Bitcoin Forum

I'm looking to invest in a hardware wallet. Ledger and Trezor are all around the place. From what I understood about these - The wallets themselves will generate the private keys (HD wallets).

My question is - I have a few btc addresses with their private keys. Is there any Hardware wallet wherein I can just store these private keys of mine and authorize transactions instead of using new wallets generated by Ledger or Trezor??????

I hope someone can help me out with this.

Thanks in advance.

In short, no.

Just send your bitcoins to the hardware wallet. Problem solved.

It's not whether you can; it's that you shouldn't.

Address reuse isn't recommended for privacy reasons in the first place and I don't think any hardware wallets were designed specifically to encourage that.

You shouldn't import addresses that were generated outside of the hardware wallet itself. The address could very well have been compromised beforehand and it would negate all the benefits of a hardware wallet.

One of the main advantages of hardware wallets, is you generate the private keys securely on the hardware enclosure; without internet connection, and without potentially having malware around. Meaning, compared to when you generated private keys on your computer or phone, the private keys could have possibly been leaked due to these computer/mobile devices being online. Generating the private keys on your computer/phone and then importing it on the hardware wallet totally defeats this purpose.

Here's an analogy: it's like cooking food(generating private keys) in a dirty hospital where people are coughing and such(computer/mobile device), and then putting the cooked food on a 100% clean glass container to keep the food clean even though the food might have already been infected(importing potentially leaked private keys on a hardware wallet).

Might not be the best analogy, but you hopefully get what I mean.

Just to draw attention to this again. Personally would get a Trezor (if only because Ledger isn't fully open source) and then sweep your entire holdings to your new Trezor.


And to this too. Think it's really important to understand why hardware's more secure in general than regular use of clients on a device that connects to the internet.

If you want a secure way to interact with these private keys that you have, then the best method is instead to set up a permanently airgapped device, format it and install a clean version of Linux, set up full disk encryption, and then install a wallet such as Electrum and import your private keys to it. Import the addresses in to a watch-only wallet on an internet enabled device to be able to generate transactions for your airgapped wallet to sign.

As others have mentioned, this is only safe if the private keys were generated safely in the first place - in other words, also on an airgapped device, using software you have verified, and have never touched an internet enabled device. This may be the case if the private keys you are holding are on properly generated paper wallets.

If you want to use a hardware wallet as intended, then once you have set it up simply sweep all your coins to new addresses generated by the hardware wallet.

I hope you have been answered. But for more explanation in a way you will understand more. Normally, you are having a private key, or seed phrase to that private key, you can import the seed phrase to hardware wallet so far it is BIP39, or directly import the private key like you wanted. But, remember the seed phrase is generated not through offline means which makes it not as secure like the one you will generate on hardware wallet itself which will be offline.

So, not that you can not do it, you can import the private key to hardware wallet but it does not make any good sense in term of security, that is why you are advised not to do so. Just generate your private key on the hardware wallet, the private key will be offline, which means nothing can penetrate it, it can not be revealed to hackers. Then, you can send your bitcoin from the old wallet into your new (hardware) wallet. If you are not in haste, you can send the bitcoin using as low as 1 satoshi per vbyte. But I will recommend 15 satoshi per vbyte.

Also, know that hardware wallet is resistant to malware but there is still certain type of hack that can happen to any hardware wallet. We still need to be careful of malware.

---

 
Edited: o_e_l_e_o. Thanks for the correction.

This is incorrect - you can't do it.

Neither Trezor nor Ledger devices will allow you to import individual private keys. You can only import BIP39 seed phrases (but the caveats about the seed phrase potentially being generated insecurely and therefore there being no point in importing it in to a hardware wallet still apply).

There are actually multiple vectors of attack for different hardware wallets. Ledger for example had a bug where when transacting altcoins, an attacker could trick your device in to also signing a bitcoin transaction. Trezor have a vulnerability where someone with physical access to the device can extract the seed phrase.

Hardware wallets are good, and much safer than non-airgapped software wallets, but they shouldn't be seen as completely resistant to malware or other attacks.

