How does the bitcoin source code define its 21 million cap?
Many of bitcoin’s staunchest critics have expressed doubt about its 21 million cap, but perhaps the most mindless criticism relates…
,As the value of your bitcoin grows, so does your need for secure key storage. One such solution is a hardware wallet, a physical device that allows you to securely hold the keys to your bitcoin. But hardware wallets aren’t the only option for storing your bitcoin keys—there are also software wallets, paper wallets, and even “brain wallets.” So why specifically choose a hardware wallet?
Hardware wallets enable you to generate and hold the keys to your bitcoin entirely offline, known as cold storage. This stands in contrast to hot wallets, which are more susceptible to remote attacks such as malware and SIM swap attacks (still more secure than a custodian or an exchange!).
You can think of this as similar to building a ship in a bottle. Your wallet’s seed, which is used to generate the keys to your bitcoin, is generated inside the device and cannot be digitally exported. At no point do the keys ever leave the device. Even if a hardware wallet is connected to a virus-infected computer (which is not recommended), the keys would still be protected, often in a secure element.
When you want to move your bitcoin, you author a transaction using wallet software, send it to the hardware wallet, sign it on the hardware wallet itself using your private keys, and then send it back to the internet-connected wallet software for it to be broadcast to the bitcoin network.
If someone were to gain physical access to your hardware wallet, there are unique features hardware wallets offer that help you defend against attacks. Some of these security features include a secure element, firmware verification, and PINs for first-layer defense.
A secure element is a microprocessor used to isolate, store, and protect sensitive data. In a hardware wallet, a secure element provides a higher level of protection against physical compromise compared to the standard environment on a mobile phone, desktop, or laptop. For example, this makes it more difficult to compromise your device via fault attacks, side-channel attacks, and cold boot attacks.
Firmware verification is a way to verify the validity of a hardware wallet’s onboard software. This protects against counterfeit versions and supply-chain attacks. Verifying the firmware ensures the use of a genuine, unaltered version of the hardware. Wallet software from manufacturers like Trezor, Ledger, and others verify the device firmware every time you connect them to your PC.
Access PINs in many hardware wallets help prevent anyone but the owner from getting immediate access to the ability to sign with the keys stored on the device. In most cases, the penalty for failing to properly enter the PIN over a certain number of tries is an increasing delay between incorrect guesses. With some hardware wallets, exceeding the number of allowable PIN guesses can result in a factory reset of the device or even render it permanently unusable.
A duress PIN is a security feature that can help protect your bitcoin in the event of a $5 wrench attack. Duress PINs are particularly important for hardware wallets (due to them being used to secure larger amounts of bitcoin), and the available functionality is particularly robust in some cases.
For example, the Coldcard hardware wallet offers three types of duress PINs: one that unlocks a decoy wallet, one that destroys the seed upon entry, and one that creates a countdown to customizable “brick modes”. If you end up in a duress scenario, these tools offer you confidence that attackers won’t be able to access your primary bitcoin keys—if any at all.
It’s possible to store your keys offline with a laptop or desktop and secure them from physical attacks. However, the general-purpose architectures of these devices present a larger attack surface for skilled attackers. This means there are more ways for attackers to exploit software, firmware, and hardware to engineer ways to steal your private keys.
In contrast, hardware wallets are built with specialized hardware that simplifies their functionality to very specific tasks and limits their connectivity to the internet and other devices. Even with a secure element to keep key data behind a firewall, some hardware wallets restrict the way they physically connect with external devices—air-gapped hardware wallets primarily interface with other devices via microSD card. Many manufacturers also offer bitcoin-only firmware to further simplify functionality.
Hardware wallets may be more limited in functionality and convenience than general purposes devices, but that limited functionality also means limited vulnerability. This also has the side benefit of creating less risk for new holes to be discovered that manufacturers must plug with firmware updates or hardware revisions.
You may think you don’t own enough bitcoin for it to be worth the effort to buy a hardware wallet and learn how to securely hold your keys offline. One reason to get a hardware wallet now is to prepare for bitcoin’s upward price swings.
