https://en.bitcoin.it/w/api.php?action=feedcontributions&feedformat=atom&user=SlushBitcoin Wiki - User contributions [en]2026-04-21T03:36:56ZUser contributionsMediaWiki 1.43.8https://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65868Hardware wallet2018-11-06T16:56:45Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor|Trezor One]] ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
Trezor One offers everything needed to protect cryptocurrency funds together with advanced features like [https://wiki.trezor.io/User_manual:Password_Manager Password manager] or [https://wiki.trezor.io/User_manual:Two-factor_Authentication_with_U2F U2F two-factor authorization]. <br />
<br />
''See also [[Hardware wallet#Trezor Model T|Trezor Model T - next-generation cryptocurrency hardware wallet]]''<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
=== [[Trezor|Trezor Model T]] ===<br />
[[File:Trezor-model-t-photo-front.jpg|300px|thumb|left|Trezor Model T]]<br />
<br />
Trezor Model T is the premium version and next-generation cryptocurrency hardware wallet. In addition to the functionalities of Trezor One, it has a colored touchscreen for secure on-device input, modern design, an SD card slot, and some other more advanced features. <br />
For more information see [https://wiki.trezor.io/Trezor_Model_T Trezor Model T] and this [https://trezor.io/#comparison comparison table]<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Marek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65867Hardware wallet2018-11-06T16:53:30Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor|Trezor One]] ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
''See also [[Hardware wallet#Trezor Model T|Trezor Model T - next-generation cryptocurrency hardware wallet]]''<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
=== [[Trezor|Trezor Model T]] ===<br />
[[File:Trezor-model-t-photo-front.jpg|300px|thumb|left|Trezor Model T]]<br />
<br />
Trezor Model T is the premium version and next-generation cryptocurrency hardware wallet. In addition to the functionalities of Trezor One, it has a colored touchscreen for secure on-device input, modern design, an SD card slot, and some other more advanced features. <br />
For more information see [https://wiki.trezor.io/Trezor_Model_T Trezor Model T] and this [https://trezor.io/#comparison comparison table]<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Marek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65866Hardware wallet2018-11-06T16:52:41Z<p>Slush: /* Commercial hardware wallets (ordered chronologically) */</p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor|Trezor One]] ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
''See also [[Hardware wallet#Trezor Model T|Trezor Model T - next-generation cryptocurrency hardware wallet]]''<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
=== [[Trezor|Trezor Model T]] ===<br />
[[File:Trezor-model-t-photo-front.jpg|300px|thumb|left|Trezor Model T]]<br />
<br />
Trezor Model T is the premium version and second generation Trezor hardware wallet. In addition to the functionalities of Trezor One, it has a colored touchscreen for secure on-device input, modern design, an SD card slot, and some other more advanced features. <br />
For more information see [https://wiki.trezor.io/Trezor_Model_T Trezor Model T] and this [https://trezor.io/#comparison comparison table]<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Marek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65865Hardware wallet2018-11-06T16:51:18Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor|Trezor One]] ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
''See also [[Hardware wallet#Trezor Model T|Trezor Model T - second generation Trezor hardware wallet]]''<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
=== [[Trezor|Trezor Model T]] ===<br />
[[File:Trezor-model-t-photo-front.jpg|300px|thumb|left|Trezor Model T]]<br />
<br />
Trezor Model T is the premium version and second generation Trezor hardware wallet. In addition to the functionalities of Trezor One, it has a colored touchscreen for secure on-device input, modern design, an SD card slot, and some other more advanced features. <br />
For more information see [https://wiki.trezor.io/Trezor_Model_T Trezor Model T] and this [https://trezor.io/#comparison comparison table]<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Marek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65864Hardware wallet2018-11-06T16:47:47Z<p>Slush: /* Trezor Model T */</p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor|Trezor One]] ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
=== [[Trezor|Trezor Model T]] ===<br />
[[File:Trezor-model-t-photo-front.jpg|300px|thumb|left|Trezor Model T]]<br />
<br />
Trezor Model T is the premium version and second generation Trezor hardware wallet. In addition to the functionalities of Trezor One, it has a colored touchscreen for secure on-device input, modern design, an SD card slot, and some other more advanced features. <br />
For more information see [https://wiki.trezor.io/Trezor_Model_T Trezor Model T] and this [https://trezor.io/#comparison comparison table]<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Marek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65863Hardware wallet2018-11-06T16:47:15Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor|Trezor One]] ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
=== [[Trezor|Trezor Model T]] ===<br />
[[File:Trezor-model-t-photo-front.jpg|220px|thumb|left|Trezor Model T]]<br />
<br />
Trezor Model T is the premium version and second generation Trezor hardware wallet. In addition to the functionalities of Trezor One, it has a colored touchscreen for secure on-device input, modern design, an SD card slot, and some other more advanced features. <br />
For more information see [https://wiki.trezor.io/Trezor_Model_T Trezor Model T] and this [https://trezor.io/#comparison comparison table]<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Marek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65862Hardware wallet2018-11-06T16:43:29Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor|Trezor One]] ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== [[Trezor|Trezor Model T]] ===<br />
[[File:Trezor-model-t-photo-front.jpg|220px|thumb|left|Trezor Model T]]<br />
<br />
Trezor Model T is the premium version and second generation Trezor hardware wallet. In addition to the functionalities of Trezor One, it has a colored touchscreen for secure on-device input, modern design, an SD card slot, and some other more advanced features. <br />
For more information see [https://wiki.trezor.io/Trezor_Model_T Trezor Model T] and this [https://trezor.io/#comparison comparison table]<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Marek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65861Hardware wallet2018-11-06T16:40:26Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor|Trezor One]] ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== [[Trezor|Trezor Model T]] ===<br />
[[File:Trezor-model-t-photo-front.jpg|220px|thumb|left|Trezor Model T]]<br />
<br />
Trezor Model T is the premium version and second generation Trezor hardware wallet. In addition to the functionalities of Trezor One, it has a colored touchscreen for secure on-device input, modern design, an SD card slot, and some other more advanced features. <br />
For more information see [https://wiki.trezor.io/Trezor_Model_T Trezor Model T] and this [https://trezor.io/#comparison comparison table]<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Marek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65860Hardware wallet2018-11-06T16:39:58Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor|Trezor One]] ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== [[Trezor|Trezor Model T]] ===<br />
[[File:Trezor-model-t-photo-front.jpg|300px|thumb|left|Trezor Model T]]<br />
<br />
Trezor Model T is the premium version and second generation Trezor hardware wallet. In addition to the functionalities of Trezor One, it has a colored touchscreen for secure on-device input, modern design, an SD card slot, and some other more advanced features. <br />
For more information see [https://wiki.trezor.io/Trezor_Model_T Trezor Model T] and this [https://trezor.io/#comparison comparison table]<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Marek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65859Hardware wallet2018-11-06T16:36:15Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor|Trezor One]] ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Marek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65858Hardware wallet2018-11-06T16:32:39Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor]] The Bitcoin Safe ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Marek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=65857Hardware wallet2018-11-06T16:31:21Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a special type of [[wallet|bitcoin wallet]] which stores the user's private keys in a secure hardware device.<br />
<br />
They have major advantages over standard software wallets:<br />
<br />
* private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, private keys never need to touch potentially-vulnerable software<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
== Security risks ==<br />
<br />
To date there have been no verifiable incidents of Bitcoins stolen from hardware wallets. Hardware wallets are relatively new, but at least for the time being they have maintained a good track record, unlike the numerous incidents of Bitcoin theft from Internet-connected computers.<br />
<br />
However, it's important to understand that hardware wallets are a high value target and depend on various assumptions holding true to maintain security. They are not a silver bullet, and there are several realistic ways in which a hardware wallet can fail to protect your Bitcoin. These risks need to be carefully considered when deciding how much trust to place in a hardware wallet, and which hardware wallet to buy.<br />
<br />
How a hardware wallet could fail to protect your Bitcoin:<br />
<br />
# '''Malware swaps recipient Bitcoin addresses''': a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.<br />
# '''Insecure RNG ([https://en.wikipedia.org/wiki/Random_number_generation Random Number Generator])''': hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.<br />
# '''Imperfect implementation''': the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.<br />
# '''Compromised production process''': even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a [https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/ real concern] for high risk financial and military applications.<br />
# '''Compromised shipping process''': a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors [https://arstechnica.com/.../photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ are known to exist].<br />
<br />
In summary:<br />
<br />
* While not a silver bullet hardware wallets can still be extremely useful, assuming you take care to use a good one: an authentic device manufactured by trustworthy, technically competent security experts with a good reputation (e.g., [[TREZOR]]).<br />
<br />
* [[Cold storage]] solutions implemented with open source software and general purpose hardware (e.g., [[BitKey]], Pi Wallet), using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long term savings).<br />
<br />
== Connecting to a full node ==<br />
<br />
By default, most hardware wallets instruct the user to connect to the manufacturer's own web interface. The web page cannot steal the user's private keys but can spy on them or trick them into accept fake payments.<br />
<br />
Hardware wallets only keep the [[private keys]] safe and create spending transactions; they cannot tell you if you have actually received coins and in what quantity. Bitcoin's security model also requires that [[full node]] wallets are used. If not, somebody could pay you with a transaction of something other than bitcoin. If bitcoin is digital gold then a full node wallet is your own personal goldsmith who checks that the incoming payments are actually real. Also the third-party wallet will see all your [[Address|bitcoin addresses]] so this is very damaging to your privacy.<br />
<br />
Most hardware wallets can be connected to [[Electrum]] bitcoin wallet. Electrum can be connected to your own [[Electrum#Electrum Personal Server|full node via a server]]. <br />
<br />
See also: [[Full node#Why should you use a full node wallet]]<br />
<br />
== Commercial hardware wallets (ordered chronologically) ==<br />
<br />
=== [[Trezor]] The Bitcoin Safe ===<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with Trezor]]<br />
<br />
[[Trezor]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys ([[BIP 0032]]/[[BIP 0044]]). A recovery seed is generated when the device is initialized. In case Trezor gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another [[BIP 0039]]/[[BIP 0044]] compatible wallet. <br />
<br />
Trezor also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
[https://shop.trezor.io Trezor E-shop] | [https://wiki.trezor.io Trezor Wiki] | [https://trezor.io Trezor Homepage]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger HW.1 - USB Smartcard Hardware Wallet ===<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic ([[BIP 0032]]) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specific needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://www.ledgerwallet.com/products/3-ledger-hw-1 E-shop] | [https://ledgerhq.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Nano protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips). The device connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
The second factor verification of the transaction signature can be done either with a paired smartphone (Android, iOS) or a physical security card.<br />
<br />
The Ledger Wallet Chrome application (available also on Chromium) provides an easy onboarding as well as a seamless user experience, and the Nano is compatible with numerous third party software: [[Electrum]], [[Mycelium]], [[GreenAddress]], Greenbits, [[Coinkite]] and Copay.<br />
<br />
[https://www.ledgerwallet.com/products/1-ledger-nano Ledger Nano product page] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Unplugged - NFC Smartcard Hardware Wallet ===<br />
[[File:ledger_unplugged_photo.jpg|300px|thumb|left|Ledger Unplugged NFC]]<br />
<br />
The Ledger Unplugged is a credit card sized NFC hardware wallet. It embeds an open source Java Card app and is compatible with all NFC enabled Android phones.<br />
<br />
The device can be used with Mycelium or Greenbits. In case of loss, you can restore it on any Ledger Wallet (Nano or another one) or all other compatible solutions (BIP 39).<br />
<br />
[https://www.ledgerwallet.com/products/6-ledger-unplugged Ledger Unplugged product page] | [https://github.com/LedgerHQ/ledger-javacard Source code]<br />
<br />
<br clear="all"><br />
<br />
=== BWALLET TREZOR clone ===<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
BWALLET is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However, this product has been [https://www.reddit.com/r/Bitcoin/comments/2tyier/bwallet_review_by_trezor_developer/ reviewed by Merek aka Slush(Trezor developer)] and he has found some problems which makes this device less than 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website and it does not work with Trezor official firmware. <br />
<br />
[http://mybwallet.com MyBWALLET.com] | [http://www.bidingxing.com/en/bwallet Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
=== KeepKey: Your Private Bitcoin Vault ===<br />
[[File:keepkey.jpg|300px|thumb|left|KeepKey showing a bitcoin transaction that needs to be manually approved.]]<br />
<br />
KeepKey is a USB device that stores and secures your bitcoins. When you entrust KeepKey with your money, each and every bitcoin transaction you make must be reviewed and approved via it's OLED display and confirmation button.<br />
<br />
KeepKey has a unique recovery feature utilizing a rotating cipher to restore private keys with a [[BIP 0039]] recovery seed. This means it is not necessary to store your private keys on KeepKey: the recovery process is secure enough so that KeepKey can be used as a transaction device for paper backups. <br />
<br />
[https://www.keepkey.com keepkey.com]<br />
<br />
<br clear="all"><br />
<br />
=== Opendime: Bitcoin Credit Stick ===<br />
<br />
[[file:Opendime.jpeg|400px|thumb|left|Opendime Package]]<br />
<br />
The 1st Bitcoin Bearer Bond or just call it a "Bitcoin Stick" <br />
<br />
Opendime is a small USB stick that allows you to spend Bitcoin like a dollar bill. Pass it along multiple times. <br />
Connect to any USB to check balance. Unseal anytime to spend online. Trust no one.<br />
<br />
It comes in the shape of a mini USB, and [[Opendime-ui.png|setting it up is astonishingly quick and simple]]. You plug OpenDime into a USB port, and it behaves just like a USB drive with a tiny amount of storage. In its folder, is a web page. You open the webpage in your browser, and there’s only one instruction to follow: “Drop a file onto the drive”. Once you do that, the OpenDime automagically generates a unique address for you to receive Bitcoin with.<br />
<br />
[http://www.opendime.com Opendime.com]<br />
<br />
* [https://opendime.com/#faq Opendime FAQ]<br />
* You can watch a [https://www.youtube.com/watch?v=9UFF9d3Y1BY video here]<br />
* Read this [https://medium.com/@beautyon_/exquisite-opendime-ad1195a2790e review]<br />
* Multi-language user interface: 中文 • 日本語 • English • Portuguese • Français • Deutsch • Русский<br />
* Works as USB drive with no need for software<br />
* [https://github.com/opendime/electrum Opendime Electrum plugin]<br />
* [https://github.com/opendime/ Opendime source files and key verification]<br />
<br />
<br clear="all"><br />
<br />
=== CoolWallet: The Ultimate Bitcoin Safe ===<br />
<!-- 2016-04-09: Consider removing this device until actually for sale? --><br />
<br />
[[File:CoolWallet in the box.jpeg|300px|thumb|left|CoolWallet showing Launch App, waiting for user to connect with smartphone via Bluetooth]]<br />
<br />
CoolWallet is a credit card sized Bluetooth device that stores and secures your bitcoins and private keys. It fits in your wallet and works wirelessly.<br />
<br />
Every Bitcoin transaction must be manually confirmed and approved through its e-paper display and button. <br />
<br />
CoolWallet only acknowledges the paired smartphone. Whoever stole the CoolWallet are not able to steal any bitcoins. Using recovery Seed can restore all your bitcoins in case you lost the device. <br />
<br />
[https://coolbitx.com coolbitx.com] | [https://github.com/CoolBitX-Technology/coolwallet-ios Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== BlochsTech card: Your user friendly Bitcoin wallet ===<br />
<!-- 2016-04-09: Possible vaporware / scam? Website insecure & badly designed with no substantial info. Consider finding technical docs, real reviews or removing this device. --><br />
<br />
[[file:BlochsTech Bitcoin card hardware wallet.jpg|300px|thumb|left|Graphic printed on front of BlochsTech cards.]]<br />
<br />
The BlochsTech open Bitcoin card is an open protocol secure hardware Bitcoin wallet your grandmother could use.<br />
For shops it's faster to accept than slow QR code based wallets and more reliable as it works offline.<br />
<br />
Currently it's of course in a novelty phase like Casascius coins (of which thousands were sold),<br />
however in the long run it is fully capable of functionally replacing the VISA system in all nations.<br />
<br />
[http://www.BlochsTech.com BlochsTech.com]<br />
<br />
<br clear="all"><br />
<br />
<br />
<br />
=== BitLox Bitcoin Hardware Wallet ===<br />
[[file:Bitlox.jpg|300px|thumb|left|BitLox Bitcoin Hardware Wallet]]<br />
<br />
BitLox is a metal cased (aluminum or titanium) bitcoin hardware wallet that works with their own web based wallet by USB and apps for iPhone and Android using Bluetooth LE.<br />
<br />
At present it is the only bitcoin hardware wallet you can buy that works with iPhone. The device weighs one ounce and is the size of a credit card 4 mm thick.<br />
<br />
Bitlox allows you to set up hidden wallets. Unlike other hardware wallets your seed is never displayed on a connected computer or phone but only on the Bitlox. All your wallet, device and transaction PINs are only entered on the BitLox and never on any app. <br />
<br />
BitLox has also implemented several advanced security features not available on any other bitcoin hardware wallet. <br />
<br />
[http://www.bitlox.com bitlox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Digital Bitbox ===<br />
[[file:Digital-bitbox.png|thumb|left|Digital Bitbox Hardware Wallet]]<br />
<br />
* Secure hardware RNG & key storage using [http://www.atmel.com/Images/Atmel-8914-CryptoAuth-ATAES132A-Datasheet.pdf crypto element] with 50 year lifespan and an epoxy-filled case.<br />
* Offline backup and recovery of [[BIP_0032|BIP-32]] seed with a micro SD card rather than [[BIP_0039|BIP-39]] phrase written on paper as in Trezor.<br />
* Native software wallet client and ability to use a mobile phone for 2FA and to verify transaction details.<br />
* Multisig out-of-the-box including Copay support.<br />
* [https://github.com/digitalbitbox Open Source] ([https://github.com/digitalbitbox/mcu#digital-bitbox-firmware firmware], [https://github.com/digitalbitbox/mcu/blob/bf48984fd4a47d9ebf6814f7d01b078964587c7c/src/bootloader.c bootloader], [https://github.com/digitalbitbox/dbb-app desktop client]).<br />
* Full FIDO U2F support (https://en.wikipedia.org/wiki/Universal_2nd_Factor)<br />
* Made in Switzerland (a country with strong privacy laws) by [[Bitcoin Core]] developer Jonas Schnelli.<br />
<br />
[https://digitalbitbox.com digitalbitbox.com]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Nano S - USB Smartcard Hardware Wallet ===<br />
[[File:ledger_wallet_nanos_photo.png|300px|thumb|left|Ledger Wallet Nano S]]<br />
<br />
Ledger Nano S is a secure Bitcoin hardware wallet. It connects to any computer through USB and embeds a built-in OLED display to double-check and confirm each transaction with a single tap on its buttons. It is architectured around a Secure Element (ST31 family) and built on top of the BOLOS platform, a powerful and flexible Operating System allowing the secure execution of multiple Open Source applications in full isolation.<br />
<br />
Main features:<br />
* cryptographic secrets protected by a secure chip<br />
* open source embedded Bitcoin app<br />
* Confirmation of transactions on the embedded screen<br />
* Built-in 4 digits PIN security lock<br />
* Built-in onboarding (seed generation and recovery)<br />
* BIP39 seed (12/18/24 words), easy backup and restoration<br />
* Multi-apps support: FIDO U2F, GPG, SSH…<br />
* USB connectivity<br />
* Foldable and compact casing<br />
<br />
[https://www.ledgerwallet.com/products/12-ledger-nano-s Ledger Nano S product page]<br />
<br />
<br clear="all"><br />
<br />
=== Swiss Bank in Your Pocket - Hardware wallet ===<br />
[[File:SBIYP.png|300px|thumb|left|Swiss Bank In Your Pocket]]<br />
<br />
The Swiss Bank in Your Pocket is a Windows Desktop Application providing functionality for 5 Bitcoin Wallets and a Bitcoin Vault. <br />
<br />
The Bitcoin Vault can only send Bitcoins to the Bitcoin Wallets with in the application. Each Bitcoin wallet can have up to 5 Receive addresses. The intuitive user interface is designed for ease of use. USB security key is required to make any type of transaction. frontend software is installed on windows. Package includes secure USB key, and an additional recovery USB key. So in case of an accident, customer will have an additional backup to access their wallets. <br />
<br />
The device currently have Bitcoin and Ethereum wallets. More upgrades coming to include other altcoin wallets (e.g. Bitcoin Cash, EOT Coin). <br />
<br />
[https://swissbankinyourpocket.com/ swissbankinyourpocket.com]<br />
<br />
<br clear="all"><br />
<br />
=== Secalot ===<br />
[[File:secalot_wallet.png|300px|thumb|left|Secalot]]<br />
<br />
Main features:<br />
* Software and hardware are fully open sourced.<br />
* Utilizes a secure microcontroller with a high performance dedicated cryptographic co-processor.<br />
* Integrates with the popular Electrum wallet.<br />
* PIN-code protected.<br />
* Confirm transactions with a touch button press on the device.<br />
* Supports P2PKH, P2SH, and segWit transactions.<br />
* Updatable firmware.<br />
* Extra functionality: OpenPGP smart card, FIDO U2F authenticator, one-time password generator.<br />
<br />
Website: [https://www.secalot.com www.secalot.com]<br />
<br />
<br clear="all"><br />
<br />
=== ELLIPAL ===<br />
[[File:Ellipal wallet.png|300px|thumb|left|ELLIPAL]]<br />
<br />
ELLIPAL hardware wallet secures keys in cold storage without connections except LCD screen. It works with companion mobile App via QR code.<br />
<br />
Main features:<br />
* Working with mobile phone via QR code<br />
* Internet Isolated Cold Wallet<br />
* Multi-currency, cross-chain<br />
* Supports P2PKH, P2SH, and segWit transactions<br />
* 4" Screen with touch panel<br />
* Support private key import<br />
* PIN-code and gesture pattern protect<br />
* Confirmation of transactions details on screen<br />
* BIP32/BIP39/BIP44<br />
* iPhone and Android companion App: account management, market info and coin exchange. <br />
<br />
Website: [https://www.ellipal.com www.ellipal.com]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
<br />
The Pi-Wallet is a small computer with the [[Armory]] bitcoin client.<br />
<br />
Transactions are signed offline, then transferred on a USB stick via [https://en.wikipedia.org/wiki/Sneakernet Sneakernet] to an online system for broadcasting.<br />
<br />
[https://www.pi-wallet.com/ pi-wallet.com]<br />
<br />
<br clear="all"><br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=152517.0 Final BitSafe announcement]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [https://bitcoinnewsmagazine.com/best-bitcoin-hardware-wallet-2015/ Best Bitcoin Hardware Wallet 2015] - reviews of all bitcoin hardware wallets.<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]: slush's Hardware wallet wire protocol discussion<br />
* [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 Re: Split private keys]: kjj's Todo List discussion for client protocol requirements<br />
* [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://www.buybitcoinworldwide.com/wallets/ Bitcoin Hardware Wallet Comparison] - information about using Bitcoin hardware wallets for cold storage.<br />
* [https://www.weusecoins.com/bitcoin-ledger-wallet-review/ Ledger Wallet Review]<br />
<br />
== See Also ==<br />
<br />
* [[Storing bitcoins]]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [[Cold storage]]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets| ]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=65855TREZOR2018-11-06T13:33:40Z<p>Slush: Redirected page to Trezor</p>
<hr />
<div>#REDIRECT [[Trezor]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Trezor&diff=65854Trezor2018-11-06T13:33:21Z<p>Slush: Created page with "Trezor homepage: [https://Trezor.io Trezor.io]Be Your Own Bank with Trezor '''Trezor''' is a hardware wallet providing advan..."</p>
<hr />
<div>Trezor homepage: [https://Trezor.io Trezor.io][[File:T1andTTtogether.jpg|450px|thumb|right|Be Your Own Bank with Trezor]]<br />
'''Trezor''' is a [[hardware wallet]] providing advanced security for handling Bitcoin and other cryptocurrencies private keys.<br />
<br />
Unlike traditional [[cold storage]] methods (offline storage or paper wallets), Trezor makes secure payments without exposing your private keys to a potentially compromised computer. See [https://wiki.Trezor.io/Security:Security_philosophy Security philosophy] for more info.<br />
<br />
== Trezor One vs. Trezor Model T ==<br />
<br />
[[File:Trezor-model-t-photo-front.jpg|200px|thumb|right|Trezor Model T]]<br />
<br />
'''Trezor One''' offers everything needed to protect cryptocurrency funds together with advanced features like [https://wiki.trezor.io/User_manual:Password_Manager Password manager] or [https://wiki.trezor.io/User_manual:Two-factor_Authentication_with_U2F U2F two-factor authorization]. <br />
<br />
For more information, see [https://wiki.trezor.io/Trezor_One Trezor One].<br />
<br />
'''Trezor Model T''' is the premium version of the hardware wallet. In addition to the functionalities of Trezor One, it has a colored touchscreen for secure on-device input, modern design, an SD card slot, and some other more advanced features. <br />
<br />
For more information see [https://wiki.trezor.io/Trezor_Model_T Trezor Model T].<br />
<br />
''See also this [https://trezor.io/#comparison comparison table].''<br />
<br />
== How does it work? ==<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with Trezor One]]<br />
<br />
Trezor is a small single-purpose computer. It is designed to protect your private keys from possible online and offline risks. To do this, Trezor keeps the private keys away from the Internet and confirms the transactions in-device. That way, you can always check the screen for the right address, amount and transaction fee before sending your bitcoins.<br />
<br />
In layman's terms, you can connect Trezor to an infected computer and still be able to have 100% control over the funds in your device. <br />
<br />
Find out how exactly Trezor is designed to provide excellent security:<br />
<br />
* [https://wiki.Trezor.io/Security:Software Software Design & Security]<br />
* [https://wiki.Trezor.io/Security:Hardware Hardware Design]<br />
<br />
Do you want to know how Trezor protects you against various attack types and what to do in dangerous situations?<br />
<br />
* [https://wiki.Trezor.io/Security:Threats Security Threats] <br />
<br />
== Using Trezor ==<br />
<br />
[https://wallet.trezor.io Trezor Wallet] is an easy-to-use browser interface for Trezor. Using the Wallet, you can easily set up the device, manage your cryptocurrency assets, initiate transfers to other services or friends, and more. It is also possible to use your Trezor device with other wallets, eg., [[Electrum]].<br />
<br />
* [https://wiki.trezor.io/User_manual User manual]<br />
<br />
=== Sending transactions ===<br />
<br />
Have a look at how easy and comfortable it is to send transactions:<br />
<br />
* [https://wiki.trezor.io/User_manual:Making_payments Making payments]<br />
<br />
=== Receiving address phishing protection === <br />
[[File:Trezor_Show_address.png|300px|thumb|right|Show full address on Trezor]]<br />
<br />
Make sure that an infected computer has not changed the receiving address you have provided to someone else. The "Show on Trezor" feature has been developed specifically for this purpose:<br />
<br />
* [https://wiki.trezor.io/User_manual:Receiving_payments Receiving payments]<br />
<br />
=== Sign & Verify messages ===<br />
<br />
It is also possible to sign and verify messages using Trezor:<br />
<br />
* [https://wiki.trezor.io/User_manual:Signing_and_verifying_messages Sign & verify messages]<br />
<br />
=== Backup and recovery ===<br />
<br />
When first activating the device, you are asked to write down the recovery seed phrase.<br />
<br />
This means that in case your Trezor is lost or stolen you can easily retrieve your funds another Trezor or any other compatible wallet.<br />
<br />
* [https://wiki.trezor.io/User_manual:Emergency_situations Emergency situations]<br />
* [https://wiki.trezor.io/User_manual:Recovery User manual: Recovery]<br />
<br />
=== Advanced Settings - Passphrase === <br />
<br />
You can further improve the security by using a passphrase and or multiple passphrases to create so-called "Hidden Wallets". More details here:<br />
<br />
* [https://wiki.trezor.io/Multi-passphrase_encryption_(hidden_wallets) Advanced Settings - Multi-passphrase_encryption_(hidden_wallets)]<br />
<br />
===Advanced features===<br />
<br />
* '''U2F'''<br />
You can use Trezor as your [https://wiki.trezor.io/User_manual:Two-factor_Authentication_with_U2F second-factor authentication (U2F)] token with services such as Google, GitHub or Dropbox. A further advantage of Trezor is that its users can truly verify what they are about to authorize on the device display.<br />
<br />
* '''Password Manager'''<br />
The [https://wiki.trezor.io/User_manual:Password_Manager Trezor Password Manager] allows users to manage all their passwords and digital identity with the Trezor security and encryption. The Trezor Password Manager does not require remembering one master password, as access is granted by pressing a physical button on your Trezor device. Your passwords are stored on Dropbox or Google Drive in an encrypted form using the private keys derived and safely stored in your Trezor.<br />
