Replying to Avatar LiberLion

The Ugly Old Phone That Beats Every Hardware Wallet

A beaten-up, offline old phone can be the best hardware wallet you’ll ever own. No shiny gadgets needed. You take an old device, factory-reset it offline, keep it without SIM, WiFi, or Bluetooth. No accounts, no sync. Use a strong passcode, never biometrics.

Remove every app you can, even system apps when possible, stripping the device down to the core.

That’s where you keep your long-term funds. For daily spending, use separate wallets on other devices. Just like you don’t walk into a supermarket with all your life savings in your pocket, you shouldn’t do it digitally either.

Safety measures:

• Permanently turned off, radios disabled at the system level.

• You only turn it on in controlled environments

• You only connect online when you need to, using a VPN and your own secure Wi-Fi.

• No need to scan QR codes, sign transactions offline and then connect to execute them online.

• Handwritten seed backup, stored in two separate physical locations. Extra: you can reverse the order of some of the words of the seed and leave yourself a coded reminder that you have done so.

• Periodic checks of battery health and storage

• Fixed location, no lending the device, no unnecessary handling

• A small metal box for physical protection and humidity control

• Never install new apps, and if major changes are needed, rebuild the setup from scratch

A cold vault for your real wealth. A normal phone for your daily life. That separation is what keeps you safe.
Avatar
mister_monster 1w ago

This is terrible security advice. You literally cannot not connect the phone to the internet; the offline signing wallet app must be updated directly over the internet.

Scanning QR codes is the most secure way to share signed transactions. It is an example of a scoped communication protocol, it can only communicate what you want communicated. You want an offline signed that cannot communicate beyond a narrow scope and only if the device is physically with you.

Jumbling up the order of your words, in any way, has no security benefit and only risk. If you want a portion of your security setup stored in your head, use a bip39 passphrase. General rule: anything you can think up to mess with your cryptography is just added complexity with a larger chance of failure and no security benefit.

A phone with a wallet on it is not a cold vault. A purpose built signing device with no wireless networking capability is.

Reply to this note

Please Login to reply.

Discussion

No replies yet.