Anyone use a COLDCARD hardware wallet?

[headingnorth]

I always thought the Coldcard was a great hardware wallet, but never knew the head-spinning amount of security features it has on it, because I never looked at it before in much detail.

It blows away every other hardware wallet in terms of sheer amount of features, almost too many to list.
Many of them appear to be unique to the Coldcard, and doesn't cost much for what you are getting.
The Trezor Model T doesn't have a fraction of the features but cost $60 more.

And unlike Trezor the Coldcard is bitcoin-only so no shitcoins supported. It also seems to be built like a tank.
I will be getting one next time they have their 20% off Black Friday sale.  

https://coldcard.com/


Some of the features:

* Supports Bitcoin only.

* Dual Secure Element chips

* Takes open source to the next level: The open source code can be viewed, verified and compiled directly from the device itself.
  
* True Air-gap - Only signing device (hardware wallet) with option to avoid ever being connected to a computer, for its full life cycle: from seed generation,
   to transaction signing. Uses PSBT (BIP174) natively.

* MicroSD Back-up - allows truly offline signing by transferring unsigned/signed transactions  sneakernet

* NFC tap for all data types, PSBT, address, etc.

* USB virtual disk mode

* Extensive duress PIN features

* AirGap SneakerNET - maximum security when transferring data between devices

* BIP39 passphrase supports multiple hidden wallets

* Anti-phishing words

* Genuine vs. Caution lights

* Clear see thru case design so you can see if wallet has been physically tampered

* Dice roll and provable bitcoin seed generation

[1714645092]

1714645092

[1714645092]

1714645092

[Synchronice]

I always thought the Coldcard was a great hardware wallet

Coldcard is definitely a great hardware wallet, their hardware's security is a gamechanger in bitcoin wallets. Coldcard and The Passport Foundation are both great wallets. TPF is built on Coldcard's code.

And unlike Trezor the Coldcard is bitcoin-only so no shitcoins supported. It also seems to be built like a tank.
I will be getting one next time they have their 20% off Black Friday sale.  

There is nothing wrong with supporting altcoins. Personally, I will be more than glad to purchase a wallet that offers as much security as ColdCard and also offers altcoins. But still, I like that they only focus on Bitcoin, their message is clear.

By the way, main difference between Trezor and Coldcard is that Coldcard is a superior wallet when it comes to security and features, overall, it is an ideal wallet, both, CC and Passport are great choices! 

[satscraper]

 Not to take anything away from the latest  available ColdCard model, i.e. MK4,  I should mention that it lacks camera . That is why I have acquired Passport 2 which allows to be paired with software wallets  via QR code. The coming ColdCard Q1 is equipped with  camera which will secure  communication with software wallets via optical channel. Thus I would wait for Q1 model.  

[headingnorth]

The coming ColdCard Q1 is equipped with  camera which will secure  communication with software wallets via optical channel. Thus I would wait for Q1 model.  

Never heard of the Q model before. The secure camera for QR codes is the best new feature. I guess that's what the Q refers to.

Sounds interesting but has no release date. The company says they hope to put it out Quarter 1 2024.

[o_e_l_e_o]

* Takes open source to the next level: The open source code can be viewed, verified and compiled directly from the device itself.

This is not correct. Coldcard is not open source, but rather, it is "source verifiable".

You can see their license here: https://github.com/Coldcard/firmware/blob/master/COPYING-CC
You can understand why this distinction is important here: https://nitter.cz/sethforprivacy/status/1651039483419058177

Code that is not actually open source is bad for the product and bad for the ecosystem. If no one is actually allowed to use their code in other products, then you are going to have far fewer sets of eyes on the code since there is far less incentive for people to spend their time examining it. Open source code encourages competition which furthers development, which ultimately is good for bitcoin.

I'm getting fed up of various projects claiming to be open source when they aren't, or claiming their not-open-source license is just as good as open source when it isn't. Open source has a very specific meaning and is very important to the ecosystem. Coldcard is not open source.

[Synchronice]

* Takes open source to the next level: The open source code can be viewed, verified and compiled directly from the device itself.

This is not correct. Coldcard is not open source, but rather, it is "source verifiable".

