I have a question about Bitcoin cold wallets

[or7on]

Hello guys. I've been studying BTC for a while, and I have a doubt about cold wallets.

I'm gonna use a Trezor wallet as an example. If I buy a Trezor, I'll send my BTCs to the Trezor's Desktop APP, then my BTCs will be secure on the blockchain.

But, what if, for whatever reason, the Trezor's APP stops working?  Either by court order, or server's problem... Whatever reason. I know this is almost impossible to happen, but I'm just curious. Can I use the 12 or 24 words to recover my BTCs in another cold wallet instead of Trezor? How does it work in this case?

Thanks in advance.

[1715444955]

1715444955

[1715444955]

1715444955

[1715444955]

1715444955

[nc50lc]

-snip-
But, what if, for whatever reason, the Trezor's APP stops working?  Either by court order, or server's problem... Whatever reason. I know this is almost impossible to happen, but I'm just curious. Can I use the 12 or 24 words to recover my BTCs in another cold wallet instead of Trezor? How does it work in this case?

Yes, Trezor's backup "Recovery Seed" is BIP39 compliant and will work with any client that supports BIP39 seed including its passphrase if you enabled it.

[jackg]

A lot of trezor software (perhaps all of it) is open source also and can be used on it's own without an official trezor (when I was looking at hardware wallets, this was a suggestion - that you could get your own printed or, I think, make a raspberry pi into one.

As said above, bip39 compliance is a standard and there are a lot of lightweight clients that can accept it (some web scripts can be downloaded too so you can get the keys out and import them into other software that isn't bip39 compliant).

[pooya87]

Tools such as Trezor are called hardware wallets not cold wallets. A cold wallet is a more general term used to describe wallets that are isolated from the outside world like a paper wallet or a completely offline PC that has never had any contact with the world (no internet, LAN, Bluetooth, ... connection).
As @nc50lc as long as you have the correct words in correct orders you can always use another wallet software or tool to recover all your keys.

[Quickseller]

But, what if, for whatever reason, the Trezor's APP stops working?  Either by court order, or server's problem... Whatever reason. I know this is almost impossible to happen, but I'm just curious. Can I use the 12 or 24 words to recover my BTCs in another cold wallet instead of Trezor? How does it work in this case?

There are many implementations of wallet software that has the ability to interact with your Trezor wallet. For example, if Trezor's app were to stop working, you can use electrum to interact with your Trezor wallet and you would not have to do anything with your seed.

If your Trezor wallet (the device itself) were to stop working, you could use your seed to recover your money. This is a different scenario than the Trezor App stopping working.

[LoyceV]

Can I use the 12 or 24 words to recover my BTCs in another cold wallet instead of Trezor?

Yes you can. But why believe this if you can verify it?
This is what I did for my hardware wallet: I checked if the seed produced the same addresses when entered in Ian Coleman's Mnemonic Code Converter (using an offline air gapped Live Linux DVD running from RAM without any storage attached and the curtains closed), and indeed, the addresses were the same.

BIG warning: never enter your seed words anywhere else than in your hardware wallet! Understand what you're doing when you handle seed words before doing it.

[dkbit98]

I'm gonna use a Trezor wallet as an example. If I buy a Trezor, I'll send my BTCs to the Trezor's Desktop APP, then my BTCs will be secure on the blockchain.

You can use Trezor device both with Trezor Suite or Electrum bitcoin wallet and you will get the same addresses on both of them.
Small advantage is that Trezor Suite have integrated Tor for better privacy of your IP addresses.

But, what if, for whatever reason, the Trezor's APP stops working?  Either by court order, or server's problem... Whatever reason. I know this is almost impossible to happen, but I'm just curious. Can I use the 12 or 24 words to recover my BTCs in another cold wallet instead of Trezor? How does it work in this case?

Nobody should know that you used any address with hardware wallet, and if you keep your BIP39 seed words safe and secure, you can import it and recover to any other hardware or software wallet.
Seed import procedure is simple enough but it is different for every other wallet, but it is more important to keep backup safe on paper on metal plates.
Never enter seed words on any online website, it could be scam or phishing attack.

[Pmalek]

Tools such as Trezor are called hardware wallets not cold wallets. A cold wallet is a more general term used to describe wallets that are isolated from the outside world like a paper wallet or a completely offline PC that has never had any contact with the world (no internet, LAN, Bluetooth, ... connection).

