OVERVIEW: BITCOIN HARDWARE WALLETS █████████████████ Secure your Coins

[prodigy8]

Trezor/Keepkey = 100% open source, but more vulnerable to physical attacks on its generic controller to extract plaintext mnemonic. (mitigated by use of passphrase)

Ledger Nano/HW.1 = partially closed-source smartcard element to store plaintext seed (no passphrase option), on which physical attacks are much more difficult than on a generic controller, but possibly backdoored?

that's about right - just consider that the STM32 could also be backdoored at a lower level. That's a common issue with hardware, you have no way to be sure unless you build it yourself, which is not possible to achieve.
-snip

Why does HW.1 cost much more cheaper than the trezor or keepkey.

Maybe it is backdoored or pre-malware installed? How safe could the bitcoins be in this wallet

[1715571762]

1715571762

[1715571762]

1715571762

[1715571762]

1715571762

[btchip]

Thank you very much for the information.

It is good to know that the hardware wallet is in charge of the secure screen validation. With the use of this function, it seems Ledger has the same level of transaction security as Trezor, but with a smaller form-factor (not counting the mobile phone, which you already carry around).

about the same, minus the secure initialization requirement and the still existing possibility of the dual-malware-synchronized attack.

I have an older HW.1, which did not come with a Security Card.  This means I can never use the secure screen user validation option with it, right?

You can update its firmware on https://fup.hardwarewallet.com/ and print your own security card while you do that, then use the Ledger Chrome app with secure screen validation.

Why does HW.1 cost much more cheaper than the trezor or keepkey.

Maybe it is backdoored or pre-malware installed? How safe could the bitcoins be in this wallet

The architecture is quite different - everything fits on a single chip (no PCB, no external components at all, not even passive components) which is itself way cheaper than a generic STM32 microcontroller, allowing it to scale almost as well as SIM cards for large volumes - I'll let you guess the target retail price for a few million chips

[InfinityDaniel]

I have never heard of a hardware wallet but NOW I REALLY want one.

[OROBTC]

I have never heard of a hardware wallet but NOW I REALLY want one.

Yes!  You really do want a hardware wallet.  Especially if you have over, say, 1 BTC.  They are not that hard to learn to use (I am not a pro in BTC nor in computer science), I was able to figure how to use the two I own out (Trezor and Ledger Nano).

It looks like there are going to be a number of products before long.  Already there are several, at different price points.  I am looking forward to more hardware wallets coming.

And I cannot remember anyone having a really big problem with any of them (someone correct me if I am wrong).

[Bridgewater]

I have an older HW.1, which did not come with a Security Card.  This means I can never use the secure screen user validation option with it, right?

You can update its firmware on https://fup.hardwarewallet.com/ and print your own security card while you do that, then use the Ledger Chrome app with secure screen validation.

Wow, that's really cool! Thank you for this info.  I thought I was stuck with Electrum and the unplug-text verification-re-plug method.

[Bridgewater]

Why does HW.1 cost much more cheaper than the trezor or keepkey.

In addition to what btchip already stated above, the trezor and keepkey do not store the plaintext SEED directly on the device like Ledger does. Instead, they use the onboard processor to reconstruct it for each use.  This allows for extra security, because you can have a seed that is created from a combination of mnemonics (security "sentence", as keepkey calls it) AND a passphrase.  The trezor/keepkey stores the mnemonics in its memory, but when you plug it in and want to spend, you need to enter your passphrase and allow the trezor/keepkey to combine it with the mnemonics and recompute the seed each time.   

The other reason for the processing power is obviously to use the screen and all of its attendant capabilities, such as choosing mnemonics directly on the device, showing the scrambled PIN pattern, and verifying transaction details before confirmation.  Ledger can do most of these things too, but requires the use of other devices and offline secure setup to maintain the a similar level of security and functionality.

In short, the trezor/keepkey are more of an all-in-one solution, whereas the HW.1/Nano/unplugged is lightweight and requires other devices and more complicated setup to do what the trezor/keepkey does.

