Hardcore Wallet Security: 5 More Ways To Keep Hackers’ Paws Off Your Crypto
It's time for deterred burglars.
Share this article
Hardware wallets are usually considered the safest way to store Bitcoin and other cryptocurrencies. These are dedicated devices that can sign transactions without exposing the underlying private key. They’re less prone to phishing and malware than software wallets, and less vulnerable to hacking than online wallets.
Right now, the hardware wallet market is dominated by two major brands: Ledger and Trezor, which together reign supreme. Very few companies have what it takes to beat these two giants, but that hasn’t stopped a few from trying.
Here are five notable hardware device companies that have been attracting attention this year.
YubiKey: A 2FA-Enabled Password Management Device
YubiKey isn’t a crypto wallet per se: instead, it’s a two-factor authentication (2FA) and password management device. Though YubiKey doesn’t store crypto, it adds an extra login step to online accounts, and, as such, it is often paired with crypto exchanges. Coinbase, Bitfinex, BitMEX, Kraken, and a few other platforms support YubiKey devices.
Of course, 2FA is already commonplace, but it often relies on SMS, which can be intercepted. By contrast, YubiKey complies with standards like FIDO U2F, and as a dedicated device, it is difficult to hack from a practical standpoint. That said, 2FA apps like Google Authenticator are also quite secure, so a dedicated 2FA device may be overkill.
YubiKey has existed since 2007, but exchanges didn’t support it until recently—BitMEX became one of the first platforms to add support in 2015. Since then, YubiKey has received significant attention: Binance touted the product as a security measure in the aftermath of its May 2019 hack, then added support and ran a giveaway in June.
SafePal: An Offline Hardware Wallet
SafePal is a fairly new hardware wallet. Its main goal is to combine security and mobility with affordability—currently, the SafePal S1 is selling for just $40, on discount from its original $60 price tag. This is considerably less expensive than high-end Trezor and Ledger wallets, which often sell for $60 to $150.
SafePal is much simpler than Ledger and Trezor, as it works entirely offline. It doesn’t send data over Bluetooth, Wi-Fi, NFC, or USB. It also erases its data when it is tampered with. These features make it difficult for anyone to steal your key…albeit at the cost of convenience, as SafePal can only display your keys on its screen as a QR code.
It’s an interesting idea, though, and SafePal has gained some extra attention this month by adding support for Litecoin, Dash and Bitcoin Cash. SafePal has also been given a running start by Binance Labs: the project was one of eight startups that took place in the company’s BUIDLER incubation series earlier this year.
Cobo Vault: A Durable and Secure Hardware Wallet
The Cobo Vault is another highly secure hardware wallet. Much like SafePal, Cobo doesn’t transmit data via Wi-Fi, Bluetooth, NFC, or USB, and it erases your data in the event that it is tampered with. Additionally, the Cobo Vault can be authenticated online, which prevents supply chain attacks and ensures that your device is not a counterfeit.
The Cobo Vault offers a second-line of defense as well: it’s durable, not just secure, and it stores your private cryptocurrency keys on military-grade hardware. It also comes with a metal tablet that stores your wallet’s mnemonic phrase (or seed phrase), which you can use to recover your wallet. This protects against loss, not theft.
As a company, Cobo has been attracting attention in some corners of the crypto world. This August, it participated in NEO Global Development’s NEO Live event, and it also added support for Binance Coin at about the same time. However, most of this publicity has concerned Cobo’s mobile wallet rather than the hardware wallet itself.
Ballet: A Non-Electronic Hardware Wallet
Ballet is another offline hardware wallet. In fact, it isn’t what most people would consider a hardware wallet, since it has no electronic components—though there is an optional mobile app.
Instead, Ballet is merely a metal card: it hides your private key under a tamper-proof seal and represents your public address as a printed QR code.
This idea isn’t new: countless manufacturers offer metal wallets, which are essentially very durable versions of paper wallets. There is an issue, of course: you need to trust that the manufacturer won’t steal your keys. Ballet attempts to solve this problem by keeping its manufacturing and key generation processes geographically isolated.
In addition to its secure manufacturing process, Ballet also has a notable person at its helm. The company is being led by Bobby Lee, the founder of BTCC—one of China’s first and longest-running crypto exchanges. Ballet is also a brand-new product: it was announced at Coindesk’s Invest Asia conference just last week.
Kastelo: An Open-Source Monero Wallet
Kastelo is an open-source hardware wallet that is being developed almost entirely by the Monero community. The device will not have a wireless transmitter, according to Michael Schloh von Bennewitz, who heads the project. However, it will be able to transfer data over USB, and various forms of untethered data transmission are being developed by partners.
Kastelo’s features are subject to change, but one thing is guaranteed: it will be open and transparent. This means that anyone will be able to inspect the security of the design or even manufacture their own device from scratch. This isn’t entirely unique, as Trezor and Ledger have open-source aspects, but Kastelo will be wholly open source.
Since Kastelo is an independent project, it doesn’t have any big names attached, and there are only about 40 people on the development team. However, the team has been collaborating with hardware wallet companies like Shift Devices, Satoshi Labs, and Ledger Paris—so this project should not be overlooked despite its minor presence.
Are These New Wallets Really Necessary?
Hardware wallets may not be as safe as you think: recently, vulnerabilities have been found in Ledger and Trezor devices. However, these are fairly minor bugs, and they haven’t been exploited in the wild. Previous incidents, such as the hack of the John McAfee-endorsed BitFi wallet, are also somewhat overblown.
Of course, crypto theft is a real issue, but online wallets and software wallets appear to be more significant targets. With this in mind, new hardware wallet brands might be trying to solve a problem that doesn’t exist. Then again, maybe these wallets have the right idea—2FA, offline storage, and open-source design might be valuable selling points.