Query Regarding Hardware Wallets

[starseeker]

I'm looking to invest in a hardware wallet. Ledger and Trezor are all around the place. From what I understood about these - The wallets themselves will generate the private keys (HD wallets).

My question is - I have a few btc addresses with their private keys. Is there any Hardware wallet wherein I can just store these private keys of mine and authorize transactions instead of using new wallets generated by Ledger or Trezor???

I hope someone can help me out with this.

Thanks in advance.

[odolvlobo]

My question is - I have a few btc addresses with their private keys. Is there any Hardware wallet wherein I can just store these private keys of mine and authorize transactions instead of using new wallets generated by Ledger or Trezor?

In short, no.

Just send your bitcoins to the hardware wallet. Problem solved.

[ranochigo]

It's not whether you can; it's that you shouldn't.

Address reuse isn't recommended for privacy reasons in the first place and I don't think any hardware wallets were designed specifically to encourage that.

You shouldn't import addresses that were generated outside of the hardware wallet itself. The address could very well have been compromised beforehand and it would negate all the benefits of a hardware wallet.

[mk4]

One of the main advantages of hardware wallets, is you generate the private keys securely on the hardware enclosure; without internet connection, and without potentially having malware around. Meaning, compared to when you generated private keys on your computer or phone, the private keys could have possibly been leaked due to these computer/mobile devices being online. Generating the private keys on your computer/phone and then importing it on the hardware wallet totally defeats this purpose.

Here's an analogy: it's like cooking food(generating private keys) in a dirty hospital where people are coughing and such(computer/mobile device), and then putting the cooked food on a 100% clean glass container to keep the food clean even though the food might have already been infected(importing potentially leaked private keys on a hardware wallet).

Might not be the best analogy, but you hopefully get what I mean.

[buwaytress]

It's not whether you can; it's that you shouldn't.

Just to draw attention to this again. Personally would get a Trezor (if only because Ledger isn't fully open source) and then sweep your entire holdings to your new Trezor.

...generate the private keys securely on the hardware enclosure; without internet connection, and without potentially having malware around...

And to this too. Think it's really important to understand why hardware's more secure in general than regular use of clients on a device that connects to the internet.

[o_e_l_e_o]

If you want a secure way to interact with these private keys that you have, then the best method is instead to set up a permanently airgapped device, format it and install a clean version of Linux, set up full disk encryption, and then install a wallet such as Electrum and import your private keys to it. Import the addresses in to a watch-only wallet on an internet enabled device to be able to generate transactions for your airgapped wallet to sign.

As others have mentioned, this is only safe if the private keys were generated safely in the first place - in other words, also on an airgapped device, using software you have verified, and have never touched an internet enabled device. This may be the case if the private keys you are holding are on properly generated paper wallets.

If you want to use a hardware wallet as intended, then once you have set it up simply sweep all your coins to new addresses generated by the hardware wallet.

[Charles-Tim]

My question is - I have a few btc addresses with their private keys. Is there any Hardware wallet wherein I can just store these private keys of mine and authorize transactions instead of using new wallets generated by Ledger or Trezor???

I hope you have been answered. But for more explanation in a way you will understand more. Normally, you are having a private key, or seed phrase to that private key, you can import the seed phrase to hardware wallet so far it is BIP39, or directly import the private key like you wanted. But, remember the seed phrase is generated not through offline means which makes it not as secure like the one you will generate on hardware wallet itself which will be offline.

So, not that you can not do it, you can import the private key to hardware wallet but it does not make any good sense in term of security, that is why you are advised not to do so. Just generate your private key on the hardware wallet, the private key will be offline, which means nothing can penetrate it, it can not be revealed to hackers. Then, you can send your bitcoin from the old wallet into your new (hardware) wallet. If you are not in haste, you can send the bitcoin using as low as 1 satoshi per vbyte. But I will recommend 15 satoshi per vbyte.

Also, know that hardware wallet is resistant to malware but there is still certain type of hack that can happen to any hardware wallet. We still need to be careful of malware.
 
Edited: o_e_l_e_o. Thanks for the correction.

[o_e_l_e_o]

So, not that you can not do it, you can import the private key to hardware wallet but it does not make any good sense in term of security

This is incorrect - you can't do it.

Neither Trezor nor Ledger devices will allow you to import individual private keys. You can only import BIP39 seed phrases (but the caveats about the seed phrase potentially being generated insecurely and therefore there being no point in importing it in to a hardware wallet still apply).

