Knowledge Base

Cardano Wallets Part 2: Hardware Wallets

Hardware wallets provide us with what is commonly referred to as "Cold Storage" for our Ada as opposed to "Hot wallets" which are directly connected to the internet either through a browser, a browser extension, or a mobile App. Hardware wallets have evolved remarkably over the last few years. You can send, receive, delegate, and stake your Ada using hardware wallets, and you can also connect with a variety of Exchanges, Defi opportunities, Dapps, DEXes, and NFT marketplaces as well. A secondary market has also evolved bringing us incredibly well constructed security devices that house your hardware wallet or protect your seed phrases and PIN, keeping them safe from fire damage, water damage, and theft. Hardware wallets are considered to be the most secure way of holding your Ada and other cryptocurrencies. Four of the best known are highlighted in this post.

A Few Hardware Wallet Basics

   Hardware wallets provide the user with what is known as Cold Storage.  They have evolved remarkably over the last few years. You can send, receive, delegate, and stake your Ada using a hardware wallet, and you can also connect with a variety of Exchanges, Defi opportunities, Dapps, DEXes, and NFT marketplaces as well.  The best hardware wallets connect directly to a proprietary exchange which means you do not have to move your crypto off of the device and onto another exchange in order to buy or sell.  Hardware wallets can be connected to Hot Wallets which are wallets that are in direct connection with the internet, and the scope of the use cases is ever-expanding.  A secondary market has evolved in support of Hardware Wallets bringing us incredibly well constructed highly secure devices that house your hardware wallet, your seed phrases, and/or PIN in titanium or steel sheaths that keep them safe from fire damage, water damage, theft, and break-ins. Hardware wallets keep your private keys safe by enabling you to prove ownership and sign transactions manually within the device rather than on a computer, mobile phone, or tablet.  

   I researched hardware wallets with the intention of acquiring one and learning how to use it correctly.  I knew this was the right path for me in light of all of the potential hacks and thefts that Hot Wallets and Exchanges are subject to.  In the course of my research I focused on the products of four companies that offer a wide array of features. Even though I use the the official Cardano Daedalus interface which makes my computer a full node on the Cardano blockchain, I researched hardware wallets as a first step to experiencing the well documented security of offline cold storage.  Bear in mind I am not affiliated with any producers or manufacturers of any brand of hardware wallet or any retailers of hardware wallets.

 Why Consider A Hardware Wallet?

   Hardware wallets are acknowledged to be the most secure way of storing your Ada and other cryptocurrencies.  Since you never relinquish your private keys when using a hardware wallet, they are more secure than keeping your crypto in custodial wallets or left on an exchange. Four of the best known hardware wallets that support Cardano are the the Ledger Nano X,  the Ellipal Titan, the Trezor model T, and the D'Cent hardware wallet. Historically speaking, the Trezor model One was the first hardware wallet on the market back in 2014. It does not support Ada, but the Trezor T does, a puzzling omission in my opinion.  The Ledger Nano S came along a year after Trezor, and the two manufactureres are the original pioneers of cold storage hardware wallets.  The Nano X came along and offers more features even though it looks similar to the first generation S.  D'Cent first came on the market in 2018.  Given the relatively low price points for excellent hardware wallets it is considered wise to invest in one and learn how to use it properly. You don't have to look very far to find multiple accounts of exchanges being hacked or personal hot wallets that have been invaded and emptied.  Genrally speaking, cold storage hardware wallets are user friendly and when correctly used they are a way to give yourself a relaxed sense of hodling comfort.  It is not uncommon for serious crypto hodlers to own multiple hardware wallets and divide their crypto up amongst them for even mor security. However, as we all know, the crypto world is rife with hackers and scammers who want to steal from you, so ultimately, it is your vigilance that matters most no matter what choice of security and storage you decide upon. 