[Bridgewater]

Does anyone know if the Keepkey allows entering the passphrase by means of the same keyboard cipher input it uses for the mnemonics recovery?  

Or are users forced to enter their passphrase plaintext on the host computer each time, like on the Trezor?

[BitcoinNewsMagazine]

Does anyone know if the Keepkey allows entering the passphrase by means of the same keyboard cipher input it uses for the mnemonics recovery?  

Or are users forced to enter their passphrase plaintext on the host computer each time, like on the Trezor?

KeepKey is different from Trezor. The KeepKey does not support passphrase encryption in addition to the PIN. If you want to use Electrum instead of the Chrome extension instructions for Windows are here.

That is the major advantage Trezor has over KeepKey. You can set up multiple passphrase protected accounts at myTrezor.com and access the same accounts using Mycelium on your Android phone.

[Bitcoin Explorer]

Trezor/Keepkey = 100% open source, but more vulnerable to physical attacks on its generic controller to extract plaintext mnemonic. (mitigated by use of passphrase)

Ledger Nano/HW.1 = partially closed-source smartcard element to store plaintext seed (no passphrase option), on which physical attacks are much more difficult than on a generic controller, but possibly backdoored?

that's about right - just consider that the STM32 could also be backdoored at a lower level. That's a common issue with hardware, you have no way to be sure unless you build it yourself, which is not possible to achieve.
-snip

Why does HW.1 cost much more cheaper than the trezor or keepkey.

Maybe it is backdoored or pre-malware installed? How safe could the bitcoins be in this wallet

1. No screen
2. No PCB, and other stuff, just a smartcard that plugs into a USB port.

They have good funding and  most of their code is open source, so you should probably review the code first and then decide whether it is backdoored.

[BitLox]

added BitLox.

Thanks!

I'm the developer of the BitLox, so if anybody has questions, shoot away!

The BitLox look like interesting products.  But, there is a lot of competition, and the prices are high.

Maybe a VIDEO on how the device works would be nice at your website, also a FAQ.

Other than the titanium (vs. aluminum), is there any difference between the "Advanced" and the "Ultimate"?

I look forward to any reviews...

I saw a video of it working underwater.  Interesting... but haven't seen it actually sending btc yrt

We've been really busy as we were just at the Miami show doing demos and sold some units there.
Here's a video of the desktop chrome app sending coins with the BitLox:
https://www.youtube.com/watch?v=fEhHdm4VWDA

[fair_player]

Would anyone here buy a disposable hardware wallet that is programmed ONCE, and then cannot be programmed with a different private key.  Instead, you just toss it and buy a new one if you want a different address.  It would only have a single address, but I could still see this having some use.

It would only cost maybe $5 per wallet, so you could have 5 of them for pretty cheap, and then just get a new one if you need a new address (they wouldn't be HD, obviously).  It would be like the old paper wallets, but way easier and more secure to spend from.  Would anyone buy it?

[BitcoinNewsMagazine]

Would anyone here buy a disposable hardware wallet that is programmed ONCE, and then cannot be programmed with a different private key.  Instead, you just toss it and buy a new one if you want a different address.  It would only have a single address, but I could still see this having some use.

It would only cost maybe $5 per wallet, so you could have 5 of them for pretty cheap, and then just get a new one if you need a new address (they wouldn't be HD, obviously).  It would be like the old paper wallets, but way easier and more secure to spend from.  Would anyone buy it?

Not when I can get a Ledger HW.1 including shipping for less than $20.

[traderbit]

Would anyone here buy a disposable hardware wallet that is programmed ONCE, and then cannot be programmed with a different private key.  Instead, you just toss it and buy a new one if you want a different address.  It would only have a single address, but I could still see this having some use.

It would only cost maybe $5 per wallet, so you could have 5 of them for pretty cheap, and then just get a new one if you need a new address (they wouldn't be HD, obviously).  It would be like the old paper wallets, but way easier and more secure to spend from.  Would anyone buy it?

I don't see any benefit by limiting our self to only one address for this wallet, this is going back in time, more addresses more features, more customers.