Also, know that hardware wallet is resistant to malware but there is still one certain type of hack that can happen to any hardware wallet

There are actually multiple vectors of attack for different hardware wallets. Ledger for example had a bug where when transacting altcoins, an attacker could trick your device in to also signing a bitcoin transaction. Trezor have a vulnerability where someone with physical access to the device can extract the seed phrase.

Hardware wallets are good, and much safer than non-airgapped software wallets, but they shouldn't be seen as completely resistant to malware or other attacks.

[Charles-Tim]

There are actually multiple vectors of attack for different hardware wallets. Ledger for example had a bug where when transacting altcoins, an attacker could trick your device in to also signing a bitcoin transaction. Trezor have a vulnerability where someone with physical access to the device can extract the seed phrase.

You are right, there are many information that is misleading online. I have later known that there are malware that can even penetrate the random number generator itself to reveal a private key. There are truly vulnerabilities in some even so called hardware wallets that can reveal the seed phrase also. The best we can do, it to make sure we connect a device (phone or computer) that has no malware to hardware wallet for it to be safe for use. Malware are deadly generally.

[Lucius]

Why bother yourself with your old private keys? Is there some significance to the OP?

These are probably some addresses that are important to the OP, he may receive payments to them on a regular basis and look for a way to keep them, while at the same time placing them in the security of the hardware wallet. Of course, this is not possible if we are talking about private keys, and it is not recommended if it is a seed.

If it is possible replace the old addresses with new ones - and if not transfer funds to the hardware wallet, and continue to use the old addresses for payments, and then from time to time move those coins again to hardware wallet.

[20kevin20]

If you need to use the specific private keys, hardware wallets aren't the best solution. I'd clean an old laptop/PC, remove all the wireless modules and keep it permanently offline instead with Electrum on it as a cold storage. Hardware wallets are there to be used with the seed your HW generates, not with extetnal ones. That's exactly the point of using it: not having direct access to the privkey as it sits inside the HW.

[NeuroticFish]

Imho hardware wallets are better for "every day use" than keeping life changing amounts on them.
So it depends on how much value is on those "few btc addresses with their private keys".

The funds OP doesn't need to spend in the near future can stay nice and easy where they are.
Also if there's a little more computer knowledge (for example to install a Tails OS USB and boot from it now and then with internet off), use of cold storage may also be a solution. But only if OP knows what he does.

[Twentyonepaylots]

One of the main advantages of hardware wallets, is you generate the private keys securely on the hardware enclosure; without internet connection, and without potentially having malware around.

But then double check your hardware wallet in case it is already tapped, I've read some articles that sellers in Amazon are putting malwares on hardware, with that they can just generate their own address thinking it was your own. Just an addition to this. The brand does not matter at all, the price differs because of the design.

Meaning, compared to when you generated private keys on your computer or phone, the private keys could have possibly been leaked due to these computer/mobile devices being online. Generating the private keys on your computer/phone and then importing it on the hardware wallet totally defeats this purpose.

Probably the safest storage of crypto is the hardware wallet since it is not connected to the internet and possible leakage is avoided.

[20kevin20]

Imho hardware wallets are better for "every day use" than keeping life changing amounts on them.
So it depends on how much value is on those "few btc addresses with their private keys".

The funds OP doesn't need to spend in the near future can stay nice and easy where they are.
Also if there's a little more computer knowledge (for example to install a Tails OS USB and boot from it now and then with internet off), use of cold storage may also be a solution. But only if OP knows what he does.

While maintaining large funds on an airgapped device and the rest on a HW is a good option as well, why would holding everything on the HW be a potential problem? I think the level of knowledge necessary in order to use both at the same time is much higher than simply using a HW, especially as they're much easier to use through the Ledger/Trezor interface. The chances of messing up with an airgapped Electrum are higher imo as soon as you don't have that much of an idea what you're really doing. I've been personally using my Ledger mostly and some paper wallets every now and then, but I trust my Ledger more than any other method of storage and never made even one little mistake through it.

But then double check your hardware wallet in case it is already tapped, I've read some articles that sellers in Amazon are putting malwares on hardware, with that they can just generate their own address thinking it was your own. Just an addition to this. The brand does not matter at all, the price differs because of the design.

Or just purchase it from the official store or authorized resellers instead and do not accept a parcel that's been tampered with.