If all wallets belong to either cold or hot wallets, a hardware wallet has to be listed in the cold wallet category because it can't be a hot wallet. Hot wallets such as web wallets, desktop wallets, or mobile wallets are always connected to the internet. A hardware wallet isn't. You only connect it when you need to use it and even then it has a secure element that protects your private keys.

Of course, airgapped solutions and properly generated paper wallets are a division above in terms of security. But I wouldn't consider it a mistake if someone said that a hardware wallet is a type of cold wallet. It's not hot either, and we need to classify it in one of the camps.

[Lucius]

If all wallets belong to either cold or hot wallets, a hardware wallet has to be listed in the cold wallet category because it can't be a hot wallet.

Hardware wallets should be a separate category, and if someone wants to put them in one of these two categories then they should not be classified as cold wallets because all users connect them to the Internet whether they add their accounts, install coins apps or do firmware upgrades.

Hot wallets such as web wallets, desktop wallets, or mobile wallets are always connected to the internet. A hardware wallet isn't. You only connect it when you need to use it and even then it has a secure element that protects your private keys.

Desktop or mobile crypto wallet can always be offline if it is installed on a device that does not have contact with the Internet, so such a wallet can be called a cold wallet. For me personally, such a setup is even safer than hardware wallets, although many live in the belief that such devices guarantee absolute security.

[LoyceV]

Desktop or mobile crypto wallet can always be offline if it is installed on a device that does not have contact with the Internet, so such a wallet can be called a cold wallet. For me personally, such a setup is even safer than hardware wallets, although many live in the belief that such devices guarantee absolute security.

You can of course use a hardware wallet on an air-gapped system. Create your own seed from dice rolls, enter the seed into the hardware wallet, connect it to Electrum and never let it go online. Then create and sign transactions just like you'd do on a "normal" air-gapped Electrum. It's even more cumbersome to use, but ensures your hardware wallet can remain a cold wallet.

[pooya87]

If all wallets belong to either cold or hot wallets, a hardware wallet has to be listed in the cold wallet category because it can't be a hot wallet. Hot wallets such as web wallets, desktop wallets, or mobile wallets are always connected to the internet. A hardware wallet isn't. You only connect it when you need to use it and even then it has a secure element that protects your private keys.

We are not limited to only 2 categories, but if we were limited I would categorize them as hot wallets since it doesn't matter if they are connected whenever you need them or there is some protection measures in place, they are still being connected to the internet. Additionally there has been exploits that could have led to losses when the user connected their hardware wallet to the internet.

In any case we should either call them hardware wallets (as the category) if at least a semi-cold wallet.

[Pmalek]

Desktop or mobile crypto wallet can always be offline if it is installed on a device that does not have contact with the Internet, so such a wallet can be called a cold wallet.

I know that. Electrum is both, but the majority use the wallet as a hot wallet. If you don't consider standard hardware wallet usage to be a cold wallet, LoyceV mentioned an even "colder" way to go about it. 

although many live in the belief that such devices guarantee absolute security.

We both know that there is no such thing.

Additionally there has been exploits that could have led to losses when the user connected their hardware wallet to the internet.

It might be a bit off-topic, but I would be interested to know what specific cases you are talking about.

In any case we should either call them hardware wallets (as the category) if at least a semi-cold wallet.

OK, agreed!

[Lucius]

You can of course use a hardware wallet on an air-gapped system. Create your own seed from dice rolls, enter the seed into the hardware wallet, connect it to Electrum and never let it go online. Then create and sign transactions just like you'd do on a "normal" air-gapped Electrum. It's even more cumbersome to use, but ensures your hardware wallet can remain a cold wallet.

Generating a seed is not a problem, you don't need to be online for that - but what about installing a coin app in this case specifically for Bitcoin? As far as I know, when it comes to Ledger, you have to use Ledger Live and its manager to add or remove a coin app from HW, and for that, you have to be online. There is also the occasional firmware update which again includes Ledger Live and the need for the user to be online.

although many live in the belief that such devices guarantee absolute security.

We both know that there is no such thing.

