Hardware Wallets Explained, Reviewed and Compared - YouTube

What are hardware wallets?

Are they really the safest way to store Bitcoins and other cryptocurrencies?

Can they be hacked?

And what happens if I lose my hardware wallet?

Are my coins lost?

Well, stick around.

Here on Bitcoin Whiteboard Tuesday, we’ll tackle these questions and more.

Hi, I’m Nate Martin from 99Bitcoins.com

and welcome to Crypto Whiteboard Tuesday

where we take complex cryptocurrency topics,

break them down and translate them into plain English.

Before we begin, don't forget to subscribe to the channel

and click the bell so you’ll immediately get notified

when a new video comes out.

Today’s topic is hardware wallets.

But before we dive deep into hardware wallets

we need to understand how any Bitcoin wallet works in general.

The term Bitcoin wallet is a bit misleading,

as a Bitcoin wallet doesn’t really hold any Bitcoin.

Technically speaking,

a Bitcoin wallet is a software that holds passwords,

sometimes referred to in cryptographic terms as keys.

These keys give your wallet access to the Bitcoins allocated to it

on the Bitcoin transaction ledger called the blockchain.

So when you use any Bitcoin wallet,

you’ll encounter two important terms.

The first is a Bitcoin address,

this is what you send to people who want to pay you in Bitcoin,

kind of like an email address.

The second is a private key.

The private key allows you to access and control the Bitcoins you own.

For our email account analogy,

you might think of your private key as the password to your email account.

Aside from holding your private key,

the wallet also signs Bitcoin transactions on your behalf

using your private key,

and broadcasts them to the Bitcoin network.

Let me explain:

When you want to send Bitcoins to someone else,

you need to prove ownership of those Bitcoins to the whole network

so it will agree to change the ledger of transactions.

To achieve this,

your Bitcoin wallet takes your requested transaction,

signs it on your behalf using your private key

and broadcasts this digital signature to the network.

In a nutshell,

a digital signature is a way to prove you own a certain private key

without needing to expose it.

It’s done through the use of complex mathematical rules

known as cryptography.

This whole process is kind of similar to you signing a check

authorizing the transfer of money from your account.

Once a transaction is signed,

the wallet then broadcasts it to the whole network

which validates its authenticity.

Eventually,

this transaction will be entered by Bitcoin miners on to the blockchain,

and the transaction will be considered complete.

So, what does this all have to do with hardware wallets?

If my wallet is just a piece of software,

why can’t I just have it on my computer, like any other software I use?

Well, as you probably know,

stealing a piece of information from a computer

isn’t that hard these days.

And if the computer running your Bitcoin wallet

is infected with malware

it may expose your private key to bad actors.

Hackers may be able to take control over your computer

or see what’s displayed on your screen.

And once your private key is exposed,

your Bitcoins are no longer under your control.

They could be easily transferred to anywhere the hacker chooses.

In order to avoid this situation you have two options:

First -

You could make sure your computer is completely malware free.

While this may sound easy,

most viruses are either disguised as legitimate software

or have a way to avoid detection by Antivirus software.

The other option would be to use a wallet that is “immune” to malware,

so to speak, keeping your private key safe.

This is exactly what hardware wallets are designed to do.

Simply put,

hardware wallets are computers

that have been stripped down of all logic

except for a small screen, a button or two

and the simple action of storing keys and signing transactions.

Hardware wallets look like small USB devices,

and they offer a minimalist approach to security.

This is based on the logic that the more complex a device is,

the more opportunities hackers have to infiltrate it.

In the case of hardware wallets, the device is so “dumb”

it’s practically impossible to hack or infect it with anything.

Due to that simple design,

hardware wallets can’t connect to the Internet

or run complicated apps.

They are just a form of storing your private key offline.

This approach is known as cold storage,

unlike devices that connect to the Internet, which are called ‘hot wallets’.

So how do hardware wallets work exactly?

Well, let’s say you want to send a Bitcoin transaction

using a hardware wallet.

The first thing to know is that

because a hardware wallet is such a simple device

that can only sign transactions,

it needs to use a more sophisticated computer

for all other functions,

such as preparing the transaction and broadcasting it to the network.

So in order to use a hardware wallet

you’ll need to connect it to your personal computer

and download a program that can communicate with it.

We’ll call this program a bridge.

The bridge will allow you to prepare your transaction for signing.

The hardware wallet allows only very specific types of data

to pass through to it, such as cryptocurrency transactions.

Once it receives a transaction from the bridge program,

it signs it on the hardware wallet itself

and then sends it back to the bridge program.

Your private key never leaves the hardware wallet.

The only thing that gets transferred

between your computer and the hardware wallet

is the unsigned and signed transaction.