The brand matters in my opinion, as Ledger and Trezor are the most tested and used ones with a long positive history. Price is not only different due to design but every HW has different features and supported coins so, unless you're a BTC-only guy, brand and model might actually matter a lot

[bL4nkcode]

I've read some articles that sellers in Amazon are putting malwares on hardware, with that they can just generate their own address thinking it was your own.

There's no malware injected or whatsoever, the device was already setup and with pre-generated seed when delivered in which the seller had the copy of the recovery seed which he can access once the buyer sends crypto on one of those address generated.

[pixie85]

Keys that you've generated online and are still holding are more vulnerable than keys generated by the hadrware wallet, therefore I see no point in trying to transfer the keys.

If you're thinking about investing in a hardware wallet OP, think of how much you're storing. If the cost of a hardware wallet is 1% or less of your total investment it's a good idea to buy it and invest in additional security.

[starseeker]

Wow!!!

My honest opinion. At first when I started using this forum a few days ago I thought it was full of spammers trying to increase their post count to qualify for signature campaigns. But, the amount of information and help you guys put into this particular thread of mine proves that I was wrong. I really thank you all for the amazing inputs.

After reading all the inputs, I understood why transferring my funds to HW is important from security point of view.

But, I still have one question to ask. This might sound silly but still I have to ask..

How reliable are HWs in terms of holding funds for long term (maybe 5-6 years into the future)? Like HDDs/thumb drives failing to start or get corrupted, do HWs have any similar issues???

I know that having the seed key will help me in restoring my funds in case my HW is lost or damaged. But still I'm a bit skeptical about this cuz I've never used HWs before. To be honest, I'm still using legacy addresses cuz the segwit stuff confuses me.

[starseeker]

As others have mentioned, this is only safe if the private keys were generated safely in the first place - in other words, also on an airgapped device, using software you have verified, and have never touched an internet enabled device. This may be the case if the private keys you are holding are on properly generated paper wallets.

Would you recommend having a backup of the wallets in an offline device in case I hold some good amount of BTC stash in an airgapped PC?? I mean the device could always give up on me right?? How do users generally manage to organize their setup?

Apart from this I will have a HW for regular transactions.

[o_e_l_e_o]

How reliable are HWs in terms of holding funds for long term (maybe 5-6 years into the future)? Like HDDs/thumb drives failing to start or get corrupted, do HWs have any similar issues???

Trezor One is the only device between Ledger and Trezor which was released over 5 years ago in 2014. Trezor T was 2018, Legder Nano S was 2016, and Nano X was 2019. The devices I have used from both companies are still going strong after a variety of times between 2 and 5 years, but there have been some reports of devices failing over time. This will be especially true if you keep them in less than ideal environments (too hot, too cold, too humid, etc.)

I know that having the seed key will help me in restoring my funds in case my HW is lost or damaged. But still I'm a bit skeptical about this cuz I've never used HWs before.

Nothing to be skeptical about. Ledger and Trezor both use the BIP39 standard for seed phrases. I have no concerns with my hardware wallets being lost/stolen/dying on me, exactly because I have my seed phrase backed up somewhere secure. Your coins are never actually on the hardware device - the hardware device simply gives you a safe and secure way to interact with your private keys, the same private keys which can be restored using your seed phrase in any wallet.

Would you recommend having a backup of the wallets in an offline device in case I hold some good amount of BTC stash in an airgapped PC??

You can have a back up wallet if you like, but it is not necessary. As long as you have your seed phrase backed up securely, that is all you need to restore access to your coins. Having the same seed imported in to multiple wallets can also lessen your security, much like having storing the same data on three different flash drives increases the chance that someone will stumble across one of them.

[Pmalek]

How reliable are HWs in terms of holding funds for long term (maybe 5-6 years into the future)?

I can tell you that my hardware wallet is working fine even after 2+ years. You can also ask yourself how reliable are you in keeping your wallet physically intact? I still have old Siemens mobile phones that I used long, long time ago. They work, just fine if it weren't for the battery. One of my best friends is as clumsy as they get, he can't hold onto anything and switches phones regularly because the dickhead keeps finding new ways to break them.

My point is, if you take good care of it, it will most likely work for many years. Ledger has in the past replaced wallets even after their warranties expired + there are regular discounts and promotions where you can get a spare one for cheap. 

To be honest, I'm still using legacy addresses cuz the segwit stuff confuses me.

You don't have to understand the technical aspects of the addresses. Just know that you will save on transaction fees, and that should be enough.