We know that there is no absolute security, but do other HW users know that? Most reviews of popular HW mention these devices in the context of cold wallets, which misleads a lot of users. Buying such a device is not the end of all the worries that the average crypto user has, it is actually the beginning of a great responsibility on how to be your own bank. Banks are always at great risk, not only from external factors, but also from internal ones - the sooner everyone understands this, the safer they will be.

[LoyceV]

Generating a seed is not a problem, you don't need to be online for that - but what about installing a coin app in this case specifically for Bitcoin? As far as I know, when it comes to Ledger, you have to use Ledger Live and its manager to add or remove a coin app from HW, and for that, you have to be online. There is also the occasional firmware update which again includes Ledger Live and the need for the user to be online.

You may be right: I'm not sure if a Ledger hardware wallet comes with a Bitcoin wallet pre-installed. If it needs the Ledger Live software, it may still work if you install that on an offline system.
I wouldn't worry about firmware updates for a device that never sees the internet.

[Lucius]

You may be right: I'm not sure if a Ledger hardware wallet comes with a Bitcoin wallet pre-installed.

I believe it comes with a pre-installed app only if you buy it as a used device or from some scammer. A factory-packed device requires initialization in the form of setting a PIN and generating seed words, and after that, you can add coin apps.

If it needs the Ledger Live software, it may still work if you install that on an offline system.

It may work to sign transactions, but everything else requires internet access and communication with Ledger servers.

[LoyceV]

It may work to sign transactions, but everything else requires internet access and communication with Ledger servers.

I guess there's not really a market for it, because it's not very convenient to use, but I'd like to see a hardware wallet that's truely designed to be used offline. It could for instance use a camera (or QR-code on it's screen) to transmit transaction data, and instead of USB use only a power cable. That way, you could have a hardware wallet that's also a cold wallet.

[pooya87]

It might be a bit off-topic, but I would be interested to know what specific cases you are talking about.

Physical access to hardware devices have always been an issue that could be used to steal the funds in hardware wallets. They usually involve some sort of side-channel attack and involve measuring the power usage and has affected Trezor, Keepkey and others.
There were other vulnerabilities that exploited the signing process where the hacker or his malware would show one transaction on screen but passed a different one containing hacker's address to the device to be signed. Or the other type where it just sent a huge fee to miners burning the user's coins.

Most of them are fixed though, but there is no reason to believe new ones aren't going to come up.

[Pmalek]

Physical access to hardware devices have always been an issue that could be used to steal the funds in hardware wallets. They usually involve some sort of side-channel attack and involve measuring the power usage and has affected Trezor, Keepkey and others.

Oh, ok. You are talking about the seed extraction vulnerability that the Ledger security team discovered on Trezor devices. Yeah, I am aware of that. It can't be fixed for the current Trezor devices, but luckily it can be mitigated. I thought there was something new that I wasn't aware of.

There were other vulnerabilities that exploited the signing process where the hacker or his malware would show one transaction on screen but passed a different one containing hacker's address to the device to be signed.

I think this was done in connection with Litecoin transactions, but I am not sure. I think it required the user to download and use fake software and this is obviously a user mistake.   

[pooya87]

I think this was done in connection with Litecoin transactions, but I am not sure. I think it required the user to download and use fake software and this is obviously a user mistake.   

I read this a long time ago so I think it was Litecoin wallet that was affected but since there is no difference between the LTC and BTC wallets and the exploit didn't seem to be coin related, it could happen with any transaction.

[o_e_l_e_o]

I read this a long time ago so I think it was Litecoin wallet that was affected but since there is no difference between the LTC and BTC wallets and the exploit didn't seem to be coin related, it could happen with any transaction.

The initial disclosure is here: https://monokh.com/posts/ledger-app-isolation-bypass
Ledger's response is here: https://donjon.ledger.com/lsb/014/

The vulnerability was possible with any coins which was based on Bitcoin, so Litecoin, Dogecoin, any of the fake bitcoin forks, and a bunch of others. Although it could be exploited via malicious software as Pmalek said, it would also have been possible to exploit by an attacker having knowledge of your bitcoin addresses and creating a necessary transaction while you believed you were interacting with an altcoin (for example, when trying to perform an atomic swap at an altcoin exchange).

Having said all that, I'm not aware of this vulnerability ever being exploited and it has now been mitigated.