Hardware wallets (also called cold wallets) are considered a reliable storage solution for cryptocurrencies. Indeed, these physical devices (often in the form of a USB key or card) make it possible to sign all of their owner's blockchain operations while being offline. This is why they are considered more secure than online storage or computer applications.
However, even with these devices, there are risks to take into account. Although manufacturers insist in their advertising messages that they are safe, this is not entirely true.
In this article, we will review the different types of attacks that hardware wallet owners are exposed to and the protective measures you should take.
Understanding the different types of wallets
Before analyzing the risks, it is important to understand the different types of cryptocurrency wallets. A wallet does not actually store cryptocurrency assets, but rather information about those assets on the blockchain. The wallet is a secure storage space for the corresponding private key. This private key is necessary to record a new transaction in the blockchain and carry out cryptocurrency transfers. In addition to the private key, cryptocurrency wallets typically store a non-secret public key used to receive transfers.
There are several ways to store a private key:
- hot wallet : Stored encrypted on a server. These are online wallets or custodial wallets offered by popular exchanges such as Binance and Coinbase. This is the least secure way to store your bitcoins. You expose yourself to the risk of hacking the platform but also of the possible bankruptcy of the platform (remember the fall of MtGox or more recently FTX).
- Stored in a mobile application on a computer or smartphone. This is a convenient way to store bitcoins but you still expose yourself to risks because your hardware is constantly connected to the internet, for example.
- Cold wallet : Stored on a separate offline device, on a cold wallet that is not connected to the internet. Cold refers precisely to the idea that there is no connection and therefore that the risks are limited.
There are two main types of cold wallets: hardware wallets and software wallets. Hardware wallets are physical devices dedicated to storing cryptocurrencies, while software wallets are applications installed on computers or smartphones. Hardware wallets generally offer a higher level of security, but software wallets can be more practical for everyday use.
The risks associated with cold wallets
Although hardware wallets offer superior security to protect your cryptocurrencies, their owners are also exposed to certain risks. Here are the main threats they face:
1. Loss or destruction
The most obvious risk for hardware wallet owners is the possibility of losing the device. It does not matter if the wallet is not lost with the private key but it becomes serious if the paper containing the private key is lost at the same time. Of course, to protect the wallet against unauthorized use in case of loss, it is recommended to use an advanced PIN code and a passphrase for example. It is also important to create a backup copy of your private keys away from your wallet, as physically destroying the wallet results in the loss of data stored on it.
2. Phishing and scams
Hardware wallets do not protect against social engineering. If the victim voluntarily chooses to make a transfer or disclose their recovery phrase to a fake “cryptocurrency wallet support specialist,” for example, the money will be lost, regardless of the hardware security in place.
Scams and deceptive websites are also a risk for hardware wallet owners. Again, never give out your information even to someone who claims to be an expert and wants to help you.
3. Malware
A virus-infected computer or smartphone can compromise cryptocurrency investments. If the victim uses an online wallet, criminals can steal the private key and make transactions to empty the wallet. Even with a hardware wallet, there are other possible attack vectors. For example, malware can replace the destination wallet address to redirect money to the criminals' wallet.
Furthermore, even with so-called air-gap wallets, there is a risk of contagion if your computer is first infected by malware, for example.
4. Fake wallets and code modifications
Buying a hardware wallet also requires some caution. There are cases where cryptocurrency wallet buyers ended up with USB sticks containing Trojan viruses, counterfeit devices with modified firmware, or “free replacements for a defective device under warranty.”
To avoid these threats, it is recommended to purchase hardware wallets only from official online stores and check the authenticity of the product upon receipt. Never buy a second-hand wallet for example!
5. Physical Hacking with Memory Analysis
This is a rarer but not improbable threat. Many attacks on popular wallet models are based on firmware manipulation, memory reading, or interference with data transfer between device components. It is therefore important to ensure the physical security of your wallet and never leave it unattended.
This is also why it is important to choose open-source wallets because the fact that the community can access the source code can help avoid compromises and improve the entire software.
What are the most secure cold wallets?
ColdCard Wallet
- Store only Bitcoin
- Secure device
Trezor Wallet
- Easy to use
- Possibility of storing other cryptocurrencies
- Affordable price
To learn more on the subject, we recommend reading our article on the best open source physical wallets on the market.
What are the criteria to take into account when choosing your cold wallet?
Choosing a cold wallet, or cold storage wallet, is an important step in ensuring the security of your cryptocurrencies. Here are some criteria to take into account when making your choice:
- Security: Security is the top priority when choosing a cold wallet. Look for reputable, well-established wallets with robust security measures such as advanced encryption, Secure Element, multi-signature backup, and two-factor authentication (2FA).
- Ease of use : Choose a cold wallet with a user-friendly and intuitive interface. Ease of use is important to avoid mistakes when managing your cryptocurrencies, especially if you are new to the field.
- Reputation and user reviews: Before choosing a cold wallet, research its reputation and check user reviews. Feedback from other users can give you an idea of the reliability and user-friendliness of a wallet.
- Support and updates: Opt for a cold wallet that benefits from active support from its developers and that regularly receives security updates. This will ensure that your wallet stays up to date with the latest technological advancements and security best practices.
- Price: Cold wallets can vary in cost, ranging from free models to high-end hardware devices.
Conclusion on the risks of Cold Wallets
Hardware cryptocurrency wallets provide superior security compared to other storage methods. However, it is important to understand the risks that owners of these wallets are exposed to. By taking appropriate protective measures, such as using a strong PIN, safeguarding private keys, and being vigilant against scams, users can minimize the risks of using hardware wallets.
Remember to always conduct thorough research before purchasing a hardware wallet and follow manufacturers' recommendations to avoid counterfeits. The security of your bitcoin investments ultimately depends on your own vigilance and protective measures.
Lire:
- Your bitcoin is not in your wallet (explanation)
- Here are the sites for non-custodial staking and finding validators
- The 4 different ways to store bitcoin
Disclaimer: This does not constitute investment advice. Always do your own research before investing.