<br />
* '''SSH login'''<br />
With the [https://wiki.trezor.io/Apps:SSH_agent Trezor SSH Agent], administrators can enjoy passwordless and secure authentication to their servers.<br />
<br />
*[https://wiki.trezor.io/User_manual#Advanced_features_and_operations Advanced features and operations]<br />
<br />
== Resources ==<br />
<br />
* [https://Trezor.io Trezor Website]<br />
* [https://shop.Trezor.io Trezor E-shop]<br />
* [https://wiki.trezor.io/ Trezor Wiki]<br />
* [https://wallet.trezor.io Trezor Wallet]<br />
* [https://wiki.trezor.io/Apps Trezor Compatible Apps]<br />
<br />
== Community ==<br />
<br />
* [https://www.reddit.com/r/Trezor/ Trezor Reddit]<br />
* [https://www.facebook.com/BitcoinTrezor Trezor Facebook]<br />
* [https://twitter.com/Trezor Trezor Twitter]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=65853TREZOR2018-11-06T13:29:21Z<p>Slush: </p>
<hr />
<div>Trezor homepage: [https://Trezor.io Trezor.io][[File:T1andTTtogether.jpg|450px|thumb|right|Be Your Own Bank with Trezor]]<br />
'''Trezor''' is a [[hardware wallet]] providing advanced security for handling Bitcoin and other cryptocurrencies private keys.<br />
<br />
Unlike traditional [[cold storage]] methods (offline storage or paper wallets), Trezor makes secure payments without exposing your private keys to a potentially compromised computer. See [https://wiki.Trezor.io/Security:Security_philosophy Security philosophy] for more info.<br />
<br />
== Trezor One vs. Trezor Model T ==<br />
<br />
[[File:Trezor-model-t-photo-front.jpg|200px|thumb|right|Trezor Model T]]<br />
<br />
'''Trezor One''' offers everything needed to protect cryptocurrency funds together with advanced features like [https://wiki.trezor.io/User_manual:Password_Manager Password manager] or [https://wiki.trezor.io/User_manual:Two-factor_Authentication_with_U2F U2F two-factor authorization]. <br />
<br />
For more information, see [https://wiki.trezor.io/Trezor_One Trezor One].<br />
<br />
'''Trezor Model T''' is the premium version of the hardware wallet. In addition to the functionalities of Trezor One, it has a colored touchscreen for secure on-device input, modern design, an SD card slot, and some other more advanced features. <br />
<br />
For more information see [https://wiki.trezor.io/Trezor_Model_T Trezor Model T].<br />
<br />
''See also this [https://trezor.io/#comparison comparison table].''<br />
<br />
== How does it work? ==<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with Trezor One]]<br />
<br />
Trezor is a small single-purpose computer. It is designed to protect your private keys from possible online and offline risks. To do this, Trezor keeps the private keys away from the Internet and confirms the transactions in-device. That way, you can always check the screen for the right address, amount and transaction fee before sending your bitcoins.<br />
<br />
In layman's terms, you can connect Trezor to an infected computer and still be able to have 100% control over the funds in your device. <br />
<br />
Find out how exactly Trezor is designed to provide excellent security:<br />
<br />
* [https://wiki.Trezor.io/Security:Software Software Design & Security]<br />
* [https://wiki.Trezor.io/Security:Hardware Hardware Design]<br />
<br />
Do you want to know how Trezor protects you against various attack types and what to do in dangerous situations?<br />
<br />
* [https://wiki.Trezor.io/Security:Threats Security Threats] <br />
<br />
== Using Trezor ==<br />
<br />
[https://wallet.trezor.io Trezor Wallet] is an easy-to-use browser interface for Trezor. Using the Wallet, you can easily set up the device, manage your cryptocurrency assets, initiate transfers to other services or friends, and more. It is also possible to use your Trezor device with other wallets, eg., [[Electrum]].<br />
<br />
* [https://wiki.trezor.io/User_manual User manual]<br />
<br />
=== Sending transactions ===<br />
<br />
Have a look at how easy and comfortable it is to send transactions:<br />
<br />
* [https://wiki.trezor.io/User_manual:Making_payments Making payments]<br />
<br />
=== Receiving address phishing protection === <br />
[[File:Trezor_Show_address.png|300px|thumb|right|Show full address on Trezor]]<br />
<br />
Make sure that an infected computer has not changed the receiving address you have provided to someone else. The "Show on Trezor" feature has been developed specifically for this purpose:<br />
<br />
* [https://wiki.trezor.io/User_manual:Receiving_payments Receiving payments]<br />
<br />
=== Sign & Verify messages ===<br />
<br />
It is also possible to sign and verify messages using Trezor:<br />
<br />
* [https://wiki.trezor.io/User_manual:Signing_and_verifying_messages Sign & verify messages]<br />
<br />
=== Backup and recovery ===<br />
<br />
When first activating the device, you are asked to write down the recovery seed phrase.<br />
<br />
This means that in case your Trezor is lost or stolen you can easily retrieve your funds another Trezor or any other compatible wallet.<br />
<br />
* [https://wiki.trezor.io/User_manual:Emergency_situations Emergency situations]<br />
* [https://wiki.trezor.io/User_manual:Recovery User manual: Recovery]<br />
<br />
=== Advanced Settings - Passphrase === <br />
<br />
You can further improve the security by using a passphrase and or multiple passphrases to create so-called "Hidden Wallets". More details here:<br />
<br />
* [https://wiki.trezor.io/Multi-passphrase_encryption_(hidden_wallets) Advanced Settings - Multi-passphrase_encryption_(hidden_wallets)]<br />
<br />
===Advanced features===<br />
<br />
* '''U2F'''<br />
You can use Trezor as your [https://wiki.trezor.io/User_manual:Two-factor_Authentication_with_U2F second-factor authentication (U2F)] token with services such as Google, GitHub or Dropbox. A further advantage of Trezor is that its users can truly verify what they are about to authorize on the device display.<br />
<br />
* '''Password Manager'''<br />
The [https://wiki.trezor.io/User_manual:Password_Manager Trezor Password Manager] allows users to manage all their passwords and digital identity with the Trezor security and encryption. The Trezor Password Manager does not require remembering one master password, as access is granted by pressing a physical button on your Trezor device. Your passwords are stored on Dropbox or Google Drive in an encrypted form using the private keys derived and safely stored in your Trezor.<br />
<br />
* '''SSH login'''<br />
With the [https://wiki.trezor.io/Apps:SSH_agent Trezor SSH Agent], administrators can enjoy passwordless and secure authentication to their servers.<br />
<br />
*[https://wiki.trezor.io/User_manual#Advanced_features_and_operations Advanced features and operations]<br />
<br />
== Resources ==<br />
<br />
* [https://Trezor.io Trezor Website]<br />
* [https://shop.Trezor.io Trezor E-shop]<br />
* [https://wiki.trezor.io/ Trezor Wiki]<br />
* [https://wallet.trezor.io Trezor Wallet]<br />
* [https://wiki.trezor.io/Apps Trezor Compatible Apps]<br />
<br />
== Community ==<br />
<br />
* [https://www.reddit.com/r/Trezor/ Trezor Reddit]<br />
* [https://www.facebook.com/BitcoinTrezor Trezor Facebook]<br />
* [https://twitter.com/Trezor Trezor Twitter]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=File:Trezor_Show_address.png&diff=65852File:Trezor Show address.png2018-11-06T13:28:35Z<p>Slush: </p>
<hr />
<div></div>Slushhttps://en.bitcoin.it/w/index.php?title=File:Trezor-model-t-photo-front.jpg&diff=65851File:Trezor-model-t-photo-front.jpg2018-11-06T13:28:04Z<p>Slush: </p>
<hr />
<div></div>Slushhttps://en.bitcoin.it/w/index.php?title=File:T1andTTtogether.jpg&diff=65850File:T1andTTtogether.jpg2018-11-06T13:27:20Z<p>Slush: </p>
<hr />
<div></div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=56596Hardware wallet2015-05-21T20:42:52Z<p>Slush: /* BWALLET TREZOR clone */</p>
<hr />
<div>A '''hardware wallet''' is a device that stores a part of a user's [[wallet]] securely in mostly-offline hardware. They have major advantages over other wallet types:<br />
<br />
* the key is often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, as opposed to a [[paper wallet]] which must be imported to software at some point<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
<br />
<br />
== Purchasable hardware wallets (ordered chronologically) ==<br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
[http://www.pi-wallet.com/ Pi-Wallet Shop]<br />
<br />
[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]<br />
<br />
The Pi-Wallet is comparable to an offline Notebook. <br />
<br />
However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.<br />
<br />
To sign offline-transaction you will need an (unused) USB stick.<br />
<br />
<br />
<br clear="all"><br />
<br />
=== [[TREZOR]] The Bitcoin Safe ===<br />
[http://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with TREZOR]]<br />
<br />
[[TREZOR]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32/BIP44). A recovery seed is generated when the device is initialized. In case TREZOR gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39/BIP44 compatible wallet. <br />
<br />
TREZOR also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
[http://BuyTrezor.com E-shop BuyTrezor.com] | [http://doc.satoshilabs.com/ TREZOR Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== BTChip HW.1 - USB Smartcard Hardware Wallet ===<br />
[https://www.hardwarewallet.com HW.1 Home Page]<br />
<br />
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]<br />
<br />
HW.1 is an implementation of a deterministic (BIP 32) Hardware Wallet on a USB smartcard.<br />
<br />
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.<br />
<br />
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.<br />
<br />
It is also possible to customize HW.1 for more specfic needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.<br />
<br />
[https://buy.hardwarewallet.com E-shop] | [https://btchip.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Ledger Wallet - USB Smartcard Hardware Wallet ===<br />
<br />
[[File:ledger_wallet_photo.jpg|300px|thumb|left|Ledger Wallet USB]]<br />
<br />
Ledger Wallet protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips).<br />
<br />
The Ledger Wallet connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.<br />
<br />
It is compatible with Electrum 2.0 for power users, or with the Ledger Wallet Chrome application which provides an easy onboarding as well as a seamless user experience.<br />
<br />
[https://www.ledgerwallet.com Ledger Wallet Home] | [https://github.com/LedgerHQ Source and specifications]<br />
<br />
<br clear="all"><br />
<br />
=== [[BWALLET]] TREZOR clone ===<br />
[http://mybwallet.com MyBWALLET.com]<br />
<br />
[[File:BWALLET_Trezor_Clone.jpeg|200px|thumb|left|Chinese clone of Trezor]]<br />
<br />
[[BWALLET]] is a clone of Trezor by a Chinese company.<br />
Trezor code is open source and this device operates like a Trezor.<br />
However device is not 100% compatible, for example it doesn't work with [http://mytrezor.com myTREZOR.com] website.<br />
<br />
[http://www.coincola.com/shops/54c1fc24963d3759182b2c7f?locale=en Buy BWALLET]<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=127587.0 BitSafe Hardware Wallet Development - BOM Ready - 50 kits being prepared]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* [http://99bitcoins.com/trezor-vs-ledger-hands-hardware-wallets-review/ TREZOR vs. Ledger] - User reviews and Reddit feedback<br />
* slush's Hardware wallet wire protocol discussion: [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]<br />
* kjj's Todo List discussion for client protocol requirements: [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 in topic Re: Split private keys]<br />
* paybitcoin's original post: [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://bitcointalk.org/index.php?topic=135090.0 This thread] about editing this very wiki entry.<br />
* Various Hardware Wallets and Reviews: [http://www.offlinewallets.com/hardware-wallets Offline Hardware Wallets]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=49828TREZOR2014-08-13T13:24:46Z<p>Slush: </p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
'''TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.'''<br />
<br />
Unlike a cold storage (offline storage or paper wallet), TREZOR is also able to sign transactions. That means spending bitcoins is secure without exposing your private keys to a potentially compromised computer.<br />
<br />
== TREZOR Hardware Design ==<br />
<br />
TREZOR is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a USB via protocol that allows only to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required.<br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
=== Backup ===<br />
<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups of private keys unnecessary. <br />
<br />
When first initialized, a mnemonic code of 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet, using the recovery seed.<br />
<br />
=== PIN protection === <br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can't be logged and misused.<br />
<br />
=== Passphrase encryption ===<br />
<br />
Another level of protection is the encryption passphrase which protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Using TREZOR ==<br />
<br />
TREZOR needs an online wallet or a desktop client as an interface that broadcasts the transactions signed by the device to the blockchain.<br />
<br />
In order to send coins or change the basic settings, the device needs to be connected to a computer with a micro USB cable.<br />
<br />
In order to receive coins there is no need to have the device plugged in.<br />
<br />
===Compatible software===<br />
<br />
In order to be compatible with TREZOR a software must implement the following standards: [[BIP 0032]], [[BIP 0039]] and [[BIP 0044]]<br />
<br />
* [https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
* [https://play.google.com/store/apps/details?id=com.bonsai.wallet32 Wallet32 for Android]<br />
<br />
== Resources ==<br />
<br />
* [http://doc.satoshilabs.com/ TREZOR Manual]<br />
* [http://bitcointrezor.com TREZOR Website]<br />
* [https://buytrezor.com E-shop BuyTrezor.com]<br />
* [https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=49827Hardware wallet2014-08-13T13:16:51Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a device that stores a part of a user's [[wallet]] securely in mostly-offline hardware. They have major advantages over other wallet types:<br />
<br />
* the key is often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, as opposed to a [[paper wallet]] which must be imported to software at some point<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
<br />
<br />
== Purchasable hardware wallets ==<br />
<br />
=== Piper - Standalone bitcoin paper wallet printer ===<br />
[http://www.piperwallet.com PiperWallet.com]<br />
[[File:piper.jpg|300px|thumb|left|Piper wallet from the front]]<br />
Piper is the easiest way to store bitcoin and other cryptocurrencies securely.<br />
<br />
* Easy: Simply press the button to print a new paper wallet. You can choose to have Piper store your keys. Backup is as easy as plugging in a USB drive.<br />
* Secure: Paper wallets are the most secure way to store your Bitcoin. Piper is the only offline wallet to pass all 26 Dieharder tests to ensure secure private key generation.<br />
* Customizable: Plug in a display, mouse, and keyboard and customize Piper to do whatever you want. It's Linux-based, open source, and powered by the Raspberry Pi. You can even use your own printer! <br />
<br />
<br clear="all"><br />
<br />
=== [[TREZOR]] The Bitcoin Safe ===<br />
[http://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with TREZOR]]<br />
<br />
[[TREZOR]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32/BIP44). A recovery seed is generated when the device is initialized. In case TREZOR gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39/BIP44 compatible wallet. <br />
<br />
TREZOR also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
[http://BuyTrezor.com E-shop BuyTrezor.com] | [http://doc.satoshilabs.com/ TREZOR Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
[http://www.pi-wallet.com/ Pi-Wallet Shop]<br />
<br />
[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]<br />
<br />
The Pi-Wallet is comparable to an offline Notebook. <br />
<br />
However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.<br />
<br />
To sign offline-transaction you will need an (unused) USB stick.<br />
<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=127587.0 BitSafe Hardware Wallet Development - BOM Ready - 50 kits being prepared]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== BTChip btchip USB based transaction signer and private key holder ===<br />
[[File:Btchip-wallet.jpg|300px|thumb|left|BTChip]]<br />
[https://bitcointalk.org/index.php?topic=134999.0 ANN Smartcard wallet project + btchip implementation (no reader required)]<br />
<br />
[http://www.btchip.com www.btchip.com]<br />
<br />
USB smartcard dedicated to bitcoins, no keypad or display so trust in the host device is required. An improvement has been implemented that uses a secret value known to the user during the transaction for additional security.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* slush's Hardware wallet wire protocol discussion: [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]<br />
* kjj's Todo List discussion for client protocol requirements: [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 in topic Re: Split private keys]<br />
* paybitcoin's original post: [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://bitcointalk.org/index.php?topic=135090.0 This thread] about editing this very wiki entry.<br />
* Various Hardware Wallets and Reviews: [http://www.offlinewallets.com/hardware-wallets Offline Hardware Wallets]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=49826Hardware wallet2014-08-13T13:03:54Z<p>Slush: /* TREZOR The Bitcoin Safe */</p>
<hr />
<div>A '''hardware wallet''' is a device that stores a part of a user's [[wallet]] securely in mostly-offline hardware. They have major advantages over other wallet types:<br />
<br />
* the key is often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, as opposed to a [[paper wallet]] which must be imported to software at some point<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
<br />
<br />
== Purchasable hardware wallets ==<br />
<br />
=== Piper - Standalone bitcoin paper wallet printer ===<br />
[http://www.piperwallet.com PiperWallet.com]<br />
[[File:piper.jpg|300px|thumb|left|Piper wallet from the front]]<br />
Piper is the easiest way to store bitcoin and other cryptocurrencies securely.<br />
<br />
* Easy: Simply press the button to print a new paper wallet. You can choose to have Piper store your keys. Backup is as easy as plugging in a USB drive.<br />
* Secure: Paper wallets are the most secure way to store your Bitcoin. Piper is the only offline wallet to pass all 26 Dieharder tests to ensure secure private key generation.<br />
* Customizable: Plug in a display, mouse, and keyboard and customize Piper to do whatever you want. It's Linux-based, open source, and powered by the Raspberry Pi. You can even use your own printer! <br />
<br />
<br clear="all"><br />
<br />
=== [[TREZOR]] The Bitcoin Safe ===<br />
[http://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with TREZOR]]<br />
<br />
[[TREZOR]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.<br />
<br />
It uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32/BIP44). A recovery seed is generated when the device is initialized. In case TREZOR gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39/BIP44 compatible wallet. <br />
<br />
TREZOR also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
[http://BuyTrezor.com e-Shop BuyTrezor.com] | [http://doc.satoshilabs.com/ TREZOR Documentation]<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
[http://www.pi-wallet.com/ Pi-Wallet Shop]<br />
<br />
[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]<br />
<br />
The Pi-Wallet is comparable to an offline Notebook. <br />
<br />
However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.<br />
<br />
To sign offline-transaction you will need an (unused) USB stick.<br />
<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=127587.0 BitSafe Hardware Wallet Development - BOM Ready - 50 kits being prepared]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== BTChip btchip USB based transaction signer and private key holder ===<br />
[[File:Btchip-wallet.jpg|300px|thumb|left|BTChip]]<br />
[https://bitcointalk.org/index.php?topic=134999.0 ANN Smartcard wallet project + btchip implementation (no reader required)]<br />
<br />
[http://www.btchip.com www.btchip.com]<br />
<br />
USB smartcard dedicated to bitcoins, no keypad or display so trust in the host device is required. An improvement has been implemented that uses a secret value known to the user during the transaction for additional security.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* slush's Hardware wallet wire protocol discussion: [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]<br />
* kjj's Todo List discussion for client protocol requirements: [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 in topic Re: Split private keys]<br />
* paybitcoin's original post: [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://bitcointalk.org/index.php?topic=135090.0 This thread] about editing this very wiki entry.<br />
* Various Hardware Wallets and Reviews: [http://www.offlinewallets.com/hardware-wallets Offline Hardware Wallets]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=49356Hardware wallet2014-08-03T18:45:26Z<p>Slush: /* TREZOR The Bitcoin Safe */</p>
<hr />
<div>A '''hardware wallet''' is a device that stores a part of a user's [[wallet]] securely in mostly-offline hardware. They have major advantages over other wallet types:<br />
<br />
* the key is often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, as opposed to a [[paper wallet]] which must be imported to software at some point<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
<br />
<br />
== Purchasable hardware wallets ==<br />
<br />
=== Piper - Standalone bitcoin paper wallet printer ===<br />
[http://www.piperwallet.com PiperWallet.com]<br />
[[File:piper.jpg|300px|thumb|left|Piper wallet from the front]]<br />
Piper is the easiest way to store bitcoin and other cryptocurrencies securely.<br />
<br />
* Easy: Simply press the button to print a new paper wallet. You can choose to have Piper store your keys. Backup is as easy as plugging in a USB drive.<br />
* Secure: Paper wallets are the most secure way to store your Bitcoin. Piper is the only offline wallet to pass all 26 Dieharder tests to ensure secure private key generation.<br />
* Customizable: Plug in a display, mouse, and keyboard and customize Piper to do whatever you want. It's Linux-based, open source, and powered by the Raspberry Pi. You can even use your own printer! <br />
<br />
<br clear="all"><br />
<br />
=== [[TREZOR]] The Bitcoin Safe ===<br />
[http://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
[http://BuyTrezor.com BuyTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming transaction with TREZOR]]<br />
<br />
[http://doc.satoshilabs.com/trezor-user/index.html TREZOR User Manual]<br />
<br />
[http://doc.satoshilabs.com/trezor-faq/index.html FAQ]<br />
<br />
[http://doc.satoshilabs.com/trezor-tech/index.html Technical Manual]<br />
<br />
<br />
[[TREZOR]] is a secure bitcoin storage and a transaction signing tool. <br />
<br />
The private keys generated by the device never leave it and cannot be accessed by a malware. Thanks to a limited USB protocol only a payment template can be sent into the device (address and amount) which then has to be confirmed by a physical user interaction (visual verification of the transaction details and pressing the confirmation button).<br />
<br />
[[TREZOR]] uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32). <br />
<br />
A recovery seed is generated when the device is initialized. In case it gets lost or stolen, all it's contents can be recovered using the seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39 compatible wallet. <br />
<br />
[[TREZOR]] introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer.<br />
<br />
An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
[http://www.pi-wallet.com/ Pi-Wallet Shop]<br />
<br />
[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]<br />
<br />
The Pi-Wallet is comparable to an offline Notebook. <br />
<br />
However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.<br />
<br />
To sign offline-transaction you will need an (unused) USB stick.<br />
<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=127587.0 BitSafe Hardware Wallet Development - BOM Ready - 50 kits being prepared]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== BTChip btchip USB based transaction signer and private key holder ===<br />
[[File:Btchip-wallet.jpg|300px|thumb|left|BTChip]]<br />
[https://bitcointalk.org/index.php?topic=134999.0 ANN Smartcard wallet project + btchip implementation (no reader required)]<br />
<br />
[http://www.btchip.com www.btchip.com]<br />
<br />
USB smartcard dedicated to bitcoins, no keypad or display so trust in the host device is required. An improvement has been implemented that uses a secret value known to the user during the transaction for additional security.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* slush's Hardware wallet wire protocol discussion: [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]<br />
* kjj's Todo List discussion for client protocol requirements: [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 in topic Re: Split private keys]<br />
* paybitcoin's original post: [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://bitcointalk.org/index.php?topic=135090.0 This thread] about editing this very wiki entry.<br />
* Various Hardware Wallets and Reviews: [http://www.offlinewallets.com/hardware-wallets Offline Hardware Wallets]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=49355Hardware wallet2014-08-03T18:45:01Z<p>Slush: /* TREZOR The Bitcoin Safe */</p>
<hr />
<div>A '''hardware wallet''' is a device that stores a part of a user's [[wallet]] securely in mostly-offline hardware. They have major advantages over other wallet types:<br />
<br />
* the key is often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, as opposed to a [[paper wallet]] which must be imported to software at some point<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
<br />
<br />
== Purchasable hardware wallets ==<br />
<br />
=== Piper - Standalone bitcoin paper wallet printer ===<br />
[http://www.piperwallet.com PiperWallet.com]<br />
[[File:piper.jpg|300px|thumb|left|Piper wallet from the front]]<br />
Piper is the easiest way to store bitcoin and other cryptocurrencies securely.<br />
<br />
* Easy: Simply press the button to print a new paper wallet. You can choose to have Piper store your keys. Backup is as easy as plugging in a USB drive.<br />
* Secure: Paper wallets are the most secure way to store your Bitcoin. Piper is the only offline wallet to pass all 26 Dieharder tests to ensure secure private key generation.<br />
* Customizable: Plug in a display, mouse, and keyboard and customize Piper to do whatever you want. It's Linux-based, open source, and powered by the Raspberry Pi. You can even use your own printer! <br />
<br />
<br clear="all"><br />
<br />
=== [[TREZOR]] The Bitcoin Safe ===<br />
[http://bitcointrezor.com BitcoinTrezor.com]<br />
[http://BuyTrezor.com BuyTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming transaction with TREZOR]]<br />
<br />
[http://doc.satoshilabs.com/trezor-user/index.html TREZOR User Manual]<br />
[http://doc.satoshilabs.com/trezor-faq/index.html FAQ]<br />
[http://doc.satoshilabs.com/trezor-tech/index.html Technical Manual]<br />
<br />
<br />
[[TREZOR]] is a secure bitcoin storage and a transaction signing tool. <br />
<br />
The private keys generated by the device never leave it and cannot be accessed by a malware. Thanks to a limited USB protocol only a payment template can be sent into the device (address and amount) which then has to be confirmed by a physical user interaction (visual verification of the transaction details and pressing the confirmation button).<br />
<br />
[[TREZOR]] uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32). <br />
<br />
A recovery seed is generated when the device is initialized. In case it gets lost or stolen, all it's contents can be recovered using the seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39 compatible wallet. <br />
<br />
[[TREZOR]] introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer.<br />
<br />
An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
[http://www.pi-wallet.com/ Pi-Wallet Shop]<br />
<br />
[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]<br />
<br />
The Pi-Wallet is comparable to an offline Notebook. <br />
<br />
However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.<br />
<br />
To sign offline-transaction you will need an (unused) USB stick.<br />
<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=127587.0 BitSafe Hardware Wallet Development - BOM Ready - 50 kits being prepared]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== BTChip btchip USB based transaction signer and private key holder ===<br />
[[File:Btchip-wallet.jpg|300px|thumb|left|BTChip]]<br />
[https://bitcointalk.org/index.php?topic=134999.0 ANN Smartcard wallet project + btchip implementation (no reader required)]<br />
<br />
[http://www.btchip.com www.btchip.com]<br />
<br />
USB smartcard dedicated to bitcoins, no keypad or display so trust in the host device is required. An improvement has been implemented that uses a secret value known to the user during the transaction for additional security.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* slush's Hardware wallet wire protocol discussion: [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]<br />
* kjj's Todo List discussion for client protocol requirements: [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 in topic Re: Split private keys]<br />
* paybitcoin's original post: [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://bitcointalk.org/index.php?topic=135090.0 This thread] about editing this very wiki entry.<br />
* Various Hardware Wallets and Reviews: [http://www.offlinewallets.com/hardware-wallets Offline Hardware Wallets]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=How_to_set_up_a_secure_offline_savings_wallet&diff=48595How to set up a secure offline savings wallet2014-07-02T23:16:59Z<p>Slush: /* Why set up an offline savings wallet? */</p>
<hr />
<div>== Why set up an offline savings wallet? ==<br />
<br />
Modern operating systems are getting more and more complex. The flip side of all this complexity is that they generally have a large [http://en.wikipedia.org/wiki/Attack_surface attack surface] and constantly leak information without the user’s knowledge or consent. No matter how many precautions you take, your [[wallet]]s will never be 100% safe on a computer that is connected to the internet.<br />
Because bitcoins are stored directly on your computer and because they are real money, the motivation for sophisticated and targeted attacks against your system is higher than in the pre-bitcoin era, when only large organizations normally had to worry about such attacks. <br />
<br />
The bitcoin ecosystem is still very young and unfortunately not many user friendly and highly secure wallets have been developed yet. <br />
Today these two ways are best to secure your bitcoins against theft:<br />
<br />
1. using a [[hardware wallet]] such as [[TREZOR]] that has basically two functions - it keeps your bitcoins in an offline storage and when connected to a computer, it enables a highly secure way of spending as well (immune to viruses, hackers and keyloggers). <br />
<br />
2. creating an offline [[cold storage]] which is useful for storing bitcoins, but has its limitations and security risks when you decide to spend the coins <br />
<br />
This guide will instruct you on how to create an offline wallet, a wallet that never even touches the internet in its plaintext form. This security measure is also referred to as being an air gap. For all practical purposes, this wallet is safe from all online threats, such as viruses and hackers. It is however still exposed to offline threats, such as [http://en.wikipedia.org/wiki/Hardware_keylogger hardware keyloggers], extortion, or people looking over your shoulder. <br />
