What are the Best Bitcoin Hardware Wallets?7 min read
A Bitcoin wallet is a software program or hardware device used to store relevant information such as the public and private keys and facilitate transactions on the Bitcoin network. A broad distinction between the different types of wallets is whether they are “hot wallets” or “cold wallets”. Hot wallets such as a desktop, mobile, or exchange wallet stay connected to the internet whereas a cold wallet such as a hardware wallet does not, which significantly reduces the chances of the wallet being hacked.
New investors typically start by buying Bitcoin on an exchange such as Coinbase or Binance and tend to keep their coins on the exchange wallet because of the convenience. However, if you don’t have the private keys to your coins, you aren’t actually in control of them. Also, if you fall victim to a phishing attack, an attacker will be able to access your wallet and steal your Bitcoins because your private key is stored online. As the saying goes “not your keys, not your coins”. Keeping Bitcoin on Exchanges has been historically risky as Bitcoin exchanges have been the biggest targets for hackers. This is why it’s important to store your Bitcoins outside of an exchange.
At OpenNode, we encourage everyone to store their coins in a hardware wallet because they offer the best tradeoff in terms of security and accessibility. Hardware wallets have an associated web, mobile, or desktop application that enables you to monitor your Bitcoin addresses and spend Bitcoin. Private keys are stored in the hardware wallet and never leave the device. When you want to confirm a payment, the transaction is signed inside the hardware wallet and the output is sent to the app. In this article, we’ll be looking at some of the best Bitcoin hardware wallets available now.
Trezor
Trezor was the first legitimate and secure Bitcoin hardware wallet made by SatoshiLabs in 2014 and came to be one of the most renowned brands in hardware wallets. Trezor currently offers two models of hardware wallets, the Trezor One and the Trezor Model T. The Trezor One wallet has a small display and two buttons while the Model T is a more premium version with a touchscreen display, SD card slot, and some more additional features such as support for more cryptocurrencies and support for Shamir’s Secret Sharing, which is a way to split up your private key into multiple parts and spread them out. Trezor has its own web-based application called the Trezor Suite but can also integrate well with other popular software wallets such as Electrum, Exodus, or Mycelium.
Trezor builds an isolated environment for offline transaction signing and minimizes the risk of private key discovery, even if the PC is infected by malware. When setting up your device and wallet, you set a PIN that you will use every time to access it and to protect your Trezor against theft. The Trezor then generates a “seed phrase”, a series of 24 words that you must write down and store away. The seed is generated offline and displayed on the wallet’s screen, which ensures that the seed is never on an internet-connected device. Seed phrases are a common feature of all cryptocurrency wallets and are meant to restore your private keys in case you lose your device or forget your PIN code. Seed phrases should be stored somewhere safe and offline because if someone finds it, they’ll be able to recover your private keys and access your Bitcoin without your Trezor wallet. After you complete the Trezor setup process, your private keys are generated and stored on the device. To make payments, you need to connect your Trezor to your computer and sign the transaction with your private key by pressing the confirm button on the device.
Some additional security features include:
- Changing the number pad layout every time the device is connected or a transaction needs to be confirmed. This can help prevent someone from finding out your PIN code using malware that may record your keystrokes or screen.
- Safeguards against brute-force attacks to reveal the PIN code. The device causes a delay between incorrect entries of the PIN code that doubles with every wrong entry. So, for instance, if you make several wrong guesses, the wait time increases to several days.
- No pre-installed firmware to make sure that you don’t receive a device that has been pre-loaded with potentially malicious code. You must download and install its firmware directly from the company’s website when you unbox it.
Ledger
Paris-based Ledger is another one of the most respected and credible companies in the Bitcoin hardware wallet industry. The firm was also launched in 2014 and their wallets have sold over 1.5 million units in more than 165 countries. The main Bitcoin hardware wallets they offer are the Ledger Nano S and the Ledger Nano X. The Ledger Nano S is the first generation hardware wallet introduced by Ledger. One of the first hardware wallets ever made, it followed shortly after the first generation of the Trezor. The main differences between the Nano S and the Nano X are Bluetooth capability (which some have argued may affect security) and the number of wallets that can be stored on each device (up to 20 on the Nano S vs. up to 100 on the Nano X). Ledger also has their own desktop and web application called Ledger Live and can easily integrate with other popular software wallets.
Ledger is known for developing a distinctive operating system (OS) called BOLOS, which they integrate either to a secure chip for the Ledger hardware wallet line or to a Hardware Security Module (HSM) for various enterprise solutions. Ledger hardware wallets use what is called a “Secure Element” in the device which is a microchip that acts as a vault and is considered a very secure form of technology. The setup and transaction processes of a Ledger wallet are similar to a Trezor wallet.
Cold card
One of the newer hardware wallets is the Coldcard, made by Coinkite. It’s physically bigger than a Trezor or Ledger wallet and at first glance, it resembles a small calculator due to its full keypad and small screen. The Coldcard is a Bitcoin-only custodial solution that uses a microSD backup, provides multiple ‘duress’ solutions, and is considered to be one of the most secure hardware wallets available. Some of the duress solutions are a duress PIN that will show a separate wallet than the main one and a “brick me” PIN that will instantly destroy the wallet’s secure element and render it worthless.
The Coldcard is also the only credible hardware wallet that is fully air-gapped. This means the device never connects directly to a computer, since it can communicate through a microSD card. This helps avoid any link between your device and potential threats coming from an Internet connection. It is also the only credible hardware wallet that allows the user to generate their own entropy when creating your seed phrase thanks to a dice roll function. Some additional features include the use of a secure element for key storage, combining unique anti-phishing words with the PIN code, and the clear case used for the device so that any tampering of the hardware would be instantly noticeable. All of these features translate to a higher level of security. The Coldcard can be used with a variety of popular wallet clients, including Electrum, Wasabi Wallet and Bluewallet, or can be used as a completely air-gapped, offline device that simply signs transactions presented on the MicroSD card.
There are lots of other hardware wallet solutions available at this time but the ones mentioned above are the best ones based on their usability and security. Of the wallets discussed in this article, Trezor and Ledger have the best history and track record of providing secure and reliable hardware wallets. While Coldcard is a newer contender, it stands out as a Bitcoin-only wallet with some really innovative security features. Looking towards the future, some features that hardware wallet makers are considering include support for coinjoin, lightning, and other sidechains.
Our goal with this article is to provide you with all the necessary information you need to learn about the most preferred Bitcoin wallets available today. With multiple different options to choose from, we encourage you to test out any and every Bitcoin hardware wallet to see which one works best for you. We highly recommend only purchasing your hardware wallets directly from the retailer to guarantee security.
OpenNode can help any business accept Bitcoin payments using the Lightning Network, and our platform is compatible with every Bitcoin wallet, on-chain, or Lightning. OpenNode offers the ability to convert Bitcoin instantly to traditional currency at any time. OpenNode provides the perfect solution for any business interested in accepting Bitcoin payments.