You are right, there are many information that is misleading online. I have later known that there are malware that can even penetrate the random number generator itself to reveal a private key. There are truly vulnerabilities in some even so called hardware wallets that can reveal the seed phrase also. The best we can do, it to make sure we connect a device (phone or computer) that has no malware to hardware wallet for it to be safe for use. Malware are deadly generally.

These are probably some addresses that are important to the OP, he may receive payments to them on a regular basis and look for a way to keep them, while at the same time placing them in the security of the hardware wallet. Of course, this is not possible if we are talking about private keys, and it is not recommended if it is a seed.

If it is possible replace the old addresses with new ones - and if not transfer funds to the hardware wallet, and continue to use the old addresses for payments, and then from time to time move those coins again to hardware wallet.

If you need to use the specific private keys, hardware wallets aren't the best solution. I'd clean an old laptop/PC, remove all the wireless modules and keep it permanently offline instead with Electrum on it as a cold storage. Hardware wallets are there to be used with the seed your HW generates, not with extetnal ones. That's exactly the point of using it: not having direct access to the privkey as it sits inside the HW.

Imho hardware wallets are better for "every day use" than keeping life changing amounts on them.
So it depends on how much value is on those "few btc addresses with their private keys".

The funds OP doesn't need to spend in the near future can stay nice and easy where they are.
Also if there's a little more computer knowledge (for example to install a Tails OS USB and boot from it now and then with internet off), use of cold storage may also be a solution. But only if OP knows what he does.

But then double check your hardware wallet in case it is already tapped, I've read some articles that sellers in Amazon are putting malwares on hardware, with that they can just generate their own address thinking it was your own. Just an addition to this. The brand does not matter at all, the price differs because of the design.

Probably the safest storage of crypto is the hardware wallet since it is not connected to the internet and possible leakage is avoided.

While maintaining large funds on an airgapped device and the rest on a HW is a good option as well, why would holding everything on the HW be a potential problem? I think the level of knowledge necessary in order to use both at the same time is much higher than simply using a HW, especially as they're much easier to use through the Ledger/Trezor interface. The chances of messing up with an airgapped Electrum are higher imo as soon as you don't have that much of an idea what you're really doing. I've been personally using my Ledger mostly and some paper wallets every now and then, but I trust my Ledger more than any other method of storage and never made even one little mistake through it.

Or just purchase it from the official store or authorized resellers instead and do not accept a parcel that's been tampered with.

The brand matters in my opinion, as Ledger and Trezor are the most tested and used ones with a long positive history. Price is not only different due to design but every HW has different features and supported coins so, unless you're a BTC-only guy, brand and model might actually matter a lot

There's no malware injected or whatsoever, the device was already setup and with pre-generated seed when delivered in which the seller had the copy of the recovery seed which he can access once the buyer sends crypto on one of those address generated.

Keys that you've generated online and are still holding are more vulnerable than keys generated by the hadrware wallet, therefore I see no point in trying to transfer the keys.

If you're thinking about investing in a hardware wallet OP, think of how much you're storing. If the cost of a hardware wallet is 1% or less of your total investment it's a good idea to buy it and invest in additional security.

Wow!!!

My honest opinion. At first when I started using this forum a few days ago I thought it was full of spammers trying to increase their post count to qualify for signature campaigns. But, the amount of information and help you guys put into this particular thread of mine proves that I was wrong. I really thank you all for the amazing inputs.

After reading all the inputs, I understood why transferring my funds to HW is important from security point of view.

But, I still have one question to ask. This might sound silly but still I have to ask..

How reliable are HWs in terms of holding funds for long term (maybe 5-6 years into the future)? Like HDDs/thumb drives failing to start or get corrupted, do HWs have any similar issues???

I know that having the seed key will help me in restoring my funds in case my HW is lost or damaged. But still I'm a bit skeptical about this cuz I've never used HWs before. To be honest, I'm still using legacy addresses cuz the segwit stuff confuses me.