<br />
The below procedure may seem tedious, but remember that security almost always comes at the cost of convenience. When you deposit money at a bank, you let them worry about security. Bitcoins, however, are stored on '''your''' computer and that means '''you''' are fully responsible for securing them.<br />
<br />
== How to deposit funds ==<br />
<br />
# Set up a [http://www.wuala.com/en/bitcoin Wuala] account, or other cloud backup service of your choice.<br />
# Create a strong and unique password offline (manually). This password should be at least 20 characters long; it should contain numbers, upper and lower case letters, and symbols. It should be as random as possible, ie it should look something like this: Zr%8qL03&cvwS9@05AatdP71. Never use this password elsewhere. <br />
# '''Do not forget this password'''. Recite it several times a day. It is easy to overestimate your ability to remember a password several months in the future. To be on the safe side, write it down and store the piece of paper in a safety deposit box.<br />
# Download [http://www.bitcoin.org/ Bitcoin Linux binary] and save it on a USB drive.<br />
# Shut down your computer, and boot [http://www.ubuntu.com/ Ubuntu] (or Linux distribution of you choice) from a [http://www.ubuntu.com/download/ubuntu/download liveCD]. This will not affect your current operating system. <br />
# '''Disconnect machine from the internet'''. Unplug any network cables and disable wireless. Verify that wireless is disabled in the icon on the upper right corner (Ubuntu). Double check that machine is disconnected by opening the web browser.<br />
# Run bitcoin while disconnected to the internet. The client will show 0 connections and 0 blocks, but it will still generate a wallet.dat file and a bitcoin address. <br />
# Encrypt your wallet using the strong and unique password from step 2 above. (Bitcoin Client > Settings > Encrypt wallet)<br />
# Copy wallet.dat (found in hidden folder .bitcoin in your home directory) to USB drive.<br />
# Save bitcoin address to a text file and copy it to USB drive.<br />
# Shut down system and turn off computer. Before switching your computer on again, remove all power sources for about 1 minute. Physically remove battery from laptop.<br />
# Backup encrypted wallet.dat file in several places: <br />
#*Send it to your 5 best friends by email attachment and ask them to save it for you.<br />
#*Save it on your Wuala account created in step 1.<br />
#*Save it on several USB drives and CDs and store them in different geographic locations.<br />
#Send bitcoins to the address saved on the USB drive. Double check in the [[Bitcoin Block Explorer|block explorer]] that they have been sent.<br />
<br />
==How to retrieve funds ==<br />
<br />
#Boot from Ubuntu liveCD, as in step 5 above. <br />
#Insert USB drive.<br />
#Run bitcoin client and close it again.<br />
#Replace wallet.dat in ~/.bitcoin directory with wallet.dat from USB drive.<br />
#Connect to the internet.<br />
#Restart bitcoin client.<br />
#Wait for blocks to download (optional).<br />
#Send bitcoins.<br />
<br />
==Notes==<br />
<br />
*This procedure is only secure if you perform steps 1-13 in this '''exact order'''.<br />
<br />
*If you're a non-technical user that can't perform the steps above, use an [[Paper wallet|in-browser paper wallet generator]] to create paper wallets (read below for more caveats and info).<br />
<br />
*Perform one or two trial runs of the above procedure with a few bitcents, and make sure that you know how to successfully retrieve them, before making a bulk transfer.<br />
<br />
*Every time you retrieve bitcoins from your savings wallet, create a fresh savings wallet by repeating the above procedure, and send all your remaining savings balance there.<br />
<br />
*There is more than one way to do it. Similar procedures have been suggested on the forums [http://forum.bitcoin.org/index.php?topic=17240.0 here] and [http://forum.bitcoin.org/?topic=5194.0 here].<br />
<br />
*Beware that even savings wallets have limited lifetimes. New, backwards incompatible versions of bitcoin might come out in future, [http://en.wikipedia.org/wiki/Advanced_Encryption_Standard AES] might be broken, [http://en.wikipedia.org/wiki/Bit_rot bit rot] might destroy your wallets, etc. Pay attention to updates in the Bitcoin world and update to fresh savings wallets every couple of years, or as needed.<br />
<br />
* See [[How to import private keys]] for an alternative way of retrieve your coins.<br />
<br />
==Alternatives ==<br />
<br />
[[Paper wallet|'''Paper wallets''']] can also be used to create offline bitcoin savings accounts. While paper wallets are much easier to generate, they are not generally encrypted which means you cannot guard against accidental loss by distributing copies to online services and friends. Instead, paper wallets must be kept safe like jewels or cash. Looking forward, support for [[BIP 0038|BIP-38]] encryption is growing fast and it is expected that paper wallet generators will soon include options for generating ''encrypted paper wallets'' that can be duplicated and widely distributed for safekeeping. <br />
<br />
==See Also==<br />
<br />
* [[Cold storage]]<br />
* [http://codinginmysleep.com/bitcoin-cold-storage-in-plain-english Bitcoin Cold Storage In Plain English] by David Perry<br />
<br />
[[Category:Instructional]]<br />
[[Category:Security]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=How_to_set_up_a_secure_offline_savings_wallet&diff=48594How to set up a secure offline savings wallet2014-07-02T23:15:56Z<p>Slush: /* Why set up an offline savings wallet? */</p>
<hr />
<div>== Why set up an offline savings wallet? ==<br />
<br />
Modern operating systems are getting more and more complex. The flip side of all this complexity is that they generally have a large [http://en.wikipedia.org/wiki/Attack_surface attack surface] and constantly leak information without the user’s knowledge or consent. No matter how many precautions you take, your [[wallet]]s will never be 100% safe on a computer that is connected to the internet.<br />
Because bitcoins are stored directly on your computer and because they are real money, the motivation for sophisticated and targeted attacks against your system is higher than in the pre-bitcoin era, when only large organizations normally had to worry about such attacks. <br />
<br />
The bitcoin ecosystem is still very young and unfortunately not many user friendly and highly secure wallets have been developed yet. <br />
Today these two ways are best to secure your bitcoins against theft:<br />
<br />
1. using a [[hardware wallet]] that has basically two functions - it keeps your bitcoins in an offline storage and when connected to a computer, it enables a highly secure way of spending as well (immune to viruses, hackers and keyloggers). <br />
<br />
2. creating an offline [[cold storage]] which is useful for storing bitcoins, but has its limitations and security risks when you decide to spend the coins <br />
<br />
This guide will instruct you on how to create an offline wallet, a wallet that never even touches the internet in its plaintext form. This security measure is also referred to as being an air gap. For all practical purposes, this wallet is safe from all online threats, such as viruses and hackers. It is however still exposed to offline threats, such as [http://en.wikipedia.org/wiki/Hardware_keylogger hardware keyloggers], extortion, or people looking over your shoulder. <br />
<br />
The below procedure may seem tedious, but remember that security almost always comes at the cost of convenience. When you deposit money at a bank, you let them worry about security. Bitcoins, however, are stored on '''your''' computer and that means '''you''' are fully responsible for securing them.<br />
<br />
== How to deposit funds ==<br />
<br />
# Set up a [http://www.wuala.com/en/bitcoin Wuala] account, or other cloud backup service of your choice.<br />
# Create a strong and unique password offline (manually). This password should be at least 20 characters long; it should contain numbers, upper and lower case letters, and symbols. It should be as random as possible, ie it should look something like this: Zr%8qL03&cvwS9@05AatdP71. Never use this password elsewhere. <br />
# '''Do not forget this password'''. Recite it several times a day. It is easy to overestimate your ability to remember a password several months in the future. To be on the safe side, write it down and store the piece of paper in a safety deposit box.<br />
# Download [http://www.bitcoin.org/ Bitcoin Linux binary] and save it on a USB drive.<br />
# Shut down your computer, and boot [http://www.ubuntu.com/ Ubuntu] (or Linux distribution of you choice) from a [http://www.ubuntu.com/download/ubuntu/download liveCD]. This will not affect your current operating system. <br />
# '''Disconnect machine from the internet'''. Unplug any network cables and disable wireless. Verify that wireless is disabled in the icon on the upper right corner (Ubuntu). Double check that machine is disconnected by opening the web browser.<br />
# Run bitcoin while disconnected to the internet. The client will show 0 connections and 0 blocks, but it will still generate a wallet.dat file and a bitcoin address. <br />
# Encrypt your wallet using the strong and unique password from step 2 above. (Bitcoin Client > Settings > Encrypt wallet)<br />
# Copy wallet.dat (found in hidden folder .bitcoin in your home directory) to USB drive.<br />
# Save bitcoin address to a text file and copy it to USB drive.<br />
# Shut down system and turn off computer. Before switching your computer on again, remove all power sources for about 1 minute. Physically remove battery from laptop.<br />
# Backup encrypted wallet.dat file in several places: <br />
#*Send it to your 5 best friends by email attachment and ask them to save it for you.<br />
#*Save it on your Wuala account created in step 1.<br />
#*Save it on several USB drives and CDs and store them in different geographic locations.<br />
#Send bitcoins to the address saved on the USB drive. Double check in the [[Bitcoin Block Explorer|block explorer]] that they have been sent.<br />
<br />
==How to retrieve funds ==<br />
<br />
#Boot from Ubuntu liveCD, as in step 5 above. <br />
#Insert USB drive.<br />
#Run bitcoin client and close it again.<br />
#Replace wallet.dat in ~/.bitcoin directory with wallet.dat from USB drive.<br />
#Connect to the internet.<br />
#Restart bitcoin client.<br />
#Wait for blocks to download (optional).<br />
#Send bitcoins.<br />
<br />
==Notes==<br />
<br />
*This procedure is only secure if you perform steps 1-13 in this '''exact order'''.<br />
<br />
*If you're a non-technical user that can't perform the steps above, use an [[Paper wallet|in-browser paper wallet generator]] to create paper wallets (read below for more caveats and info).<br />
<br />
*Perform one or two trial runs of the above procedure with a few bitcents, and make sure that you know how to successfully retrieve them, before making a bulk transfer.<br />
<br />
*Every time you retrieve bitcoins from your savings wallet, create a fresh savings wallet by repeating the above procedure, and send all your remaining savings balance there.<br />
<br />
*There is more than one way to do it. Similar procedures have been suggested on the forums [http://forum.bitcoin.org/index.php?topic=17240.0 here] and [http://forum.bitcoin.org/?topic=5194.0 here].<br />
<br />
*Beware that even savings wallets have limited lifetimes. New, backwards incompatible versions of bitcoin might come out in future, [http://en.wikipedia.org/wiki/Advanced_Encryption_Standard AES] might be broken, [http://en.wikipedia.org/wiki/Bit_rot bit rot] might destroy your wallets, etc. Pay attention to updates in the Bitcoin world and update to fresh savings wallets every couple of years, or as needed.<br />
<br />
* See [[How to import private keys]] for an alternative way of retrieve your coins.<br />
<br />
==Alternatives ==<br />
<br />
[[Paper wallet|'''Paper wallets''']] can also be used to create offline bitcoin savings accounts. While paper wallets are much easier to generate, they are not generally encrypted which means you cannot guard against accidental loss by distributing copies to online services and friends. Instead, paper wallets must be kept safe like jewels or cash. Looking forward, support for [[BIP 0038|BIP-38]] encryption is growing fast and it is expected that paper wallet generators will soon include options for generating ''encrypted paper wallets'' that can be duplicated and widely distributed for safekeeping. <br />
<br />
==See Also==<br />
<br />
* [[Cold storage]]<br />
* [http://codinginmysleep.com/bitcoin-cold-storage-in-plain-english Bitcoin Cold Storage In Plain English] by David Perry<br />
<br />
[[Category:Instructional]]<br />
[[Category:Security]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48446TREZOR2014-06-26T18:14:45Z<p>Slush: /* By OS */</p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
'''TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.'''<br />
<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. <br />
Spending bitcoins is made securely without exposing your private keys to a potentially compromised computer.<br />
<br />
<br />
<br />
== TREZOR Hardware Design ==<br />
TREZOR is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a USB (HID protocol like a mouse or a keyboard). <br />
The limited USB HID protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required.<br />
<br />
<br clear="all"><br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
=== Backup ===<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups of private keys unnecessary. <br />
<br />
When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet, using the recovery seed.<br />
<br />
=== PIN protection === <br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
=== Passphrase encryption ===<br />
Another level of protection is the encryption passphrase which protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Compatibility of TREZOR ==<br />
<br />
===By OS===<br />
<br />
* Linux<br />
* Mac<br />
* Windows<br />
* Android 4+<br />
<br />
===By cointype===<br />
<br />
* Bitcoin<br />
* Litecoin<br />
* Namecoin<br />
<br />
The developers are open to add support for other significant altcoins in the future. Currently no Litecoin or Namecoin clients are ready to work with TREZOR. <br />
<br />
===By wallet===<br />
<br />
In order to be compatible and "outsource the security work" to TREZOR, a desktop client or a web wallet must have a full implementation of [[BIP 0032]] and [[BIP 0039]] standards.<br />
<br />
* [https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
* [https://play.google.com/store/apps/details?id=com.bonsai.wallet32&hl=en Wallet32 for Android]<br />
<br />
== Using TREZOR ==<br />
<br />
TREZOR needs an online wallet or a desktop client as an interface that broadcasts the transactions signed by the device to the blockchain.<br />
<br />
In order to send coins or change the basic settings, the device needs to be connected to a computer with a micro USB cable.<br />
In order to receive coins it is not needed to have the device plugged.<br />
<br />
=== Sending bitcoins ===<br />
<br />
=== Receiving bitcoins ===<br />
<br />
=== Recovery ===<br />
<br />
<br />
to be continued ... :)<br />
<br />
== Resources ==<br />
<br />
* [https://bitcointrezor.com/faq TREZOR FAQ]<br />
* [https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=48445Hardware wallet2014-06-26T18:13:54Z<p>Slush: /* TREZOR The Bitcoin Safe */</p>
<hr />
<div>A '''hardware wallet''' is a device that stores a part of a user's [[wallet]] securely in mostly-offline hardware. They have major advantages over other wallet types:<br />
<br />
* the key is often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, as opposed to a [[paper wallet]] which must be imported to software at some point<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
<br />
<br />
== Purchasable hardware wallets ==<br />
<br />
=== [[TREZOR]] The Bitcoin Safe ===<br />
[http://bitcointrezor.com BitcoinTrezor.com]<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming transaction with TREZOR]]<br />
<br />
<br />
[http://bitcointrezor.com/faq/ FAQ @BitcoinTrezor.com]<br />
<br />
[[TREZOR]] is a secure bitcoin storage and a transaction signing tool. <br />
<br />
The private keys generated by the device never leave it and cannot be accessed by a malware. Thanks to a limited USB protocol only a payment template can be sent into the device (address and amount) which then has to be confirmed by a physical user interaction (visual verification of the transaction details and pressing the confirmation button).<br />
<br />
[[TREZOR]] uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32). <br />
<br />
A recovery seed is generated when the device is initialized. In case it gets lost or stolen, all it's contents can be recovered using the seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39 compatible wallet. <br />
<br />
[[TREZOR]] introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer.<br />
<br />
An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
[http://www.pi-wallet.com/ Pi-Wallet Shop]<br />
<br />
[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]<br />
<br />
The Pi-Wallet is comparable to an offline Notebook. <br />
<br />
However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.<br />
<br />
To sign offline-transaction you will need an (unused) USB stick.<br />
<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=127587.0 BitSafe Hardware Wallet Development - BOM Ready - 50 kits being prepared]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== BTChip btchip USB based transaction signer and private key holder ===<br />
[[File:Btchip-wallet.jpg|300px|thumb|left|BTChip]]<br />
[https://bitcointalk.org/index.php?topic=134999.0 ANN Smartcard wallet project + btchip implementation (no reader required)]<br />
<br />
[http://www.btchip.com www.btchip.com]<br />
<br />
USB smartcard dedicated to bitcoins, no keypad or display so trust in the host device is required. An improvement has been implemented that uses a secret value known to the user during the transaction for additional security.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* slush's Hardware wallet wire protocol discussion: [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]<br />
* kjj's Todo List discussion for client protocol requirements: [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 in topic Re: Split private keys]<br />
* paybitcoin's original post: [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://bitcointalk.org/index.php?topic=135090.0 This thread] about editing this very wiki entry.<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=48444Hardware wallet2014-06-26T18:13:06Z<p>Slush: /* Purchasable hardware wallets */</p>
<hr />
<div>A '''hardware wallet''' is a device that stores a part of a user's [[wallet]] securely in mostly-offline hardware. They have major advantages over other wallet types:<br />
<br />
* the key is often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, as opposed to a [[paper wallet]] which must be imported to software at some point<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
<br />
<br />
== Purchasable hardware wallets ==<br />
<br />
=== [[TREZOR]] The Bitcoin Safe ===<br />
[http://bitcointrezor.com BitcoinTrezor.com]<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming transaction with TREZOR]]<br />
<br />
<br />
[http://bitcointrezor.com/faq/ FAQ @BitcoinTrezor.com]<br />
<br />
[[TREZOR]] is a secure bitcoin storage and a transaction signing tool. <br />
<br />
The private keys generated by the device never leave it and cannot be accessed by a malware. Thanks to a limited USB protocol only a payment template can be sent into the device (address and amount) which then has to be confirmed by a physical user interaction (visual verification of the transaction details and pressing the confirmation button).<br />
<br />
TREZOR uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32). <br />
<br />
A recovery seed is generated when the device is initialized. In case it gets lost or stolen, all it's contents can be recovered using the seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39 compatible wallet. <br />
<br />
TREZOR introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer.<br />
<br />
An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
[http://www.pi-wallet.com/ Pi-Wallet Shop]<br />
<br />
[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]<br />
<br />
The Pi-Wallet is comparable to an offline Notebook. <br />
<br />
However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.<br />
<br />
To sign offline-transaction you will need an (unused) USB stick.<br />
<br />
<br />
<br clear="all"><br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=127587.0 BitSafe Hardware Wallet Development - BOM Ready - 50 kits being prepared]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== BTChip btchip USB based transaction signer and private key holder ===<br />
[[File:Btchip-wallet.jpg|300px|thumb|left|BTChip]]<br />
[https://bitcointalk.org/index.php?topic=134999.0 ANN Smartcard wallet project + btchip implementation (no reader required)]<br />
<br />
[http://www.btchip.com www.btchip.com]<br />
<br />
USB smartcard dedicated to bitcoins, no keypad or display so trust in the host device is required. An improvement has been implemented that uses a secret value known to the user during the transaction for additional security.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* slush's Hardware wallet wire protocol discussion: [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]<br />
* kjj's Todo List discussion for client protocol requirements: [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 in topic Re: Split private keys]<br />
* paybitcoin's original post: [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://bitcointalk.org/index.php?topic=135090.0 This thread] about editing this very wiki entry.<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48443TREZOR2014-06-26T18:03:01Z<p>Slush: /* Resources */</p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
'''TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.'''<br />
<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. <br />
Spending bitcoins is made securely without exposing your private keys to a potentially compromised computer.<br />
<br />
<br />
<br />
== TREZOR Hardware Design ==<br />
TREZOR is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a USB (HID protocol like a mouse or a keyboard). <br />
The limited USB HID protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required.<br />
<br />
<br clear="all"><br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
=== Backup ===<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups of private keys unnecessary. <br />
<br />
When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet, using the recovery seed.<br />
<br />
=== PIN protection === <br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
=== Passphrase encryption ===<br />
Another level of protection is the encryption passphrase which protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Compatibility of TREZOR ==<br />
<br />
===By OS===<br />
<br />
* Linux<br />
* Mac<br />
* Windows<br />
<br />
===By cointype===<br />
<br />
* Bitcoin<br />
* Litecoin<br />
* Namecoin<br />
<br />
The developers are open to add support for other significant altcoins in the future. Currently no Litecoin or Namecoin clients are ready to work with TREZOR. <br />
<br />
===By wallet===<br />
<br />
In order to be compatible and "outsource the security work" to TREZOR, a desktop client or a web wallet must have a full implementation of [[BIP 0032]] and [[BIP 0039]] standards.<br />
<br />
* [https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
* [https://play.google.com/store/apps/details?id=com.bonsai.wallet32&hl=en Wallet32 for Android]<br />
<br />
== Using TREZOR ==<br />
<br />
TREZOR needs an online wallet or a desktop client as an interface that broadcasts the transactions signed by the device to the blockchain.<br />
<br />
In order to send coins or change the basic settings, the device needs to be connected to a computer with a micro USB cable.<br />
In order to receive coins it is not needed to have the device plugged.<br />
<br />
=== Sending bitcoins ===<br />
<br />
=== Receiving bitcoins ===<br />
<br />
=== Recovery ===<br />
<br />
<br />
to be continued ... :)<br />
<br />
== Resources ==<br />
<br />
* [https://bitcointrezor.com/faq TREZOR FAQ]<br />
* [https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48442TREZOR2014-06-26T18:01:17Z<p>Slush: </p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
'''TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.'''<br />
<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. <br />
Spending bitcoins is made securely without exposing your private keys to a potentially compromised computer.<br />
<br />
<br />
<br />
== TREZOR Hardware Design ==<br />
TREZOR is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a USB (HID protocol like a mouse or a keyboard). <br />
The limited USB HID protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required.<br />
<br />
<br clear="all"><br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
=== Backup ===<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups of private keys unnecessary. <br />
<br />
When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet, using the recovery seed.<br />
<br />
=== PIN protection === <br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
=== Passphrase encryption ===<br />
Another level of protection is the encryption passphrase which protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Compatibility of TREZOR ==<br />
<br />
===By OS===<br />
<br />
* Linux<br />
* Mac<br />
* Windows<br />
<br />
===By cointype===<br />
<br />
* Bitcoin<br />
* Litecoin<br />
* Namecoin<br />
<br />
The developers are open to add support for other significant altcoins in the future. Currently no Litecoin or Namecoin clients are ready to work with TREZOR. <br />
<br />
===By wallet===<br />
<br />
In order to be compatible and "outsource the security work" to TREZOR, a desktop client or a web wallet must have a full implementation of [[BIP 0032]] and [[BIP 0039]] standards.<br />
<br />
* [https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
* [https://play.google.com/store/apps/details?id=com.bonsai.wallet32&hl=en Wallet32 for Android]<br />
<br />
== Using TREZOR ==<br />
<br />
TREZOR needs an online wallet or a desktop client as an interface that broadcasts the transactions signed by the device to the blockchain.<br />
<br />
In order to send coins or change the basic settings, the device needs to be connected to a computer with a micro USB cable.<br />
In order to receive coins it is not needed to have the device plugged.<br />
<br />
=== Sending bitcoins ===<br />
<br />
=== Receiving bitcoins ===<br />
<br />
=== Recovery ===<br />
<br />
<br />
to be continued ... :)<br />
<br />
== Resources ==<br />
<br />
[https://bitcointrezor.com/faq TREZOR FAQ]<br />
[https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48436TREZOR2014-06-26T16:07:47Z<p>Slush: /* By wallet */</p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
'''TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.'''<br />
<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. <br />
Spending bitcoins is made securely without exposing your private keys to a potentially compromised computer.<br />
<br />
<br />
<br />
== TREZOR Hardware Design ==<br />
TREZOR is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a USB (HID protocol like a mouse or a keyboard). <br />
The limited USB HID protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required.<br />
<br />
<br clear="all"><br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
=== Backup ===<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups of private keys unnecessary. <br />
<br />
When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet, using the recovery seed.<br />
<br />
=== Protection mechanisms ===<br />
TREZOR provides the user with optional protection mechanisms.<br />
<br />
==== PIN protection ==== <br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
==== Passphrase encryption ====<br />
Another level of protection is the encryption passphrase which protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Compatibility of TREZOR ==<br />
<br />
===By OS===<br />
<br />
* Linux<br />
* Mac<br />
* Windows<br />
<br />
===By cointype===<br />
<br />
* Bitcoin<br />
* Litecoin<br />
* Namecoin<br />
<br />
The developers are open to add support for other significant altcoins in the future. Currently no Litecoin or Namecoin clients are ready to work with TREZOR. <br />
<br />
===By wallet===<br />
<br />
In order to be compatible and "outsource the security work" to TREZOR, a desktop client or a web wallet must have a full implementation of [[BIP 0032]] and [[BIP 0039]] standards.<br />
<br />
* [https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
* [https://play.google.com/store/apps/details?id=com.bonsai.wallet32&hl=en Wallet32 for Android]<br />
<br />
== Using TREZOR ==<br />
<br />
TREZOR needs an online wallet or a desktop client as an interface that broadcasts the transactions signed by the device to the blockchain.<br />
<br />
In order to send coins or change the basic settings, the device needs to be connected to a computer with a micro USB cable.<br />
In order to receive coins it is not needed to have the device plugged.<br />
<br />
=== Sending bitcoins ===<br />
<br />
=== Receiving bitcoins ===<br />
<br />
=== Recovery ===<br />
<br />
<br />
to be continued ... :)<br />
<br />
== Resources ==<br />
<br />
[https://bitcointrezor.com/faq TREZOR FAQ]<br />
[https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Securing_your_wallet&diff=48428Securing your wallet2014-06-26T10:19:38Z<p>Slush: /* Making a new wallet */</p>
<hr />
<div>==Introduction==<br />
<br />
Unless you are using a [[hardware wallet]] it is strongly recommended to read this page.<br />
<br />
Wallet security can be broken down into two independent goals:<br />
# Protecting your wallet against loss.<br />
# Protecting your wallet against theft.<br />
<br />
In the case that your current wallet hasn't been protected adequately (e.g. put online with a weaker password):<br />
# Making a new secure wallet, using appropriate long-term protection.<br />
<br />
''For a brief overview see also: [[Wallet Security Dos and Don'ts|Wallet Security Dos and Don'ts]]''<br />
<br />
==Paper Wallets==<br />
[[Paper wallet]]s can be used to store bitcoins offline in non-digital format. Using securely generated paper wallets significantly decreases the chances of your bitcoins being stolen by hackers or computer viruses.<br />
<br />
Fundamentally, a paper wallet is merely a physical record of a [[private key]] (most commonly written as a sequence of fifty-one alphanumeric characters beginning with a '5') and its corresponding [[public key]]. The private key is used to prove your right to spend the bitcoins transferred to the paper wallet, and as such should be kept hidden and secret. If the private key on a paper wallet is exposed (for example in a photograph) then the wallet may be "swept" by anyone who sees the key. To guard against accidental revelation, the private key displayed on the paper wallet may be encrypted using a password ("BIP38") or split into several different parts ("Shamir's secret sharing scheme"). At the very least, the private key should be well hidden e.g. by folding the wallet in half and sealing it shut.<br />
<br />
You can send bitcoins to the public address on your paper wallet as often as you like, and they will be inaccessible until the private key is imported into a "live" wallet. You can use a service such as [[BlockChain.info]] to verify the balance of your paper wallet, which is a matter of public record. As of version 0.6.0, the bitcoin QT software has a command line feature called "importprivkey" that can load private keys. Online exchanges and wallets such as [[Coinbase (business)|Coinbase]] and BlockChain.info have features for importing (or "sweeping") paper wallet private keys as well.<br />
<br />
=== Software for generating paper wallets ===<br />
<br />
Some [[Paper wallet|paper wallet generators]] have been written entirely in HTML/JavaScript to make it fairly easy to generate paper wallets on virtually any operating system. Although these generators use a web browser, they are generally capable of running offline since address generation happens entirely within the web browser. It's advisable to use those services from [https://en.wikipedia.org/wiki/Live_CD live disc], to ensure that private keys are not compromised by spyware. <br />