You can see their license here: https://github.com/Coldcard/firmware/blob/master/COPYING-CC
You can understand why this distinction is important here: https://nitter.cz/sethforprivacy/status/1651039483419058177

Code that is not actually open source is bad for the product and bad for the ecosystem. If no one is actually allowed to use their code in other products, then you are going to have far fewer sets of eyes on the code since there is far less incentive for people to spend their time examining it. Open source code encourages competition which furthers development, which ultimately is good for bitcoin.

I'm getting fed up of various projects claiming to be open source when they aren't, or claiming their not-open-source license is just as good as open source when it isn't. Open source has a very specific meaning and is very important to the ecosystem. Coldcard is not open source.

When coldcard was created, they came up with an unmatched security, right? It's true that they copied others and use their work but Coldcard still came up with more unique product that no one has created before. At the same time, we have to keep in mind that bitcoin hardware wallet is a business. When ColdCard left their code open-source, The Passport Foundation copied them, improved some UI details if I am not wrong and become a Coldcard's competitor. This means loss of customers, loss of sales and all these because someone copied your code and put it in a new design.
Let's say ColdCard left their code open-source and there comes someone with ten times more money for marketing, manufacturing and so on. They take ColdCard's open-source wallet, create a new hardware wallet, spend ten times more in marketing than coldcard and will build a great business on ColdCard's work.

I don't see anything wrong with Verifiable Source Code. It's a business, I think it will even demotivate people to start a business if their work might be copied super easily. I don't think anyone shares the belief of Nikola Tesla in a modern capitalism where you are nothing without money.

[satscraper]

* Takes open source to the next level: The open source code can be viewed, verified and compiled directly from the device itself.

This is not correct. Coldcard is not open source, but rather, it is "source verifiable".

You can see their license here: https://github.com/Coldcard/firmware/blob/master/COPYING-CC

License: MIT

Code that is not actually open source is bad for the product and bad for the ecosystem. If no one is actually allowed to use their code in other products, then you are going to have far fewer sets of eyes on the code since there is far less incentive for people to spend their time examining it.

Being under MIT licence ColsCard code is allowed to be used virtually with no restriction.  According to fossa.com  MIT-licence-code can be used in any software, including commercial one, can be   modified and redistributed. Two miserable restrictions:  "you can’t hold the code author(s) legally liable for any reason. You also can’t delete the copyright notice and original license from your version of the code".

What is your problem with MIT licence?

Coldcard is not open source.

I have the opposite view. Being under MIT licence it's open source.

[o_e_l_e_o]

It's true that they copied others and use their work but Coldcard still came up with more unique product that no one has created before.

We discussed this before, and my point remains the same: Coldcard used a huge variety of open source libraries and code when they built their device. To turn around and prevent people doing the same for their code is hypocrisy.

When ColdCard left their code open-source, The Passport Foundation copied them, improved some UI details if I am not wrong and become a Coldcard's competitor. This means loss of customers, loss of sales and all these because someone copied your code and put it in a new design.

If you are worried about someone building on top of your code and making a better product, the solution is to improve your own product, not stifle development and innovation, which is bad for everyone.

Where would bitcoin be now if Satoshi had released bitcoin under a "source verifiable" license but prevented other people from developing on top of it?

Being under MIT licence it's open source.

It categorically isn't. They add the "Commons Clause" license, meaning they are not open source. Even the Coldcard website doesn't claim they are open source - they are source verifiable.

[satscraper]

* Takes open source to the next level: The open source code can be viewed, verified and compiled directly from the device itself.

This is not correct. Coldcard is not open source, but rather, it is "source verifiable".

You can see their license here: https://github.com/Coldcard/firmware/blob/master/COPYING-CC

License: MIT

--snip--

CC 1.0 forbid to sell the software which makes it NOT open source.

Very reasonable that they forbid to sell purely  their  code, but they allow to use it in any other commercial product and sell  those products based on their software. Again, according to the   definition of  MIT-licence the software which is liable to it  is open source. I have never encountered the contradictions to this coming  from reputable sources.

FOSS and open source are two different things.