Would you recommend having a backup of the wallets in an offline device in case I hold some good amount of BTC stash in an airgapped PC?? I mean the device could always give up on me right?? How do users generally manage to organize their setup?

Apart from this I will have a HW for regular transactions.

Trezor One is the only device between Ledger and Trezor which was released over 5 years ago in 2014. Trezor T was 2018, Legder Nano S was 2016, and Nano X was 2019. The devices I have used from both companies are still going strong after a variety of times between 2 and 5 years, but there have been some reports of devices failing over time. This will be especially true if you keep them in less than ideal environments (too hot, too cold, too humid, etc.)

Nothing to be skeptical about. Ledger and Trezor both use the BIP39 standard for seed phrases. I have no concerns with my hardware wallets being lost/stolen/dying on me, exactly because I have my seed phrase backed up somewhere secure. Your coins are never actually on the hardware device - the hardware device simply gives you a safe and secure way to interact with your private keys, the same private keys which can be restored using your seed phrase in any wallet.

You can have a back up wallet if you like, but it is not necessary. As long as you have your seed phrase backed up securely, that is all you need to restore access to your coins. Having the same seed imported in to multiple wallets can also lessen your security, much like having storing the same data on three different flash drives increases the chance that someone will stumble across one of them.

I can tell you that my hardware wallet is working fine even after 2+ years. You can also ask yourself how reliable are you in keeping your wallet physically intact? I still have old Siemens mobile phones that I used long, long time ago. They work, just fine if it weren't for the battery. One of my best friends is as clumsy as they get, he can't hold onto anything and switches phones regularly because the dickhead keeps finding new ways to break them.

My point is, if you take good care of it, it will most likely work for many years. Ledger has in the past replaced wallets even after their warranties expired + there are regular discounts and promotions where you can get a spare one for cheap. 

You don't have to understand the technical aspects of the addresses. Just know that you will save on transaction fees, and that should be enough.

It's nice to be pleasantly surprised sometimes, and I'm glad you found some useful info in this thread.

Your impression is actually correct; this forum is full of shitposters who write nonsense for bounties/campaigns, but they don't usually migrate over to the hardware wallet section of the forum (because I assume most of them have zero to say about them).  Certain sections are infested with spam like you wouldn't believe, but the technical sections are refreshingly light on the nonsense.

HW's are supposed to be for long-term storage, and I haven't heard any horror stories yet about unrecoverable coins due to a device malfunctioning.  If you have the recovery seed phrase, you're good.

Just FYI, I own a Ledger Nano S and Nano X, and they're both excellent products.  I tried the Keepkey (https://bitcointalk.org/index.php?topic=5226098.msg53846245#msg53846245), but I would never recommend it to anyone.  And the only other brand I ever hear anything positive about is Trezor.  Trezor and Ledger have been around for a relatively long time and have established good reputations, which is extremely important IMO.  Good luck with your hunt for a hardware wallet.

Because HWs are not perfect; because with the right malicious wallet, even HWs can be fooled and money lost.


My point was to "feed" the HW from cold storage. That should happen very seldom - once per year or less. But yes, it needs higher level of knowledge (and I stated that one has to know what's he doing).


I've played a little with Tails OS and it was really simple for me. Electrum was there and I only had to make sure it's indeed offline.
Of course, I followed as good as I could Electrum's doc on cold storage.


The big question is: how you handle the paper wallets? I know stories of people losing their funds exactly while they were trying to fund their HW.


That's something you really have nothing to worry about. You write the seed down to paper as instructed and the seed can work with most modern wallets. But I didn't read yet stories about HWs broken.
And if it will just "forget" your info, you can easily re-init from the written down seed.

If you still plan on importing your keys, Satochip and Ellipal claims that they support that. Not sure how good they are since I never used it, so proceed with caution. If you can use other addresses then I don't think it is necessary to import your old keys, just move the coins instead.

Well, I mean cold storage isn't perfect either. There's no perfect way to store your coins, but I have to hear yet about malicious wallets that fool Ledgers. Has there been any before?