Because of its minimalistic and simple design,

a hardware wallet can be used with any computer

without fear of being hacked or infected -

even a public library computer or your mom’s laptop :)

The only thing you’ll need to do to make sure your Bitcoins are safe

is to make sure the transaction you’re approving

on the hardware wallet’s screen

matches the transaction your bridge program is showing

on your personal computer.

Today there are over a dozen companies that offer hardware wallets on the market,

with the three market leaders being Ledger, TREZOR and KeepKey.

Each company offers different models with different features.

If you’d like to read all about the different models on our site,

there’s a link in the description below.

There are many features to compare between the different hardware wallets.

Some things to consider, aside from company reputation,

include how many different coins the device can support,

and whether you can control it from your mobile phone

as well as from your computer.

Setting up a hardware wallet is fairly easy.

The main thing to do is write down the set of words you’ll be given

when initializing the device.

These words,

also known as a seed phrase or mnemonic phrase

are a way to restore any private key your hardware wallet generates.

This also means that whoever might get a hold of these words

would also control your Bitcoin,

so it's important to keep your seed phrase written offline

and in a safe place.

Before we conclude today’s episode,

I want to go over some common hardware wallet risks

you should be aware of,

and how to avoid them when possible.

The first risk is that someone may tamper with your device

when its onroute to your home for the first time.

To avoid this,

all reputable hardware wallet manufacturers

use a special holographic sticker to prove the wallet was never opened.

If you receive a wallet and this sticker isn’t in tact,

don’t use that wallet.

While some wallets also run a self tampering test when initializing,

it’s better to stay on the safe side.

In order to minimize this risk even more,

always buy a hardware wallet straight from the manufacturer’s website.

If you want to buy from a reseller,

make sure that he’s an authorised trustworthy reseller

by contacting the manufacturer first.

Closely related to this issue is the fact that your seed phrase

should be generated at random by your wallet upon setup

and is not sent to you with the device.

There’s a good reason for taking all these safety measures seriously.

For example, one unfortunate user bought a hardware wallet

from a bad actor on Amazon

and received a wallet with a card containing a preconfigured seed phrase.

He was instructed to initiate the device using this existing seed phrase.

The user wasn’t very tech savvy and did what he was instructed,

only to find out that once he deposited coins

into that hardware wallet

they were quickly removed by the hacker that had knowledge

of the preconfigured seed.

Another risk to be aware of is that

your hardware wallet device may be stolen

or physically accessed by unwanted individuals,

also known as the evil maid attack.

Most, if not all hardware wallets today, include a PIN protection.

So even if your device is stolen

it may take the thief a while before he can access your coins.

Once you notice your device is stolen

you should immediately use your seed phrase

to recover your Bitcoins

and send them to a new wallet with a different seed phrase.

This will basically drain your stolen wallet from all of its funds

and allow you to keep safe control over your Bitcoins.

Another very unusual but possible attack is the “$5 wrench attack”.

This refers to when someone physically threatens to hurt you,

with a $5 wrench,

if you don’t hand over your hardware wallet

and unlock it with your PIN code.

In order to protect from these kinds of physical attacks

certain wallets, such as TREZOR,

allow you to add another layer of protection called a passphrase.

This means you’ll be requested to add an additional passphrase

after the PIN code.

However, you can set it up

so that different passphrases will show only certain accounts

on your wallet.

So imagine having a dummy account on your wallet

with only a small amount of coins

and a real account with the majority of your funds.

When someone forces you to unlock your wallet

you can use the dummy passphrase

and it will seem that the wallet only holds a small amount of coins,

not revealing your complete holdings.

A very common fear people usually express

regarding hardware wallets is

what happens if the wallet manufacturer goes out of business?

Well, the seed phrase technology used in most hardware wallets today

is compatible with multiple wallets:

it’s not unique to any specific company.

Therefore, if a certain company goes out of business

you can recover your Bitcoins directly to another company’s wallet

using your seed phrase.

As you probably understand by now,

your seed phrase has a lot of power

and it can be used in many cases to recover your Bitcoins,

including if your hardware wallet breaks or gets damaged.

Well, that’s it for today’s episode of Crypto Whiteboard Tuesday.

Hopefully by now you understand what a hardware wallet is -

A small device that holds your private keys

and signs transactions offline keeping your Bitcoins safe.

You may still have some questions.

If so, just leave them in the comment section below.

And if you’re watching this video on YouTube,

and enjoy what you’ve seen, don’t forget to hit the like button.

Then make sure to subscribe to the channel

and click that bell

so that you’ll be notified as soon as we post new episodes.

Thanks for joining me here at the Whiteboard.

For 99bitcoins.com, I’m Nate Martin, and I’ll see you…in a bit.