<br />
To generate a safer paper wallet, first save the paper wallet generating code to a newly-formatted USB stick and verify the integrity (SHA1 hash or PGP signature) of the code. Then "clean-boot" your computer with a bootable CD (such as a Linux Live CD) while disconnected from the Internet. Insert the USB stick and open the wallet generator's HTML file using a web browser. Print your paper wallets or store them on external media (do not save them on the computer), and then shut down the computer. You may need to load an appropriate printer driver in order to print while booted from the live CD.<br />
<br />
=== Tips for making paper wallets ===<br />
<br />
* Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't transmitting your keys online. <br />
<br />
* Verifying the integrity of the code (and the trustworthiness of the author) is important to make sure a hacker hasn't modified the HTML so that it generates predictable addresses instead of truly random keys.<br />
<br />
* Using a very basic printer is advisable since high-end office printers may have WiFi or internal storage that keeps a cache of printed documents.<br />
<br />
* Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets and private keys are something of value that have already been targeted by malware. If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private key can then be intercepted while you enter it, so only enter a Bitcoin private key into your computer when your intent is to redeem its value ''immediately'' or when you want to transfer your funds into a secure [[hardware wallet]].<br />
<br />
== Hardware wallets ==<br />
[[Hardware wallet]]s are a major step to enhanced security and usability.<br />
<br />
So far only [http://bitcointrezor.com TREZOR Hardware Wallet] and [http://www.pi-wallet.com/ Pi Wallet] are available.<br />
<br />
==Importance of security updates==<br />
<br />
No software is perfect, and from time to time there may be security vulnerabilities found in your Bitcoin client as well.<br />
Be sure you keep your client updated with the latest bug fixes, especially when a new vulnerability is discovered.<br />
We maintain a [[CVEs|list a known vulnerabilities]] on this wiki - you can watch that page to get updates.<br />
Note that you ''don't'' need to be running the latest major client version: some clients, including the popular Bitcoin-Qt, have older versions available with bugfix-only updates.<br />
<br />
==Securing the Bitcoin-QT or bitcoind wallet==<br />
<br />
Bitcoin transactions send Bitcoins to a specific public key. A Bitcoin address is an encoded hash of a public key. In order to use received Bitcoins, you need to have the private key matching the public key you received with. This is sort of like a super long password associated with an account (the account is the public key). Your Bitcoin wallet contains all of the private keys necessary for spending your received transactions. If you delete your wallet without a backup, then you no longer have the authorization information necessary to claim your coins, and the coins associated with those keys are lost forever.<br />
<br />
The wallet contains a pool of queued keys. By default there are 100 keys in the [[key pool]]. The size of the pool is configurable using the "-keypool" command line argument. When you need an address for whatever reason (send, “new address”, generation, etc.), the key is not actually generated freshly, but taken from this pool. A brand new address is generated to fill the pool back to 100. So when a backup is first created, it has all of your old keys plus 100 unused keys. After sending a transaction, it has 99 unused keys. After a total of 100 new-key actions, you will start using keys that are not in your backup. Since the backup does not have the private keys necessary for authorizing spends of these coins, restoring from the old backup will cause you to lose Bitcoins.<br />
<br />
Creating a new address generates a new pair of public and private keys, which are added to your wallet. Each keypair is mostly random numbers, so they cannot be known prior to generation. If you backup your wallet and then create more than 100 new addresses, the keypair associated with the newest addresses will not be in the old wallet because the new keypairs are only known after creating them. Any coins received at these addresses will be lost if you restore from the backup.<br />
<br />
The situation is made somewhat more confusing because the receiving addresses shown in the UI are not the only keys in your wallet. Each Bitcoin generation is given a new public key, and, more importantly, each sent transaction also sends some number of Bitcoins back to yourself at a new key. When sending Bitcoins to anyone, you generate a new keypair for yourself and simultaneously send Bitcoins to your new public key and the actual recipient's public key. This is an anonymity feature – it makes tracking Bitcoin transactions much more difficult.<br />
<br />
So if you create a backup, do more than 100 things that cause a new key to be used, and then restore from the backup, some Bitcoins will be lost. Bitcoin has not deleted any keys (keys are never deleted) – it has created a new key that is not in your old backup and then sent Bitcoins to it.<br />
<br />
== Making a new Bitcoin-QT or bitcoind wallet ==<br />
<br />
If a wallet or an encrypted wallet's password has been compromised, it is wise to create a new wallet and transfer the full balance of bitcoins to addresses contained only in the newly created wallet. Examples of ways a wallet may be compromised are through password re-use, minimal strength passwords, computer hack or virus attack.<br />
<br />
There are a number of ways to create a new wallet with Bitcoin-QT or bitcoind but this is a process that has been tested with bitcoind 0.6.3. We use the copy command to minimize the chance of any data loss but you are warned to make backups of any wallet.dat that holds a balance for you.<br />
<br />
:1. Shut down the Bitcoin program.<br />
:2. Find and make a backup of the "compromised" wallet.dat file and rename it, perhaps adding a short description:<br />
:::wallet.dat -> wallet-compromised.dat<br />
:Depending on your OS, the wallet file will be located at:<br />
:::Windows: %APPDATA%\Bitcoin\<br />
:::Linux: ~/.bitcoin/<br />
:::Mac: ~/Library/Application Support/Bitcoin/<br />
:3. Start the Bitcoin program and it will create a new wallet.dat. You may then encrypt the wallet as desired and make a new backup.<br />
:4. Once you've made a new wallet, you can obtain one or more addresses and copy them into a text editor. After obtaining the new address(es), shut down the Bitcoin program, make a backup of the new wallet.dat file and copy it to a new file named wallet-new.dat.<br />
:5. Copy the wallet-compromised.dat file back to wallet.dat, start the Bitcoin program and transfer your balance to the new address(es) you put in your text editor. Once the balance is back to 0 for your compromised wallet, you may want to wait a couple minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program.<br />
:6. Rename wallet.dat to wallet-compromised.dat. <br />
:7. Rename wallet-new.dat to wallet.dat.<br />
<br />
You should now have a new wallet with all the bitcoins from the old wallet.<br />
<br />
==Making a secure workspace==<br />
<br />
Unless you are using a [[hardware wallet]], you must take care that the system is free of malware, viruses, keyloggers, remote access tools, and other tools that may be used to make remote copies of your wallet, Bitcoin-related passwords, or Bitcoin private keys. When your computer is compromised, the precautions taken below may provide additional protection.<br />
<br />
A [[hardware wallet]] typically holds the private keys on its internal storage that is not accessible by any malware. The device signs the transactions internally and only transmits the signed transactions to the computer. The separation of the private keys from the vulnerable environment allows the user to spend bitcoins on a compromised computer without any risk. <br />
<br />
<br />
===Debian-based Linux===<br />
<br />
==== Store all into an encrypted folder (Tomb) ====<br />
<br />
Tomb is a simple tool to manage encrypted storage on GNU/Linux. Among its features are bind-hooks to set up a tomb's contents in the place where other programs expect them, for example in our case mount -o bind the .bitcoin directory in a user's home.<br />
<br />
First install tomb from https://files.dyne.org/tomb (homepage is on http://www.dyne.org/software/tomb)<br />
<br />
Among the requirements: zsh, cryptsetup, pinentry-curses, gnupg, sudo.<br />
<br />
Recommended: wipe, dcfldd, steghide, qrencode.<br />
<br />
Then create a tomb (we name it bitcoin) with three commands:<br />
<br />
<code>tomb dig -s 100 bitcoin.tomb</code><br />
<br />
<code>tomb forge bitcoin.tomb.key</code><br />
<br />
<code>tomb lock bitcoin.tomb -k bitcoin.tomb.key</code><br />
<br />
Then open it<br />
<br />
<code>tomb open bitcoin.tomb</code><br />
<br />
This will require you to input again the password you selected.<br />
<br />
Once open the tomb contents are in /media/bitcoin.tomb<br />
<br />
Move there your bitcoin wallet:<br />
<br />
<code>mv ~/.bitcoin /media/bitcoin.tomb/my-safe-wallet</code><br />
<br />
Then create a file "/media/bitcoin.tomb/bind-hooks" and put a single line:<br />
<br />
<code>my-safe-wallet .bitcoin</code><br />
<br />
Which means that every time the tomb is open, the directory my-safe-wallet needs to be bound to ~/.bitcoin. Just make sure an empty ~/.bitcoin directory exists in your home.<br />
<br />
Now close the tomb and store its keys safely, make sure you memorize the password. Have a look at Tomb's documentation, there is a number of things you can do like steganography or printing out keys on a paper to hide and such.<br />
<br />
That's it. Every time you like to access your wallet open the tomb and the .bitcoin will be in place. One can also store the bitcoin binary inside the tomb and even start the bitcoin client using the exec-hooks. Tomb's manual page "man tomb" explains the possibilities.<br />
<br />
The advantage of this approach over an encrypted home is that it becomes extremely portable across computers and even online shells: a Tomb is just a file and its key can be stored far away, on different shells, usb sticks or mobile phones.<br />
<br />
<br />
<br />
<br />
==== Secure the whole user home directory ====<br />
The first step is to make a [http://www.howtogeek.com/howto/ubuntu/add-a-user-on-ubuntu-server/ new user]. In order for that new user to have an encrypted home directory, you'll first need the encryption utility. Run:<br />
<br />
<code>sudo apt-get install ecryptfs-utils</code><br />
<br />
Now you're ready to create a new user<br />
<br />
<code>sudo adduser --encrypt-home new_user_name</code><br />
<br />
You'll need to come up with a [[#Choosing_A_Strong_Password|secure]] new password for that user.<br />
<br />
When you get to the prompt 'Enter the new value, or press ENTER for the default', just keep hitting ENTER.<br />
<br />
Then switch user to the new user. To get to the new user you can use the switch user icon for your system, which on Ubuntu is in the 'System/Quit' screen, or if there is no switch icon on your system you can log out and log back in as the new user.<br />
<br />
Since the home folder of this user is encrypted, if you're not logged in as that user, data that is saved there can't be browsed, even by a root user. If something goes wrong with your system, and you need to decrypt the new user's files, you'll need its decryption key.<br />
<br />
<code>ecryptfs-unwrap-passphrase</code><br />
<br />
It will ask you for your user's password and give you the decryption key. '''WRITE DOWN OR SAVE THE CODE IT RETURNS''' because you will need it if you ever have to pull your data off while the OS is not working. (You can run it again later if you need to, but run it now so that you can get your data if your Linux install gets botched.)<br />
<br />
The encrypted folder data is not encrypted while it's in memory, and so if it's ever sent to the swap partition it can be stolen from there unless that too is encrypted - be aware that this will mean you cannot use Hibernate anymore, as the bootloader won't be able to restore the hibernation data.<br />
<br />
<code>ecryptfs-setup-swap</code><br />
<br />
Then click on a folder in the new user to display the file browser, then keep going up folders until you see the new user home directory, then right click to bring up the Properties dialog, then click on the Permissions tab, then in the Others section, set the folder access to None.<br />
<br />
For secure browsing, open Firefox, and then go into the Edit menu and click Preferences. Starting from the left, click on the General tab, and in the 'Startup/When Firefox starts' pop up menu, choose 'Show a Blank Page'. Then click on the Content tab, and deselect 'Load images automatically' and deselect 'Enable JavaScript'. Then click on the Privacy tab, and in the 'History/Firefox will' pop up menu, choose 'Never remember history'. Then click on the Security tab, and in the Passwords section, deselect 'Remember passwords for sites' and deselect 'Use a master password'. Then click on the Advanced tab, then click on the Update tab, and then in the 'Automatically check for updates to' section, deselect 'Add-ons' and 'Search Engines'.<br />
<br />
When JavaScript is disabled, the [http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.23/bitcoin-0.3.23-linux.tar.gz/download Linux download page] will not download automatically, so you'll have to click on the 'direct link' part of the "Problems with the download? Please use this 'direct link' or try another mirror." line.<br />
<br />
===Mac===<br />
This solution '''does not scale'''; the amount of needed space can grow beyond the image size.<br />
<br />
===Windows===<br />
<br />
Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk image created by third-party software, such as [http://www.truecrypt.org/ TrueCrypt] (open source) or [http://www.jetico.com/encryption-bestcrypt/ Jetico BestCrypt] (commercial). This also applies to the storage of passwords, private keys and other data that can be used to access any of your Bitcoin balances.<br />
<br />
Assuming that you have installed the Windows Bitcoin client and run it at least once, the process is described below.<br />
<br />
<p><b>To mount the Bitcoin data directory on an encrypted drive</b></p><br />
<ol start=1 type=1><br />
<li>Use the third-party disk image encryption program of your choice to create and mount an encrypted disk image of at least 5GB in size. This procedure stores the entire block chain database with the wallet.dat file so the required size of the encrypted disk image required may grow in the future.</li><br />
<li>Locate the Bitcoin data directory, and copy the directory with all contents to the encrypted drive.<br />
<p>For help finding this directory, see <b>[[Securing_your_wallet#Locating_Bitcoin_s_data_directory|Locating Bitcoin's Data Directory]]</b>.</p></li><br />
<li>Create a Windows shortcut that starts Bitcoin with the <code>-datadir</code> parameter and specifies the encrypted drive and directory.<br />
<p>For example, if you installed Bitcoin in the default directory, mounted your Bitcoin encrypted drive as <code>E:\</code>, and stored your Bitcoin data directory on it as <code>Bitcoin</code>, you would type the following command as the shortcut Target:</p><br />
<blockquote><code>C:\Program Files\Bitcoin\bitcoin.exe -datadir=E:\Bitcoin</code></blockquote></li><br />
<li>Open Bitcoin's settings and configure it <b>NOT</b> to start automatically when you start Windows.<br />
<p>This is to allow you to mount the Bitcoin encrypted disk image before starting Bitcoin.</p></li><br />
<li>Shut down Bitcoin, and then restart it from the new shortcut.</li><br />
</ol><br />
<br />
After doing this, any time you want to use Bitcoin, you must first mount the Bitcoin encrypted disk image using the same drive designation, and then run Bitcoin from the shortcut that you created, so that it can find its data and your wallet.<br />
<br />
<br />
=== General Solutions ===<br />
<br />
Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can easily steal all of your coins. Use one of these encryption programs if there is any chance someone might gain access to your wallet.<br />
* [http://www.7-zip.org/ 7-zip] - Supports strongly-encrypted archives.<br />
* [http://www.axantum.com/axcrypt/ AxCrypt by Axantum]<br />
* [http://lrzip.kolivas.org lrzip] - Compression software for Linux and OSX that supports very high grade password protected encryption<br />
* [http://www.truecrypt.org/ TrueCrypt] - Volume-based on-the-fly encryption (for advanced users)<br />
<br />
There is also a list of [[OpenSourceEncryptionSoftware|open source encryption software.]]<br />
<br />
Decrypting and encrypting the wallet.dat every time you start or quit the Bitcoin client can be ''tedious'' (and outright error-prone). If you want to keep your wallet encrypted (except while you're actually running the Bitcoin client), it's better to relegate the automation to a [http://lorelei.kaverit.org/bitcoin.sh small shell script] that handles the en/decryption and starting up Bitcoin client for you (Linux and OSX). <br />
<br />
There is also a method to print out and encrypt your wallet.dat as a special, scannable code. See details here: [[WalletPaperbackup]]<br />
<br />
==== Password Strength ====<br />
Brute-force password cracking has come a long way. A password including capitals, numbers, and special characters with a length of 8 characters can be trivially solved now (using appropriate hardware). The recommended length is '''at least''' 12 characters long. You can also use a multi-word password and there are techniques to increase the strength of your passwords without sacrificing usability. [http://www.baekdal.com/tips/password-security-usability The Usability of Passwords] <br />
<br />
However, simply using dictionary words is also insecure as it opens you up to a dictionary attack. If you use dictionary words, be sure to include random symbols and numbers in the mix as well.<br />
<br />
If you use keyfiles in addition to a password, it is unlikely that your encrypted file can ever be cracked using brute-force methods, even when even a 12 character password might be too short.<br />
<br />
Assume that any encrypted files you store online (eg. Gmail, Dropbox) will be stored somewhere forever and can never be erased.<br />
<br />
===== Choosing A Strong Password =====<br />
Make sure you pick at least one character in each group:<br /><br />
<br />
Lowercase: abcdefghijklmnopqrstuvwxyz<br />
Uppercase: ABCDEFGHIJKLMNOPQRSTUVWXYZ<br />
Number: 1234567890<br />
Symbol: `~!@#$%^&*()-_=+\|[{]};:'",<.>/? (space)<br />
<br />
<9 char = unsuitable for use<br />
09 char = insecure<br />
10 char = low security<br />
11 char = medium security<br />
12 char = good security (good enough for your wallet)<br />
13 char = very good, enough for anything.<br />
<br />
You might want to read [http://security.stackexchange.com/questions/662/what-is-your-way-to-create-good-passwords-that-can-actually-be-remembered What is your way to create good passwords that can actually be remembered?] and [http://security.stackexchange.com/questions/6095/xkcd-936-short-complex-password-or-long-dictionary-passphrase XKCD #936: Short complex password, or long dictionary passphrase?]<br />
<br />
== Backing up your wallet ==<br />
<br />
Backing up your wallet is not necessary if you use a wallet with implemented [[BIP 0032]] (hierarchical deterministic wallet). Today, only [[TREZOR]], [[Electrum]] and [[CarbonWallet]] fully support BIP 0032.<br />
<br />
For advise on the backup process see [[Backingup_your_wallet|Backing up your wallet]].<br />
<br />
==Erasing Plain-text Wallets==<br />
<br />
In most operating systems, including Windows, Linux, and Mac OS X, simply deleting a wallet.dat file will ''not'' generally destroy it. It is likely that advanced tools can still be used to recover the wallet.dat file, even after it has been deleted.<br />
<br />
The Linux '''shred''' command can be used to overwrite the wallet file with random data prior to deleting; this particular copy of the file will then be practically impossible to recover. Using shred (and similar tools on Windows) however does not guarantee that still other copies don't exist somewhere hidden on your HD. That will depend on your system configuration and what packages you have installed. Some system restore and backup tools, for instance, create periodic snapshots of your filesystem, duplicating your wallet.dat.<br />
<br />
In Mac OS, the equivalent of '''shred''' is '''srm''' (introduced in Leopard). Using the Finder to remove files, clicking "Secure Empty Trash" in the Finder menu will shred the contents of the trash can. As with any OS this doesn't guarantee that there are not other copies elsewhere on your system.<br />
<br />
For Windows, the built-in command ''cipher /W'' will shred all previously-deleted files. [http://www.cylog.org/utilities/cybershredder.jsp CyberShredder] can securely deleted individual files.<br />
<br />
==Online and Mobile Wallets==<br />
<br />
Thus far, this article has been discussing the security of a wallet file for Bitcoin-QT or bitcoind that is under your sole control. <br />
<br />
<br />
Online wallets have a number of pros and cons to consider. For example, you can access your wallet on any computer in the world, but you are essentially storing your private keys or wallet with the provider of the online wallet. <br />
Depending on the level of security of such service, your bitcoins may be lost if the service is compromised. <br />
<br />
The invention of [[hardware wallet]]s makes it possible to use online wallets in a more secure manner.<br />
A hardware wallet keeps your private keys apart from the computer and internet. An online wallet compatible with a hardware wallet (such as [http://mytrezor.com myTREZOR.com]) then does not need to store any sensitive data (private keys, passwords or email addresses) and only serves as tool for broadcasting transactions signed in the hardware wallet out to the blockchain. <br />
<br />
<br />
Mobile wallet applications are available for Android devices that allow you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It may be possible to encrypt and backup the wallet or private keys on a mobile device but it is not advisable to store a large amount of bitcoins there without doing your own research and testing. Mobile wallets are useful for small spending and not for storing your bitcoin savings.<br />
<br />
==See Also==<br />
<br />
* [[Data directory]]<br />
* [[How to import private keys]]<br />
* [http://bitcoinx.io/wallets/ Where to get a Bitcoin wallet]<br />
* [http://startbitcoin.com/how-to-create-a-secure-bitcoin-wallet/ Secure Bitcoin Wallet Tutorial]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [http://arimaa.com/bitcoin/ Bitcoin Gateway - A Peer-to-peer Bitcoin Vault and Payment Network]<br />
* [http://blog.cyplo.net/2012/04/01/bitcoin-wallet-recovery-photorec/ Find lost wallet eg. after disk format, using Photorec]<br />
* [https://docs.google.com/document/d/1dNZ7N_lQXHQp0jWkeN7dW4bWNMpcTBRM4iEoSuQwLho/edit# The Ultimate Guide to Web Wallet Security]<br />
<br />
[[Category:Security]]<br />
<br />
[[de:Sichere deine Geldbörse]]<br />
[[ru:Bitcoin и безопасность]]<br />
[[es:Cómo asegurar su monedero]]<br />
[[zh-cn:保护你的钱包]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48400TREZOR2014-06-26T03:31:56Z<p>Slush: </p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
'''TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.'''<br />
<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. <br />
Spending bitcoins is made securely without exposing your private keys to a potentially compromised computer.<br />
<br />
<br />
<br />
== TREZOR Hardware Design ==<br />
TREZOR is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a USB (HID protocol like a mouse or a keyboard). <br />
The limited USB HID protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required.<br />
<br />
<br clear="all"><br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
=== Backup ===<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups of private keys unnecessary. <br />
<br />
When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet, using the recovery seed.<br />
<br />
=== Protection mechanisms ===<br />
TREZOR provides the user with optional protection mechanisms.<br />
<br />
==== PIN protection ==== <br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
==== Passphrase encryption ====<br />
Another level of protection is the encryption passphrase which protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Compatibility of TREZOR ==<br />
<br />
===By OS===<br />
<br />
* Linux<br />
* Mac<br />
* Windows<br />
<br />
===By cointype===<br />
<br />
* Bitcoin<br />
* Litecoin<br />
* Namecoin<br />
<br />
The developers are open to add support for other significant altcoins in the future. Currently no Litecoin or Namecoin clients are ready to work with TREZOR. <br />
<br />
===By wallet===<br />
<br />
The hardware wallet can be used with a desktop client or a web wallet with a full [[BIP 0032]] and [[BIP 0039]] support.<br />
<br />
* [https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
* [https://play.google.com/store/apps/details?id=com.bonsai.wallet32&hl=en Wallet32 for Android]<br />
<br />
== Using TREZOR ==<br />
<br />
TREZOR needs an online wallet or a desktop client as an interface that broadcasts the transactions signed by the device to the blockchain.<br />
<br />
In order to send coins or change the basic settings, the device needs to be connected to a computer with a micro USB cable.<br />
In order to receive coins it is not needed to have the device plugged.<br />
<br />
=== Sending bitcoins ===<br />
<br />
=== Receiving bitcoins ===<br />
<br />
=== Recovery ===<br />
<br />
<br />
to be continued ... :)<br />
<br />
== Resources ==<br />
<br />
[https://bitcointrezor.com/faq TREZOR FAQ]<br />
[https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48399TREZOR2014-06-26T03:07:21Z<p>Slush: </p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
'''TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.'''<br />
<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. <br />
Spending bitcoins is made securely without exposing your private keys to a malware.<br />
<br />
<br />
<br />
== TREZOR Hardware Design ==<br />
TREZOR is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a micro USB (like a mouse or a keyboard). The limited USB protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required.<br />
<br />
<br clear="all"><br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups of private keys unnecessary. <br />
<br />
When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet.<br />
<br />
TREZOR provides the user optional protection mechanisms: PIN protection and passphrase encryption.<br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
Encryption passphrase can be set on top of the PIN. This protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Compatibility of TREZOR ==<br />
<br />
'''by cointype'''<br />
<br />
TREZOR is supporting Bitcoin, Litecoin and Namecoin. The developers are open to add support for other significant altecoins in the future.<br />
Currently no Litecoin or Namecoin clients are ready to work with TREZOR. <br />
<br />
'''by wallet'''<br />
<br />
The hardware wallet can be used with a desktop client or a web wallet with full [[BIP 0032]] and [[BIP 0039]] support.<br />
<br />
Today it is compatible with:<br />
<br />
[https://mytrezor.com myTREZOR Web Wallet]<br />
<br />
[https://play.google.com/store/apps/details?id=com.bonsai.wallet32&hl=en Wallet32 for Android]<br />
<br />
== Usage of TREZOR ==<br />
TREZOR needs an online wallet or a desktop client to broadcast the transactions signed by the device to the blockchain.<br />
<br />
When first using the device: <br />
* go to [https://mytrezor.com myTREZOR.com]<br />
* allow the browser plugin to be installed (you will be prompted)<br />
* enter the Setup page and<br />
* define Device Label<br />
* choose the length of the recovery seed (12, 18 or 24 words)<br />
* set PIN<br />
* and optionally a passphrase encryption<br />
<br />
In the following step, a recovery seed is generated. This seed needs to be written down on a paper and kept in a safe place.<br />
<br />
<br />
to be continued ... :)<br />
<br />
<br />
TREZOR FAQ: [https://bitcointrezor.com/faq www.bitcointrezor.com/faq]<br />
<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48398TREZOR2014-06-26T02:45:55Z<p>Slush: </p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
<br />
TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. Like this spending bitcoins is made securely without exposing your private keys to a compromised or vulnerable computer.<br />
<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
<br />
<br />
<br />
=== TREZOR Hardware Design ===<br />
TREZOR is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a micro USB (like a mouse or a keyboard). The limited USB protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required.<br />
<br />
<br clear="all"><br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups unnecessary. When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet.<br />
<br />
TREZOR provides the user optional protection mechanisms: PIN protection and passphrase encryption.<br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
Encryption passphrase can be set on top of the PIN. This protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Compatibility of TREZOR ==<br />
<br />
TREZOR is supporting Bitcoin, Litecoin and Namecoin. Currently no LTC and NMC clients do not fulfill conditions for full integration with the TREZOR.<br />
<br />
TREZOR needs an online wallet or a desktop client which serves as a tool for broadcasting the transactions signed by TREZOR to the blockchain.<br />
<br />
<br />
<br />
TREZOR FAQ: [https://bitcointrezor.com/faq www.bitcointrezor.com/faq]<br />
<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]<br />
[[Category:Hardware wallet]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48397TREZOR2014-06-26T02:43:57Z<p>Slush: /* TREZOR Hardware Design */</p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
<br />
TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. Like this spending bitcoins is made securely without exposing your private keys to a compromised or vulnerable computer.<br />
<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
<br />
<br />
<br />
=== TREZOR Hardware Design ===<br />
TREZOR is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a micro USB (like a mouse or a keyboard). The limited USB protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required.<br />
<br />
<br clear="all"><br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups unnecessary. When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet.<br />
<br />
TREZOR provides the user optional protection mechanisms: PIN protection and passphrase encryption.<br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
Encryption passphrase can be set on top of the PIN. This protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Compatibility of TREZOR ==<br />
<br />
TREZOR is supporting Bitcoin, Litecoin and Namecoin. Currently no LTC and NMC clients do not fulfill conditions for full integration with the TREZOR.<br />
<br />
TREZOR needs an online wallet or a desktop client which serves as a tool for broadcasting the transactions signed by TREZOR to the blockchain.<br />
<br />
<br />
<br />
TREZOR FAQ: [https://bitcointrezor.com/faq www.bitcointrezor.com/faq]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48396TREZOR2014-06-26T02:43:09Z<p>Slush: /* TREZOR Hardware Design */</p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
<br />
TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. Like this spending bitcoins is made securely without exposing your private keys to a compromised or vulnerable computer.<br />
<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
<br />
<br />
<br />
== TREZOR Hardware Design ==<br />
TREZOR is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a micro USB (like a mouse or a keyboard). The limited USB protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required.<br />
<br />
<br clear="all"><br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups unnecessary. When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet.<br />
