2023
This is where I get confused. A slab of metal with seed words is always offline, however it cannot sign a tx. Great for long term hodling in my view.
A dedicated hardware wallet is offline, but it must connect in some way to sign a tx. In my mind, it is then not always offline. I don't see how that differs from a USB that is pulled out of a device and is laying in a desk drawer.
Maybe a hardware wallet, via encryption, can "send" info only one direction? I don't know, just thinking here.
reply
335 sats \ 0 replies \ @dtonon 16 Dec 2023
An HW receives a unsigned transaction from the wallet, signs it and sends it back. So first of all it is a computer, not just a dumb storage. The receive/send parts can be done with a cable connection, wireless (bluetooth) or better in a completely air-gapped fashion, so with qr codes or via a removable media (usually a micro SD).
So an HW is technically always offline. Even if it is compromised (hacked firmware) it cannot send the seed to a malicious endpoint. Unless the wallet on the main PC is also compromised; for this reason you should always use HW and wallet from different sources!
Instead, the first time you put your USB memory with a plain seed in a compromised PC, you are over.
My suggestion about HW is SeedSigner, paired with Sparrow. Search HM for more info. But don't trust, verify. Online there are a lot of resources from various companies about their products and the general operative logics. Thanks for time to study and learn.
reply
78 sats \ 0 replies \ @r3drun3 16 Dec 2023
With a hardware wallet, transactions are signed directly within a device with very limited attack surface.
In contrast, a software wallet involves loading the private key into the device's memory (PC, smartphone, etc.), thereby exposing it to potential risks.
Since these devices are connected to the internet and host various programs, there is a risk that a malicious actor could exploit vulnerabilities in the software and extract the keys.
As any security professional will attest, no system is entirely secure, including hardware wallets.
However, the likelihood of key extraction is significantly reduced compared to hot wallets.
That being said, there remains an issue that even hardcore Bitcoin enthusiasts often overlook: securing the seed phrase. In security terms, this is known as the secret zero problem, a chicken-egg paradox which lacks a definitive solution.
Even if you have a hardware wallet, securing your seed is crucial. Writing it in plain text on paper or metal is far from a secure method. Personally, I always aim to create multiple encrypted digital copies using strong symmetric algorithms (e.g., AES-256) and a lengthy passphrase that is easy for me to remember.
Of course, the encryption process should take place within a machine that is not connected to the internet and preferably newly created (e.g., a Linux virtual machine).
reply
10 sats \ 0 replies \ @franzap 16 Dec 2023
Assuming you don't spend in the near future:
How do you generate your seed words without a hww? Using dice entropy?
How do you get your xpub and derived addresses?
What do you do the day you actually want to spend, load the seed words into a hot wallet?
reply
22 sats \ 0 replies \ @birdeye21 16 Dec 2023
there are plenty of valid ways to move from point A to point B, but the car is optimized for day to day travel, and specifically designed to mitigate a myriad of risk factors that professionals spend more time and energy considering than consumers do
reply
21 sats \ 2 replies \ @03365d6a53 16 Dec 2023
HW wallets are designed to work when you don't trust the computer on which you are transacting
Insert that USB into an infected, internet connected laptop and your bitcoin is gone
reply
0 sats \ 1 reply \ @chairman_pretense 16 Dec 2023
Need to be careful with the false sense of security in this case. Whilst a compromised computer couldn't steal your seed, it could manipulate the transactions you sign to steal funds still.
reply
0 sats \ 0 replies \ @03365d6a53 4 Jan
true, the address should always be verified on the screen of the hw device
reply
20 sats \ 0 replies \ @quark 16 Dec 2023
It helps if you really need to make a lot of transactions with it. Convenient to use while still being cold storage. But if you are just going to hold it for years, there is no need for a hardware wallet. Just your cold software wallet is good.
reply
0 sats \ 0 replies \ @02bcd3eeb0 17 Dec 2023
a slab of metal and/or a USB can't sign transactions.
why do you keep saying "fancy"?
reply
0 sats \ 0 replies \ @PlebeiusG 16 Dec 2023
Just get a Seedsigner, watch a few YT tutorials (it's easy to use) and move on.
reply
0 sats \ 0 replies \ @Xlindo 16 Dec 2023
I think the same about hardware wallets. I like the metal one better to hold
reply
0 sats \ 1 reply \ @elysia 16 Dec 2023
Hardware wallets are fiat thinking
reply
10 sats \ 0 replies \ @sime 17 Dec 2023
How so?
reply
0 sats \ 0 replies \ @NewsnNudes 16 Dec 2023 freebie
selfmade is the way, innit!?