Paper wallets are definitely not how I'd suggest a newbie to store their coins. I just import them using Electrum, but there are lots of ways you can mess up. The point I was trying to make was that I only rarely use them and most often my Ledger, and until today I had zero issues with the HW.

There were quite a number of Ledger vulnerabilities published/fixed this year. Like this: https://cointelegraph.com/news/newly-discovered-ledger-wallet-vulnerability-could-be-disastrous-if-not-fully-patched

There's a malicious Chrome extension that still fools Ledger users.
There are complains here an there over the internet too https://www.reddit.com/r/ledgerwallet/comments/b5omei/funds_got_stolen_from_ledger_nano_s_this_is_no_fud/
Usually it's (correctly) said that it's the user fault since he didn't pay attention on what wallet he installed, so such cases don't get too much attention, but they do exist.

But we're starting to get off-topic... the whole point is that HODL funds better stay offline, not even in a HW. That's my opinion and you can clearly have a different one.

Firstly thank you for giving me some of my first Merits here!

Yes, that's the big question now. Ledger vs Trezor lol

From what I've read online - Ledger is partially closed-source and a bit difficult to use in terms of usability like upgrading firmware and reinstalling apps, installing/uninstalling apps, low memory etc

While for Trezor, its open-source. And after that security glitch (wherein seed could be recovered from sram by flashing the device with a malicious firmware) in 2017-18 which they have patched it up via a software (firmware) upgrade - I couldn't find any other major/minor flaws with it.

Would like to hear your views on which one is good overall?

I mainly intend to store BTC and Monero. And would be hodling for foreseeable future.

Thanks again!

So, apart from the (maybe) obvious/oblivious scams that mislead users. From a general usability perspective - Would you recommend Ledgers? or Trezors? And which particular models??

Thanks for pointing me in that direction. But somehow those 2 don't inspire me to go that way. Maybe because they aren't that mainstream.

That's only really relevant to the Nano S... the Nano X has more storage, so you don't need to worry so much about having to uninstall/install apps if you use a lot of different coins. If you only use one or two different coins, then even the Nano S is perfectly fine.

Upgrading firmware on both the Nano S and Nano X is relatively painless. There were some issues previously, on the Nano S, that were caused because people had not updated their devices for a while and the latest firmware was not compatible with their old bootloader. As far as I'm aware, there hasn't been any similar issue in over 2 years. These days it's more just "delays" caused by Ledger's "rolling update" policy as the servers take a bit of a pounding when new updates are released due to the number of devices in circulation.


There is an "unfixable" flaw with the device, that allows anyone with physical access to the device to extract the 24 word seed mnemonic. The only mitigation to this flaw, is by using the BIP39 passphrase functionality, as that is not stored on the device but used at "runtime" in combination with the 24 word seed mnemonic to derive your actual wallet seed... Trezor recommend users use long and complex passphrases to prevent loss, should your device be stolen etc.


Honestly? Either one will be just fine for your situation... Both Ledger and Trezor support Monero (XMR), as well as BTC obviously. I own both a Nano S and a Trezor ONE. They both have pros/cons. I would like a Nano X/Trezor T, but don't really see the need to upgrade as the extra features offered by the X and T just aren't worth the cost for me personally.

They're both capable devices, compatible with a number of popular wallets (like Mycelium for mobile use and Electrum for desktop use etc) if you don't like Ledger Live or the Trezor web wallet and both support quite a variety of cryptocurrencies.

As I said, for every day use, a HW is a very good acquisition. Just I would not keep all the funds on the every day HW, especially if we talk about big money.
About a "particular model", I have a Ledger Nano S and I am happy with it. I wanted something cheap and good. I never had my hands on a Trezor, so I don't know if it's better, it's really up to everybody's taste (but from what I've read keep your choices only between Ledger and Trezor).
The biggest difference between Nano S and Nano X is that on Nano X you can install more apps, which makes sens only if you work with a big number of altcoins (which I don't).


Edit: if you get Ledger, I advise you don't use it with the ledger wallet app, which is quite crappy; just get Electrum (and verify it) and use it with your HW.

