Why do we need hardware wallets? Aren’t open source self custody wallets enough? Sorry if it’s a stupid question!
Discussion
I used to think like that, but I've become increasingly paranoid about software wallets and computers.
It's a simple matter of increased security.
In my opinion, regardless of whether you're using a hot wallet or a cold wallet, in my opinion the real issue is how to back up the seed phrase.
But how are hardware wallets more secure than open source self custody wallet?
Not all cold wallets are made equal, but a cold wallet that's airgapped, i.e., that never needs to touch a computer, be plugged anywhere, or go online, is by definition more secure than a software wallet on a computer that's online by default.
Then some have extra bells and whistles, like duress pin numbers, i.e., if someone is forcing you to input your pin number to unblock your cold wallet, you can input a fake one that gives the keys to a fake wallet, or a wallet with a small amount that you use as a decoy. And there are other things like that - antitampering, selfdestruction...
Look at the features of a cols card.
They are all best practices.
Hi, the reason is if you have bitcoin stored offline on your own device, then you ensure that you own it and have control of it, if it’s on your phone or and online account, that phone could fall in the pool and poof 💨 that bitcoin is gone same goes for online accounts where someone else controls your BTC. Having it stored offline on your own device, makes sure that you can’t lose it. Hope that helps
But it could be encrypted behind a password? Your hardware wallet could also be stolen right?
Yeah, it could, but so could your phone, having it on your bitcoin device ensures that at least no one has control over your bitcoin and nobody can hack it. Your phone is online all the time so it’s easier to hack it. It’s not a perfect fix but still way more secure
Easy to brute force with a gpu
Any keys stored on an internet connected device have way more vulnerabilities than keys stored completely off a device
You can create a wallet with wifi turned off. Back up seed. Delete wallet.
Your Internet connected phone could already be compromised. There many ways to steal your keys from a compromised device. It's just a basic principle you don't mess with for serious sums.
Could this solve that issue?
But when you sign a transaction that would happen on an internet connected device still? Right? Or atleast you have to communicate with an internet connected device still?
Ive been thinking of using this.
For small amounts of money, software wallets are enough.
But all software has bugs, and bugs can be exploited by hackers to take your private keys. That's why for large sums of #Bitcoin, it is best to have a hardware wallet that is offline and only connects to your phone when you need to sign off on a send.
A rule of thumb I like to use is to treat a software wallet as a physical wallet in your pocket and your hardware wallet as a safe. If the BTC dollar equivalent is more than you feel comfortable keeping in the wallet in your pocket, then keep it in the safe. Then keep a small amount of Bitcoin in a software wallet just as you would hold a small amount of cash in your wallet.
Many wallets on the market, only one question trust or not trust. What’s inside only companies know. Personally I don't use and never use because live far away from deliveries.
That’s why I would trust an open source wallet/or an open source library that signs with keys more than a hardware wallet. But I am buying the whole device being compromised thing and hardware wallets being “signers”. Are there any good open source hardware wallets?
I mosty trust download on App Store popular wallet. But if someone knows how to steal it’s only time question.
Hardware wallet I must say 100 people touch before you get it.
The best iv seen is cold card. By far the best
Rule 1.
Get a cold card.
Stay away from wallets that support shit coins.
Buy directly from the manufacturer.
Stay away from amazon eBay or bestbuy.
Malware can implant destination addresses, and steal private keys in hot wallets.
The hardware device can operate in a malware infected environment, and not be compromised.
Private key = safe