Even the Coldcard website doesn't claim they are open source - they are source verifiable.

Code clearly states: MIT licence.

[o_e_l_e_o]

Very reasonable that they forbid to sell purely  their  code, but they allow to use it in any other commercial product and sell  those products based on their software.

No, they don't. A quote from their license, with emphasis added:

For purposes of the foregoing, "Sell" means practicing any or all of the rights granted to you under the License to provide to third parties, for a fee or other consideration (including without limitation fees for hosting or consulting/ support services related to the Software), a product or service whose value derives, entirely or substantially, from the functionality of the Software. Any license notice or attribution required by the License must also include this Commons Clause License Condition notice.

You cannot use any part of their code in any other product which you then sell. Thus, it is not open source.

Again, according to the   definition of  MIT-licence the software which is liable to it  is open source. I have never encountered the contradictions to this coming  from reputable sources.

How about the source of the people who wrote the Commons Clause license Coldcard use in the first place:

Is this “Open Source”?

No.

“Open source”, has a specific definition that was written years ago and is stewarded by the Open Source Initiative, which approves Open Source licenses. Applying the Commons Clause to an open source project will mean the source code is available, and meets many of the elements of the Open Source Definition, such as free access to source code, freedom to modify, and freedom to re-distribute, but not all of them. So to avoid confusion, it is best not to call Commons Clause software “open source.”

Code clearly states: MIT licence.

MIT with Commons Clause attached, which makes it not open source.

[Synchronice]

We discussed this before, and my point remains the same: Coldcard used a huge variety of open source libraries and code when they built their device. To turn around and prevent people doing the same for their code is hypocrisy.

Yes, we discussed it before and I remember it very well, I read all of your posted sources too.
Yes, they used but Coldcard is not a Trezor's copy/paste while Passport is CC's copy/paste. Passport is the reason why CC is not open-source.

If you are worried about someone building on top of your code and making a better product, the solution is to improve your own product, not stifle development and innovation, which is bad for everyone.

You put endless work to improve your product, then Passport copy/pastes it and both of you are on the same level. The difference is, you do the work and they gain the benefits. We can compare CC and Passport to Nikola Tesla and Thomas Edison.

Where would bitcoin be now if Satoshi had released bitcoin under a "source verifiable" license but prevented other people from developing on top of it?

Bitcoin is not the first cryptocurrency but somehow it become massively popular and none copy/pasted altcoins or even improved altcoins took it over and it's a little strage for me. Bitcoin users usually say that what they love about bitcoin is its decentralized nature and anonymity (it's not) and then my question is, why choose Bitcoin when you have Monero?
By the way Satoshi has mined lots of bitcoins for himself, so, what he has to worry about?

My point is that the fact that ColdCard is a source verifiable doesn't make it any bad, I would use this wallet at any time because it's superior compared to other mainstream wallets.
Will Coldcard improve its product if they gain financial profit? Sure. Is the source open and can anyone read it and verify? Yes, that's what's important for me, as a wallet owner. Do you want to learn more about bitcoin hardware wallet softwares? You can read every single line of their source code anytime you wish, so, you can learn from them and come up with your product if it's better and not totally based on their source code.

[zherbert]

We discussed this before, and my point remains the same: Coldcard used a huge variety of open source libraries and code when they built their device. To turn around and prevent people doing the same for their code is hypocrisy.

Yes, we discussed it before and I remember it very well, I read all of your posted sources too.
Yes, they used but Coldcard is not a Trezor's copy/paste while Passport is CC's copy/paste. Passport is the reason why CC is not open-source.

If you are worried about someone building on top of your code and making a better product, the solution is to improve your own product, not stifle development and innovation, which is bad for everyone.

You put endless work to improve your product, then Passport copy/pastes it and both of you are on the same level. The difference is, you do the work and they gain the benefits. We can compare CC and Passport to Nikola Tesla and Thomas Edison.

Where would bitcoin be now if Satoshi had released bitcoin under a "source verifiable" license but prevented other people from developing on top of it?

