Hardware crypto wallets: illusion of security

crypto wallets

Hardware wallets are often called a cold wallet that are known as a safe place to store cryptocurrencies. However, hardware wallets are just one type of cold crypto storage and far and away not the safe ones. Users should be aware of risks associated with hardware wallets. Otherwise, they are gambling with the safety of their digital assets.

We in Alfacash are often asked for advice what crypto storage is most convenient and secure. While the answer to this question is not as simple as it seems to be, we would like to clarify some essential points that currently are misunderstood by many newcomers to crypto world. Let’s start from the core questions.

What is a hardware wallet?

A hardware wallet is a type of wallet for storing cryptocurrencies that are kept on the hardware itself without Internet connectivity. That’s why hardware wallets are attributed to the category of cold storages.

Hardware wallets often look like small plug-in devices connected to one’s computer through the USB port. Before starting to use a hardware wallet, a user should download a special software, an application to manage his funds. After that, a user creates an address of wallet where his coins are stored, and with the help of downloaded software, generates a unique private key that allows access and control of coins stored on the wallet address in a certain blockchain. 

Actually, a laptop aimed exclusively at storing cryptocurrencies also could be considered a hardware wallet. However, laptops and other types of computers are more complex devices with dozens of downloaded software. Thus, the more software is run on a laptop, the more it is exposed to malware and bad actors. Hardware crypto wallets’ power is their minimalist design. Their technical architecture is deprived of all other computing processes except those needed to store crypto and make transactions.

Hardware wallets support various blockchains making the storage of dozens coins easy as one-two-three. They offer a higher level of security significantly overcoming hot wallets. Still, hardware wallets should not be considered the most secure method of crypto storing.

What is a cold wallet?

In simple words, cold wallets are storages that are not connected to the network thus cannot be used to withdraw any funds. The informational site explains the basics of cold crypto storing. And the standard of such storage is Bitcoin core wallet.

Bitcoin Core is a specialized software for storing, receiving and sending digital currency. Bitcoin Core is the client software that includes a wallet, but is not only a wallet. It is a full node of the Bitcoin blockchain that checks each block of transactions it receives to ensure that everything in that block is fully valid, thus checking the work of bitcoin miners, as well.

The client itself was created in 2009. In order to use it, one needs to download the entire blockchain. That’s why it is the most secure but also the most time- and effort-consuming method of bitcoin storage as the current size of Bitcoin blockchain is 407 gigabytes.

According to, the classic sample of cold storage is two computers. The first one used to sign transactions is disconnected from any network. The second one is connected to the network, but can only create unsigned transactions.

This approach offers the highest existing way of security in crypto storage. However, it needs more technical knowledge and efforts than hardware wallets. Furthermore, unlike hardware wallets supporting dozens and even thousands of various coins, Bitcoin Core is a software client exclusively for the Bitcoin blockchain. Thus, one needs to run different clients for different cryptocurrencies. Not a trivial problem, isn’t it?

Balance between security and simplicity

That’s exactly where hardware wallets enter the scene. They offer a balance between ease of use and high level of security. By the latter indicator, they could be positioned on a line higher than online wallets but lower than a full node client. 

Still, it’s essential for users not to underestimate the risks posed by hardware wallets. And this is the list of the most common vulnerabilities that expose digital assets stored on a hardware device to bad actors:

1) Device with pre-installed malicious software. The only way to be sure that the hardware wallet is not compromised is to buy a new device in an unopened package without any pre-installed firmware from the company itself or from a trusted and authorized reseller. So, this is the first rule of the club: never buy used hardware wallets. The second rule is never even think about buying a used one. 

2) Compromised devices combined with phishing methods. The best example of such vulnerability is the case of Ledger. Last summer, Ledger customers received hundreds of mails, presumably sent by the company. The accompanying fake letter stated that, due to security reasons, Ledger sent a new device a user must switch to in order to keep his assets safe. The package also included a box with a device very similar to Ledger Nano X. However, it was not a legitimate device. After customers started to share photos of the Ledger’s printed circuit board on Reddit, it clearly turned out that the device was modified.

3) Bugs in firmware upgrade. Since customers believe that official software from the wallet producer is the safest one, hackers may try to implement bugs in future firmware releases. Firmware is the software that runs on the hardware wallet, while software is often attributed to the host software that runs on the PC or smartphone and communicates with the hardware wallet. Users could download a compromised software ignoring that it is patched with code lines aimed at blowing out their digital assets. Unfortunately, an ordinary user has no instruments to protect himself from such an attack. 

4) Physical access to a hardware wallet. “The fact is that there’s no way to prevent a highly sophisticated attacker with physical possession of the device, and lots of time, technology, and resources, from completely ‘pwning’ that device—eventually,” wrote ShapeShift, a crypto exchange operator and a KeepKey manufacturer. Of course, hackers will not spend much time and resources to sneak a miserable amount of coins. Robbing a hardware wallet is worth it when dealing with millions in crypto. 

Taking into account all above mentioned, the level of security offered by hardware wallets should not be overestimated. It is a useful and simple plug-in device not requiring deep technical knowledge and supporting various cryptocurrencies. However, it’s not as secure as a full node client, nor is it resistant to simple types of attacks often used by hackers around the world.

Don’t be fooled and don’t let centralized companies cheat you with security promises.

On Alfacash Store, the users can buy and sell over 19 cryptocurrencies with EUR. This is the fastest and safest way to trade digital currencies in the European Union, and we’re constantly improving our services. The platform offers SEPA transfers for incoming and outgoing payments with cryptocurrencies in a fully non-custodial, regulated, and automatic process. And while the platform might not be as popular as Binance and the likes, it supports most of the popular cryptocurrencies like Bitcoin, Ethereum, Ripple, USDC, USDT, DOGE, etc. Alfacash Store has set out to become the most convenient way for providing financial services to everyone regardless of their location.

To experience their advantages and more nice surprises for yourself, visit Alfacash Store now!

Author: Isabel Perez, Alfacash Store

To Top

Pin It on Pinterest

Share This