Secure Your Crypto: Is the current generation of hardware wallets enough?

By Rohan Agarwal, Cypherock

Are there enough hardware wallets of the current generation to ensure the security of your cryptocurrencies?

Synopsis

Since the debacle of FTX, the concept of self-custody has become the talk of the industry, prompting more individuals to move funds from centralized services and into wallets, especially hardware wallets.

Wallets are at the core of the web3 world since all activity across DApps are forever interlinked with the wallet address. Since cryptocurrencies and NFTs are linked with wallets, exploiting wallet information has become a common practice amongst hackers and scammers within web3. Oftentimes, one would hear of a seed phrase compromise through phishing or the loss of the wallet due to a device being lost or a password is forgotten.

To further the adoption of web3, wallet technology and security will need to evolve as well. Since the debacle of FTX, the concept of self-custody has become the talk of the industry, prompting more individuals to move funds from centralized services and into wallets, especially hardware wallets. So, why do individuals choose hardware wallets, and are hardware wallets the safest option?

What makes hardware wallets safe?

Hardware wallets are physical devices that are responsible for securely storing and managing the private key, which grants access to all of your cryptocurrencies and NFTs. The private key of the wallet can be thought of as an account password which would grant immediate access and control to the cryptocurrencies associated with the wallet.

Hardware wallets are preferred primarily because these devices are not connected to the internet. Not being an internet-connected device reduces the potential attacks that could occur online. As mentioned previously, private keys are crucial in having control over your cryptocurrencies and NFTs.

With hardware wallets, during the initial setup of the wallet, the private key of the wallet is created within the device itself. Since private key generation and storage happen offline, users are protected from any sniffing attacks that may potentially compromise a mobile or computer.

Additionally, hardware wallets serve somewhat like a two-factor authentication mechanism when you are completing transactions. The usual transaction flow requires the user to verify the address of the assets being sent. The computer being an internet-connected device could fall privy to attacks such as the clipboard attack, or screen spoofing — where faulty information is displayed on your screen.

In this attack, the information that is copied on the computer or mobile is replaced with malicious information — in the case of a transaction, the address of the attacker. Hardware wallets usually interface with either a mobile or desktop application and have a screen where the accurate information for the destination address can be verified. This way, before sending an asset, users can verify the true destination of where they will be sending funds and avoid losses and theft.

What are the current challenges with hardware wallets?

Even though hardware wallets tend to be the safest option for your cryptocurrencies and NFTs, they are not perfect. Most hardware wallets today tend to protect the private key of the wallet by storing it on a proprietary chip inside the device called a secure element.

Secure elements usually require NDAs to be signed on behalf of the company, therefore forcing companies to be closed-source. Being closed source puts the onus of maintaining security on the company and could lead to potential backdoors that attackers could exploit and compromise hardware wallets. As web3 expands, open-source technology will push innovation further as information becomes publicly verifiable and replicable.

Wallets today, regardless of software or hardware, use a seed phrase recovery system to recover funds in case access to the wallet-associated device is lost. A seed phrase is a representation of the wallet private key which is human readable.

Private keys tend to be hard to remember, or backup because they tend to be long strings of alphanumeric characters. Therefore, seed phrases were introduced to represent the private key in a more easy-to-understand format. Seed phrases tend to be 12/18/24 words long and are a combination chosen from a 2048-word list, outlined in BIP39.

Here is an example of a 12-word seed phrase: “Cat country fluid flush poem pioneer rally drum emotion series sign prevent”.

These words will tend to represent the private key of the wallet and grant anyone with access to the seed phrase access to the wallet. Currently, the most popular methods of backing up seed phrases tend to be on laptops, paper or metal sheets (seed phrase backups). Each of these backup methods could be compromised via hacking, theft or damage.

Coinplate metal seed phrase backup

How can users address these challenges to keep their crypto secure?

As with the entire web3 space, there are major leaps that are being made in the wallet space with the introduction of MPC and seedless wallets. Frontier tech aside, a popular existing solution to the hardware wallet drawbacks is to use a multi-signature wallet (multi-sig).

In a multi-sig wallet, multiple wallets are associated with one address, and a threshold of signatures is required, for example, a multi-sig wallet could have 3 signatories, and require 2 signatures to approve a transaction.

Multi-sig wallets can also be problematic since not all of the blockchains support multi-sig today, and different blockchains have different multi-sig implementations, which have suffered breaches in the past. Additionally, the user experience of multi-sig wallets can be complex and may not be suited for an individual crypto investor.

Cypherock X1 Cypherock X1 is a first of its kind hardware wallet that offers air gapped storage of private keys separate from the offline X1 wallet. The private keys are never stored on the X1 wallet and never in a single place, which makes it more secure than a regular hardware wallet when it comes to making Blockchain transactions. The private keys are generated completely offline and then broken into 5 unique secrets, each of which is encrypted and stored on the EAL 5+ secure elements on the X1 wallet and the 4 X1 cards.

The development of seedless wallets and multi-party computation (MPC) wallets (for example, the Cypherock X1 hardware wallet) have made strides in improving overall privacy and security. In the case of seedless wallets, the utilization of technologies such as Shamir Secret Sharing to remove the single points of failure with private key management, and implement a solution that never exposes the seed phrase to the user, thereby reducing the overall attack surface for the wallet holder.

With newer, security-enhanced solutions such as MPC and seedless wallets gaining popularity, securing one’s crypto and NFT holdings will be simpler and safer.

Conclusion

As web3 adoption continues to grow, wallet infrastructure will need to improve. At present, hardware wallets provide a great solution for crypto holders to improve their overall security, but they must recognize the shortcomings of the current paradigm. With newer, security-enhanced solutions such as MPC and seedless wallets gaining popularity, securing one’s crypto and NFT holdings will be simpler and safer.


Cryptotag

Learn more about the best TOP 30 hardware cryptocurrency wallets

You can see this list here.


TOP 29 Hardware Wallets, the Official Online Stores

1
Trezor hardware wallet, the official online store
2
Ledger hardware wallet, the official online store
3
KeepKey hardware wallet, the  official online store
4
BitBox02 hardware wallet, the official online store
5
CoolWallet hardware wallet, the official online store
6
ELLIPAL hardware wallet, the official online store
7
D'CENT hardware wallet, the official online store.
8
SafePal hardware wallet, the official online store
9
SecuX hardware wallet, the official online store
10
BC Vault hardware wallet, the official online store
11
BitLox hardware wallet, the official online store
12

Keystone hardware wallet, the official online store

13
ProKey hardware wallet, the official online store
14
NGRAVE hardware wallet, the official online store
15
Keevo hardware wallet, the official online store
16
GridPlus hardware wallet, the official online store
17
Ballet hardware wallet, the official online store
18
OPOLO hardware wallet, the official online store
19
Foundation (Passport) hardware wallet, the official online store
20
ImKey hardware wallet, the official online store
21
Tangem hardware wallet, the official online store
22
HashWallet hardware wallet, the official online store
23
Material Bitcoin hardware wallet, the official online store
24
ShieldFolio hardware wallet, the official online store
25
OneKey hardware wallet, the official online store
26
Blockstream Jade hardware wallet, the official online store
27
Cypherock hardware wallet, the official online store
28
Keepser hardware wallet, the official online store
29
NEXA hardware wallet, the official online store
ELLIPAL Titan is the best cold wallet

TOP 20 Best Metal Cold Storage Seed Phrase Backups, the Official Online Stores

Coinplate metal seed phrase backup