Bitcoin is not the first cryptocurrency but somehow it become massively popular and none copy/pasted altcoins or even improved altcoins took it over and it's a little strage for me. Bitcoin users usually say that what they love about bitcoin is its decentralized nature and anonymity (it's not) and then my question is, why choose Bitcoin when you have Monero?
By the way Satoshi has mined lots of bitcoins for himself, so, what he has to worry about?

My point is that the fact that ColdCard is a source verifiable doesn't make it any bad, I would use this wallet at any time because it's superior compared to other mainstream wallets.
Will Coldcard improve its product if they gain financial profit? Sure. Is the source open and can anyone read it and verify? Yes, that's what's important for me, as a wallet owner. Do you want to learn more about bitcoin hardware wallet softwares? You can read every single line of their source code anytime you wish, so, you can learn from them and come up with your product if it's better and not totally based on their source code.

I am not going to tolerate anyone saying Passport is a "copy-paste"; at this point it is a ridiculous statement. As we've said many times before, we ported parts of the codebase to a fresh MicroPython repo.

It is impossible for Passport to be a copy-paste because it's completely different hardware with different hardware features. We have an entire GUI as well. Take 5 minutes to do a diff between our repos and you will quickly see that it's a load of nonsense. It's blatant slander by NVK and team.

You cannot seriously try to compare Coldcard to Nikola Tesla when they simply started a MicroPython project, pulled in Trezor's crypto libraries, added a secure element, and wrote some PSBT code. Everyone is building on top of everyone else; that is how open source is supposed to work.

[Synchronice]

I am not going to tolerate anyone saying Passport is a "copy-paste"; at this point it is a ridiculous statement. As we've said many times before, we ported parts of the codebase to a fresh MicroPython repo.

It is impossible for Passport to be a copy-paste because it's completely different hardware with different hardware features. We have an entire GUI as well. Take 5 minutes to do a diff between our repos and you will quickly see that it's a load of nonsense. It's blatant slander by NVK and team.

You cannot seriously try to compare Coldcard to Nikola Tesla when they simply started a MicroPython project, pulled in Trezor's crypto libraries, added a secure element, and wrote some PSBT code. Everyone is building on top of everyone else; that is how open source is supposed to work.

Wow, glad to see you here, I didn't know if you were on this forum.
By the way, I have mentioned that your GUI is different from Colcard and I don't say your hardware is copy/paste. You improved GUI side of ColdCard and made your wallet easier to use, what I said above was only about code. Your wallet has camera also, it's good, no one says it's bad. I often recommend your wallet and CC to people.

I just want to explain that ColdCard's source is available for anyone to use and verify, that's all that matters for users. When people simply say ColdCard isn't open source, it looks like ColdCard and Ledger are comperable in terms of status of their code. Both of them are not open source but there is a huge difference. Ledger is closed-source, no one can check what code their Ledger runs but ColdCard is not open source in a sense that they don't allow competitors to simply copy their work, on another hand, anyone can see and verify the code. This doesn't make them bad and doesn't ruin their reputation. In a business where you work days and nights to write a code and there is a danger that rich businessman will copy and paste your code and sell a clone but dive you because of money and better marketing, I think it's okay to protect yourself from this danger.

[dkbit98]

* Takes open source to the next level: The open source code can be viewed, verified and compiled directly from the device itself.

They took the code to lower levels.
I don't know how many times I have to repeat this, but Coldcard firmware is NOT open source!
They changed the code to Common Clause, that can be verified, and they only change this on their website after big complains from community members.
Coldcard basically false advertised their product as open source for some time, and I have proofs for that.
I cam not saying they have a bad product, but their owner NVK looks like a ego freak.

Here is Before and After photos:

Is this “Open Source”?
No.

https://commonsclause.com/

End of story.

[o_e_l_e_o]

I just want to explain that ColdCard's source is available for anyone to use and verify

Yes. It is source verifiable. It is not open source.

Both of them are not open source but there is a huge difference.

Then you can explain that difference, but calling Coldcard open source when it's not is simply incorrect.

Ledger also claimed that they were moving to open source, and then created a new license for their code called "Source Code Accessibility License" which is also not open source. "Open source doesn’t just mean access to the source code."

