Hardware wallets are one of the most secure ways an individual can elect to utilize to safely secure their cryptocurrency holdings. Hardware wallets are designed to prevent intrusion or access by any unauthorized individual, making it incredibly difficult to access crypto holdings without the cooperation of the hardware wallet owner. In many cases, it will not be possible, or at the very least not practical to access the cryptocurrency. However, there are other cases where it may be possible to access or seize cryptocurrency without cooperation from the hardware wallet owner, particularly if in possession of the physical device itself.
What is a Hardware Wallet?
A cryptocurrency hardware wallet is a physical device that secures an individual’s private keys, which allow them to access applicable cryptocurrency holdings associated with their private keys. They are one of the most secure forms of cryptocurrency storage available, and for relatively cheap as well, typically under $100 USD. Hardware wallets are able to store Bitcoin of course, but also many other ‘altcoins’ as well including Ethereum, EOS, Litecoin, and dozens of others. Major hardware wallet manufacturers include Trezor, Ledger and Keepkey. These hardware wallets effectively resemble special-purpose USB drives, albeit heavily modified with sophisticated security features.
It’s important to note that just as with any non-hardware wallet, cryptocurrency is never held ‘inside’ the hardware wallet. Rather, the cryptocurrency is always on the blockchain. What the wallet stores are private keys (akin to passwords) that allow the individual to access that cryptocurrency. This may seem confusing at first primarily because we’re used to storing banknotes and money inside our physical wallets. The issue is that the term ‘wallet’ is a poor analogy for what a cryptocurrency wallet actually is.
A Cryptocurrency Wallet as a Keychain
A far better analogy as to what a cryptocurrency wallet is would be a keychain. A keychain holds a collection of ‘keys’. Anyone with a key can access a publicly accessible ‘safe’ (akin to the blockchain in this example) and then transfer the funds to any other safe they’d like, which only they have the key to. The keychain merely holds a collection of keys.
The thing with keys is that they can easily be copied. And private keys are no different. They can be copied either individually or in bulk through something known as a mnemonic seed (also known as a seedphrase). The individual can hold an unlimited number of copies of keys, so if they ‘give up their private keys’ or provide access to another individual, they still have access to the funds until someone transfers the cryptocurrency to another wallet the original owner doesn’t have access to.
Security Features of Hardware Wallets
One feature that makes hardware wallets particularly secure is that the private keys never come off the device, at least not in plaintext form. Yet the private keys need to be used in order to digitally sign transactions and transfer funds. Hardware wallet manufacturers instead have their wallets digitally sign the transactions inside the device itself. The digitally signed message is then broadcasted, a transaction occurs, and funds are then moved. This all happens without the private keys ever being transmitted outside of the device itself.
There’s a mnemonic seedphrase (or recovery phrase) which allows for recovery in the event the hardware wallet is lost or damaged. However, this recovery phrase is only provided to the owner once, when they’re initially setting up the wallet. The owner is instructed to back up this recovery phrase on a physical piece of paper and store it somewhere securely. Since cryptocurrency is non-custodial in nature, the user will be unable to access their funds should they ever lose access to the device and the backup seedphrase, such as in the event of damage, loss or theft. Nonetheless, despite explicit instructions otherwise, some individuals still elect to store their recovery phrase digitally on their computer, on their email (the cloud), and some don’t store it at all or forget about it. The device is designed to never transmit the recovery phrase again once the initial setup has been completed.
Hardware wallets have quite a few physical security features in case the device is ever lost or stolen. Hardware wallet devices typically require an individual to enter a pin number to access the device. But the pin cannot simply be guessed through a brute force attack (guessing). Either the device will automatically lock after a set number of failed attempts or there will be an ever-increasing time delay that makes guessing the pin impractical. The wallets also employ security features to prevent a users’ pin from being stolen when they enter it e.g through a keylogger or screen capture malware.
Vulnerabilities and Attack Vectors
There’s no such thing as ‘perfect’ security. However, hardware wallets do a very good job of offering a high level of security, when used correctly, particularly given their price point. But they are not impervious to vulnerabilities. Furthermore, hardware wallets are not always used correctly, weakening their security. Some vulnerabilities are technical in nature, while others are non-technical. Many of the non-technical vulnerabilities focus on human interaction with the device, exploiting it in some way to gain access to the device. Some are device-specific, while others are not. Many will be unfeasible or impossible in most instances. Below, we’ve gone over some of the most common vulnerabilities.
PIN Capture or Retrieval
Attempts have been made to capture the users’ PIN through everything from video cameras to keyloggers to screen capture devices. Many of the most recent hardware wallet devices require the user to enter their PIN on the device itself; not on their computer screen, making this attack vector considerably more difficult to pull off successfully
Mnemonic Seedphrase Capture or Retrieval
Since the seedphrase offers complete unfettered access to the hardware wallet, there have been many creative ways employed to capture the seedphrase. Capturing the seedphrase is one of the few ways that never require an attacker to physically take possession of the device itself. Furthermore, since people almost always keep a copy of their mnemonic seed on a piece of paper (or on their computer), finding that seed compromises the device.
Supply Chain Attack
These attacks involve intercepting and tampering with the device (and the security seal) before the device ever gets into the hands of the owner for the first time. The attacker could inject their seed into the wallet with the end-user thinking no one else has access to the seed that has been ‘generated’ for them. These attacks are sometimes conducted by unscrupulous resellers of hardware wallets themselves.
$5 Wrench Attack
The $5 wrench attack is the oldest and most rudimentary attack – through force and the threat of it.
Users have been tricked into entering confidential information such as their seedphrase into a website that mimics that of the hardware wallet manufacturer.
A side-channel attack can potentially allow for multiple PIN guesses or extraction without a time reset or lock, and can even allow for the extraction of the mnemonic seed which is supposed to be impossible.
Voltage Glitching, Fault Injection & Freezing Attacks
These types of attacks involve attackers disrupting data transmission within the device itself.
Even though the devices are designed to not run untrusted firmware, some security experts have been able to trick devices into running malicious firmware nonetheless.
Even if your computer is infected with malware, it’s supposed to not be possible for that malware to compromise the security of the hardware wallet. However, security experts have been able to use malware before to compromise the device before in some instances.
It may sound like hardware wallets have a lot of vulnerabilities, but they are actually extremely secure compared to other options. Most of the technical vulnerabilities have been patched and most attacks require the attacker to currently possess (or have previously possessed) the device to successfully attack it. For non-technical vulnerabilities, steps have been taken to minimize or prevent exploitation through that vulnerability. Ultimately, hardware wallets are probably the best form of secure storage for most people, but they still have some vulnerabilities. Despite their vulnerabilities, there’s a good chance that any effort to seize any funds from a cryptocurrency hardware wallet will prove unsuccessful.