<br />
TREZOR provides the user optional protection mechanisms: PIN protection and passphrase encryption.<br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
Encryption passphrase can be set on top of the PIN. This protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Compatibility of TREZOR ==<br />
<br />
TREZOR is supporting Bitcoin, Litecoin and Namecoin. Currently no LTC and NMC clients do not fulfill conditions for full integration with the TREZOR.<br />
<br />
TREZOR needs an online wallet or a desktop client which serves as a tool for broadcasting the transactions signed by TREZOR to the blockchain.<br />
<br />
<br />
<br />
TREZOR FAQ: [https://bitcointrezor.com/faq www.bitcointrezor.com/faq]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48395TREZOR2014-06-26T02:42:36Z<p>Slush: /* TREZOR Hardware Design */</p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
<br />
TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. Like this spending bitcoins is made securely without exposing your private keys to a compromised or vulnerable computer.<br />
<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
<br />
<br />
<br />
== TREZOR Hardware Design ==<br />
TREZOR is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a micro USB (like a mouse or a keyboard). The limited USB protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required.<br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups unnecessary. When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet.<br />
<br />
TREZOR provides the user optional protection mechanisms: PIN protection and passphrase encryption.<br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
Encryption passphrase can be set on top of the PIN. This protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Compatibility of TREZOR ==<br />
<br />
TREZOR is supporting Bitcoin, Litecoin and Namecoin. Currently no LTC and NMC clients do not fulfill conditions for full integration with the TREZOR.<br />
<br />
TREZOR needs an online wallet or a desktop client which serves as a tool for broadcasting the transactions signed by TREZOR to the blockchain.<br />
<br />
<br />
<br />
TREZOR FAQ: [https://bitcointrezor.com/faq www.bitcointrezor.com/faq]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48394TREZOR2014-06-26T02:41:25Z<p>Slush: </p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
<br />
TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. Like this spending bitcoins is made securely without exposing your private keys to a compromised or vulnerable computer.<br />
<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|right|Confirming transaction with TREZOR]]<br />
<br />
<br />
<br />
== TREZOR Hardware Design ==<br />
It is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a micro USB (like a mouse or a keyboard). The limited USB protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required. <br />
<br />
<br />
== TREZOR Software Design & Security ==<br />
<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups unnecessary. When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet.<br />
<br />
TREZOR provides the user optional protection mechanisms: PIN protection and passphrase encryption.<br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
Encryption passphrase can be set on top of the PIN. This protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
== Compatibility of TREZOR ==<br />
<br />
TREZOR is supporting Bitcoin, Litecoin and Namecoin. Currently no LTC and NMC clients do not fulfill conditions for full integration with the TREZOR.<br />
<br />
TREZOR needs an online wallet or a desktop client which serves as a tool for broadcasting the transactions signed by TREZOR to the blockchain.<br />
<br />
<br />
<br />
TREZOR FAQ: [https://bitcointrezor.com/faq www.bitcointrezor.com/faq]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=48393Hardware wallet2014-06-26T02:35:07Z<p>Slush: /* TREZOR The Bitcoin Safe */</p>
<hr />
<div>A '''hardware wallet''' is a device that stores a part of a user's [[wallet]] securely in mostly-offline hardware. They have major advantages over other wallet types:<br />
<br />
* the key is often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, as opposed to a [[paper wallet]] which must be imported to software at some point<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
<br />
<br />
== Purchasable hardware wallets ==<br />
<br />
=== [[TREZOR]] The Bitcoin Safe ===<br />
[https://bitcointrezor.com BitcoinTrezor.com]<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming transaction with TREZOR]]<br />
<br />
<br />
[https://bitcointrezor.com/faq/ FAQ @BitcoinTrezor.com]<br />
<br />
[[TREZOR]] is a secure bitcoin storage and a transaction signing tool. <br />
<br />
The private keys generated by the device never leave it and cannot be accessed by a malware. Thanks to a limited USB protocol only a payment template can be sent into the device (address and amount) which then has to be confirmed by a physical user interaction (visual verification of the transaction details and pressing the confirmation button).<br />
<br />
TREZOR uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32). <br />
<br />
A recovery seed is generated when the device is initialized. In case it gets lost or stolen, all it's contents can be recovered using the seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39 compatible wallet. <br />
<br />
TREZOR introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer.<br />
<br />
An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
[http://www.pi-wallet.com/ Pi-Wallet Shop]<br />
<br />
[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]<br />
<br />
The Pi-Wallet is comparable to an offline Notebook. <br />
<br />
However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.<br />
<br />
To sign offline-transaction you will need an (unused) USB stick.<br />
<br />
<br />
<br clear="all"><br />
<br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=127587.0 BitSafe Hardware Wallet Development - BOM Ready - 50 kits being prepared]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== BTChip btchip USB based transaction signer and private key holder ===<br />
[[File:Btchip-wallet.jpg|300px|thumb|left|BTChip]]<br />
[https://bitcointalk.org/index.php?topic=134999.0 ANN Smartcard wallet project + btchip implementation (no reader required)]<br />
<br />
[http://www.btchip.com www.btchip.com]<br />
<br />
USB smartcard dedicated to bitcoins, no keypad or display so trust in the host device is required. An improvement has been implemented that uses a secret value known to the user during the transaction for additional security.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* slush's Hardware wallet wire protocol discussion: [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]<br />
* kjj's Todo List discussion for client protocol requirements: [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 in topic Re: Split private keys]<br />
* paybitcoin's original post: [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://bitcointalk.org/index.php?topic=135090.0 This thread] about editing this very wiki entry.<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=TREZOR&diff=48392TREZOR2014-06-26T02:33:44Z<p>Slush: TREZOR The Bitcoin Safe</p>
<hr />
<div>[https://bitcointrezor.com BitcoinTrezor.com]<br />
<br />
<br />
TREZOR is a hardware wallet providing the highest level of security and convenience for a common computer user.<br />
<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming transaction with TREZOR]]<br />
<br />
<br />
Unlike for example a cold storage (offline storage or paper wallet), TREZOR also signs transactions internally. Like this spending bitcoins is made securely without exposing your private keys to a compromised or vulnerable computer.<br />
<br />
It is a small USB device with a display and two buttons.<br />
<br />
It connects to a computer via a micro USB (like a mouse or a keyboard). The limited USB protocol only allows to send a transaction template to the device and protects the wallet against malware.<br />
<br />
The display allows the user to visually verify the payment address and the amount to be sent. In order to proceed the transaction, a physical human interaction (pressing the button) is required. <br />
<br />
TREZOR uses hierarchical deterministic wallet creation ([[BIP 0032]]) which makes regular backups unnecessary. When first initialized, a mnemonic code of 12,18 or 24 words, the recovery seed, is created. In case the device gets lost or stolen, the user can recover the entire holdings including transaction history into a new device or other compatible wallet.<br />
<br />
TREZOR provides the user optional protection mechanisms: PIN protection and passphrase encryption.<br />
<br />
A PIN is set by the user during the setup. It protects TREZOR against being used by unauthorized persons. The wallet creators have invented a secure way of entering the PIN that can’t be keylogged and misused.<br />
<br />
Encryption passphrase can be set on top of the PIN. This protects the device in case of seizure. Multiple passphrases can be used for plausible deniability.<br />
<br />
TREZOR FAQ: [https://bitcointrezor.com/faq www.bitcointrezor.com/faq]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Deterministic_wallet&diff=48391Deterministic wallet2014-06-26T02:06:01Z<p>Slush: /* Benefits */</p>
<hr />
<div>A deterministic wallet is a system of deriving keys from a single starting point known as a seed. The seed allows a user to easily back up and restore a wallet without needing any other information and can in some cases allow the creation of public addresses without the knowledge of the private key. <br />
<br />
== Benefits ==<br />
<br />
Early clients such as the [[Satoshi client]] generate a buffer of fresh random private keys to be used as receiving and [[change|change addresses]] in the future. This has the effect of invalidating backups after a short period when the keypool buffer (typically 100 addresses) is exhausted, deterministic wallets can generate an unlimited number of addresses on the fly and as such don't suffer from this issue. As the addresses are generated in a known fashion rather than randomly some clients can be used on multiple devices without the risk of losing funds. Users can conveniently create a single backup of the seed in a human readable format that will last the life of the wallet, without the worry of this backup becoming stale. <br />
<br />
Certain types of deterministic wallet (BIP0032, Armory and [[Coinkite]] ) additionally allow for the complete separation of private and public key creation for greater security and convenience. In this model a server can be set up to only know the Master Public Key of a particular deterministic wallet. This allows the server to create as many public keys as is necessary for receiving funds, but a compromise of the MPK will not allow an attacker to spend from the wallet. They can alternatively be used in [[Electrum]] and [[Armory]] to enable completely offline storage and spending, where an offline computer knows the private key and an online one knows only the MPK. Transactions spending coins are ferried between the two computers via USB storage which avoids exposing the offline computer to a network-based attack.<br />
<br />
Deterministic wallets implemented by hardware wallets ([[TREZOR]]) keep the generated private keys offline and do not expose them to the computer even when spending coins.<br />
<br />
==Types==<br />
<br />
===Type 1 deterministic wallet===<br />
A type 1 deterministic wallet is a simple method of generating addresses from a known starting string, as such it does not allow advanced features such as a Master Public Key. To generate a private key take SHA256(string + n), where n is an ASCII-coded number that starts from 1 and increments as additional keys are needed. <br />
<br />
This type of wallet can be created by Casascius Bitcoin Address Utility.<br />
<br />
===Type 2 hierarchical deterministic wallet===<br />
This wallet type is described in [[BIP 0032]] and is fully implemented in [[TREZOR]], [[Electrum]] and [[CarbonWallet]]. The seed is a random 128 bit value presented to the user as a 12 word mnemonic using common English words. The seed is used after 100,000 rounds of SHA256 to slow down attacks against weak user-chosen strings. [https://bitcointalk.org/index.php?topic=330672.msg3547258#msg3547258]. <br />
<br />
The initial description and workings of this wallet type is credited to Gregory Maxwell. [https://bitcointalk.org/index.php?topic=19137.msg239768#msg239768]<br />
<br />
===Armory deterministic wallet===<br />
[[Armory]] has its own Type-2 deterministic wallet format based on a "root key" and a "chain code." Earlier versions of Armory required backing up both the "root key" and "chaincode," while newer versions start deriving the chaincode from the private key in a non-reversible way. These newer Armory wallets (0.89+) only require the single, 256-bit root key. This older format is intended to be phased out in favor of the standard BIP0032 format. [https://bitcointalk.org/index.php?topic=351099.msg3770818#msg3770818]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Deterministic_wallet&diff=48390Deterministic wallet2014-06-26T02:01:08Z<p>Slush: /* Types */</p>
<hr />
<div>A deterministic wallet is a system of deriving keys from a single starting point known as a seed. The seed allows a user to easily back up and restore a wallet without needing any other information and can in some cases allow the creation of public addresses without the knowledge of the private key. <br />
<br />
== Benefits ==<br />
<br />
Early clients such as the [[Satoshi client]] generate a buffer of fresh random private keys to be used as receiving and [[change|change addresses]] in the future. This has the effect of invalidating backups after a short period when the keypool buffer (typically 100 addresses) is exhausted, deterministic wallets can generate an unlimited number of addresses on the fly and as such don't suffer from this issue. As the addresses are generated in a known fashion rather than randomly some clients can be used on multiple devices without the risk of losing funds. Users can conveniently create a single backup of the seed in a human readable format that will last the life of the wallet, without the worry of this backup becoming stale. <br />
<br />
Certain types of deterministic wallet (BIP0032, Armory and [[Coinkite]] ) additionally allow for the complete separation of private and public key creation for greater security and convenience. In this model a server can be set up to only know the Master Public Key of a particular deterministic wallet. This allows the server to create as many public keys as is necessary for receiving funds, but a compromise of the MPK will not allow an attacker to spend from the wallet. They can alternatively be used in [[Electrum]] and [[Armory]] to enable completely offline storage and spending, where an offline computer knows the private key and an online one knows only the MPK. Transactions spending coins are ferried between the two computers via USB storage which avoids exposing the offline computer to a network-based attack.<br />
<br />
==Types==<br />
<br />
===Type 1 deterministic wallet===<br />
A type 1 deterministic wallet is a simple method of generating addresses from a known starting string, as such it does not allow advanced features such as a Master Public Key. To generate a private key take SHA256(string + n), where n is an ASCII-coded number that starts from 1 and increments as additional keys are needed. <br />
<br />
This type of wallet can be created by Casascius Bitcoin Address Utility.<br />
<br />
===Type 2 hierarchical deterministic wallet===<br />
This wallet type is described in [[BIP 0032]] and is fully implemented in [[TREZOR]], [[Electrum]] and [[CarbonWallet]]. The seed is a random 128 bit value presented to the user as a 12 word mnemonic using common English words. The seed is used after 100,000 rounds of SHA256 to slow down attacks against weak user-chosen strings. [https://bitcointalk.org/index.php?topic=330672.msg3547258#msg3547258]. <br />
<br />
The initial description and workings of this wallet type is credited to Gregory Maxwell. [https://bitcointalk.org/index.php?topic=19137.msg239768#msg239768]<br />
<br />
===Armory deterministic wallet===<br />
[[Armory]] has its own Type-2 deterministic wallet format based on a "root key" and a "chain code." Earlier versions of Armory required backing up both the "root key" and "chaincode," while newer versions start deriving the chaincode from the private key in a non-reversible way. These newer Armory wallets (0.89+) only require the single, 256-bit root key. This older format is intended to be phased out in favor of the standard BIP0032 format. [https://bitcointalk.org/index.php?topic=351099.msg3770818#msg3770818]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Securing_your_wallet&diff=48389Securing your wallet2014-06-26T02:00:40Z<p>Slush: /* Backing up your wallet */</p>
<hr />
<div>==Introduction==<br />
<br />
Unless you are using a [[hardware wallet]] it is strongly recommended to read this page.<br />
<br />
Wallet security can be broken down into two independent goals:<br />
# Protecting your wallet against loss.<br />
# Protecting your wallet against theft.<br />
<br />
In the case that your current wallet hasn't been protected adequately (e.g. put online with a weaker password):<br />
# Making a new secure wallet, using appropriate long-term protection.<br />
<br />
''For a brief overview see also: [[Wallet Security Dos and Don'ts|Wallet Security Dos and Don'ts]]''<br />
<br />
==Paper Wallets==<br />
[[Paper wallet]]s can be used to store bitcoins offline in non-digital format. Using securely generated paper wallets significantly decreases the chances of your bitcoins being stolen by hackers or computer viruses.<br />
<br />
Fundamentally, a paper wallet is merely a physical record of a [[private key]] (most commonly written as a sequence of fifty-one alphanumeric characters beginning with a '5') and its corresponding [[public key]]. The private key is used to prove your right to spend the bitcoins transferred to the paper wallet, and as such should be kept hidden and secret. If the private key on a paper wallet is exposed (for example in a photograph) then the wallet may be "swept" by anyone who sees the key. To guard against accidental revelation, the private key displayed on the paper wallet may be encrypted using a password ("BIP38") or split into several different parts ("Shamir's secret sharing scheme"). At the very least, the private key should be well hidden e.g. by folding the wallet in half and sealing it shut.<br />
<br />
You can send bitcoins to the public address on your paper wallet as often as you like, and they will be inaccessible until the private key is imported into a "live" wallet. You can use a service such as [[BlockChain.info]] to verify the balance of your paper wallet, which is a matter of public record. As of version 0.6.0, the bitcoin QT software has a command line feature called "importprivkey" that can load private keys. Online exchanges and wallets such as [[Coinbase (business)|Coinbase]] and BlockChain.info have features for importing (or "sweeping") paper wallet private keys as well.<br />
<br />
=== Software for generating paper wallets ===<br />
<br />
Some [[Paper wallet|paper wallet generators]] have been written entirely in HTML/JavaScript to make it fairly easy to generate paper wallets on virtually any operating system. Although these generators use a web browser, they are generally capable of running offline since address generation happens entirely within the web browser. It's advisable to use those services from [https://en.wikipedia.org/wiki/Live_CD live disc], to ensure that private keys are not compromised by spyware. <br />
<br />
To generate a safer paper wallet, first save the paper wallet generating code to a newly-formatted USB stick and verify the integrity (SHA1 hash or PGP signature) of the code. Then "clean-boot" your computer with a bootable CD (such as a Linux Live CD) while disconnected from the Internet. Insert the USB stick and open the wallet generator's HTML file using a web browser. Print your paper wallets or store them on external media (do not save them on the computer), and then shut down the computer. You may need to load an appropriate printer driver in order to print while booted from the live CD.<br />
<br />
=== Tips for making paper wallets ===<br />
<br />
* Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't transmitting your keys online. <br />
<br />
* Verifying the integrity of the code (and the trustworthiness of the author) is important to make sure a hacker hasn't modified the HTML so that it generates predictable addresses instead of truly random keys.<br />
<br />
* Using a very basic printer is advisable since high-end office printers may have WiFi or internal storage that keeps a cache of printed documents.<br />
<br />
* Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets and private keys are something of value that have already been targeted by malware. If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private key can then be intercepted while you enter it, so only enter a Bitcoin private key into your computer when your intent is to redeem its value ''immediately'' or when you want to transfer your funds into a secure [[hardware wallet]].<br />
<br />
== Hardware wallets ==<br />
[[Hardware wallet]]s are a major step to enhanced security and usability.<br />
<br />
So far only [http://bitcointrezor.com TREZOR Hardware Wallet] and [http://www.pi-wallet.com/ Pi Wallet] are available.<br />
<br />
==Importance of security updates==<br />
<br />
No software is perfect, and from time to time there may be security vulnerabilities found in your Bitcoin client as well.<br />
Be sure you keep your client updated with the latest bug fixes, especially when a new vulnerability is discovered.<br />
We maintain a [[CVEs|list a known vulnerabilities]] on this wiki - you can watch that page to get updates.<br />
Note that you ''don't'' need to be running the latest major client version: some clients, including the popular Bitcoin-Qt, have older versions available with bugfix-only updates.<br />
<br />
==Securing the Bitcoin-QT or bitcoind wallet==<br />
<br />
Bitcoin transactions send Bitcoins to a specific public key. A Bitcoin address is an encoded hash of a public key. In order to use received Bitcoins, you need to have the private key matching the public key you received with. This is sort of like a super long password associated with an account (the account is the public key). Your Bitcoin wallet contains all of the private keys necessary for spending your received transactions. If you delete your wallet without a backup, then you no longer have the authorization information necessary to claim your coins, and the coins associated with those keys are lost forever.<br />
<br />
The wallet contains a pool of queued keys. By default there are 100 keys in the [[key pool]]. The size of the pool is configurable using the "-keypool" command line argument. When you need an address for whatever reason (send, “new address”, generation, etc.), the key is not actually generated freshly, but taken from this pool. A brand new address is generated to fill the pool back to 100. So when a backup is first created, it has all of your old keys plus 100 unused keys. After sending a transaction, it has 99 unused keys. After a total of 100 new-key actions, you will start using keys that are not in your backup. Since the backup does not have the private keys necessary for authorizing spends of these coins, restoring from the old backup will cause you to lose Bitcoins.<br />
<br />
Creating a new address generates a new pair of public and private keys, which are added to your wallet. Each keypair is mostly random numbers, so they cannot be known prior to generation. If you backup your wallet and then create more than 100 new addresses, the keypair associated with the newest addresses will not be in the old wallet because the new keypairs are only known after creating them. Any coins received at these addresses will be lost if you restore from the backup.<br />
<br />
The situation is made somewhat more confusing because the receiving addresses shown in the UI are not the only keys in your wallet. Each Bitcoin generation is given a new public key, and, more importantly, each sent transaction also sends some number of Bitcoins back to yourself at a new key. When sending Bitcoins to anyone, you generate a new keypair for yourself and simultaneously send Bitcoins to your new public key and the actual recipient's public key. This is an anonymity feature – it makes tracking Bitcoin transactions much more difficult.<br />
<br />
So if you create a backup, do more than 100 things that cause a new key to be used, and then restore from the backup, some Bitcoins will be lost. Bitcoin has not deleted any keys (keys are never deleted) – it has created a new key that is not in your old backup and then sent Bitcoins to it.<br />
<br />
== Making a new wallet ==<br />
<br />
If a wallet or an encrypted wallet's password has been compromised, it is wise to create a new wallet and transfer the full balance of bitcoins to addresses contained only in the newly created wallet. Examples of ways a wallet may be compromised are through password re-use, minimal strength passwords, computer hack or virus attack.<br />
<br />
There are a number of ways to create a new wallet with Bitcoin-QT or bitcoind but this is a process that has been tested with bitcoind 0.6.3. We use the copy command to minimize the chance of any data loss but you are warned to make backups of any wallet.dat that holds a balance for you.<br />
<br />
:1. Shut down the Bitcoin program.<br />
:2. Find and make a backup of the "compromised" wallet.dat file and rename it, perhaps adding a short description:<br />
:::wallet.dat -> wallet-compromised.dat<br />
:Depending on your OS, the wallet file will be located at:<br />
:::Windows: %APPDATA%\Bitcoin\<br />
:::Linux: ~/.bitcoin/<br />
:::Mac: ~/Library/Application Support/Bitcoin/<br />
:3. Start the Bitcoin program and it will create a new wallet.dat. You may then encrypt the wallet as desired and make a new backup.<br />
:4. Once you've made a new wallet, you can obtain one or more addresses and copy them into a text editor. After obtaining the new address(es), shut down the Bitcoin program, make a backup of the new wallet.dat file and copy it to a new file named wallet-new.dat.<br />
:5. Copy the wallet-compromised.dat file back to wallet.dat, start the Bitcoin program and transfer your balance to the new address(es) you put in your text editor. Once the balance is back to 0 for your compromised wallet, you may want to wait a couple minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program.<br />
:6. Rename wallet.dat to wallet-compromised.dat. <br />
:7. Rename wallet-new.dat to wallet.dat.<br />
<br />
You should now have a new wallet with all the bitcoins from the old wallet.<br />
<br />
==Making a secure workspace==<br />
<br />
Unless you are using a [[hardware wallet]], you must take care that the system is free of malware, viruses, keyloggers, remote access tools, and other tools that may be used to make remote copies of your wallet, Bitcoin-related passwords, or Bitcoin private keys. When your computer is compromised, the precautions taken below may provide additional protection.<br />
<br />
A [[hardware wallet]] typically holds the private keys on its internal storage that is not accessible by any malware. The device signs the transactions internally and only transmits the signed transactions to the computer. The separation of the private keys from the vulnerable environment allows the user to spend bitcoins on a compromised computer without any risk. <br />
<br />
<br />
===Debian-based Linux===<br />
<br />
==== Store all into an encrypted folder (Tomb) ====<br />
<br />
Tomb is a simple tool to manage encrypted storage on GNU/Linux. Among its features are bind-hooks to set up a tomb's contents in the place where other programs expect them, for example in our case mount -o bind the .bitcoin directory in a user's home.<br />
<br />
First install tomb from https://files.dyne.org/tomb (homepage is on http://www.dyne.org/software/tomb)<br />
<br />
Among the requirements: zsh, cryptsetup, pinentry-curses, gnupg, sudo.<br />
<br />
Recommended: wipe, dcfldd, steghide, qrencode.<br />
<br />
Then create a tomb (we name it bitcoin) with three commands:<br />
<br />
<code>tomb dig -s 100 bitcoin.tomb</code><br />
<br />
<code>tomb forge bitcoin.tomb.key</code><br />
<br />
<code>tomb lock bitcoin.tomb -k bitcoin.tomb.key</code><br />
<br />
Then open it<br />
<br />
<code>tomb open bitcoin.tomb</code><br />
<br />
This will require you to input again the password you selected.<br />
<br />
Once open the tomb contents are in /media/bitcoin.tomb<br />
<br />
Move there your bitcoin wallet:<br />
<br />
<code>mv ~/.bitcoin /media/bitcoin.tomb/my-safe-wallet</code><br />
<br />
Then create a file "/media/bitcoin.tomb/bind-hooks" and put a single line:<br />
<br />
<code>my-safe-wallet .bitcoin</code><br />
<br />
Which means that every time the tomb is open, the directory my-safe-wallet needs to be bound to ~/.bitcoin. Just make sure an empty ~/.bitcoin directory exists in your home.<br />
<br />
Now close the tomb and store its keys safely, make sure you memorize the password. Have a look at Tomb's documentation, there is a number of things you can do like steganography or printing out keys on a paper to hide and such.<br />
<br />
That's it. Every time you like to access your wallet open the tomb and the .bitcoin will be in place. One can also store the bitcoin binary inside the tomb and even start the bitcoin client using the exec-hooks. Tomb's manual page "man tomb" explains the possibilities.<br />
<br />
The advantage of this approach over an encrypted home is that it becomes extremely portable across computers and even online shells: a Tomb is just a file and its key can be stored far away, on different shells, usb sticks or mobile phones.<br />
<br />
<br />
<br />
<br />
==== Secure the whole user home directory ====<br />
The first step is to make a [http://www.howtogeek.com/howto/ubuntu/add-a-user-on-ubuntu-server/ new user]. In order for that new user to have an encrypted home directory, you'll first need the encryption utility. Run:<br />
<br />
<code>sudo apt-get install ecryptfs-utils</code><br />
<br />
Now you're ready to create a new user<br />
<br />
<code>sudo adduser --encrypt-home new_user_name</code><br />
<br />
You'll need to come up with a [[#Choosing_A_Strong_Password|secure]] new password for that user.<br />
<br />
When you get to the prompt 'Enter the new value, or press ENTER for the default', just keep hitting ENTER.<br />
<br />
Then switch user to the new user. To get to the new user you can use the switch user icon for your system, which on Ubuntu is in the 'System/Quit' screen, or if there is no switch icon on your system you can log out and log back in as the new user.<br />
<br />
Since the home folder of this user is encrypted, if you're not logged in as that user, data that is saved there can't be browsed, even by a root user. If something goes wrong with your system, and you need to decrypt the new user's files, you'll need its decryption key.<br />
<br />
<code>ecryptfs-unwrap-passphrase</code><br />
<br />
It will ask you for your user's password and give you the decryption key. '''WRITE DOWN OR SAVE THE CODE IT RETURNS''' because you will need it if you ever have to pull your data off while the OS is not working. (You can run it again later if you need to, but run it now so that you can get your data if your Linux install gets botched.)<br />
<br />
The encrypted folder data is not encrypted while it's in memory, and so if it's ever sent to the swap partition it can be stolen from there unless that too is encrypted - be aware that this will mean you cannot use Hibernate anymore, as the bootloader won't be able to restore the hibernation data.<br />
<br />
<code>ecryptfs-setup-swap</code><br />
<br />
Then click on a folder in the new user to display the file browser, then keep going up folders until you see the new user home directory, then right click to bring up the Properties dialog, then click on the Permissions tab, then in the Others section, set the folder access to None.<br />
<br />
