Saturday, 15 April 2023

Understanding hardware wallets

Edit: Thanks to everyone for the incredibly thorough replies with insight and information. I'll be reading all your replies multiple times to digest it all.

I am old school. I store BTC on paper wallets generated offline from bitaddress.org, from Tails on a USB device. It has worked for me for many years. But every time I am traveling and not home, I worry that I could come home to a burned down house with no trace of paper wallets. So I've been looking at hardware wallets for long term storage instead.

In doing research for "what's the best hardware wallet", I feel like I am putting a lot of trust into these devices and their manufacturers. My skepticism and lack of understanding is preventing me from jumping into a Trezor/Ledger/ColdCard purchase. It seems like the common theme to hardware wallet functionality is:

A. They use PINs.
B. They require writing down a 24 word phrase to back up.
C. They require software installation on a computer in order to send/receive.
D. They require purchasing from a private manufacturer.

Being old school as I am, I have skepticism about each one of these points. But maybe it's just because I have been out of the loop for years, so I don't understand the advancements in crypto anymore. So without further ado, here are my questions/concerns.

  1. The PINs are only used to access the hardware itself, correct? Not related in any way to the keys themselves? So worst case scenario I forget the PIN, I can still recover my keys by 24-word phrase?

  2. Do all hardware wallets use the same algorithm/protocol for the 24-world phrase? In other words, if the hardware wallet self-destructs, I can recover the wallets via 24-word phrase with any using any other hardware wallet, right? It doesn't need to be the same brand? E.g. A wallet generated from a Trezor can be recovered from a Ledger? If so, is this algorithm based on a standard/open source, so that it can still be recovered manually if for some reason in the future there are no more hardware wallets by any manufacturer?

  3. Do I need to be concerned about the safety of the PC software? Is there a chance that bad software can scrape my private keys when my hardware wallet is plugged in?

  4. Do I need to be concerned about the legitimacy/trustworthiness of the manufacturers? Is there any chance that hardware wallets were compromised during the build, and would generate pre-determined private addresses, waiting to receive a transfer so someone can swipe it?

  5. Bonus question: When I send BTC from a private key stored on a hardware wallet, is that private key still "cold"? Or do I need to create a new private key to hold my balance whenever I send?

Thanks for reading my long post. I appreciate any insight anyone is willing to share.

submitted by /u/Lazy_perv
[link] [comments]

No comments:

Post a Comment