How To Choose A Cryptocurrency Hardware Wallet?
There are two golden rules for how to choose a cryptocurrency hardware wallet.
- Rule number 1 - Security is the most important consideration.
- Rule number 2 - Refer to rule number 1.
Yes, convenience and usability are important, but there’s nothing more inconvenient than losing your hard-earned coins, so design considerations should make using a hardware wallet simpler, without compromising security.
If you think price should be the primary filter when comparing cryptocurrency hardware wallets, then you’re probably not ready to buy one. Price matters - and we’ll try to help understand how much - but it shouldn’t be at the top of your checklist.
The main criteria that we can use to compare hardware wallets of cryptocurrencies.
- How well they protect you from malicious external threats
- How well they protect you from yourself.
- How tailored they are to your specific user needs, without compromising security
- Do they justify their price tag?
There are a growing number of hardware wallet brands fighting it out to prove they can combine safety and usability, at an affordable price.
I. Protection from malicious external threats
It should be no surprise that security is the key consideration when choosing a cryptocurrency hardware wallet. Though illicit activities represented just 0.34% of all crypto transactions in 2020 according to Chainalysis, that still amounted to a massive $523million in stolen crypto. In April 2021 one Coinbase user alone lost $11.6million in just 10 minutes to a fake notification scam.
With so many bad actors on the prowl, the first security consideration of your crypto hardware wallet is how the device protects you from malicious external threats, intent on stealing your cryptocurrency. This should focus on two areas:
- Reducing the attack surface
- Secure Key Generation
Reducing the online attack surface?
Attack surface has nothing to do with soccer tactics. It is a fancy tech security term that describes the sum of entry points where an attacker might try to gain access to systems or data.
Cryptocurrency hardware wallets have to interact with blockchains via the internet to enable you to transact. Most devices rely on a USB connection or BLE - Bluetooth Low Energy - creating a potential attack surface at the point of connection, turning the wallet from cold storage to hot.
The ideal is a hardware wallet that is 100% offline. The only way a cryptocurrency hardware wallet can be 100% offline is if the method of communication is one-way via QR Code, rather than USB or BLE, which tends to be the standard.
Only a few models of hardware wallets have such an "air gap", which guarantee the coldest storage of your crypto assets. These wallets are called "air-gapped hardware wallets".
See the table below.
The most popular air-gapped hardware wallets
These wallets have a built-in USB-C port, but this is isolated from the rest of the device - so the device remains offline - and is used for just two things only: charging and firmware updates.
Firmware updates - accessing newer versions of the device’s operating system - are another potential attack vector, as operating systems are regularly patched and improved. Look for the highest level of firmware/OS security known as the Evaluation Assurance Level (EAL). It runs on a scale from 1-7, with EAL7 being the highest.
The NGRAVE ZERO’s operating system is rated EAL7 - for comparison banks and governments are typically EAL5 certified - and firmware updates will be cryptographically protected and only available through the NGRAVE website.
Protection from malicious external threats
Reducing online attack surface:
The entry points for an attacker to try to gain access:
- No WiFi
- No USB
- No NFC
- No Bluetooth
- Only QR-code
Reducing physical attacks:
The risk of someone tampering with your device before or after it is in your possession:
- anti-tampering
- optional passphrase
- secure element
Guarding against physical tampering
Attack surface relates to the online threat of unauthorised remote access via the internet. A cryptocurrency hardware wallet should also employ countermeasures against the threat of physical compromise. This should cover both the risk of someone tampering with your device before you receive it, as well as once it is in your possession. Measures should include:
- Anti-tampering - A comprehensive framework to ensure the device hasn’t been compromised before you receive it. Tamper evident package stickers aren’t enough.
- Optional Passphrase - The option of adding an additional layer of security
- Secure Element - A chip that is by design protected from unauthorized access and used to run a limited set of applications, as well as store cryptographic data.
Secure Key Generation
Private Keys/Seeds provide the impenetrable cryptographic wall that enables crypto to work in a trustless way. They are, ultimately, what your cryptocurrency hardware wallet should be protecting, but some devices fall short of best practices in generating them. Here are three things to look out for:
- Weak key generation - Some methods for generating keys are completely outdated
- TRNG Backdoors - Seeds should be generated randomly, but the chips used for some of the True Random Number Generators (TRNGs) in popular hard wallet manufacturers may be exposed to backdoors, allowing prior knowledge.
- Take-it or leave-it Seeds - If you have no choice but to accept a Seed generated by the hard wallet you are at risk if the manufacturer keeps a record. This is considered a feature of BIP-39 where the last part of the wordlist serves as a checksum of the entropy contained in the preceding words. It may actually be more of a bug.