[OROBTC]

Would anyone here buy a disposable hardware wallet that is programmed ONCE, and then cannot be programmed with a different private key.  Instead, you just toss it and buy a new one if you want a different address.  It would only have a single address, but I could still see this having some use.

It would only cost maybe $5 per wallet, so you could have 5 of them for pretty cheap, and then just get a new one if you need a new address (they wouldn't be HD, obviously).  It would be like the old paper wallets, but way easier and more secure to spend from.  Would anyone buy it?

I could see a market for a cheap hardware device that would have limited functions, but work well at just doing the basics.  The closest I have used is the Ledger Nano, but they want a firmware update.

I believe digitalbitbox has an "el cheapo" hardware wallet coming that will not require (nor even allow) any updates, I presume that it would also be easy to use (important!).  If these were to be cheap enough, then absolute 100% security may not be necessary (as one would presumably hide your wallets).

[BitLox]

Hi everybody, it's Dana from BitLox again, just thought I would link a video we just posted of using our hardware wallet with our iOS mobile app.

Quick Bitcoin transaction with BitLox and iOS mobile app:
https://youtu.be/eelukY_Wdug

[BlockSense]

Minimal hardware solutions are something I hve been looking into for a long while. It's good to see new pieces of tech coming out all the time. I'm still looking at full node solutions too.

[BitLox]

Once again, it's videos from BitLox.
Someone said I didn't have any videos of the Bitlox doing transactions, so I guess I'm overcompensating. 

Here's one on doing transactions in the "expert" mode. I think this is cool, because you get to see and can verify all the raw hex that flows back and forth. Plus you can do your own verification before anything is sent to the network, or heck, you can turn off your network access once the transaction has been built, so that before it's signed, you're on an isolated system. Cut and paste the signed transaction then submit it any way you like after verifying.

Anyways, here's the video:

https://youtu.be/3qhFZmGsDos

[BitcoinNewsMagazine]

Once again, it's videos from BitLox.
Someone said I didn't have any videos of the Bitlox doing transactions, so I guess I'm overcompensating. 

Here's one on doing transactions in the "expert" mode. I think this is cool, because you get to see and can verify all the raw hex that flows back and forth. Plus you can do your own verification before anything is sent to the network, or heck, you can turn off your network access once the transaction has been built, so that before it's signed, you're on an isolated system. Cut and paste the signed transaction then submit it any way you like after verifying.

Anyways, here's the video:

https://youtu.be/3qhFZmGsDos

You mention at the website that it is possible to set up hidden wallets on the BitLox. Is this done by using passphrases like Trezor?

[BitLox]

Once again, it's videos from BitLox.
Someone said I didn't have any videos of the Bitlox doing transactions, so I guess I'm overcompensating.  

Here's one on doing transactions in the "expert" mode. I think this is cool, because you get to see and can verify all the raw hex that flows back and forth. Plus you can do your own verification before anything is sent to the network, or heck, you can turn off your network access once the transaction has been built, so that before it's signed, you're on an isolated system. Cut and paste the signed transaction then submit it any way you like after verifying.

Anyways, here's the video:

https://youtu.be/3qhFZmGsDos

You mention at the website that it is possible to set up hidden wallets on the BitLox. Is this done by using passphrases like Trezor?

A hidden wallet is set up exactly like a normal wallet. You can create a PIN for your wallet on the device via the keypad (the host only initiates the creation of a wallet) up to 20 characters long 0-9 a-z A-Z. No sensitive data is EVER created on or transmitted from the host app.

What differs is that this wallet is not enumerated when a wallet listing is done, it has no unencrypted part, so the wallet (if one were to examine the data block in which it sits) is indistinguishable from the random data that is used to initialize the wallet space (all 1s, all 0s, random, random, so every bit gets flipped at least once). When you create the wallet, you choose the index, a number between 51-100. The device only uses this to initialize the space, after that it has no knowledge if there is a wallet there or not.

