How do you keep your crypto currencies as safe as possible?
Just recently I wrote about hardware wallets in a comparison of and . After several questions from interested readers, now comes a summary about hardware wallets in general. If you are interested in the article about and you can read it . If you don’t have your own crypto currencies yet, I’ve written an article on .
What is a Hardware Wallet?
You can compare a with your bank account. It is used to send, manage and receive crypto currencies. A hardware is a device that you can use to perform these functions. Hardware Wallets come in many shapes and sizes. The Ledger Nano S, for example, looks similar to a USB stick.
A hardware is one of the most secure ways to manage your crypto currencies. This is because access to your coins is encrypted by your . This makes it more secure than a that you can use online.
In addition, hardware wallets offer further protection by entering a PIN. If you lose your hardware or it is even stolen, nobody can access your coins.
You can also back up your hardware with a backup seed. Even if you no longer have a hardware , you still have access to your crypto currencies with this backup seed. Below you can read exactly how this works and what it is.
How Hardware Wallets Work: Generating Private Keys
From now on it will be more technical and it will be explained how hardware wallets work. This is interesting for those who want to know more about why hardware wallets are so secure. For the use of the devices it is not necessary to know how they work “under the hood”.
It all started with BIPs ( Improvement Proposals), which are suggestions to improve . One improvement was that instead of long complicated sequences of numbers and letters for the private key, you can use a series of words (BIP39). This usually 24-word sequence (seed) is used to create private keys for a digital currency.
And this process uses hardware wallets (not only for ). When first created, the devices randomly generate 24 words and then use them to create addresses and private keys for digital currencies.
How Hardware Wallets Work: Transactions
Digital signatures are used to send crypto currencies. These signatures ensure that the digital currencies really belong to you. You can compare the signatures with a signature. Only when I sign that I send a to another person is the transaction executed.
With a hardware , you first create a transaction with your computer or smartphone. The transfer is not yet signed, the computer or smartphone would not be able to do so. Therefore the transaction including all details is sent to the hardware . If the device, i.e. the user in this case, wants to make this transaction, he signs it and sends the signed transaction — by physically pressing keys — back to the computer and only then is the transaction made.
Advantages of a Hardware Wallet
The devices offer some advantages. Here is a list of the most important advantages:
- Private keys are never given to the computer
- Malware cannot harm the devices
- Haven’t been hacked yet.
- The digital currencies can be used actively
- Easy setup and operation
- The devices can several crypto currencies
- PINs and passwords provide access protection
- Transactions must be made physically with the device
These are some of the advantages a hardware offers. In addition, some devices — such as the Trezor HW — are open source and therefore the code can be publicly viewed.
Disadvantages and dangers of a hardware wallet
However, devices do not only have advantages. The biggest disadvantage of the devices is the cost. You have to pay for the greatest possible security. In addition, the devices do not protect against all dangers. If you send the coins to the wrong address, they are gone forever — this does not protect you from that either. In addition, you could unconsciously download a virus that manipulates addresses of crypto currencies, sending the digital currencies to the wrong addresses.
Of course, the devices also have attack surfaces. In the past, possible attacks were detected, but these could be closed within a very short time by an update. However, these attacks can only be carried out if you were in possession of the device.
Further dangers are:
- Unsafe RNG (Random Number Generator): The devices use an integrated random number generator. It becomes dangerous if the random number generator follows certain patterns and is not really random.
- Bad implementation: As with all hardware, there is a danger that the implementation is faulty or even bad.
- Manufacturing: Even the best software is not safe from bad manufacturing and production. Since one usually has no insight into these steps, one must (at least partially) trust the manufacturers.
- Shipping: During shipping, parts or software could be exchanged unnoticed.
Is a hardware wallet worthwhile?
One often asks oneself whether a hardware is worthwhile at all and whether one does not prefer to invest the money in digital currencies. The question is justified and the answer depends on many factors.
First of all the principle: Yes, a hardware is worth it. You take money in your hand once and are protected from malware, stock market hacks and the like. You can also actively use the digital currencies.
It seems to be the ideal solution to use open source software together with open, general-purpose hardware such as Raspberry Pi or Arduino and a trusted source of entropy such as a cube.
However, the best known commercially available hardware wallets are:
Most wallets rely on a recovery seed in the form of 24 words for their backups. Behind this is the standard of the Improvement Proposals Number 39. BIP39 allows a recovery seed to be stored in a defined list of words that are easy to remember. This makes perfect for hardware wallets.
Published at Sat, 11 May 2019 12:15:02 +0000
