What is a bitcoin hardware wallet, and what do they do?

A bitcoin hardware wallet is a compact, dedicated device that generates and safely stores your bitcoin’s private keys offline.

Private and public keys are used by your chosen bitcoin wallet software to generate addresses, authorize spending, and safeguard access to your funds on the blockchain. Keeping your bitcoin keys offline is an integral part of bitcoin security that minimizes the risk of remote attacks and malware stealing your funds. Hardware wallets typically offer a variety of protections to prevent anyone with physical access to the device from accessing the keys inside.

Bitcoin hardware wallets (the devices themselves) are also distinct from bitcoin wallets. A bitcoin wallet is a collection of private and public keys generated from a single master private key. A bitcoin hardware wallet can be home to several bitcoin wallets.

Here, we discuss what a bitcoin hardware wallet is, what it does and doesn’t do, how hardware wallets sign transactions, and some of their advantages and disadvantages.

What doesn’t a hardware wallet do?

A common misconception is that a hardware wallet stores bitcoin inside the device. In reality, no bitcoin wallet—software or hardware—stores bitcoin inside it. Instead, all bitcoin stays on the blockchain. Hardware wallets store the keys to bitcoin only.

The misconception that bitcoin is held on hardware wallets themselves is so widespread that many bitcoin industry folks recommend not using the misleading term “hardware wallet” at all. However, alternative and potentially more accurate names, such as “signing device” or “signer,” have been slow to catch on.

Additionally, a hardware wallet cannot check bitcoin balances on the blockchain or broadcast and verify bitcoin transactions. Performing these functions requires separate bitcoin wallet software. (All bitcoin wallets connect to bitcoin nodes to receive, transmit, and validate new transactions.)

What does a hardware wallet do?

Hardware wallets carry out multiple functions necessary for receiving, securing, and spending bitcoin. When first initialized, hardware wallets (that use BIP39 standards) generate a seed, the cornerstone for constructing a bitcoin wallet. Based on the seed, addresses are generated for receiving bitcoin on the blockchain. Once bitcoin is received, you can use your hardware wallet to sign (authorize) transactions to spend your bitcoin. Hardware wallets can also recover a previously-created bitcoin wallet from a backup seed phrase.

Let’s look at each of these functions one by one.

Generates seeds

During setup, most hardware wallets generate a seed for you. This seed, which is a large, randomly-generated string of binary digits, can be represented in human-readable form as a seed phrase. The seed phrase is presented to you during setup as a list of 12 to 24 words. These should be carefully written down in order and saved in a secure offline location.

A seed phrase is not the same as the private key for a bitcoin address. Instead, the seed phrase derives the “master private key” from which all of a wallet’s addresses and their associated private and public keys originate. Modern deterministic wallets can generate nearly an unlimited number of bitcoin addresses (with public and private key pairs generated for each address), all from a single seed phrase.

How do hardware wallets generate seed phrases?

Hardware wallets generate seed phrases by generating a seed and mapping it to a list of 2,048 words. Hardware wallets use various methods to achieve randomness, such as random number generators (RNGs). In many hardware wallets, the RNG firmware runs on an isolated microprocessor called a secure element installed inside the physical hardware wallet. Other wallets use a combination of internal and external sources to generate entropy, the most popular example of the latter being dice rolls.

Stores seeds, seed phrases, and private keys

Once generated during initialization, your bitcoin wallet’s seed (and associated seed phrase) is stored inside the hardware wallet. If the hardware wallet uses a secure element, it generally resides there and cannot be exported from the device in plain-text form.

A hardware wallet’s limitations for exposing the seed are part of what make it secure. Hardware wallets are a form of “cold storage” because they store seeds in an environment that is isolated from the internet. Due to their limited attack surface, a hardware wallet can theoretically be connected to a virus-infected computer (not recommended!) and still protect your wallet’s seed.

Signs transactions

The primary use case for hardware wallets is to securely sign transactions—which authorize spending from your bitcoin wallet. In a singlesig wallet, one signature from one hardware wallet is enough to move your bitcoin. In multisig wallets, generally, two or more signatures from separate hardware wallets are required to transfer funds.