In a business where you work days and nights to write a code and there is a danger that rich businessman will copy and paste your code and sell a clone but dive you because of money and better marketing, I think it's okay to protect yourself from this danger.

And yet, this is exactly what Coldcard did to Trezor code: https://nitter.cz/PavolRusnak/status/1022107617328619520#m. Why is it OK for Coldcard to use other people's code, but its not OK for other people to use Coldcard's code?

[1980sFuture]

Coldcard is an absolute beast of a wallet, definitely one of the best out there but you really need to know what you're doing with it. It's not for beginners - or rather it's not for beginners who don't want to take things slow and patiently and learn. It doesn't hold your hand like Ledger or Trezor and it has so many options and features that if you don't understand what you're doing and just press buttons you can really fuck yourself up.

There was somebody in a Reddit thread the other day that opted not to use Coldcard's TRNG (default option) and instead selected to generate their own entropy via dice rolls. When doing so you must use at least 99 dice rolls to generate sufficient entropy - but this person used ONE roll, and because of this, the entropy was at an absolute minimum which will generate one of only 6 possible seeds which are obviously monitored by bots hoping to catch such a mistake and his funds were swept.

Coldcard does have warnings throughout this process but you still need to be aware of what you're doing. Most people just mash the "ok" button at every prompt and read nothing. There's also another option to let the TRNG generate the seed and then "mix in" dice rolls. So 3 different ways to generate a seed with it and you need to understand each one. Compare this to Ledger where the entire setup process is completely braindead and simple.

[satscraper]

Is the source open and can anyone read it and verify? Yes, that's what's important for me, as a wallet owner. Do you want to learn more about bitcoin hardware wallet softwares? You can read every single line of their source code anytime you wish, so, you can learn from them and come up with your product if it's better and not totally based on their source code.

Supporting this point. Consider the perspective of an ordinary wallet user whose sole concern is the availability of  code for scrutiny and verification. To such a user, referring to the Commons Clause attached to the MIT license accompanied CC product appears to be nothing more than a sheer casuistic. From their standpoint, all they seek is open access to the code, making the presence of the Commons Clause seem irrelevant.

[o_e_l_e_o]

Consider the perspective of an ordinary wallet user whose sole concern is the availability of  code for scrutiny and verification.

An ordinary wallet user does not have the requisite knowledge or ability to review the code themselves, and thus they rely on the community doing it for them and publicly flagging up any bugs, vulnerabilities, suspicious or malicious code. And code which is not open source and therefore prevents other projects, companies, developers, etc., from using that code in their products means that none of these projects, companies, developers, etc., will bother looking at the code, probing the limits of the code, building on top of the code, and so forth. Why would they waste their time going through the GitHub of a "source verifiable" project knowing they can't do anything with that code, when they could spend their time going through the GitHub of an "open source" project knowing they can use that code for anything they like?

"Source accessible" or "source verifiable" simply means fewer people will be looking at the code than they would if it were open source. And for the ordinary wallet user, this is what matters.

[satscraper]

Consider the perspective of an ordinary wallet user whose sole concern is the availability of  code for scrutiny and verification.

An ordinary wallet user does not have the requisite knowledge or ability to review the code themselves, and thus they rely on the community doing it for them and publicly flagging up any bugs,

Do you think that ordinary wallet user like, let's say n0nce, requires outside  help to  review the code himself?

Do you think that he will not flag bugs (if any)  in the code  and be silent on his finding?

You don’t need a lot of  skilled wallet users, just a few is enough  to make the presence of  any bugs  available to community.

means that none of these projects, companies, developers, etc., will bother looking at the code,

rather, they will scrutinize the code with alacrity to blow the trumpet of found bugs.

[Pmalek]

<Snip>

A few thoughts. Firstly, no objections to anything in your post. But, Coldcard's license doesn't stop anyone from sharing their ideas or suggesting modifications to Coinkite. What they can't do is create their own products based on that code and sell it. This is a douchebag move by their team , I have no doubt about that. If you don't want to have anything to do with Coinkite or their developers, that's fine. But you could work on the code if you wanted to. And the end-user who is not interested in building and selling software, but verifying it and checking the code, can do that.