For secure browsing, open Firefox, and then go into the Edit menu and click Preferences. Starting from the left, click on the General tab, and in the 'Startup/When Firefox starts' pop up menu, choose 'Show a Blank Page'. Then click on the Content tab, and deselect 'Load images automatically' and deselect 'Enable JavaScript'. Then click on the Privacy tab, and in the 'History/Firefox will' pop up menu, choose 'Never remember history'. Then click on the Security tab, and in the Passwords section, deselect 'Remember passwords for sites' and deselect 'Use a master password'. Then click on the Advanced tab, then click on the Update tab, and then in the 'Automatically check for updates to' section, deselect 'Add-ons' and 'Search Engines'.<br />
<br />
When JavaScript is disabled, the [http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.23/bitcoin-0.3.23-linux.tar.gz/download Linux download page] will not download automatically, so you'll have to click on the 'direct link' part of the "Problems with the download? Please use this 'direct link' or try another mirror." line.<br />
<br />
===Mac===<br />
This solution '''does not scale'''; the amount of needed space can grow beyond the image size.<br />
<br />
===Windows===<br />
<br />
Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk image created by third-party software, such as [http://www.truecrypt.org/ TrueCrypt] (open source) or [http://www.jetico.com/encryption-bestcrypt/ Jetico BestCrypt] (commercial). This also applies to the storage of passwords, private keys and other data that can be used to access any of your Bitcoin balances.<br />
<br />
Assuming that you have installed the Windows Bitcoin client and run it at least once, the process is described below.<br />
<br />
<p><b>To mount the Bitcoin data directory on an encrypted drive</b></p><br />
<ol start=1 type=1><br />
<li>Use the third-party disk image encryption program of your choice to create and mount an encrypted disk image of at least 5GB in size. This procedure stores the entire block chain database with the wallet.dat file so the required size of the encrypted disk image required may grow in the future.</li><br />
<li>Locate the Bitcoin data directory, and copy the directory with all contents to the encrypted drive.<br />
<p>For help finding this directory, see <b>[[Securing_your_wallet#Locating_Bitcoin_s_data_directory|Locating Bitcoin's Data Directory]]</b>.</p></li><br />
<li>Create a Windows shortcut that starts Bitcoin with the <code>-datadir</code> parameter and specifies the encrypted drive and directory.<br />
<p>For example, if you installed Bitcoin in the default directory, mounted your Bitcoin encrypted drive as <code>E:\</code>, and stored your Bitcoin data directory on it as <code>Bitcoin</code>, you would type the following command as the shortcut Target:</p><br />
<blockquote><code>C:\Program Files\Bitcoin\bitcoin.exe -datadir=E:\Bitcoin</code></blockquote></li><br />
<li>Open Bitcoin's settings and configure it <b>NOT</b> to start automatically when you start Windows.<br />
<p>This is to allow you to mount the Bitcoin encrypted disk image before starting Bitcoin.</p></li><br />
<li>Shut down Bitcoin, and then restart it from the new shortcut.</li><br />
</ol><br />
<br />
After doing this, any time you want to use Bitcoin, you must first mount the Bitcoin encrypted disk image using the same drive designation, and then run Bitcoin from the shortcut that you created, so that it can find its data and your wallet.<br />
<br />
<br />
=== General Solutions ===<br />
<br />
Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can easily steal all of your coins. Use one of these encryption programs if there is any chance someone might gain access to your wallet.<br />
* [http://www.7-zip.org/ 7-zip] - Supports strongly-encrypted archives.<br />
* [http://www.axantum.com/axcrypt/ AxCrypt by Axantum]<br />
* [http://lrzip.kolivas.org lrzip] - Compression software for Linux and OSX that supports very high grade password protected encryption<br />
* [http://www.truecrypt.org/ TrueCrypt] - Volume-based on-the-fly encryption (for advanced users)<br />
<br />
There is also a list of [[OpenSourceEncryptionSoftware|open source encryption software.]]<br />
<br />
Decrypting and encrypting the wallet.dat every time you start or quit the Bitcoin client can be ''tedious'' (and outright error-prone). If you want to keep your wallet encrypted (except while you're actually running the Bitcoin client), it's better to relegate the automation to a [http://lorelei.kaverit.org/bitcoin.sh small shell script] that handles the en/decryption and starting up Bitcoin client for you (Linux and OSX). <br />
<br />
There is also a method to print out and encrypt your wallet.dat as a special, scannable code. See details here: [[WalletPaperbackup]]<br />
<br />
==== Password Strength ====<br />
Brute-force password cracking has come a long way. A password including capitals, numbers, and special characters with a length of 8 characters can be trivially solved now (using appropriate hardware). The recommended length is '''at least''' 12 characters long. You can also use a multi-word password and there are techniques to increase the strength of your passwords without sacrificing usability. [http://www.baekdal.com/tips/password-security-usability The Usability of Passwords] <br />
<br />
However, simply using dictionary words is also insecure as it opens you up to a dictionary attack. If you use dictionary words, be sure to include random symbols and numbers in the mix as well.<br />
<br />
If you use keyfiles in addition to a password, it is unlikely that your encrypted file can ever be cracked using brute-force methods, even when even a 12 character password might be too short.<br />
<br />
Assume that any encrypted files you store online (eg. Gmail, Dropbox) will be stored somewhere forever and can never be erased.<br />
<br />
===== Choosing A Strong Password =====<br />
Make sure you pick at least one character in each group:<br /><br />
<br />
Lowercase: abcdefghijklmnopqrstuvwxyz<br />
Uppercase: ABCDEFGHIJKLMNOPQRSTUVWXYZ<br />
Number: 1234567890<br />
Symbol: `~!@#$%^&*()-_=+\|[{]};:'",<.>/? (space)<br />
<br />
<9 char = unsuitable for use<br />
09 char = insecure<br />
10 char = low security<br />
11 char = medium security<br />
12 char = good security (good enough for your wallet)<br />
13 char = very good, enough for anything.<br />
<br />
You might want to read [http://security.stackexchange.com/questions/662/what-is-your-way-to-create-good-passwords-that-can-actually-be-remembered What is your way to create good passwords that can actually be remembered?] and [http://security.stackexchange.com/questions/6095/xkcd-936-short-complex-password-or-long-dictionary-passphrase XKCD #936: Short complex password, or long dictionary passphrase?]<br />
<br />
== Backing up your wallet ==<br />
<br />
Backing up your wallet is not necessary if you use a wallet with implemented [[BIP 0032]] (hierarchical deterministic wallet). Today, only [[TREZOR]], [[Electrum]] and [[CarbonWallet]] fully support BIP 0032.<br />
<br />
For advise on the backup process see [[Backingup_your_wallet|Backing up your wallet]].<br />
<br />
==Erasing Plain-text Wallets==<br />
<br />
In most operating systems, including Windows, Linux, and Mac OS X, simply deleting a wallet.dat file will ''not'' generally destroy it. It is likely that advanced tools can still be used to recover the wallet.dat file, even after it has been deleted.<br />
<br />
The Linux '''shred''' command can be used to overwrite the wallet file with random data prior to deleting; this particular copy of the file will then be practically impossible to recover. Using shred (and similar tools on Windows) however does not guarantee that still other copies don't exist somewhere hidden on your HD. That will depend on your system configuration and what packages you have installed. Some system restore and backup tools, for instance, create periodic snapshots of your filesystem, duplicating your wallet.dat.<br />
<br />
In Mac OS, the equivalent of '''shred''' is '''srm''' (introduced in Leopard). Using the Finder to remove files, clicking "Secure Empty Trash" in the Finder menu will shred the contents of the trash can. As with any OS this doesn't guarantee that there are not other copies elsewhere on your system.<br />
<br />
For Windows, the built-in command ''cipher /W'' will shred all previously-deleted files. [http://www.cylog.org/utilities/cybershredder.jsp CyberShredder] can securely deleted individual files.<br />
<br />
==Online and Mobile Wallets==<br />
<br />
Thus far, this article has been discussing the security of a wallet file for Bitcoin-QT or bitcoind that is under your sole control. <br />
<br />
<br />
Online wallets have a number of pros and cons to consider. For example, you can access your wallet on any computer in the world, but you are essentially storing your private keys or wallet with the provider of the online wallet. <br />
Depending on the level of security of such service, your bitcoins may be lost if the service is compromised. <br />
<br />
The invention of [[hardware wallet]]s makes it possible to use online wallets in a more secure manner.<br />
A hardware wallet keeps your private keys apart from the computer and internet. An online wallet compatible with a hardware wallet (such as [http://mytrezor.com myTREZOR.com]) then does not need to store any sensitive data (private keys, passwords or email addresses) and only serves as tool for broadcasting transactions signed in the hardware wallet out to the blockchain. <br />
<br />
<br />
Mobile wallet applications are available for Android devices that allow you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It may be possible to encrypt and backup the wallet or private keys on a mobile device but it is not advisable to store a large amount of bitcoins there without doing your own research and testing. Mobile wallets are useful for small spending and not for storing your bitcoin savings.<br />
<br />
==See Also==<br />
<br />
* [[Data directory]]<br />
* [[How to import private keys]]<br />
* [http://bitcoinx.io/wallets/ Where to get a Bitcoin wallet]<br />
* [http://startbitcoin.com/how-to-create-a-secure-bitcoin-wallet/ Secure Bitcoin Wallet Tutorial]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [http://arimaa.com/bitcoin/ Bitcoin Gateway - A Peer-to-peer Bitcoin Vault and Payment Network]<br />
* [http://blog.cyplo.net/2012/04/01/bitcoin-wallet-recovery-photorec/ Find lost wallet eg. after disk format, using Photorec]<br />
* [https://docs.google.com/document/d/1dNZ7N_lQXHQp0jWkeN7dW4bWNMpcTBRM4iEoSuQwLho/edit# The Ultimate Guide to Web Wallet Security]<br />
<br />
[[Category:Security]]<br />
<br />
[[de:Sichere deine Geldbörse]]<br />
[[ru:Bitcoin и безопасность]]<br />
[[es:Cómo asegurar su monedero]]<br />
[[zh-cn:保护你的钱包]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Securing_your_wallet&diff=48388Securing your wallet2014-06-26T01:50:33Z<p>Slush: </p>
<hr />
<div>==Introduction==<br />
<br />
Unless you are using a [[hardware wallet]] it is strongly recommended to read this page.<br />
<br />
Wallet security can be broken down into two independent goals:<br />
# Protecting your wallet against loss.<br />
# Protecting your wallet against theft.<br />
<br />
In the case that your current wallet hasn't been protected adequately (e.g. put online with a weaker password):<br />
# Making a new secure wallet, using appropriate long-term protection.<br />
<br />
''For a brief overview see also: [[Wallet Security Dos and Don'ts|Wallet Security Dos and Don'ts]]''<br />
<br />
==Paper Wallets==<br />
[[Paper wallet]]s can be used to store bitcoins offline in non-digital format. Using securely generated paper wallets significantly decreases the chances of your bitcoins being stolen by hackers or computer viruses.<br />
<br />
Fundamentally, a paper wallet is merely a physical record of a [[private key]] (most commonly written as a sequence of fifty-one alphanumeric characters beginning with a '5') and its corresponding [[public key]]. The private key is used to prove your right to spend the bitcoins transferred to the paper wallet, and as such should be kept hidden and secret. If the private key on a paper wallet is exposed (for example in a photograph) then the wallet may be "swept" by anyone who sees the key. To guard against accidental revelation, the private key displayed on the paper wallet may be encrypted using a password ("BIP38") or split into several different parts ("Shamir's secret sharing scheme"). At the very least, the private key should be well hidden e.g. by folding the wallet in half and sealing it shut.<br />
<br />
You can send bitcoins to the public address on your paper wallet as often as you like, and they will be inaccessible until the private key is imported into a "live" wallet. You can use a service such as [[BlockChain.info]] to verify the balance of your paper wallet, which is a matter of public record. As of version 0.6.0, the bitcoin QT software has a command line feature called "importprivkey" that can load private keys. Online exchanges and wallets such as [[Coinbase (business)|Coinbase]] and BlockChain.info have features for importing (or "sweeping") paper wallet private keys as well.<br />
<br />
=== Software for generating paper wallets ===<br />
<br />
Some [[Paper wallet|paper wallet generators]] have been written entirely in HTML/JavaScript to make it fairly easy to generate paper wallets on virtually any operating system. Although these generators use a web browser, they are generally capable of running offline since address generation happens entirely within the web browser. It's advisable to use those services from [https://en.wikipedia.org/wiki/Live_CD live disc], to ensure that private keys are not compromised by spyware. <br />
<br />
To generate a safer paper wallet, first save the paper wallet generating code to a newly-formatted USB stick and verify the integrity (SHA1 hash or PGP signature) of the code. Then "clean-boot" your computer with a bootable CD (such as a Linux Live CD) while disconnected from the Internet. Insert the USB stick and open the wallet generator's HTML file using a web browser. Print your paper wallets or store them on external media (do not save them on the computer), and then shut down the computer. You may need to load an appropriate printer driver in order to print while booted from the live CD.<br />
<br />
=== Tips for making paper wallets ===<br />
<br />
* Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't transmitting your keys online. <br />
<br />
* Verifying the integrity of the code (and the trustworthiness of the author) is important to make sure a hacker hasn't modified the HTML so that it generates predictable addresses instead of truly random keys.<br />
<br />
* Using a very basic printer is advisable since high-end office printers may have WiFi or internal storage that keeps a cache of printed documents.<br />
<br />
* Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets and private keys are something of value that have already been targeted by malware. If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private key can then be intercepted while you enter it, so only enter a Bitcoin private key into your computer when your intent is to redeem its value ''immediately'' or when you want to transfer your funds into a secure [[hardware wallet]].<br />
<br />
== Hardware wallets ==<br />
[[Hardware wallet]]s are a major step to enhanced security and usability.<br />
<br />
So far only [http://bitcointrezor.com TREZOR Hardware Wallet] and [http://www.pi-wallet.com/ Pi Wallet] are available.<br />
<br />
==Importance of security updates==<br />
<br />
No software is perfect, and from time to time there may be security vulnerabilities found in your Bitcoin client as well.<br />
Be sure you keep your client updated with the latest bug fixes, especially when a new vulnerability is discovered.<br />
We maintain a [[CVEs|list a known vulnerabilities]] on this wiki - you can watch that page to get updates.<br />
Note that you ''don't'' need to be running the latest major client version: some clients, including the popular Bitcoin-Qt, have older versions available with bugfix-only updates.<br />
<br />
==Securing the Bitcoin-QT or bitcoind wallet==<br />
<br />
Bitcoin transactions send Bitcoins to a specific public key. A Bitcoin address is an encoded hash of a public key. In order to use received Bitcoins, you need to have the private key matching the public key you received with. This is sort of like a super long password associated with an account (the account is the public key). Your Bitcoin wallet contains all of the private keys necessary for spending your received transactions. If you delete your wallet without a backup, then you no longer have the authorization information necessary to claim your coins, and the coins associated with those keys are lost forever.<br />
<br />
The wallet contains a pool of queued keys. By default there are 100 keys in the [[key pool]]. The size of the pool is configurable using the "-keypool" command line argument. When you need an address for whatever reason (send, “new address”, generation, etc.), the key is not actually generated freshly, but taken from this pool. A brand new address is generated to fill the pool back to 100. So when a backup is first created, it has all of your old keys plus 100 unused keys. After sending a transaction, it has 99 unused keys. After a total of 100 new-key actions, you will start using keys that are not in your backup. Since the backup does not have the private keys necessary for authorizing spends of these coins, restoring from the old backup will cause you to lose Bitcoins.<br />
<br />
Creating a new address generates a new pair of public and private keys, which are added to your wallet. Each keypair is mostly random numbers, so they cannot be known prior to generation. If you backup your wallet and then create more than 100 new addresses, the keypair associated with the newest addresses will not be in the old wallet because the new keypairs are only known after creating them. Any coins received at these addresses will be lost if you restore from the backup.<br />
<br />
The situation is made somewhat more confusing because the receiving addresses shown in the UI are not the only keys in your wallet. Each Bitcoin generation is given a new public key, and, more importantly, each sent transaction also sends some number of Bitcoins back to yourself at a new key. When sending Bitcoins to anyone, you generate a new keypair for yourself and simultaneously send Bitcoins to your new public key and the actual recipient's public key. This is an anonymity feature – it makes tracking Bitcoin transactions much more difficult.<br />
<br />
So if you create a backup, do more than 100 things that cause a new key to be used, and then restore from the backup, some Bitcoins will be lost. Bitcoin has not deleted any keys (keys are never deleted) – it has created a new key that is not in your old backup and then sent Bitcoins to it.<br />
<br />
== Making a new wallet ==<br />
<br />
If a wallet or an encrypted wallet's password has been compromised, it is wise to create a new wallet and transfer the full balance of bitcoins to addresses contained only in the newly created wallet. Examples of ways a wallet may be compromised are through password re-use, minimal strength passwords, computer hack or virus attack.<br />
<br />
There are a number of ways to create a new wallet with Bitcoin-QT or bitcoind but this is a process that has been tested with bitcoind 0.6.3. We use the copy command to minimize the chance of any data loss but you are warned to make backups of any wallet.dat that holds a balance for you.<br />
<br />
:1. Shut down the Bitcoin program.<br />
:2. Find and make a backup of the "compromised" wallet.dat file and rename it, perhaps adding a short description:<br />
:::wallet.dat -> wallet-compromised.dat<br />
:Depending on your OS, the wallet file will be located at:<br />
:::Windows: %APPDATA%\Bitcoin\<br />
:::Linux: ~/.bitcoin/<br />
:::Mac: ~/Library/Application Support/Bitcoin/<br />
:3. Start the Bitcoin program and it will create a new wallet.dat. You may then encrypt the wallet as desired and make a new backup.<br />
:4. Once you've made a new wallet, you can obtain one or more addresses and copy them into a text editor. After obtaining the new address(es), shut down the Bitcoin program, make a backup of the new wallet.dat file and copy it to a new file named wallet-new.dat.<br />
:5. Copy the wallet-compromised.dat file back to wallet.dat, start the Bitcoin program and transfer your balance to the new address(es) you put in your text editor. Once the balance is back to 0 for your compromised wallet, you may want to wait a couple minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program.<br />
:6. Rename wallet.dat to wallet-compromised.dat. <br />
:7. Rename wallet-new.dat to wallet.dat.<br />
<br />
You should now have a new wallet with all the bitcoins from the old wallet.<br />
<br />
==Making a secure workspace==<br />
<br />
Unless you are using a [[hardware wallet]], you must take care that the system is free of malware, viruses, keyloggers, remote access tools, and other tools that may be used to make remote copies of your wallet, Bitcoin-related passwords, or Bitcoin private keys. When your computer is compromised, the precautions taken below may provide additional protection.<br />
<br />
A [[hardware wallet]] typically holds the private keys on its internal storage that is not accessible by any malware. The device signs the transactions internally and only transmits the signed transactions to the computer. The separation of the private keys from the vulnerable environment allows the user to spend bitcoins on a compromised computer without any risk. <br />
<br />
<br />
===Debian-based Linux===<br />
<br />
==== Store all into an encrypted folder (Tomb) ====<br />
<br />
Tomb is a simple tool to manage encrypted storage on GNU/Linux. Among its features are bind-hooks to set up a tomb's contents in the place where other programs expect them, for example in our case mount -o bind the .bitcoin directory in a user's home.<br />
<br />
First install tomb from https://files.dyne.org/tomb (homepage is on http://www.dyne.org/software/tomb)<br />
<br />
Among the requirements: zsh, cryptsetup, pinentry-curses, gnupg, sudo.<br />
<br />
Recommended: wipe, dcfldd, steghide, qrencode.<br />
<br />
Then create a tomb (we name it bitcoin) with three commands:<br />
<br />
<code>tomb dig -s 100 bitcoin.tomb</code><br />
<br />
<code>tomb forge bitcoin.tomb.key</code><br />
<br />
<code>tomb lock bitcoin.tomb -k bitcoin.tomb.key</code><br />
<br />
Then open it<br />
<br />
<code>tomb open bitcoin.tomb</code><br />
<br />
This will require you to input again the password you selected.<br />
<br />
Once open the tomb contents are in /media/bitcoin.tomb<br />
<br />
Move there your bitcoin wallet:<br />
<br />
<code>mv ~/.bitcoin /media/bitcoin.tomb/my-safe-wallet</code><br />
<br />
Then create a file "/media/bitcoin.tomb/bind-hooks" and put a single line:<br />
<br />
<code>my-safe-wallet .bitcoin</code><br />
<br />
Which means that every time the tomb is open, the directory my-safe-wallet needs to be bound to ~/.bitcoin. Just make sure an empty ~/.bitcoin directory exists in your home.<br />
<br />
Now close the tomb and store its keys safely, make sure you memorize the password. Have a look at Tomb's documentation, there is a number of things you can do like steganography or printing out keys on a paper to hide and such.<br />
<br />
That's it. Every time you like to access your wallet open the tomb and the .bitcoin will be in place. One can also store the bitcoin binary inside the tomb and even start the bitcoin client using the exec-hooks. Tomb's manual page "man tomb" explains the possibilities.<br />
<br />
The advantage of this approach over an encrypted home is that it becomes extremely portable across computers and even online shells: a Tomb is just a file and its key can be stored far away, on different shells, usb sticks or mobile phones.<br />
<br />
<br />
<br />
<br />
==== Secure the whole user home directory ====<br />
The first step is to make a [http://www.howtogeek.com/howto/ubuntu/add-a-user-on-ubuntu-server/ new user]. In order for that new user to have an encrypted home directory, you'll first need the encryption utility. Run:<br />
<br />
<code>sudo apt-get install ecryptfs-utils</code><br />
<br />
Now you're ready to create a new user<br />
<br />
<code>sudo adduser --encrypt-home new_user_name</code><br />
<br />
You'll need to come up with a [[#Choosing_A_Strong_Password|secure]] new password for that user.<br />
<br />
When you get to the prompt 'Enter the new value, or press ENTER for the default', just keep hitting ENTER.<br />
<br />
Then switch user to the new user. To get to the new user you can use the switch user icon for your system, which on Ubuntu is in the 'System/Quit' screen, or if there is no switch icon on your system you can log out and log back in as the new user.<br />
<br />
Since the home folder of this user is encrypted, if you're not logged in as that user, data that is saved there can't be browsed, even by a root user. If something goes wrong with your system, and you need to decrypt the new user's files, you'll need its decryption key.<br />
<br />
<code>ecryptfs-unwrap-passphrase</code><br />
<br />
It will ask you for your user's password and give you the decryption key. '''WRITE DOWN OR SAVE THE CODE IT RETURNS''' because you will need it if you ever have to pull your data off while the OS is not working. (You can run it again later if you need to, but run it now so that you can get your data if your Linux install gets botched.)<br />
<br />
The encrypted folder data is not encrypted while it's in memory, and so if it's ever sent to the swap partition it can be stolen from there unless that too is encrypted - be aware that this will mean you cannot use Hibernate anymore, as the bootloader won't be able to restore the hibernation data.<br />
<br />
<code>ecryptfs-setup-swap</code><br />
<br />
Then click on a folder in the new user to display the file browser, then keep going up folders until you see the new user home directory, then right click to bring up the Properties dialog, then click on the Permissions tab, then in the Others section, set the folder access to None.<br />
<br />
For secure browsing, open Firefox, and then go into the Edit menu and click Preferences. Starting from the left, click on the General tab, and in the 'Startup/When Firefox starts' pop up menu, choose 'Show a Blank Page'. Then click on the Content tab, and deselect 'Load images automatically' and deselect 'Enable JavaScript'. Then click on the Privacy tab, and in the 'History/Firefox will' pop up menu, choose 'Never remember history'. Then click on the Security tab, and in the Passwords section, deselect 'Remember passwords for sites' and deselect 'Use a master password'. Then click on the Advanced tab, then click on the Update tab, and then in the 'Automatically check for updates to' section, deselect 'Add-ons' and 'Search Engines'.<br />
<br />
When JavaScript is disabled, the [http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.23/bitcoin-0.3.23-linux.tar.gz/download Linux download page] will not download automatically, so you'll have to click on the 'direct link' part of the "Problems with the download? Please use this 'direct link' or try another mirror." line.<br />
<br />
===Mac===<br />
This solution '''does not scale'''; the amount of needed space can grow beyond the image size.<br />
<br />
===Windows===<br />
<br />
Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk image created by third-party software, such as [http://www.truecrypt.org/ TrueCrypt] (open source) or [http://www.jetico.com/encryption-bestcrypt/ Jetico BestCrypt] (commercial). This also applies to the storage of passwords, private keys and other data that can be used to access any of your Bitcoin balances.<br />
<br />
Assuming that you have installed the Windows Bitcoin client and run it at least once, the process is described below.<br />
<br />
<p><b>To mount the Bitcoin data directory on an encrypted drive</b></p><br />
<ol start=1 type=1><br />
<li>Use the third-party disk image encryption program of your choice to create and mount an encrypted disk image of at least 5GB in size. This procedure stores the entire block chain database with the wallet.dat file so the required size of the encrypted disk image required may grow in the future.</li><br />
<li>Locate the Bitcoin data directory, and copy the directory with all contents to the encrypted drive.<br />
<p>For help finding this directory, see <b>[[Securing_your_wallet#Locating_Bitcoin_s_data_directory|Locating Bitcoin's Data Directory]]</b>.</p></li><br />
<li>Create a Windows shortcut that starts Bitcoin with the <code>-datadir</code> parameter and specifies the encrypted drive and directory.<br />
<p>For example, if you installed Bitcoin in the default directory, mounted your Bitcoin encrypted drive as <code>E:\</code>, and stored your Bitcoin data directory on it as <code>Bitcoin</code>, you would type the following command as the shortcut Target:</p><br />
<blockquote><code>C:\Program Files\Bitcoin\bitcoin.exe -datadir=E:\Bitcoin</code></blockquote></li><br />
<li>Open Bitcoin's settings and configure it <b>NOT</b> to start automatically when you start Windows.<br />
<p>This is to allow you to mount the Bitcoin encrypted disk image before starting Bitcoin.</p></li><br />
<li>Shut down Bitcoin, and then restart it from the new shortcut.</li><br />
</ol><br />
<br />
After doing this, any time you want to use Bitcoin, you must first mount the Bitcoin encrypted disk image using the same drive designation, and then run Bitcoin from the shortcut that you created, so that it can find its data and your wallet.<br />
<br />
<br />
=== General Solutions ===<br />
<br />
Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can easily steal all of your coins. Use one of these encryption programs if there is any chance someone might gain access to your wallet.<br />
* [http://www.7-zip.org/ 7-zip] - Supports strongly-encrypted archives.<br />
* [http://www.axantum.com/axcrypt/ AxCrypt by Axantum]<br />
* [http://lrzip.kolivas.org lrzip] - Compression software for Linux and OSX that supports very high grade password protected encryption<br />
* [http://www.truecrypt.org/ TrueCrypt] - Volume-based on-the-fly encryption (for advanced users)<br />
<br />
There is also a list of [[OpenSourceEncryptionSoftware|open source encryption software.]]<br />
<br />
Decrypting and encrypting the wallet.dat every time you start or quit the Bitcoin client can be ''tedious'' (and outright error-prone). If you want to keep your wallet encrypted (except while you're actually running the Bitcoin client), it's better to relegate the automation to a [http://lorelei.kaverit.org/bitcoin.sh small shell script] that handles the en/decryption and starting up Bitcoin client for you (Linux and OSX). <br />
<br />
There is also a method to print out and encrypt your wallet.dat as a special, scannable code. See details here: [[WalletPaperbackup]]<br />
<br />
==== Password Strength ====<br />
Brute-force password cracking has come a long way. A password including capitals, numbers, and special characters with a length of 8 characters can be trivially solved now (using appropriate hardware). The recommended length is '''at least''' 12 characters long. You can also use a multi-word password and there are techniques to increase the strength of your passwords without sacrificing usability. [http://www.baekdal.com/tips/password-security-usability The Usability of Passwords] <br />
<br />
However, simply using dictionary words is also insecure as it opens you up to a dictionary attack. If you use dictionary words, be sure to include random symbols and numbers in the mix as well.<br />
<br />
If you use keyfiles in addition to a password, it is unlikely that your encrypted file can ever be cracked using brute-force methods, even when even a 12 character password might be too short.<br />
<br />
Assume that any encrypted files you store online (eg. Gmail, Dropbox) will be stored somewhere forever and can never be erased.<br />
<br />
===== Choosing A Strong Password =====<br />
Make sure you pick at least one character in each group:<br /><br />
<br />
Lowercase: abcdefghijklmnopqrstuvwxyz<br />
Uppercase: ABCDEFGHIJKLMNOPQRSTUVWXYZ<br />
Number: 1234567890<br />
Symbol: `~!@#$%^&*()-_=+\|[{]};:'",<.>/? (space)<br />
<br />
<9 char = unsuitable for use<br />
09 char = insecure<br />
10 char = low security<br />
11 char = medium security<br />
12 char = good security (good enough for your wallet)<br />
13 char = very good, enough for anything.<br />
<br />
