The Hardware Wallet Supply Chain: A Ticking Time Bomb?
Let’s face it: we all want the peace of mind that comes with securing our Bitcoin, and most of us, myself included, have succumbed to the allure of hardware wallets. They offer that warm, fuzzy feeling of "security." But, have we ever stopped to think about where that fancy little gadget comes from? Who made it? And what devilish surprises might be lurking under its sleek, polished shell?
We Bitcoiners love to talk about decentralization, personal responsibility, and trustlessness. Yet, when it comes to our hardware wallets, we willingly place an enormous amount of trust in supply chains we know absolutely nothing about. Were the chips made in Switzerland? Is the lay-out of the PCB (printed circuit board) made in Nigeria, Belgium, South-Korea or Texas? What do we really know about the secure element chip that supposedly keeps our funds safe? And generates a seed phrase? Is it really secure? Or are we, in fact, trusting the very people who might just have a backdoor key to our vaults? Or even worse; are out to get more and more people to use hardware wallets (lots of ads these days for that) in order to lock as much supply in Bitcoin as possible on "their" devices.
The Paranoia is Real
If you think the idea of someone tampering with your hardware wallet in the supply chain sounds far-fetched, let me remind you of a little-known historical nugget: government agencies have been infiltrating hardware manufacturing for decades. In recent examples, in Libanon, the walkie-talkies, and even beepers were fitted by "some entity" with explosives. Sometimes hundreds of thousands of units were compromised with live explosives — so don’t think for a second that the same couldn’t happen to hardware wallets in some other way!
Devices were disassembled, tampered with, and then neatly reassembled, ready to be shipped out to unwitting customers. All of this was done at a grand scale by people with a lot more patience, time, and resources than we can imagine. If a government can pull off infiltrating something as benign as a walkie-talkie, why wouldn’t they do the same with hardware wallets, especially when the stakes are so much higher? It's a LOT more cheap to sabotage our bitcoin network through hardware device sabotage than through trying to control mining.
But My Wallet Is “Secure”
Ah yes, the famous secure element chip in your hardware wallet. It’s the centerpiece of every hardware wallet marketing pitch. Supposedly, this little marvel of engineering ensures that your Bitcoin keys are generated in a way that’s tamper-proof. But do you know who made that chip? How do you know it hasn’t been compromised somewhere along the supply chain? The truth is: you don’t. It could’ve been swapped out for a less secure version, one that’s designed to generate seed phrases that fall within a specific, predictable range of possibilities. Or, why not leak your data whenever possible, or brick your device.
Imagine, for a moment, that an attacker has knowledge of these “less secure” seed phrases. They don't need to brute force the entire possible range of seed phrases, just the compromised range. In this scenario, your private keys aren’t all that private anymore, are they? And the worst part? You wouldn’t even know it. One day, the attacker decides they have enough percentage to do damage and they pull the trigger, like it's a series of beepers in the Middle-East.
You may argue that such an attack is improbable or that hardware wallet manufacturers are doing a bang-up job ensuring supply chain security. But, if we can’t even figure out where most of our everyday electronics come from, how can we possibly be certain about something as niche and as specialized as a hardware wallet?
The One-Shot Attack: Nightmare Fuel
But let’s get a bit more creative. What if attackers didn’t need to swap out the chip to exploit you? What if they could wait until your shiny, trustworthy hardware wallet is finally connected to your computer? It’s not like you’ve never done that, right? You just wanted to move some coins around, so you plugged it in for "a quick transaction." (I’ll be the first to admit, I’ve done it too—it’s just so convenient, and more easy than to write signed transactions on an SD card and importing them elsewhere.)
Now, imagine this: the minute your wallet connects, it executes a pre-programmed, one-shot attack. Maybe it wipes your seed phrase from the wallet, performs unauthorized transactions, or sends your private keys over the internet to some shady entity watching your every move. Poof! Your Bitcoin is gone, and you’re left wondering what on earth happened. And you'll be left with a backup of a worthless seed phrase.
Sure, you might argue that “true” cold storage means never connecting your hardware wallet to the internet. In theory, you’d be right. But come on. Most of us plug it in because, let’s face it, we’re lazy or just want the convenience of managing our funds without feeling like we're in a Tom Clancy novel.
Transparency is a Pipe Dream
So, what’s the solution? Transparent, auditable hardware wallets? In an ideal world, that sounds fantastic. Unfortunately, in today’s reality, it’s a fantasy. As long as manufacturing is outsourced to various obscure factories, and components are produced across multiple countries, full transparency will remain an unattainable goal. Setting up our own Bitcoin-exclusive chip manufacturing plants? Good luck with that. I’m sure the some three-letter agencies and a handful of other interested parties will be more than happy to leave us alone while we build the Bitcoin hardware utopia.