To access a hidden wallet, you must address it directly by index, such as "load the 67th wallet".
If there is a wallet there, and the PIN is correct, it decrypts and is a usable wallet. If the PIN is incorrect OR there is no wallet there, it decrypts to gobbledygook. Same behavior for wallet there/bad PIN and no wallet actually there. Full deniability.

Brute force attacks are stopped by having a "global" counter for wallet attempts. We can't keep track of what wallet numbers were successfully loaded or not, as that might imply the existence of hidden wallets (if they are there). So if _in aggregate_  3/5/7 bad attempts are made to load a wallet (expert/advanced/standard setup) the device immediately resets and a 45/30/15 minute delay to re-enter is imposed. Further bad attempt cause the lockout time to grow exponentially [edit - I just checked the code, sorry, it's the device and transaction PINs that go exponential.] (the wallet lockout times are deliberately harsh but not ridiculous, as they are reset by a correct device PIN entry).
Lockout time is evaluated BEFORE the device PIN is evaluated, so you MUST wait.

The only way around the delay is to wipe the entire device via the duress PIN "911" (which causes an immediate wipe of the wallet space) or to reflash the device.

[BitcoinNewsMagazine]

Once again, it's videos from BitLox.
Someone said I didn't have any videos of the Bitlox doing transactions, so I guess I'm overcompensating.  

Here's one on doing transactions in the "expert" mode. I think this is cool, because you get to see and can verify all the raw hex that flows back and forth. Plus you can do your own verification before anything is sent to the network, or heck, you can turn off your network access once the transaction has been built, so that before it's signed, you're on an isolated system. Cut and paste the signed transaction then submit it any way you like after verifying.

Anyways, here's the video:

https://youtu.be/3qhFZmGsDos

You mention at the website that it is possible to set up hidden wallets on the BitLox. Is this done by using passphrases like Trezor?

A hidden wallet is set up exactly like a normal wallet. You can create a PIN for your wallet on the device via the keypad (the host only initiates the creation of a wallet) up to 20 characters long 0-9 a-z A-Z. No sensitive data is EVER created on or transmitted from the host app.

What differs is that this wallet is not enumerated when a wallet listing is done, it has no unencrypted part, so the wallet (if one were to examine the data block in which it sits) is indistinguishable from the random data that is used to initialize the wallet space (all 1s, all 0s, random, random, so every bit gets flipped at least once). When you create the wallet, you choose the index, a number between 51-100. The device only uses this to initialize the space, after that it has no knowledge if there is a wallet there or not.

To access a hidden wallet, you must address it directly by index, such as "load the 67th wallet".
If there is a wallet there, and the PIN is correct, it decrypts and is a usable wallet. If the PIN is incorrect OR there is no wallet there, it decrypts to gobbledygook. Same behavior for wallet there/bad PIN and no wallet actually there. Full deniability.
bit
Brute force attacks are stopped by having a "global" counter for wallet attempts. We can't keep track of what wallet numbers were successfully loaded or not, as that might imply the existence of hidden wallets (if they are there). So if _in aggregate_  3/5/7 bad attempts are made to load a wallet (expert/advanced/standard setup) the device immediately resets and a 45/30/15 minute delay to re-enter is imposed. Further bad attempt cause the lockout time to grow exponentially [edit - I just checked the code, sorry, it's the device and transaction PINs that go exponential.] (the wallet lockout times are deliberately harsh but not ridiculous, as they are reset by a correct device PIN entry).
Lockout time is evaluated BEFORE the device PIN is evaluated, so you MUST wait.

The only way around the delay is to wipe the entire device via the duress PIN "911" (which causes an immediate wipe of the wallet space) or to reflash the device.

Thanks for the reply! I did manage to find the link to the BitLox user manual which is very good. I think you are the only bitcoin hardware wallet vendor other than Trezor who has taken the time to write up a comprehensive user manual. I had to navigate to http://bitlox.io/support to find the user manual, perhaps consider a direct link to the manual from the menu at your main site bitlox.com? iPhone users finally have a bitcoin hardware wallet that works with their phone.