You might want to read [http://security.stackexchange.com/questions/662/what-is-your-way-to-create-good-passwords-that-can-actually-be-remembered What is your way to create good passwords that can actually be remembered?] and [http://security.stackexchange.com/questions/6095/xkcd-936-short-complex-password-or-long-dictionary-passphrase XKCD #936: Short complex password, or long dictionary passphrase?]<br />
<br />
== Backing up your wallet ==<br />
See [[Backingup_your_wallet|Backing up your wallet]].<br />
<br />
==Erasing Plain-text Wallets==<br />
<br />
In most operating systems, including Windows, Linux, and Mac OS X, simply deleting a wallet.dat file will ''not'' generally destroy it. It is likely that advanced tools can still be used to recover the wallet.dat file, even after it has been deleted.<br />
<br />
The Linux '''shred''' command can be used to overwrite the wallet file with random data prior to deleting; this particular copy of the file will then be practically impossible to recover. Using shred (and similar tools on Windows) however does not guarantee that still other copies don't exist somewhere hidden on your HD. That will depend on your system configuration and what packages you have installed. Some system restore and backup tools, for instance, create periodic snapshots of your filesystem, duplicating your wallet.dat.<br />
<br />
In Mac OS, the equivalent of '''shred''' is '''srm''' (introduced in Leopard). Using the Finder to remove files, clicking "Secure Empty Trash" in the Finder menu will shred the contents of the trash can. As with any OS this doesn't guarantee that there are not other copies elsewhere on your system.<br />
<br />
For Windows, the built-in command ''cipher /W'' will shred all previously-deleted files. [http://www.cylog.org/utilities/cybershredder.jsp CyberShredder] can securely deleted individual files.<br />
<br />
==Online and Mobile Wallets==<br />
<br />
Thus far, this article has been discussing the security of a wallet file for Bitcoin-QT or bitcoind that is under your sole control. <br />
<br />
<br />
Online wallets have a number of pros and cons to consider. For example, you can access your wallet on any computer in the world, but you are essentially storing your private keys or wallet with the provider of the online wallet. <br />
Depending on the level of security of such service, your bitcoins may be lost if the service is compromised. <br />
<br />
The invention of [[hardware wallet]]s makes it possible to use online wallets in a more secure manner.<br />
A hardware wallet keeps your private keys apart from the computer and internet. An online wallet compatible with a hardware wallet (such as [http://mytrezor.com myTREZOR.com]) then does not need to store any sensitive data (private keys, passwords or email addresses) and only serves as tool for broadcasting transactions signed in the hardware wallet out to the blockchain. <br />
<br />
<br />
Mobile wallet applications are available for Android devices that allow you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It may be possible to encrypt and backup the wallet or private keys on a mobile device but it is not advisable to store a large amount of bitcoins there without doing your own research and testing. Mobile wallets are useful for small spending and not for storing your bitcoin savings.<br />
<br />
==See Also==<br />
<br />
* [[Data directory]]<br />
* [[How to import private keys]]<br />
* [http://bitcoinx.io/wallets/ Where to get a Bitcoin wallet]<br />
* [http://startbitcoin.com/how-to-create-a-secure-bitcoin-wallet/ Secure Bitcoin Wallet Tutorial]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [http://arimaa.com/bitcoin/ Bitcoin Gateway - A Peer-to-peer Bitcoin Vault and Payment Network]<br />
* [http://blog.cyplo.net/2012/04/01/bitcoin-wallet-recovery-photorec/ Find lost wallet eg. after disk format, using Photorec]<br />
* [https://docs.google.com/document/d/1dNZ7N_lQXHQp0jWkeN7dW4bWNMpcTBRM4iEoSuQwLho/edit# The Ultimate Guide to Web Wallet Security]<br />
<br />
[[Category:Security]]<br />
<br />
[[de:Sichere deine Geldbörse]]<br />
[[ru:Bitcoin и безопасность]]<br />
[[es:Cómo asegurar su monedero]]<br />
[[zh-cn:保护你的钱包]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Securing_your_wallet&diff=48386Securing your wallet2014-06-26T00:54:12Z<p>Slush: /* Making a secure workspace */</p>
<hr />
<div>==Introduction==<br />
<br />
Wallet security can be broken down into two independent goals:<br />
# Protecting your wallet against loss.<br />
# Protecting your wallet against theft.<br />
<br />
In the case that your current wallet hasn't been protected adequately (e.g. put online with a weaker password):<br />
# Making a new secure wallet, using appropriate long-term protection.<br />
<br />
''For a brief overview see also: [[Wallet Security Dos and Don'ts|Wallet Security Dos and Don'ts]]''<br />
<br />
==Paper Wallets==<br />
[[Paper wallet]]s can be used to store bitcoins offline in non-digital format. Using securely generated paper wallets significantly decreases the chances of your bitcoins being stolen by hackers or computer viruses.<br />
<br />
Fundamentally, a paper wallet is merely a physical record of a [[private key]] (most commonly written as a sequence of fifty-one alphanumeric characters beginning with a '5') and its corresponding [[public key]]. The private key is used to prove your right to spend the bitcoins transferred to the paper wallet, and as such should be kept hidden and secret. If the private key on a paper wallet is exposed (for example in a photograph) then the wallet may be "swept" by anyone who sees the key. To guard against accidental revelation, the private key displayed on the paper wallet may be encrypted using a password ("BIP38") or split into several different parts ("Shamir's secret sharing scheme"). At the very least, the private key should be well hidden e.g. by folding the wallet in half and sealing it shut.<br />
<br />
You can send bitcoins to the public address on your paper wallet as often as you like, and they will be inaccessible until the private key is imported into a "live" wallet. You can use a service such as [[BlockChain.info]] to verify the balance of your paper wallet, which is a matter of public record. As of version 0.6.0, the bitcoin QT software has a command line feature called "importprivkey" that can load private keys. Online exchanges and wallets such as [[Coinbase (business)|Coinbase]] and BlockChain.info have features for importing (or "sweeping") paper wallet private keys as well.<br />
<br />
=== Software for generating paper wallets ===<br />
<br />
Some [[Paper wallet|paper wallet generators]] have been written entirely in HTML/JavaScript to make it fairly easy to generate paper wallets on virtually any operating system. Although these generators use a web browser, they are generally capable of running offline since address generation happens entirely within the web browser. It's advisable to use those services from [https://en.wikipedia.org/wiki/Live_CD live disc], to ensure that private keys are not compromised by spyware. <br />
<br />
To generate a safer paper wallet, first save the paper wallet generating code to a newly-formatted USB stick and verify the integrity (SHA1 hash or PGP signature) of the code. Then "clean-boot" your computer with a bootable CD (such as a Linux Live CD) while disconnected from the Internet. Insert the USB stick and open the wallet generator's HTML file using a web browser. Print your paper wallets or store them on external media (do not save them on the computer), and then shut down the computer. You may need to load an appropriate printer driver in order to print while booted from the live CD.<br />
<br />
=== Tips for making paper wallets ===<br />
<br />
* Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't transmitting your keys online. <br />
<br />
* Verifying the integrity of the code (and the trustworthiness of the author) is important to make sure a hacker hasn't modified the HTML so that it generates predictable addresses instead of truly random keys.<br />
<br />
* Using a very basic printer is advisable since high-end office printers may have WiFi or internal storage that keeps a cache of printed documents.<br />
<br />
* Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets and private keys are something of value that have already been targeted by malware. If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private key can then be intercepted while you enter it, so only enter a Bitcoin private key into your computer when your intent is to redeem its value ''immediately''.<br />
<br />
== Hardware wallets ==<br />
[[Hardware wallet]]s are a major step to enhanced security and usability.<br />
<br />
So far only [http://bitcointrezor.com TREZOR Hardware Wallet] and [http://www.pi-wallet.com/ Pi Wallet] are available.<br />
<br />
==Importance of security updates==<br />
<br />
No software is perfect, and from time to time there may be security vulnerabilities found in your Bitcoin client as well.<br />
Be sure you keep your client updated with the latest bug fixes, especially when a new vulnerability is discovered.<br />
We maintain a [[CVEs|list a known vulnerabilities]] on this wiki - you can watch that page to get updates.<br />
Note that you ''don't'' need to be running the latest major client version: some clients, including the popular Bitcoin-Qt, have older versions available with bugfix-only updates.<br />
<br />
==Securing the Bitcoin-QT or bitcoind wallet==<br />
<br />
Bitcoin transactions send Bitcoins to a specific public key. A Bitcoin address is an encoded hash of a public key. In order to use received Bitcoins, you need to have the private key matching the public key you received with. This is sort of like a super long password associated with an account (the account is the public key). Your Bitcoin wallet contains all of the private keys necessary for spending your received transactions. If you delete your wallet without a backup, then you no longer have the authorization information necessary to claim your coins, and the coins associated with those keys are lost forever.<br />
<br />
The wallet contains a pool of queued keys. By default there are 100 keys in the [[key pool]]. The size of the pool is configurable using the "-keypool" command line argument. When you need an address for whatever reason (send, “new address”, generation, etc.), the key is not actually generated freshly, but taken from this pool. A brand new address is generated to fill the pool back to 100. So when a backup is first created, it has all of your old keys plus 100 unused keys. After sending a transaction, it has 99 unused keys. After a total of 100 new-key actions, you will start using keys that are not in your backup. Since the backup does not have the private keys necessary for authorizing spends of these coins, restoring from the old backup will cause you to lose Bitcoins.<br />
<br />
Creating a new address generates a new pair of public and private keys, which are added to your wallet. Each keypair is mostly random numbers, so they cannot be known prior to generation. If you backup your wallet and then create more than 100 new addresses, the keypair associated with the newest addresses will not be in the old wallet because the new keypairs are only known after creating them. Any coins received at these addresses will be lost if you restore from the backup.<br />
<br />
The situation is made somewhat more confusing because the receiving addresses shown in the UI are not the only keys in your wallet. Each Bitcoin generation is given a new public key, and, more importantly, each sent transaction also sends some number of Bitcoins back to yourself at a new key. When sending Bitcoins to anyone, you generate a new keypair for yourself and simultaneously send Bitcoins to your new public key and the actual recipient's public key. This is an anonymity feature – it makes tracking Bitcoin transactions much more difficult.<br />
<br />
So if you create a backup, do more than 100 things that cause a new key to be used, and then restore from the backup, some Bitcoins will be lost. Bitcoin has not deleted any keys (keys are never deleted) – it has created a new key that is not in your old backup and then sent Bitcoins to it.<br />
<br />
== Making a new wallet ==<br />
<br />
If a wallet or an encrypted wallet's password has been compromised, it is wise to create a new wallet and transfer the full balance of bitcoins to addresses contained only in the newly created wallet. Examples of ways a wallet may be compromised are through password re-use, minimal strength passwords, computer hack or virus attack.<br />
<br />
There are a number of ways to create a new wallet with Bitcoin-QT or bitcoind but this is a process that has been tested with bitcoind 0.6.3. We use the copy command to minimize the chance of any data loss but you are warned to make backups of any wallet.dat that holds a balance for you.<br />
<br />
:1. Shut down the Bitcoin program.<br />
:2. Find and make a backup of the "compromised" wallet.dat file and rename it, perhaps adding a short description:<br />
:::wallet.dat -> wallet-compromised.dat<br />
:Depending on your OS, the wallet file will be located at:<br />
:::Windows: %APPDATA%\Bitcoin\<br />
:::Linux: ~/.bitcoin/<br />
:::Mac: ~/Library/Application Support/Bitcoin/<br />
:3. Start the Bitcoin program and it will create a new wallet.dat. You may then encrypt the wallet as desired and make a new backup.<br />
:4. Once you've made a new wallet, you can obtain one or more addresses and copy them into a text editor. After obtaining the new address(es), shut down the Bitcoin program, make a backup of the new wallet.dat file and copy it to a new file named wallet-new.dat.<br />
:5. Copy the wallet-compromised.dat file back to wallet.dat, start the Bitcoin program and transfer your balance to the new address(es) you put in your text editor. Once the balance is back to 0 for your compromised wallet, you may want to wait a couple minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program.<br />
:6. Rename wallet.dat to wallet-compromised.dat. <br />
:7. Rename wallet-new.dat to wallet.dat.<br />
<br />
You should now have a new wallet with all the bitcoins from the old wallet.<br />
<br />
==Making a secure workspace==<br />
<br />
Unless you are using a [[hardware wallet]], you must take care that the system is free of malware, viruses, keyloggers, remote access tools, and other tools that may be used to make remote copies of your wallet, Bitcoin-related passwords, or Bitcoin private keys. When your computer is compromised, the precautions taken below may provide additional protection.<br />
<br />
A [[hardware wallet]] typically holds the private keys on its internal storage that is not accessible by any malware. The device signs the transactions internally and only transmits the signed transactions to the computer. The separation of the private keys from the vulnerable environment allows the user to spend bitcoins on a compromised computer without any risk. <br />
<br />
<br />
===Debian-based Linux===<br />
<br />
==== Store all into an encrypted folder (Tomb) ====<br />
<br />
Tomb is a simple tool to manage encrypted storage on GNU/Linux. Among its features are bind-hooks to set up a tomb's contents in the place where other programs expect them, for example in our case mount -o bind the .bitcoin directory in a user's home.<br />
<br />
First install tomb from https://files.dyne.org/tomb (homepage is on http://www.dyne.org/software/tomb)<br />
<br />
Among the requirements: zsh, cryptsetup, pinentry-curses, gnupg, sudo.<br />
<br />
Recommended: wipe, dcfldd, steghide, qrencode.<br />
<br />
Then create a tomb (we name it bitcoin) with three commands:<br />
<br />
<code>tomb dig -s 100 bitcoin.tomb</code><br />
<br />
<code>tomb forge bitcoin.tomb.key</code><br />
<br />
<code>tomb lock bitcoin.tomb -k bitcoin.tomb.key</code><br />
<br />
Then open it<br />
<br />
<code>tomb open bitcoin.tomb</code><br />
<br />
This will require you to input again the password you selected.<br />
<br />
Once open the tomb contents are in /media/bitcoin.tomb<br />
<br />
Move there your bitcoin wallet:<br />
<br />
<code>mv ~/.bitcoin /media/bitcoin.tomb/my-safe-wallet</code><br />
<br />
Then create a file "/media/bitcoin.tomb/bind-hooks" and put a single line:<br />
<br />
<code>my-safe-wallet .bitcoin</code><br />
<br />
Which means that every time the tomb is open, the directory my-safe-wallet needs to be bound to ~/.bitcoin. Just make sure an empty ~/.bitcoin directory exists in your home.<br />
<br />
Now close the tomb and store its keys safely, make sure you memorize the password. Have a look at Tomb's documentation, there is a number of things you can do like steganography or printing out keys on a paper to hide and such.<br />
<br />
That's it. Every time you like to access your wallet open the tomb and the .bitcoin will be in place. One can also store the bitcoin binary inside the tomb and even start the bitcoin client using the exec-hooks. Tomb's manual page "man tomb" explains the possibilities.<br />
<br />
The advantage of this approach over an encrypted home is that it becomes extremely portable across computers and even online shells: a Tomb is just a file and its key can be stored far away, on different shells, usb sticks or mobile phones.<br />
<br />
<br />
<br />
<br />
==== Secure the whole user home directory ====<br />
The first step is to make a [http://www.howtogeek.com/howto/ubuntu/add-a-user-on-ubuntu-server/ new user]. In order for that new user to have an encrypted home directory, you'll first need the encryption utility. Run:<br />
<br />
<code>sudo apt-get install ecryptfs-utils</code><br />
<br />
Now you're ready to create a new user<br />
<br />
<code>sudo adduser --encrypt-home new_user_name</code><br />
<br />
You'll need to come up with a [[#Choosing_A_Strong_Password|secure]] new password for that user.<br />
<br />
When you get to the prompt 'Enter the new value, or press ENTER for the default', just keep hitting ENTER.<br />
<br />
Then switch user to the new user. To get to the new user you can use the switch user icon for your system, which on Ubuntu is in the 'System/Quit' screen, or if there is no switch icon on your system you can log out and log back in as the new user.<br />
<br />
Since the home folder of this user is encrypted, if you're not logged in as that user, data that is saved there can't be browsed, even by a root user. If something goes wrong with your system, and you need to decrypt the new user's files, you'll need its decryption key.<br />
<br />
<code>ecryptfs-unwrap-passphrase</code><br />
<br />
It will ask you for your user's password and give you the decryption key. '''WRITE DOWN OR SAVE THE CODE IT RETURNS''' because you will need it if you ever have to pull your data off while the OS is not working. (You can run it again later if you need to, but run it now so that you can get your data if your Linux install gets botched.)<br />
<br />
The encrypted folder data is not encrypted while it's in memory, and so if it's ever sent to the swap partition it can be stolen from there unless that too is encrypted - be aware that this will mean you cannot use Hibernate anymore, as the bootloader won't be able to restore the hibernation data.<br />
<br />
<code>ecryptfs-setup-swap</code><br />
<br />
Then click on a folder in the new user to display the file browser, then keep going up folders until you see the new user home directory, then right click to bring up the Properties dialog, then click on the Permissions tab, then in the Others section, set the folder access to None.<br />
<br />
For secure browsing, open Firefox, and then go into the Edit menu and click Preferences. Starting from the left, click on the General tab, and in the 'Startup/When Firefox starts' pop up menu, choose 'Show a Blank Page'. Then click on the Content tab, and deselect 'Load images automatically' and deselect 'Enable JavaScript'. Then click on the Privacy tab, and in the 'History/Firefox will' pop up menu, choose 'Never remember history'. Then click on the Security tab, and in the Passwords section, deselect 'Remember passwords for sites' and deselect 'Use a master password'. Then click on the Advanced tab, then click on the Update tab, and then in the 'Automatically check for updates to' section, deselect 'Add-ons' and 'Search Engines'.<br />
<br />
When JavaScript is disabled, the [http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.23/bitcoin-0.3.23-linux.tar.gz/download Linux download page] will not download automatically, so you'll have to click on the 'direct link' part of the "Problems with the download? Please use this 'direct link' or try another mirror." line.<br />
<br />
===Mac===<br />
This solution '''does not scale'''; the amount of needed space can grow beyond the image size.<br />
<br />
===Windows===<br />
<br />
Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk image created by third-party software, such as [http://www.truecrypt.org/ TrueCrypt] (open source) or [http://www.jetico.com/encryption-bestcrypt/ Jetico BestCrypt] (commercial). This also applies to the storage of passwords, private keys and other data that can be used to access any of your Bitcoin balances.<br />
<br />
Assuming that you have installed the Windows Bitcoin client and run it at least once, the process is described below.<br />
<br />
<p><b>To mount the Bitcoin data directory on an encrypted drive</b></p><br />
<ol start=1 type=1><br />
<li>Use the third-party disk image encryption program of your choice to create and mount an encrypted disk image of at least 5GB in size. This procedure stores the entire block chain database with the wallet.dat file so the required size of the encrypted disk image required may grow in the future.</li><br />
<li>Locate the Bitcoin data directory, and copy the directory with all contents to the encrypted drive.<br />
<p>For help finding this directory, see <b>[[Securing_your_wallet#Locating_Bitcoin_s_data_directory|Locating Bitcoin's Data Directory]]</b>.</p></li><br />
<li>Create a Windows shortcut that starts Bitcoin with the <code>-datadir</code> parameter and specifies the encrypted drive and directory.<br />
<p>For example, if you installed Bitcoin in the default directory, mounted your Bitcoin encrypted drive as <code>E:\</code>, and stored your Bitcoin data directory on it as <code>Bitcoin</code>, you would type the following command as the shortcut Target:</p><br />
<blockquote><code>C:\Program Files\Bitcoin\bitcoin.exe -datadir=E:\Bitcoin</code></blockquote></li><br />
<li>Open Bitcoin's settings and configure it <b>NOT</b> to start automatically when you start Windows.<br />
<p>This is to allow you to mount the Bitcoin encrypted disk image before starting Bitcoin.</p></li><br />
<li>Shut down Bitcoin, and then restart it from the new shortcut.</li><br />
</ol><br />
<br />
After doing this, any time you want to use Bitcoin, you must first mount the Bitcoin encrypted disk image using the same drive designation, and then run Bitcoin from the shortcut that you created, so that it can find its data and your wallet.<br />
<br />
<br />
=== General Solutions ===<br />
<br />
Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can easily steal all of your coins. Use one of these encryption programs if there is any chance someone might gain access to your wallet.<br />
* [http://www.7-zip.org/ 7-zip] - Supports strongly-encrypted archives.<br />
* [http://www.axantum.com/axcrypt/ AxCrypt by Axantum]<br />
* [http://lrzip.kolivas.org lrzip] - Compression software for Linux and OSX that supports very high grade password protected encryption<br />
* [http://www.truecrypt.org/ TrueCrypt] - Volume-based on-the-fly encryption (for advanced users)<br />
<br />
There is also a list of [[OpenSourceEncryptionSoftware|open source encryption software.]]<br />
<br />
Decrypting and encrypting the wallet.dat every time you start or quit the Bitcoin client can be ''tedious'' (and outright error-prone). If you want to keep your wallet encrypted (except while you're actually running the Bitcoin client), it's better to relegate the automation to a [http://lorelei.kaverit.org/bitcoin.sh small shell script] that handles the en/decryption and starting up Bitcoin client for you (Linux and OSX). <br />
<br />
There is also a method to print out and encrypt your wallet.dat as a special, scannable code. See details here: [[WalletPaperbackup]]<br />
<br />
==== Password Strength ====<br />
Brute-force password cracking has come a long way. A password including capitals, numbers, and special characters with a length of 8 characters can be trivially solved now (using appropriate hardware). The recommended length is '''at least''' 12 characters long. You can also use a multi-word password and there are techniques to increase the strength of your passwords without sacrificing usability. [http://www.baekdal.com/tips/password-security-usability The Usability of Passwords] <br />
<br />
However, simply using dictionary words is also insecure as it opens you up to a dictionary attack. If you use dictionary words, be sure to include random symbols and numbers in the mix as well.<br />
<br />
If you use keyfiles in addition to a password, it is unlikely that your encrypted file can ever be cracked using brute-force methods, even when even a 12 character password might be too short.<br />
<br />
Assume that any encrypted files you store online (eg. Gmail, Dropbox) will be stored somewhere forever and can never be erased.<br />
<br />
===== Choosing A Strong Password =====<br />
Make sure you pick at least one character in each group:<br /><br />
<br />
Lowercase: abcdefghijklmnopqrstuvwxyz<br />
Uppercase: ABCDEFGHIJKLMNOPQRSTUVWXYZ<br />
Number: 1234567890<br />
Symbol: `~!@#$%^&*()-_=+\|[{]};:'",<.>/? (space)<br />
<br />
<9 char = unsuitable for use<br />
09 char = insecure<br />
10 char = low security<br />
11 char = medium security<br />
12 char = good security (good enough for your wallet)<br />
13 char = very good, enough for anything.<br />
<br />
You might want to read [http://security.stackexchange.com/questions/662/what-is-your-way-to-create-good-passwords-that-can-actually-be-remembered What is your way to create good passwords that can actually be remembered?] and [http://security.stackexchange.com/questions/6095/xkcd-936-short-complex-password-or-long-dictionary-passphrase XKCD #936: Short complex password, or long dictionary passphrase?]<br />
<br />
== Backing up your wallet ==<br />
See [[Backingup_your_wallet|Backing up your wallet]].<br />
<br />
==Erasing Plain-text Wallets==<br />
<br />
In most operating systems, including Windows, Linux, and Mac OS X, simply deleting a wallet.dat file will ''not'' generally destroy it. It is likely that advanced tools can still be used to recover the wallet.dat file, even after it has been deleted.<br />
<br />
The Linux '''shred''' command can be used to overwrite the wallet file with random data prior to deleting; this particular copy of the file will then be practically impossible to recover. Using shred (and similar tools on Windows) however does not guarantee that still other copies don't exist somewhere hidden on your HD. That will depend on your system configuration and what packages you have installed. Some system restore and backup tools, for instance, create periodic snapshots of your filesystem, duplicating your wallet.dat.<br />
<br />
In Mac OS, the equivalent of '''shred''' is '''srm''' (introduced in Leopard). Using the Finder to remove files, clicking "Secure Empty Trash" in the Finder menu will shred the contents of the trash can. As with any OS this doesn't guarantee that there are not other copies elsewhere on your system.<br />
<br />
For Windows, the built-in command ''cipher /W'' will shred all previously-deleted files. [http://www.cylog.org/utilities/cybershredder.jsp CyberShredder] can securely deleted individual files.<br />
<br />
==Online and Mobile Wallets==<br />
<br />
Thus far, this article has been discussing the security of a wallet file for Bitcoin-QT or bitcoind that is under your sole control. Additional wallets applications and services have become available that offer other features and more convenience but not without introducing additional risk. When storing bitcoins with an [[eWallet]] such as Instawallet or Easywallet, you are essentially storing your private keys or wallet with that provider. <br />
<br />
Online wallets have a number of pros and cons to consider. For example, you can access your wallet on any computer in the world, but depending on the service, your bitcoins may be lost if the service is compromised. <br />
<br />
Mobile wallet applications are available for Android devices that allow you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It may be possible to encrypt and backup the wallet or private keys on a mobile device but it is not advisable to store a large amount of bitcoins there without doing your own research and testing.<br />
<br />
==See Also==<br />
<br />
* [[Data directory]]<br />
* [[How to import private keys]]<br />
* [http://bitcoinx.io/wallets/ Where to get a Bitcoin wallet]<br />
* [http://startbitcoin.com/how-to-create-a-secure-bitcoin-wallet/ Secure Bitcoin Wallet Tutorial]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [http://arimaa.com/bitcoin/ Bitcoin Gateway - A Peer-to-peer Bitcoin Vault and Payment Network]<br />
* [http://blog.cyplo.net/2012/04/01/bitcoin-wallet-recovery-photorec/ Find lost wallet eg. after disk format, using Photorec]<br />
* [https://docs.google.com/document/d/1dNZ7N_lQXHQp0jWkeN7dW4bWNMpcTBRM4iEoSuQwLho/edit# The Ultimate Guide to Web Wallet Security]<br />
<br />
[[Category:Security]]<br />
<br />
[[de:Sichere deine Geldbörse]]<br />
[[ru:Bitcoin и безопасность]]<br />
[[es:Cómo asegurar su monedero]]<br />
[[zh-cn:保护你的钱包]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Securing_your_wallet&diff=48378Securing your wallet2014-06-26T00:25:05Z<p>Slush: /* Hardware wallets */</p>
<hr />
<div>==Introduction==<br />
<br />
Wallet security can be broken down into two independent goals:<br />
# Protecting your wallet against loss.<br />
# Protecting your wallet against theft.<br />
<br />
In the case that your current wallet hasn't been protected adequately (e.g. put online with a weaker password):<br />
# Making a new secure wallet, using appropriate long-term protection.<br />
<br />
''For a brief overview see also: [[Wallet Security Dos and Don'ts|Wallet Security Dos and Don'ts]]''<br />
<br />
==Paper Wallets==<br />
[[Paper wallet]]s can be used to store bitcoins offline in non-digital format. Using securely generated paper wallets significantly decreases the chances of your bitcoins being stolen by hackers or computer viruses.<br />
<br />
Fundamentally, a paper wallet is merely a physical record of a [[private key]] (most commonly written as a sequence of fifty-one alphanumeric characters beginning with a '5') and its corresponding [[public key]]. The private key is used to prove your right to spend the bitcoins transferred to the paper wallet, and as such should be kept hidden and secret. If the private key on a paper wallet is exposed (for example in a photograph) then the wallet may be "swept" by anyone who sees the key. To guard against accidental revelation, the private key displayed on the paper wallet may be encrypted using a password ("BIP38") or split into several different parts ("Shamir's secret sharing scheme"). At the very least, the private key should be well hidden e.g. by folding the wallet in half and sealing it shut.<br />
<br />
You can send bitcoins to the public address on your paper wallet as often as you like, and they will be inaccessible until the private key is imported into a "live" wallet. You can use a service such as [[BlockChain.info]] to verify the balance of your paper wallet, which is a matter of public record. As of version 0.6.0, the bitcoin QT software has a command line feature called "importprivkey" that can load private keys. Online exchanges and wallets such as [[Coinbase (business)|Coinbase]] and BlockChain.info have features for importing (or "sweeping") paper wallet private keys as well.<br />
<br />
=== Software for generating paper wallets ===<br />
<br />
Some [[Paper wallet|paper wallet generators]] have been written entirely in HTML/JavaScript to make it fairly easy to generate paper wallets on virtually any operating system. Although these generators use a web browser, they are generally capable of running offline since address generation happens entirely within the web browser. It's advisable to use those services from [https://en.wikipedia.org/wiki/Live_CD live disc], to ensure that private keys are not compromised by spyware. <br />
<br />