Words To The Wise

   Regardless of the choice you make when acquiring a hardware wallet it is essential that you purchase the device diretly from the manufacturer or a highly reputable reseller. You can look on Reddit or other social media sites and easily find posts from people who purchased a hardware device from a third party seller and subsequently had their precious crypto stolen.  This happens because bad actors have opened the packaging, altered the function of the device, and then repackaged it to look as if no one had tampered with it.  When you receive your device, it is important to carerfully inspect the packaging which should include intact holographic seals.  The packaging should be sealed with permanent adhesive in order to make opening it impossible to do without visibly damaging it.  If you have any suspicions or doubts that a newly purchased device has been tampered with, do not take any chances: return it and start over.  Additionally, anyone who is hodling substantial amounts of any cryptocurrencies should consider a dedicated desktop or notebook computer which is used solely for connecting your hardware wallet to it and thus to your associated exchange rather than connecting it to a computer you use for day to day activities.  This option may be out of financial reach for many crypto enthusiasts, but it is wise to separate your daily internet usage from your cryptocurrency activities and transactions.  And as I mentioned above, it is now an accepted strategy to own more than one offline device and therefore not keep your crypto eggs in one hardware basket. Finally, in spite of how deploying a VPN for your crypto activities may seem to be a good way to outsmart hackers, in so doing you are may be giving potential hackers another possible entry point of attack which means you end up with less security rather than more.  Chris, the Founder of Cardano Cafe, offers the following explanation regarding VPN deployment:

"Although the VPN protocol itself is a highly secure method of protecting data connections by a tunnel (for example large companies use it to securely connect their remote sites to their headquarters), please always consider if in particular your case it is suitable to use a 3rd party VPN provider. If you tend to use one, please ask yourself if it is a trustworthy VPN provider you would like to use and if using this provider is necessary at all or if it provides any security benefits? For example: Are you renting your internet connection for your desktop computer which is connected via RJ45 cable to your router 1) from a reliable ISP (Internet Service Provider) which provides a high level of security by default or 2) is your notebook connected to a public unsecured Wifi hotspot at a central station? In the first case, it is questionable if using a VPN connection to a centralized provider provides any gains in security because you would add another third party into your secure flow of data (you may compare this to the swiss cheese model: https://en.wikipedia.org/wiki/Swiss_cheese_model ) . However, in the second case, using a VPN might be a good way to mitigate the security leaks of a public Wifi hotspot." 

  So in keeping with everything we know about cryptocurrencies and all that they entail, once again it is up to You to know what is best for yourself and for your own sense of security and well being.  

 

Ledger Nano X      

 

   Ledger was founded in 2014 with main offices in Paris, France.  Ledger hardware wallets support more than 1800 cryptocurrencies and have an incorporated exchange which is pretty amazing to me.  The Nano X is the successor to the Nano S.  It supports Windows, Linux, and Mac, along with Android and iOS devises. It retails for $149.00. You can even buy a combination pack of a Nano X and a Nano S for around $180.00 and do a double backup.  All operations are performed using only two buttons, and the battery life can last for weeks if it is sitting idly in a safe place.  It has a seriously durable steel case.  All of the transactions are signed internally without exposing your private key which is the main point of owning any hardware wallet device in the first place. Both Nano devices resemble a robust USB drive and are simple to set up and to use.  Along with Trezor, the Ledger products are the best known hardware wallets worldwide. Ledger devices are built on a double chip base, and there is a mobile Ledger App for iOS and Android, but apparently the fact that Ledger relies upon closed source firmware as opposed to open source firmware is viewed as a drawback.  

Ellipal Titan

Ellipal offers a completely contactless interface technology for connecting your exchange wallet to the Titan device. There are no ports or connectors on the device. This wallet uses total air gap technology which functions exclusively through an onboard camera that reads the QR codes which are associated with the crypto wallet you are connecting to.  The Titan suppports 41 coins and something like 10,000 tokens and sells for $139.00.  It has an iPhone appearance with a large touchscreen and is encased in aluminum alloy. When I first read about this device, I almost ordered one immediately as it seemed to offer absolute security to the user.  However, before I placed my order I discovered that there is yet another hacking scam that even the Ellipal Titan is potentially subject to.  Believe it or not, the latest scheme/scam for hacking fully air gapped hardware wallets is to sureptitiously substitute the original QR code graphic with another one that is valid in terms of it working correctly, but that redirects your crypto into the hacker's possession rather than to the correct address.  Merely using the QR code is not enough, you must confirm the address in its full form before initiating any transactions! This wicked scammer trick is now used in other situations too. For our purposes it means that with an Ellipal Titan you have no alternative means of connecting to your exchange wallet, consequently you have to be hyper vigilant as to the authenticity of the QR codes and addresses you are using. This does not mean you shouldn't buy one as the Ellipal Titan is well respected and gaining in popularity.