Avoid getting a Hardware Wallet with weak key generation
Some devices fall short of best practices in generating Private Key/Seeds
- Outdated methods
- TRNG Backdoors
- Predetermined Seeds
II. Protection from yourself
What you may not have previously thought of as security is how a cryptocurrency hardware wallet protects you from yourself.
It’s an in-joke among tech support that the majority of the cause of a problem is found between the keyword and the computer. So when assessing security criteria for crypto hard wallets you should consider how the design and usability of a hardware wallet help you avoid making mistakes.
This is especially relevant because hardware wallets can be described as a discontinuous technology. This means that they scare newbies because they don’t look, function or even sound like devices consumers are used to for storing money.
They introduce completely new concepts - like Seeds & Private Keys - so usability is an especially important security consideration in stopping you from shooting yourself in the foot.
One of the common reasons crypto newbies give for being shy of cryptocurrency hardware wallets is not trusting themselves to protect their Seed. This is understandable, as with great power, comes great responsibility.
There is no getting away from the fact your Seed is the only recovery failsafe you have for funds stored in your hard wallet. Securely storing a copy is crucial; use SWOF analysis to judge:
- Shockproof
- W
- Offline
- F
Too many crypto users think it's okay to store a photo of their Seed on Google Drive or iCloud. This poses a threat from hackers and malware and provides no redundancy if you lose access.
Given how offline Seed protection is such a key point of failure, it is surprising that the default approach from major crypto hardware wallet vendors remains to provide a few flimsy paper recovery sheets that fail on three of the four SWOF criteria.
The best way to secure a Seed is to engrave the phrases onto a metal sheet, but not just any metal, one that is resistant to heat and corrosion, so stainless steel is a good standard.
Punching your Seed into a steel sheet ticks the SWOF box and can mitigate against a lot of self-inflicted errors, but it still represents a single point of failure, lose it and you risk losing your coins forever. If you make a backup, you are doubling the risk of exposure. There is no absolute solution to this problem of infinite regression, but NGRAVE has come up with a unique approach.
When you buy the NGRAVE ZERO you also get a two-part system for Seed storage - GRAPHENE - featuring two stainless steel sheets and an automated punch pen, so you don’t need a qualification in engraving. The top sheet contains 16 columns and 64 hexadecimal values (0-9, A-F) creating 256bit security (16*64).
The automated pen allows you to punch the values associated with the holes on the top sheet into the base. Together they reveal your Seed, but on their own, each part reveals nothing.
If you lose the top sheet, there is a recovery process (via a Unique ID) but the base sheet has to be your responsibility, otherwise, NGRAVE will become a point of weakness and undermine your security.
The focus on durability should also extend to the device itself. Most cryptocurrency hardware wallets are the size of a USB memory stick you might get as a freebie at a conference, and just as flimsy, made from plastic and/or brushed stainless steel.The more durable the device, the less likely you are to damage or break it, which will save you the hassle and cost of a replacement.
III. Hardware Wallet Convenience & Usability
Once you’ve satisfied yourself that a cryptocurrency hardware wallet ticks all the security boxes you can then - and only then - move on to considering convenience and usability.
This might hinge on the kind of crypto user you are because some crypto hardware wallets are designed for infrequent transacting, which is fine if you are a hodler, but far from ideal if you’re active in trading, Defi, NFTs or all the above.
The early versions of hardware wallets operated via desktop-only software, but given the ubiquitous nature of mobile usage, a Mobile App must be considered a standard, so long as this doesn’t create an attack surface (as discussed above) - so again look for a QR Code connection.
Once you find a crypto hardware wallet that ticks all security boxes , you can start considering convenience and usability:
- Mobile App
- Range of coins
- Compatibility with web3 wallets
- Tax services
- User Interface
- Battery life
Hardware wallet convenience and usability.
So far we’ve overlooked that we are talking about a wallet, with all the function expectation that entails. How does it handle sending, receiving, account creation, and setting fees? And what about the range of supported cryptocurrencies and the support for NFTs?
More important still, given the growth of Defi, is compatibility with the standard in web3 browser wallets - MetaMask, but without any compromise in security. These considerations shouldn’t trump security but in a world of ever-increasing chains and coin standards, it's worth considering how future-proof a crypto hardware wallet is.
You might not have expected the cryptocurrency hardware wallet comparison to mention taxes, but like or not, the taxman is paying increasing attention to all the money being made in crypto. There are an increasing number of services that can help calculate your tax liabilities but they rely on support from popular exchanges and wallets; it’s worth checking whether the hardware wallet manufacturer has compatibility with tax services on their radar, especially if you’re likely to be making a few hundred transactions, as without an automated option, the process can be painful.
If you’ve done some research, and looked at images of some of the popular cryptocurrency hardware wallets, you might be surprised by how small they are and how small the read-out is. Again, this might be a throwback to the days before hard wallets weren’t compatible with frequent transactions, but the small screen and buttons mean they are pretty damn fiddly.