To generate a safer paper wallet, first save the paper wallet generating code to a newly-formatted USB stick and verify the integrity (SHA1 hash or PGP signature) of the code. Then "clean-boot" your computer with a bootable CD (such as a Linux Live CD) while disconnected from the Internet. Insert the USB stick and open the wallet generator's HTML file using a web browser. Print your paper wallets or store them on external media (do not save them on the computer), and then shut down the computer. You may need to load an appropriate printer driver in order to print while booted from the live CD.<br />
<br />
=== Tips for making paper wallets ===<br />
<br />
* Disconnecting from the Internet guarantees that that the paper wallet generator is truly self-contained and isn't transmitting your keys online. <br />
<br />
* Verifying the integrity of the code (and the trustworthiness of the author) is important to make sure a hacker hasn't modified the HTML so that it generates predictable addresses instead of truly random keys.<br />
<br />
* Using a very basic printer is advisable since high-end office printers may have WiFi or internal storage that keeps a cache of printed documents.<br />
<br />
* Remember, spyware and viruses often attempt to monitor your computer activities so that their authors can steal from you. They are interested in passwords to online accounts, and anything of value. Bitcoin wallets and private keys are something of value that have already been targeted by malware. If your computer is infected with spyware or viruses - even if there are no symptoms, or your antivirus isn't reporting anything - then anything you type, view, or save on your computer, could potentially be stolen by someone remotely controlling your computer. Your private key can then be intercepted while you enter it, so only enter a Bitcoin private key into your computer when your intent is to redeem its value ''immediately''.<br />
<br />
== Hardware wallets ==<br />
[[Hardware wallet]]s are a major step to enhanced security and usability.<br />
<br />
So far only [http://bitcointrezor.com TREZOR Hardware Wallet] and [http://www.pi-wallet.com/ Pi Wallet] are available.<br />
<br />
==Importance of security updates==<br />
<br />
No software is perfect, and from time to time there may be security vulnerabilities found in your Bitcoin client as well.<br />
Be sure you keep your client updated with the latest bug fixes, especially when a new vulnerability is discovered.<br />
We maintain a [[CVEs|list a known vulnerabilities]] on this wiki - you can watch that page to get updates.<br />
Note that you ''don't'' need to be running the latest major client version: some clients, including the popular Bitcoin-Qt, have older versions available with bugfix-only updates.<br />
<br />
==Securing the Bitcoin-QT or bitcoind wallet==<br />
<br />
Bitcoin transactions send Bitcoins to a specific public key. A Bitcoin address is an encoded hash of a public key. In order to use received Bitcoins, you need to have the private key matching the public key you received with. This is sort of like a super long password associated with an account (the account is the public key). Your Bitcoin wallet contains all of the private keys necessary for spending your received transactions. If you delete your wallet without a backup, then you no longer have the authorization information necessary to claim your coins, and the coins associated with those keys are lost forever.<br />
<br />
The wallet contains a pool of queued keys. By default there are 100 keys in the [[key pool]]. The size of the pool is configurable using the "-keypool" command line argument. When you need an address for whatever reason (send, “new address”, generation, etc.), the key is not actually generated freshly, but taken from this pool. A brand new address is generated to fill the pool back to 100. So when a backup is first created, it has all of your old keys plus 100 unused keys. After sending a transaction, it has 99 unused keys. After a total of 100 new-key actions, you will start using keys that are not in your backup. Since the backup does not have the private keys necessary for authorizing spends of these coins, restoring from the old backup will cause you to lose Bitcoins.<br />
<br />
Creating a new address generates a new pair of public and private keys, which are added to your wallet. Each keypair is mostly random numbers, so they cannot be known prior to generation. If you backup your wallet and then create more than 100 new addresses, the keypair associated with the newest addresses will not be in the old wallet because the new keypairs are only known after creating them. Any coins received at these addresses will be lost if you restore from the backup.<br />
<br />
The situation is made somewhat more confusing because the receiving addresses shown in the UI are not the only keys in your wallet. Each Bitcoin generation is given a new public key, and, more importantly, each sent transaction also sends some number of Bitcoins back to yourself at a new key. When sending Bitcoins to anyone, you generate a new keypair for yourself and simultaneously send Bitcoins to your new public key and the actual recipient's public key. This is an anonymity feature – it makes tracking Bitcoin transactions much more difficult.<br />
<br />
So if you create a backup, do more than 100 things that cause a new key to be used, and then restore from the backup, some Bitcoins will be lost. Bitcoin has not deleted any keys (keys are never deleted) – it has created a new key that is not in your old backup and then sent Bitcoins to it.<br />
<br />
== Making a new wallet ==<br />
<br />
If a wallet or an encrypted wallet's password has been compromised, it is wise to create a new wallet and transfer the full balance of bitcoins to addresses contained only in the newly created wallet. Examples of ways a wallet may be compromised are through password re-use, minimal strength passwords, computer hack or virus attack.<br />
<br />
There are a number of ways to create a new wallet with Bitcoin-QT or bitcoind but this is a process that has been tested with bitcoind 0.6.3. We use the copy command to minimize the chance of any data loss but you are warned to make backups of any wallet.dat that holds a balance for you.<br />
<br />
:1. Shut down the Bitcoin program.<br />
:2. Find and make a backup of the "compromised" wallet.dat file and rename it, perhaps adding a short description:<br />
:::wallet.dat -> wallet-compromised.dat<br />
:Depending on your OS, the wallet file will be located at:<br />
:::Windows: %APPDATA%\Bitcoin\<br />
:::Linux: ~/.bitcoin/<br />
:::Mac: ~/Library/Application Support/Bitcoin/<br />
:3. Start the Bitcoin program and it will create a new wallet.dat. You may then encrypt the wallet as desired and make a new backup.<br />
:4. Once you've made a new wallet, you can obtain one or more addresses and copy them into a text editor. After obtaining the new address(es), shut down the Bitcoin program, make a backup of the new wallet.dat file and copy it to a new file named wallet-new.dat.<br />
:5. Copy the wallet-compromised.dat file back to wallet.dat, start the Bitcoin program and transfer your balance to the new address(es) you put in your text editor. Once the balance is back to 0 for your compromised wallet, you may want to wait a couple minutes or for a confirmation or check block explorer to be sure the transactions have been broadcasted. Then you may shut down the Bitcoin program.<br />
:6. Rename wallet.dat to wallet-compromised.dat. <br />
:7. Rename wallet-new.dat to wallet.dat.<br />
<br />
You should now have a new wallet with all the bitcoins from the old wallet.<br />
<br />
==Making a secure workspace==<br />
<br />
If you are using your computer to handle bitcoins, a wallet, Bitcoin-related passwords, or Bitcoin private keys, you must take care that the system is free of malware, viruses, keyloggers, remote access tools, and other tools that may be used to make remote copies of any of the above. In the case that your computer is compromised, the precautions taken below may provide additional protection.<br />
<br />
===Debian-based Linux===<br />
<br />
==== Store all into an encrypted folder (Tomb) ====<br />
<br />
Tomb is a simple tool to manage encrypted storage on GNU/Linux. Among its features are bind-hooks to set up a tomb's contents in the place where other programs expect them, for example in our case mount -o bind the .bitcoin directory in a user's home.<br />
<br />
First install tomb from https://files.dyne.org/tomb (homepage is on http://www.dyne.org/software/tomb)<br />
<br />
Among the requirements: zsh, cryptsetup, pinentry-curses, gnupg, sudo.<br />
<br />
Recommended: wipe, dcfldd, steghide, qrencode.<br />
<br />
Then create a tomb (we name it bitcoin) with three commands:<br />
<br />
<code>tomb dig -s 100 bitcoin.tomb</code><br />
<br />
<code>tomb forge bitcoin.tomb.key</code><br />
<br />
<code>tomb lock bitcoin.tomb -k bitcoin.tomb.key</code><br />
<br />
Then open it<br />
<br />
<code>tomb open bitcoin.tomb</code><br />
<br />
This will require you to input again the password you selected.<br />
<br />
Once open the tomb contents are in /media/bitcoin.tomb<br />
<br />
Move there your bitcoin wallet:<br />
<br />
<code>mv ~/.bitcoin /media/bitcoin.tomb/my-safe-wallet</code><br />
<br />
Then create a file "/media/bitcoin.tomb/bind-hooks" and put a single line:<br />
<br />
<code>my-safe-wallet .bitcoin</code><br />
<br />
Which means that every time the tomb is open, the directory my-safe-wallet needs to be bound to ~/.bitcoin. Just make sure an empty ~/.bitcoin directory exists in your home.<br />
<br />
Now close the tomb and store its keys safely, make sure you memorize the password. Have a look at Tomb's documentation, there is a number of things you can do like steganography or printing out keys on a paper to hide and such.<br />
<br />
That's it. Every time you like to access your wallet open the tomb and the .bitcoin will be in place. One can also store the bitcoin binary inside the tomb and even start the bitcoin client using the exec-hooks. Tomb's manual page "man tomb" explains the possibilities.<br />
<br />
The advantage of this approach over an encrypted home is that it becomes extremely portable across computers and even online shells: a Tomb is just a file and its key can be stored far away, on different shells, usb sticks or mobile phones.<br />
<br />
<br />
<br />
<br />
==== Secure the whole user home directory ====<br />
The first step is to make a [http://www.howtogeek.com/howto/ubuntu/add-a-user-on-ubuntu-server/ new user]. In order for that new user to have an encrypted home directory, you'll first need the encryption utility. Run:<br />
<br />
<code>sudo apt-get install ecryptfs-utils</code><br />
<br />
Now you're ready to create a new user<br />
<br />
<code>sudo adduser --encrypt-home new_user_name</code><br />
<br />
You'll need to come up with a [[#Choosing_A_Strong_Password|secure]] new password for that user.<br />
<br />
When you get to the prompt 'Enter the new value, or press ENTER for the default', just keep hitting ENTER.<br />
<br />
Then switch user to the new user. To get to the new user you can use the switch user icon for your system, which on Ubuntu is in the 'System/Quit' screen, or if there is no switch icon on your system you can log out and log back in as the new user.<br />
<br />
Since the home folder of this user is encrypted, if you're not logged in as that user, data that is saved there can't be browsed, even by a root user. If something goes wrong with your system, and you need to decrypt the new user's files, you'll need its decryption key.<br />
<br />
<code>ecryptfs-unwrap-passphrase</code><br />
<br />
It will ask you for your user's password and give you the decryption key. '''WRITE DOWN OR SAVE THE CODE IT RETURNS''' because you will need it if you ever have to pull your data off while the OS is not working. (You can run it again later if you need to, but run it now so that you can get your data if your Linux install gets botched.)<br />
<br />
The encrypted folder data is not encrypted while it's in memory, and so if it's ever sent to the swap partition it can be stolen from there unless that too is encrypted - be aware that this will mean you cannot use Hibernate anymore, as the bootloader won't be able to restore the hibernation data.<br />
<br />
<code>ecryptfs-setup-swap</code><br />
<br />
Then click on a folder in the new user to display the file browser, then keep going up folders until you see the new user home directory, then right click to bring up the Properties dialog, then click on the Permissions tab, then in the Others section, set the folder access to None.<br />
<br />
For secure browsing, open Firefox, and then go into the Edit menu and click Preferences. Starting from the left, click on the General tab, and in the 'Startup/When Firefox starts' pop up menu, choose 'Show a Blank Page'. Then click on the Content tab, and deselect 'Load images automatically' and deselect 'Enable JavaScript'. Then click on the Privacy tab, and in the 'History/Firefox will' pop up menu, choose 'Never remember history'. Then click on the Security tab, and in the Passwords section, deselect 'Remember passwords for sites' and deselect 'Use a master password'. Then click on the Advanced tab, then click on the Update tab, and then in the 'Automatically check for updates to' section, deselect 'Add-ons' and 'Search Engines'.<br />
<br />
When JavaScript is disabled, the [http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.23/bitcoin-0.3.23-linux.tar.gz/download Linux download page] will not download automatically, so you'll have to click on the 'direct link' part of the "Problems with the download? Please use this 'direct link' or try another mirror." line.<br />
<br />
===Mac===<br />
This solution '''does not scale'''; the amount of needed space can grow beyond the image size.<br />
<br />
===Windows===<br />
<br />
Due to the frequency with which Windows computers are compromised, it is advised to encrypt your wallet or to keep your wallet on an encrypted disk image created by third-party software, such as [http://www.truecrypt.org/ TrueCrypt] (open source) or [http://www.jetico.com/encryption-bestcrypt/ Jetico BestCrypt] (commercial). This also applies to the storage of passwords, private keys and other data that can be used to access any of your Bitcoin balances.<br />
<br />
Assuming that you have installed the Windows Bitcoin client and run it at least once, the process is described below.<br />
<br />
<p><b>To mount the Bitcoin data directory on an encrypted drive</b></p><br />
<ol start=1 type=1><br />
<li>Use the third-party disk image encryption program of your choice to create and mount an encrypted disk image of at least 5GB in size. This procedure stores the entire block chain database with the wallet.dat file so the required size of the encrypted disk image required may grow in the future.</li><br />
<li>Locate the Bitcoin data directory, and copy the directory with all contents to the encrypted drive.<br />
<p>For help finding this directory, see <b>[[Securing_your_wallet#Locating_Bitcoin_s_data_directory|Locating Bitcoin's Data Directory]]</b>.</p></li><br />
<li>Create a Windows shortcut that starts Bitcoin with the <code>-datadir</code> parameter and specifies the encrypted drive and directory.<br />
<p>For example, if you installed Bitcoin in the default directory, mounted your Bitcoin encrypted drive as <code>E:\</code>, and stored your Bitcoin data directory on it as <code>Bitcoin</code>, you would type the following command as the shortcut Target:</p><br />
<blockquote><code>C:\Program Files\Bitcoin\bitcoin.exe -datadir=E:\Bitcoin</code></blockquote></li><br />
<li>Open Bitcoin's settings and configure it <b>NOT</b> to start automatically when you start Windows.<br />
<p>This is to allow you to mount the Bitcoin encrypted disk image before starting Bitcoin.</p></li><br />
<li>Shut down Bitcoin, and then restart it from the new shortcut.</li><br />
</ol><br />
<br />
After doing this, any time you want to use Bitcoin, you must first mount the Bitcoin encrypted disk image using the same drive designation, and then run Bitcoin from the shortcut that you created, so that it can find its data and your wallet.<br />
<br />
<br />
=== General Solutions ===<br />
<br />
Your wallet.dat file is not encrypted by the Bitcoin program by default but the most current release of the Bitcoin client provides a method to encrypt with a passphrase the private keys stored in the wallet. Anyone who can access an unencrypted wallet can easily steal all of your coins. Use one of these encryption programs if there is any chance someone might gain access to your wallet.<br />
* [http://www.7-zip.org/ 7-zip] - Supports strongly-encrypted archives.<br />
* [http://www.axantum.com/axcrypt/ AxCrypt by Axantum]<br />
* [http://lrzip.kolivas.org lrzip] - Compression software for Linux and OSX that supports very high grade password protected encryption<br />
* [http://www.truecrypt.org/ TrueCrypt] - Volume-based on-the-fly encryption (for advanced users)<br />
<br />
There is also a list of [[OpenSourceEncryptionSoftware|open source encryption software.]]<br />
<br />
Decrypting and encrypting the wallet.dat every time you start or quit the Bitcoin client can be ''tedious'' (and outright error-prone). If you want to keep your wallet encrypted (except while you're actually running the Bitcoin client), it's better to relegate the automation to a [http://lorelei.kaverit.org/bitcoin.sh small shell script] that handles the en/decryption and starting up Bitcoin client for you (Linux and OSX). <br />
<br />
There is also a method to print out and encrypt your wallet.dat as a special, scannable code. See details here: [[WalletPaperbackup]]<br />
<br />
==== Password Strength ====<br />
Brute-force password cracking has come a long way. A password including capitals, numbers, and special characters with a length of 8 characters can be trivially solved now (using appropriate hardware). The recommended length is '''at least''' 12 characters long. You can also use a multi-word password and there are techniques to increase the strength of your passwords without sacrificing usability. [http://www.baekdal.com/tips/password-security-usability The Usability of Passwords] <br />
<br />
However, simply using dictionary words is also insecure as it opens you up to a dictionary attack. If you use dictionary words, be sure to include random symbols and numbers in the mix as well.<br />
<br />
If you use keyfiles in addition to a password, it is unlikely that your encrypted file can ever be cracked using brute-force methods, even when even a 12 character password might be too short.<br />
<br />
Assume that any encrypted files you store online (eg. Gmail, Dropbox) will be stored somewhere forever and can never be erased.<br />
<br />
===== Choosing A Strong Password =====<br />
Make sure you pick at least one character in each group:<br /><br />
<br />
Lowercase: abcdefghijklmnopqrstuvwxyz<br />
Uppercase: ABCDEFGHIJKLMNOPQRSTUVWXYZ<br />
Number: 1234567890<br />
Symbol: `~!@#$%^&*()-_=+\|[{]};:'",<.>/? (space)<br />
<br />
<9 char = unsuitable for use<br />
09 char = insecure<br />
10 char = low security<br />
11 char = medium security<br />
12 char = good security (good enough for your wallet)<br />
13 char = very good, enough for anything.<br />
<br />
You might want to read [http://security.stackexchange.com/questions/662/what-is-your-way-to-create-good-passwords-that-can-actually-be-remembered What is your way to create good passwords that can actually be remembered?] and [http://security.stackexchange.com/questions/6095/xkcd-936-short-complex-password-or-long-dictionary-passphrase XKCD #936: Short complex password, or long dictionary passphrase?]<br />
<br />
== Backing up your wallet ==<br />
See [[Backingup_your_wallet|Backing up your wallet]].<br />
<br />
==Erasing Plain-text Wallets==<br />
<br />
In most operating systems, including Windows, Linux, and Mac OS X, simply deleting a wallet.dat file will ''not'' generally destroy it. It is likely that advanced tools can still be used to recover the wallet.dat file, even after it has been deleted.<br />
<br />
The Linux '''shred''' command can be used to overwrite the wallet file with random data prior to deleting; this particular copy of the file will then be practically impossible to recover. Using shred (and similar tools on Windows) however does not guarantee that still other copies don't exist somewhere hidden on your HD. That will depend on your system configuration and what packages you have installed. Some system restore and backup tools, for instance, create periodic snapshots of your filesystem, duplicating your wallet.dat.<br />
<br />
In Mac OS, the equivalent of '''shred''' is '''srm''' (introduced in Leopard). Using the Finder to remove files, clicking "Secure Empty Trash" in the Finder menu will shred the contents of the trash can. As with any OS this doesn't guarantee that there are not other copies elsewhere on your system.<br />
<br />
For Windows, the built-in command ''cipher /W'' will shred all previously-deleted files. [http://www.cylog.org/utilities/cybershredder.jsp CyberShredder] can securely deleted individual files.<br />
<br />
==Online and Mobile Wallets==<br />
<br />
Thus far, this article has been discussing the security of a wallet file for Bitcoin-QT or bitcoind that is under your sole control. Additional wallets applications and services have become available that offer other features and more convenience but not without introducing additional risk. When storing bitcoins with an [[eWallet]] such as Instawallet or Easywallet, you are essentially storing your private keys or wallet with that provider. <br />
<br />
Online wallets have a number of pros and cons to consider. For example, you can access your wallet on any computer in the world, but depending on the service, your bitcoins may be lost if the service is compromised. <br />
<br />
Mobile wallet applications are available for Android devices that allow you to send bitcoins by QR code or NFC, but this opens up the possibility of loss if mobile device is compromised. It may be possible to encrypt and backup the wallet or private keys on a mobile device but it is not advisable to store a large amount of bitcoins there without doing your own research and testing.<br />
<br />
==See Also==<br />
<br />
* [[Data directory]]<br />
* [[How to import private keys]]<br />
* [http://bitcoinx.io/wallets/ Where to get a Bitcoin wallet]<br />
* [http://startbitcoin.com/how-to-create-a-secure-bitcoin-wallet/ Secure Bitcoin Wallet Tutorial]<br />
* [[How to set up a secure offline savings wallet]]<br />
* [http://arimaa.com/bitcoin/ Bitcoin Gateway - A Peer-to-peer Bitcoin Vault and Payment Network]<br />
* [http://blog.cyplo.net/2012/04/01/bitcoin-wallet-recovery-photorec/ Find lost wallet eg. after disk format, using Photorec]<br />
* [https://docs.google.com/document/d/1dNZ7N_lQXHQp0jWkeN7dW4bWNMpcTBRM4iEoSuQwLho/edit# The Ultimate Guide to Web Wallet Security]<br />
<br />
[[Category:Security]]<br />
<br />
[[de:Sichere deine Geldbörse]]<br />
[[ru:Bitcoin и безопасность]]<br />
[[es:Cómo asegurar su monedero]]<br />
[[zh-cn:保护你的钱包]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=48377Hardware wallet2014-06-26T00:17:40Z<p>Slush: /* TREZOR The Bitcoin Safe */</p>
<hr />
<div>A '''hardware wallet''' is a device that stores a part of a user's [[wallet]] securely in mostly-offline hardware. They have major advantages over other wallet types:<br />
<br />
* the key is often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, as opposed to a [[paper wallet]] which must be imported to software at some point<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
<br />
<br />
== Purchasable hardware wallets ==<br />
<br />
=== TREZOR The Bitcoin Safe ===<br />
[https://bitcointrezor.com BitcoinTrezor.com]<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming transaction with TREZOR]]<br />
<br />
<br />
[https://bitcointrezor.com/faq/ FAQ @BitcoinTrezor.com]<br />
<br />
Trezor is a secure bitcoin storage and a transaction signing tool. <br />
<br />
The private keys generated by the device never leave it and cannot be accessed by a malware. Thanks to a limited USB protocol only a payment template can be sent into the device (address and amount) which then has to be confirmed by a physical user interaction (visual verification of the transaction details and pressing the confirmation button).<br />
<br />
TREZOR uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32). <br />
<br />
A recovery seed is generated when the device is initialized. In case it gets lost or stolen, all it's contents can be recovered using the seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39 compatible wallet. <br />
<br />
TREZOR introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer.<br />
<br />
An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
[http://www.pi-wallet.com/ Pi-Wallet Shop]<br />
<br />
[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]<br />
<br />
The Pi-Wallet is comparable to an offline Notebook. <br />
<br />
However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.<br />
<br />
To sign offline-transaction you will need an (unused) USB stick.<br />
<br />
<br />
<br clear="all"><br />
<br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=127587.0 BitSafe Hardware Wallet Development - BOM Ready - 50 kits being prepared]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== BTChip btchip USB based transaction signer and private key holder ===<br />
[[File:Btchip-wallet.jpg|300px|thumb|left|BTChip]]<br />
[https://bitcointalk.org/index.php?topic=134999.0 ANN Smartcard wallet project + btchip implementation (no reader required)]<br />
<br />
[http://www.btchip.com www.btchip.com]<br />
<br />
USB smartcard dedicated to bitcoins, no keypad or display so trust in the host device is required. An improvement has been implemented that uses a secret value known to the user during the transaction for additional security.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* slush's Hardware wallet wire protocol discussion: [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]<br />
* kjj's Todo List discussion for client protocol requirements: [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 in topic Re: Split private keys]<br />
* paybitcoin's original post: [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://bitcointalk.org/index.php?topic=135090.0 This thread] about editing this very wiki entry.<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slushhttps://en.bitcoin.it/w/index.php?title=Hardware_wallet&diff=48376Hardware wallet2014-06-26T00:12:50Z<p>Slush: </p>
<hr />
<div>A '''hardware wallet''' is a device that stores a part of a user's [[wallet]] securely in mostly-offline hardware. They have major advantages over other wallet types:<br />
<br />
* the key is often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext<br />
* immune to computer viruses that steal from software wallets<br />
* can be used securely and interactively, as opposed to a [[paper wallet]] which must be imported to software at some point<br />
* much of the time, the software is open source, allowing a user to validate the entire operation of the device<br />
<br />
This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.<br />
<br />
<br />
<br />
== Purchasable hardware wallets ==<br />
<br />
=== TREZOR The Bitcoin Safe ===<br />
by [http://satoshilabs.com SatoshiLabs]<br />
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming transaction with TREZOR]]<br />
<br />
[https://bitcointrezor.com BitcoinTrezor.com]<br />
[https://bitcointalk.org/index.php?topic=122438.0 Bitcointalk forum]<br />
<br />
Trezor is a secure bitcoin storage and a transaction signing tool. <br />
<br />
The private keys generated by the device never leave it and cannot be accessed by a malware. Thanks to a limited USB protocol only a payment template can be sent into the device (address and amount) which then has to be confirmed by a physical user interaction (visual verification of the transaction details and pressing the confirmation button).<br />
<br />
TREZOR uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32). <br />
<br />
A recovery seed is generated when the device is initialized. In case it gets lost or stolen, all it's contents can be recovered using the seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39 compatible wallet. <br />
<br />
TREZOR introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer.<br />
<br />
An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.<br />
<br />
<br clear="all"><br />
<br />
=== Pi Wallet - cold storage ===<br />
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]<br />
[http://www.pi-wallet.com/ Pi-Wallet Shop]<br />
<br />
[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]<br />
<br />
The Pi-Wallet is comparable to an offline Notebook. <br />
<br />
However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.<br />
<br />
To sign offline-transaction you will need an (unused) USB stick.<br />
<br />
<br />
<br clear="all"><br />
<br />
<br />
== Not purchasable hardware wallets ==<br />
<br />
=== BitcoinCard Megion Technologies-Card based wallet ===<br />
[[File:Bitcoincard-medley-large.jpg|400px|thumb|left|Bitcoin Card]]<br />
[http://www.bitcoincard.org/ Bitcoincard Home Page]<br />
<br />
[http://blog.bitinstant.com/blog/2012/6/19/our-discovery-in-vienna-the-bitcoin-card.html Excellent review by evoorhees]<br />
<br />
Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.<br />
<br />
<br clear="all"><br />
<br />
=== BitSafe - allten/someone42's hardware wallet ===<br />
[[File:Bitsafe-wallet-sizecompare.jpg|200px|thumb|left|Bitsafe wallet]]<br />
[https://bitcointalk.org/index.php?topic=127587.0 BitSafe Hardware Wallet Development - BOM Ready - 50 kits being prepared]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.<br />
<br clear="all"><br />
=== someone42's original prototype ===<br />
[[File:Someone42-wallet-prototype.jpg|300px|thumb|left|someone42's original prototype]]<br />
[https://bitcointalk.org/index.php?topic=78614.0 Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices]<br />
<br />
Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.<br />
<br clear="all"><br />
=== BTChip btchip USB based transaction signer and private key holder ===<br />
[[File:Btchip-wallet.jpg|300px|thumb|left|BTChip]]<br />
[https://bitcointalk.org/index.php?topic=134999.0 ANN Smartcard wallet project + btchip implementation (no reader required)]<br />
<br />
[http://www.btchip.com www.btchip.com]<br />
<br />
USB smartcard dedicated to bitcoins, no keypad or display so trust in the host device is required. An improvement has been implemented that uses a secret value known to the user during the transaction for additional security.<br />
<br clear="all"><br />
=== Other/Defunct but with good discussion: ===<br />
* natman3400's BitClip Jun 2011 [https://bitcointalk.org/index.php?topic=24852.0 https://bitcointalk.org/index.php?topic=24852.0]<br />
:Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.<br />
* jim618 hardware wallet proposal Apr 2012 [https://bitcointalk.org/index.php?topic=77553.0 Dedicated bitcoin devices - dealing with untrusted networks]<br />
:Great discussion and good ideas from jim618. Also linked the following video:<br />
* Prof. Clemens Cap's hardware wallet? (video:)[https://www.youtube.com/watch?v=IavQ-Wc8S1U Clemens Cap about electronic bitcoin wallet at EuroBit]<br />
:Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.<br />
* ripper234's discussion based on Yubikeys Aug 2012 [https://bitcointalk.org/index.php?topic=99492 Having a YUBIKEY as one of the parties for m-of-n signatures]<br />
:The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.<br />
* kalleguld's hardware wallet proposal Oct 2012 [https://bitcointalk.org/index.php?topic=115294.0 Proposal: Hardware wallet (Win 3 BTC)]<br />
* Vaporware: Matthew N Wright's ellet [https://bitcointalk.org/index.php?topic=85931.0 ANN The world's first handheld Bitcoin device, the Ellet!] (Vaporware)<br />
<br />
== Smart Card based wallets ==<br />
This type of device requires complete trust in the host device, as there is no method for user input.<br />
See [[Smart card wallet]]<br />
<br />
== Related Resources ==<br />
* slush's Hardware wallet wire protocol discussion: [https://bitcointalk.org/index.php?topic=125383.0 Hardware wallet wire protocol]<br />
* kjj's Todo List discussion for client protocol requirements: [https://bitcointalk.org/index.php?topic=19080.msg272348#msg272348 in topic Re: Split private keys]<br />
* paybitcoin's original post: [https://bitcointalk.org/index.php?topic=134277.0 Hardware Wallet Roundup]<br />
* [https://bitcointalk.org/index.php?topic=135090.0 This thread] about editing this very wiki entry.<br />
<br />
[[Category:Security]]<br />
[[Category:Wallets]]<br />
[[Category:Hardware]]</div>Slush