Trezor One and Trezor T       

   Trezor is the original cold storage hardware wallet.  The company is part of Satoshi Labs headquartered in Prague, Czech Republic. "Trezor" translates to "safe" in English.  Trezor devices are built on a single chip base and use open source firmware which allows third parties to review and test for vulnerabilities. Both Trezors connect with the Trezor Suite which you download to your computer, but Trezor One does NOT support Cardano. Trezor One is a small unassuming looking device made out of plastic, without a touch screen, retailing for $59. The Trezor T is a much more advanced device, slightly bigger than the One, with a color touchscreen, retailing for $200.  Trezors support about 1650 cryptocurrencies, and both connect to an incorporated exchange.  Trezor devices give you the option of deploying Tor as an embedded layer of anonymity which is a better choice than using an outside VPN service. An important feature that sets the Trezor T apart from the Trezor One (and almost all other hardware wallets) is that it offers an SSS seed phrase option for truly advanced backup security whereas the standard system used for nearly all other hardware wallets is BIP39.  I had no idea what SSS was, (Shamir Secret Sharing), but have since learned it is a system developed in the 1970's by Israeli cryptographer Adi Shamir.  SSS gives you the abiity to divide your seed phrase into multiple "shares" which creates an entire new layer of seed phrase protection.  I find it reassuring to know that there are such super-intelligent people in the world who have devoted their lives to making our lives more secure.  Also, the most recent update I have received from Trezor announced that the Trezor Suite enables you to connect to your own full node on the Bitcoin blockchain via  Electrum Server. As I mentioned earlier, hardware wallets have evolved in so many ways it is hard to keep up with all of it.

D'Cent

  D'Cent is an advanced device that uses an encrypted Bluetooth connection to interface with the D'Cent app which supports both Android and iOS devices.  It is produced by the Korean Tech and Security firm Io Trust.  This device eatures a large screen, biometric fingerprint authentication, and maintains long battery life which is recharged with a standard USB cable.  You can also use a self generated PIN to confirm transactions.  One drawback is that as of yet you cannot Stake your Ada from a D'Cent device. Otherwise is has all the functionality you can wish for: a Dapps Explorer, a collectibles tab for NFTs, sending and receiving, and automatic updates. It is certified as an EAL5+ security level and sells for $119.00.  

Some Final Advice

   My advice to potential buyers of any hardware wallet is to research the entire market very carefully, keeping in mind their own particular needs and their own particular way of doing things.  Owning a hardware wallet certainly can take a lot of the anxiety out of owning cryptocurrencies, but there is a secondary competence required regarding the safe storage of your seed phrases and PINs.  We all know the horror stories of cryptocurrency hodlers who have inadvertently lost their recovery phrases, or who died tragically in unforeseen circumstances before they had established a custodian for their critical information.  As in all things crypto: The Final Responsibility Is Up To You.

 

      

written by: Eric Hill     published at: Mar 27, 2022

Further articles you might be interested in


Knowledge Base

Vasil Dabov, Symbolism, and Cardano

My previous post highlighted the accomplishments and lifelong interests of Vasil St Dabov who Cardano's Vasil Hard Fork is named after. Along with being one of the first IT pioneers in Bulgaria, as well as a blockchain pioneer, an ecologist, an agronomist, a programming genius, and a Cardano Ambassador, in his personal life Vasil was passionate about Symbolism. In particular he took a deep interest in 5 symbols that represent enlightened thought, emerging consciousness, the interconnectivity of mind and body, and emerging patterns in biological and spiritual development: the Enneagram, the Leaves of the Ginkgo Biloba tree, the Tibetan Buddhist Dorje, Icosahedrons, and Cyrillic Script.

Sep 17, 2022, by Eric Hill


Knowledge Base

What Did Vasil St. Dabov Have In Common With CardanoCafe?

The Vasil Hard Fork is named after Vasil Stoyanov Dabov, the Bulgarian mathematician, environmentalist, entrepreneur, Cardano Ambassador, and friend of Charles Hoskinson who passed away on December 5th, 2021. Running parallel with his work in blockchain technology and his commitment to Cardano, was his lifelong pursuit of planting trees, more than 10,000 of them in all. His passion for tree planting is a direct connection to Cafe's reforestation project in Panama.

Jul 21, 2022, by Eric Hill


Knowledge Base

Cardano Eras

The greatly anticipated Vasil Hard Fork ushers in "Basho", the fourth Era of Cardano's planned growth and development.  Before presenting a basic overview of the features of the Vasil Hard Fork and the Basho Era, I thought it would be good to review the past Eras of the Cardano Roadmap, highlight who they are named after, and see how far we've come.

Jul 11, 2022, by Eric Hill


Knowledge Base

Rays Of Light During A Dark Time

With the crypto markets reeling from multiple negative upheavals and bad news coming in from seemingly every possible angle, I wanted to go against the tide of dark influences and put a different perspective out there for everyone in our Cafe family.

Jun 21, 2022, by Eric Hill