Until then, we’re left with opaque supply chains, and each of us is basically hoping we’re not the one who gets the compromised hardware.
Low-Tech is the New High-Tech
So what’s the answer? Honestly, it might just be ditching hardware wallets entirely. Maybe the ultimate security isn’t in relying on some fancy gadget but in going completely analog. Write your seed phrase on a piece of paper or engrave it into a metal plate. Tuck it away somewhere safe and trust no one. No supply chains, no chips, no fancy tech. Just you, your seed, and cold, hard metal. Sure, it’s not as flashy as that shiny Coldcard or Ledger, but you can rest assured that your seed phrase won’t magically disappear in some one-shot attack or become vulnerable to compromised supply chain espionage. We need more investment in Shamir Shared Secret in my opinion, a fairly low tech way to secure seed phrases that don't depend on hardware in essence (but that's a different subject, where we should rely on open-source code only and NO hardware).
It may seem inconvenient or outdated to go fully low-tech, but is it any more absurd than trusting a global supply chain we can’t monitor or verify? Don't trust, verify... we all do it. Except for hardware wallets.
Conclusion: Let’s Not Kid Ourselves
The supply chain for hardware wallets is mostly a black box, and anyone who tells you otherwise is selling you a dream or handy marketing gimmick. ("Hi there, coinkite") . Governments and malicious actors have been infiltrating supply chains for decades, and there’s no reason to think that hardware wallets are immune, the recent explosions in the Middle East, can be a rather grim reminder of that.
Until we get transparent and auditable hardware (don’t hold your breath), the safest bet is to go back to basics. The paranoid might just be the last ones standing when the hardware supply chain bomb finally ticks down to zero.
So next time you reach for that wallet, ask yourself: "Do I really trust this thing?"
Imagine, for a moment, that an attacker has knowledge of these “less secure” seed phrases. They don't need to brute force the entire possible range of seed phrases, just the compromised range.
That's why you roll the dices yourself. Also verify off-device that it follows the seed-from-rolls standard (manufacturers provide code to verify it)
What if they could wait until your shiny, trustworthy hardware wallet is finally connected to your computer?
That's why you never connect it to computer. Only communicate through air-gapped medium like camera+qr_codes.
The supply chain for hardware wallets is mostly a black box
What about using generic hardware like rasberry_pi + seedsigner? Those devices are not build for bitcoin keys. Supply-chain attack probability is significantly reduced.
reply
Yes, absolutely, Seedsigner is the way. Not promoted, not marketed, doesn't have piles of ads on bitcoin podcasts.
But it's the real thing.
There's also a telegram forum, they're very friendly if you have questions: https://t.me/joinchat/GHNuc_nhNQjLPWsS
reply
Eventually you need some type of hardware to create your wallet and therefore seed.
Using HW devices (air-gapped) provides a secure way to do this. With an added bonus if you use a great amount of entropy and verified that some of aspect of the device are not compromised. You will be good.
You could further add to your security by adding multisig from different vendors, including the ESP32 modules.
True. Paranoia is a good thing, but not so much that you shoot yourself on the foot.
Great post btw.
reply
21 sats \ 0 replies \ @ken 19 Sep
If I could make a bet that a state actor has compromised a major hw manufacturer, I would take the bet every time.
An attacker like that would passively wait to pull the trigger.
It's scary and it's bound to happen eventually. Pagers suddenly exploded, so why can't coins suddenly move?
reply
if you want to make a paper wallet, you can also go down the paranoia rabbit hole about the rng software you use for the recovery seed and if it's truly rng.
matthew kratter had an interesting video on this topic
reply
Yeah... Once i realized this i switched to completely airgapped seedsigner... We all should i guess...
reply
This is the reason I like ESP32 open-source wallets more. It's a bare-bones mass-produced module that can be easily inspected. Since it's a universal purpose board, its specific use can't be traced, and tampering millions of modules would imply making obvious visible changes. Ultimately they would need to weld tampered processors on all shipped modules, all over the world. The architecture of the ESP32 processor being open-source itself allows to standardize testing procedures. All of this is why I'm convinced open-source hardware and software are going to be the standard in the future, because they eliminate single-points of failure.
reply
Dont we all worry sometimes that are wallets arent secure? Its just that lingering thought in the back of our minds.
reply