Pay attention to screen size and quality. How bright is the display and does it feature a touch-screen or support Biometrics? This will not only have a huge impact on how easy the device is to operate but provide another tick on the security front, as well as minimising fat-finger mistakes.
Though we are talking about a high-end piece of technology, don’t overlook the more mundane consideration of battery life. Cryptocurrency hardware wallets need a power source, and though you are unlikely to be creating significant aggregate demand, it would be reassuring to know the battery is using ultra-efficient low power.
IV. How important is price?
And now we can move on to the Price.Of course, the main thing is thrift. But, still, you should make an exception when choosing a cryptocurrency cold hardware wallet, because focusing on thrift in this case is a false economy.
If convenience and minimum price are still the determining factors for you, a hot wallet may be more suitable for you.
When buying cryptocurrency hardware wallet, consider the following
- Your current portfolio and its future value
- Stress of knowing your crypto is not safe
- It is an infrequent purchase
- Price-to-Portfolio ratio
The cost base today of your crypto, isn’t the only consideration - given the huge upside that many cryptocurrencies can have over very short timeframes - you have to consider the potential future value.
Not only that, it's the security risk to any other crypto you might buy and store on the device and its future value, as well as the ongoing stress of feeling your stash isn’t as secure as it could be.
A cryptocurrency hardware wallet should be considered an infrequent purchase, its value derives from longevity, unless you go cheap, in which case, a hard lesson may force you to reconsider.
If you really want to put a figure on when your portfolio value justifies buying a cryptocurrency hardware wallet, a sensible price-to-portfolio ratio is around 10% which - given the average price of a hardware wallet - generally means shopping around once your portfolio hits around $1,000 in value.
But in all honesty, if you value security and control - the two key elements of storing money - it is never too soon to consider getting a cryptocurrency hardware wallet.
Your choice should always be guided by how well the device deals with security.
Choosing the best cryptocurrency hardware wallet isn’t like buying a toaster on Amazon; your financial independence and future are at stake.
Learn more about the best TOP 30 hardware cryptocurrency wallets
You can see this list here.
TOP 29 Hardware Wallets, the Official Online Stores
| 1 |  | Trezor hardware wallet, the official online store |  |
| 2 |  | Ledger hardware wallet, the official online store |  |
| 3 |  | KeepKey hardware wallet, the official online store |  |
| 4 |  | BitBox02 hardware wallet, the official online store |  |
| 5 |  | CoolWallet hardware wallet, the official online store |  |
| 6 |  | ELLIPAL hardware wallet, the official online store |  |
| 7 |  | D'CENT hardware wallet, the official online store. |  |
| 8 |  | SafePal hardware wallet, the official online store |  |
| 9 |  | SecuX hardware wallet, the official online store |  |
| 10 |  | BC Vault hardware wallet, the official online store |  |
| 11 |  | BitLox hardware wallet, the official online store |  |
| 12 |  | Keystone hardware wallet, the official online store |  |
| 13 |  | ProKey hardware wallet, the official online store |  |
| 14 |  | NGRAVE hardware wallet, the official online store |  |
| 15 |  | Keevo hardware wallet, the official online store |  |
| 16 |  | GridPlus hardware wallet, the official online store |  |
| 17 |  | Ballet hardware wallet, the official online store |  |
| 18 |  | OPOLO hardware wallet, the official online store |  |
| 19 |  | Foundation (Passport) hardware wallet, the official online store |  |
| 20 |  | ImKey hardware wallet, the official online store |  |
| 21 |  | Tangem hardware wallet, the official online store |  |
| 22 |  | HashWallet hardware wallet, the official online store |  |
| 23 |  | Material Bitcoin hardware wallet, the official online store |  |
| 24 |  | ShieldFolio hardware wallet, the official online store |  |
| 25 |  | OneKey hardware wallet, the official online store |  |
| 26 |  | Blockstream Jade hardware wallet, the official online store |  |
| 27 |  | Cypherock hardware wallet, the official online store |  |
| 28 |  | Keepser hardware wallet, the official online store |  |
| 29 |  | NEXA hardware wallet, the official online store |  |
TOP 20 Best Metal Cold Storage Seed Phrase Backups, the Official Online Stores
| 1 |  |  | |
| 2 |  |  | |
| 3 |  |  | |
| 4 |  |  | |
| 5 |  |  | |
| 6 |  |  | |
| 7 |  |  | |
| 8 |  |  | |
| 9 |  |  | |
| 10 |  |  | |
| 11 |  |  | |
| 12 |  |  | |
| 13 |  |  | |
| 14 |  |  | |
| 15 |  |  | |
| 16 |  |  | |
| 17 |  |  | |
| 18 |  |  | |
| 19 |  |  | |
| 20 |  |  |