Thank you for the inputs. I was of the opinion that I have to use Ledger wallet app on PC if I need to send/receive funds. So, once I get the Ledger -  can I just start using it with Electrum? Do I need to depend on the Ledger PC app for any updates or anything like that?

You need to use Ledger Live to update the firmware on your device, and also to install and uninstall different coin apps. In terms of actually sending and receiving funds, you don't have to use Ledger Live at all (and in fact, I would recommend not using it since it is a privacy risk and has inferior functionality to other wallets). Ledger devices can be used with a variety of bitcoin wallets such as Electrum as discussed above, and also can be used with Monero's GUI wallet.

It is partially closed source, but most of it isn't. The firmware upgrade process has been simplified to the maximum. In the past you needed to connect, disconnect, and reconnect the cable again while holding a combination of buttons. They abandoned that and now you connect the device, click the download button, confirm that a serial code on your device matches with what is displayed on the screen and you are ready to go. Installing/reinstalling apps is a 1-click process, completely beginner-friendly.

Since you intend to use it for Bitcoin and Monero only, the older and cheaper Nano S is good enough. You will have enough memory for a 3rd/4th app even after those 2 are installed. But, if in the future you want to keep 50 different coins on it, you can always uninstall one to install another one in its place. It doesn't affect your holdings in any way. 

You just missed a Ledger Nano S/X promotion where it was possible to get a 20% discount on your products. It expired yesterday.
If you decide to buy one of these, Ledger often gives discounts on their social media. Sometimes it pays to wait a bit.

Wallets and coins supported by Ledger: https://www.ledger.com/supported-crypto-assets/ (note: Mycelium is not listed but I have used Ledger with Mycelium)
Wallets supported by Trezor: https://wiki.trezor.io/User_manual:Trezor_Apps

I will make a note of this point. I intend to use the HW with Electrum and MyMonero/Moneroju. Thanks again for helping me out.

This is indeed a relief to my eyes. Yeah, looks like I've missed the promo sale. But it's good that I've discussed my queries here and learnt a lot of things I was unaware of.

MyMonero is not compatible with hardware wallets, as far as I am aware. For a desktop wallet you can use with a hardware wallet, you'll need to use the official Monero GUI wallet: https://www.getmonero.org/downloads/#windows

MoneroJu supports Ledger devices.

Ledger frequently email out discount codes to previous customers to share with their friends, usually in the region of around 10-20%. You can usually find people handing out spare codes on the Ledger subreddit - https://www.reddit.com/r/ledgerwallet/.

Alternatively, if you can wait a couple of months, the last two years Ledger have had a Black Friday sale. Last year it was 30% off, the year before that 50% off.

But in all honestly, I've been researching this Ledger vs Trezor topic all day. I still haven't figured out which one is better. First I was inclined towards Ledgers but then after learning that the Secure element part is not open-source - I've switched my opinion to Trezor. Then again after learning about the hardware vulnerabilities in Trezor (which are said to be mitigated via firmware updates) - I'm kinda lost in my way.

How do big Hodlers store their coins? Am I being paranoid?

The vulnerability in Trezor devices which allows an attacker with physical access to the device extract the seed phrase have not been patched. They are a hardware issue, not a software one, and are therefore unpatchable. The only work around is to also use a long and complex passphrase, which is combined with your seed phrase to generate a different wallet than your seed phrase alone.

A bit of paranoia can be a good thing and can make you safer.

I previously used both Ledger and Trezor devices. I stopped using Trezor devices partly because of the unpatchable vulnerability as described above, and partly because of the way they approached said vulnerability and tried to sweep it under the rug rather than warn all their users. If I was picking a hardware wallet, I would pick a Ledger device.

Having said all that, I am more and more moving to using airgapped wallets. Essentially an old computer, laptop, raspberry pi, etc., which is permanently airgapped from the Internet, running a clean install of Linux, and using full disk encryption. It is the most secure way of storing your coins in my opinion, but is both far more difficult to set up and a little more cumbersome to use than a hardware wallet.