It’s common bitcoin wisdom to treat your holdings as if they’re worth 10x what they are today—historically, a move like this can come quickly and unexpectedly. Additionally, if your bitcoin holdings would be uncomfortably large for standard singlesig self-custody at a 10x value increase, it may be time to consider a more secure self-custody model such as multisig.
Because bitcoin transactions are irreversible, it’s important to be certain when you send bitcoin that it goes to the correct address. This is important for both sending bitcoin to someone else and sending bitcoin to a wallet controlled by the keys on the hardware wallet(s) you own.
With software wallets, malware could replace a real address with an attacker’s address in the UI, making it difficult to verify its authenticity. There’s also “clipper” malware, which switches the receiving address in your computer’s clipboard, and other attack vectors.
Hardware wallets help with this by including a physical screen that displays the address you want to send funds to, allowing you to verify it prior to spending. As long as your device hasn’t been physically compromised, you can be confident that the address you’re shown is controlled by the keys stored offline on the device. If you’re sending funds to a remote recipient, it’s best to confirm the address you’re sending to through multiple channels.
All bitcoin wallets depend on entropy—randomness—to generate seeds, and seeds are the master secret that generates your bitcoin private keys. Entropy can be generated in many ways, from basic on-device random number generators, to long strings of random text entry, to dice rolls or playing cards.
Dice rolls are widely considered one of the best ways to generate your own entropy, minimizing the involvement of third-parties in generating the randomness needed to initialize a bitcoin wallet. Some hardware wallets, such as Coldcard, allow you to enter dice rolls on-device to generate a seed phrase. You can press 1–6 for each roll and it will use the rolls to generate your seed.
While you don’t need a hardware wallet to generate your own entropy (you could do so on a permanently offline laptop, for example), hardware wallets uniquely allow you to do so in a way that’s convenient and secure. Generating your own entropy in the physical world can be fun and a great learning exercise, but it’s pointless without the right environment to help you preserve the marginal security you may obtain by doing so.
Traveling with small amounts of bitcoin can be easily done with a mobile phone or another less secure device, but larger amounts of bitcoin require more forethought. Traveling with keys on a laptop computer or mobile device is risky because these devices are usually hot (internet-connected), have more limited physical protections, and have larger attack surfaces.
Hardware wallets offer convenience and security if you need to keep one or more bitcoin keys on your person while traveling.
You don’t have to worry about sketchy WiFi connections or USB ports, you can use duress features as described above if someone were to physically attack you, and you’re more protected if your device becomes lost, stolen, or confiscated (attackers would have to do defeat the hardware wallet’s purpose-built security). And they still offer convenient access if you need to spend.
Multisig wallets are built by combining multiple keys (versus singlesig wallets that use just one). Requiring more than one key to spend bitcoin adds security and redundancy to your wallet, making them useful for securing larger amounts of bitcoin.
The more secure the individual keys involved in constructing a multisig wallet are, the more secure the multisig wallet is itself. Hardware wallets enable you to conveniently build a multisig wallet with clearly delineated keys securely held offline. Like with singlesig, hardware wallets also let you verify multisig addresses offline when sending bitcoin.
Using multiple hardware wallets is a natural fit for multisig because multisig is often used for maximizing security and redundancy for large amounts of cold storage bitcoin, a goal which physical devices and seed phrase backups also help you to achieve.
The first step to upgrading your bitcoin security is always to take self-custody, whether hot or cold, to eliminate the risk involved with trusting custodians such as exchanges. From there, you can explore additional security tools, such as multisig, to find the right balance of security and accessibility for your circumstances.
Many of bitcoin’s staunchest critics have expressed doubt about its 21 million cap, but perhaps the most mindless criticism relates…
Ted Stevenot, Stephen HallWhen Satoshi Nakamoto created bitcoin, he established in its code a fixed number of bitcoin that will ever exist. Since…
Ted StevenotOriginally published in Parker’s dedicated Gradually, Then Suddenly publication. Bitcoin is often described as a hedge, or more specifically, a…
Parker Lewis