To sign transactions, hardware wallets must communicate with the wallet software on a desktop or smartphone.  Depending on the hardware wallet model, it may connect to your device by USB, Bluetooth, or NFC. Fully air-gapped (i.e., not directly connected to the internet) solutions are also available, including using a camera, QR codes, or SD cards to transfer data between the hardware wallet and your device.

Connecting your hardware wallet to an internet-connected device may seem counterintuitive for an offline “cold storage” solution. However, as mentioned above, even with a wired connection, your wallet’s seed and corresponding public and private keys remain isolated, keeping them safe.

How hardware wallets sign transactions

Signing a transaction with a hardware wallet involves a series of steps. At no point during the process does a private key leave the hardware wallet or touch an internet-connected device. Only the transaction data (signed and unsigned) moves between the wallet software and the hardware wallet.

Typical steps for signing a transaction

1. Create an unsigned transaction in the wallet software: specify the amount, fees, and receive address. At this point, the transaction cannot be sent to the bitcoin network because it is not yet signed.
2. The software passes the unsigned transaction to the hardware wallet via whatever connection you’re using (wired, air-gapped, QR code, etc.).
3. The hardware wallet displays the transaction details for you to double-check—if the software has compromised any details, like switching an address, you have the opportunity to catch it at this point.
4. Click the button(s) on the hardware wallet to confirm the transaction.
5. The hardware wallet signs the transaction with the relevant private key.
6. The hardware wallet passes the signed transaction back to the wallet software. The software can see that the transaction has been signed but cannot extract the private key from the signature.
7. Assuming the required signatures are gathered, the wallet software broadcasts the now-valid transaction to the bitcoin network.

Recovers wallets

Hardware wallets also play a role in wallet recovery. Imagine you set up a bitcoin hardware wallet, write down the seed phrase, and later, something happens to the hardware wallet itself—fire, theft, flood, malfunction, loss, etc. One means of recovering your funds is to use your seed phrase to restore your old wallet to a new hardware wallet. During the setup of the new hardware wallet, you’re asked whether you want to create a new wallet or recover an existing wallet. Choosing to recover an existing wallet allows you to enter your old seed phrase, which restores access to your funds.

Verifies addresses

Bitcoin transactions are immutable, which means if you send your bitcoin to the wrong address, it can be permanently lost. Thankfully, hardware wallets also allow you to check your bitcoin address on the device before sending funds. Checking your address on your hardware wallet teaches you three important things:

1. You can confirm that the address was built correctly. In multisig, the device will tell you if it’s 2-of-3, 3-of-5 or another quorum (and not 2-of-5 where an attacker added 2 keys and actually controls the funds).
2. You can confirm that the computer you’re working on isn’t compromised with an attacker’s malware that displays the wrong address to you.
3. You can confirm with high certainty that you hold a key to the address on the device. The address is under your control (because it’s controlled by your device!).

You should always check the receive or change address on your hardware wallet before sending meaningful amounts of funds to that address.

Hardware wallet software

Most hardware wallets require the manufacturer’s wallet software to initialize the device, and many choose to use the OEM software for wallet functionality as well. Once initialization is complete, however, you can use third-party bitcoin wallet software alongside your hardware wallet to manage your bitcoin, if preferred. Popular options include Sparrow, BlueWallet, and our very own multisig wallet solution.

When you connect your hardware wallet to your wallet software, you’ll mostly interact with the device where the software is installed (desktop or smartphone). But as outlined above, the hardware wallet never shares your private keys with the device—all signing of transactions occurs on the hardware wallet before being passed back to the wallet software.

Hardware wallet trade-offs

When it comes to safely storing your bitcoin’s private and public keys, the advantages of hardware wallets far outweigh their disadvantages. This is especially true when compared to alternatives such as hot wallets, which store private and public keys online.

Still, there are nuances to be aware of:

• While great for cold storage, hardware wallets are not necessarily the most convenient for high-volume transactions (such as frequent trading or buying coffee)
• Hardware wallets offer protection from many forms of malware, but some malware specifically targets hardware wallets (i.e., clipper malware).
• Hardware wallets also come with a cost to purchase—generally $75 to $150, versus software wallets, many of which are available at no cost.