Hardware wallet: Difference between revisions

From Bitcoin Wiki
Jump to navigation Jump to search
Luke-jr (talk | contribs)
Luke-jr (talk | contribs)
Line 12: Line 12:
== Purchasable hardware wallets ==
== Purchasable hardware wallets ==


=== [[TREZOR]] The Bitcoin Safe ===
=== BTChip HW.1 - USB Smartcard Hardware Wallet  ===
[http://bitcointrezor.com BitcoinTrezor.com]
[https://www.hardwarewallet.com HW.1 Home Page]
 
[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]


[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with TREZOR]]
HW.1 is an implementation of a deterministic (BIP 32) Hardware Wallet on a USB smartcard.


[[TREZOR]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.
It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.


It uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32/BIP44). A recovery seed is generated when the device is initialized. In case TREZOR gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39/BIP44 compatible wallet.  
Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.


TREZOR also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.
It is also possible to customize HW.1 for more specfic needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.


[http://BuyTrezor.com E-shop BuyTrezor.com] | [http://doc.satoshilabs.com/ TREZOR Documentation]
[https://buy.hardwarewallet.com E-shop] | [https://btchip.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]


<br clear="all">
<br clear="all">


=== Pi Wallet - cold storage ===
=== Ledger Wallet - USB Smartcard Hardware Wallet  ===
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]
[http://www.pi-wallet.com/ Pi-Wallet Shop]


[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]
[[File:ledger_wallet_dongle.png|300px|thumb|left|Ledger Wallet USB]]


The Pi-Wallet is comparable to an offline Notebook.  
Ledger Wallet protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips).


However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.
The Ledger Wallet connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.


To sign offline-transaction you will need an (unused) USB stick.
It is compatible with Electrum 2.0 for power users, or with the Ledger Wallet Chrome application which provides an easy onboarding as well as a seamless user experience.


[https://www.ledgerwallet.com Ledger Wallet Home] | [https://github.com/LedgerHQ Source and specifications]


<br clear="all">
<br clear="all">


=== Ledger Wallet - USB Smartcard Hardware Wallet  ===
=== Pi Wallet - cold storage ===
[[File:Piwallet.jpeg|300px|thumb|left|Pi-Wallet]]
[http://www.pi-wallet.com/ Pi-Wallet Shop]


[[File:ledger_wallet_dongle.png|300px|thumb|left|Ledger Wallet USB]]
[http://www.pi-wallet.com/pages/what-is-pi-wallet Further informations about Pi-Wallet]


Ledger Wallet protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips).
The Pi-Wallet is comparable to an offline Notebook.  


The Ledger Wallet connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.
However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.


It is compatible with Electrum 2.0 for power users, or with the Ledger Wallet Chrome application which provides an easy onboarding as well as a seamless user experience.
To sign offline-transaction you will need an (unused) USB stick.


[https://www.ledgerwallet.com Ledger Wallet Home] | [https://github.com/LedgerHQ Source and specifications]


<br clear="all">
<br clear="all">


=== BTChip HW.1 - USB Smartcard Hardware Wallet  ===
=== [[TREZOR]] The Bitcoin Safe ===
[https://www.hardwarewallet.com HW.1 Home Page]
[http://bitcointrezor.com BitcoinTrezor.com]


[[File:Btchip_dongle.jpg|220px|thumb|left|HW.1 inserted in a laptop]]
[[File:Trezor-tx.jpg|300px|thumb|left|Confirming the transaction with TREZOR]]


HW.1 is an implementation of a deterministic (BIP 32) Hardware Wallet on a USB smartcard.
[[TREZOR]] is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.


It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.
It uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32/BIP44). A recovery seed is generated when the device is initialized. In case TREZOR gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39/BIP44 compatible wallet.  


Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.
TREZOR also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.


It is also possible to customize HW.1 for more specfic needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.
[http://BuyTrezor.com E-shop BuyTrezor.com] | [http://doc.satoshilabs.com/ TREZOR Documentation]
 
[https://buy.hardwarewallet.com E-shop] | [https://btchip.github.io/btchip-doc/bitcoin-technical.html Technical Documentation]


<br clear="all">
<br clear="all">

Revision as of 14:46, 1 December 2014

A hardware wallet is a device that stores a part of a user's wallet securely in mostly-offline hardware. They have major advantages over other wallet types:

  • the key is often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext
  • immune to computer viruses that steal from software wallets
  • can be used securely and interactively, as opposed to a paper wallet which must be imported to software at some point
  • much of the time, the software is open source, allowing a user to validate the entire operation of the device

This page is an attempt to summarize all the known developments of hardware wallets that can use Bitcoin as part of their operation.


Purchasable hardware wallets

BTChip HW.1 - USB Smartcard Hardware Wallet

HW.1 Home Page

HW.1 inserted in a laptop

HW.1 is an implementation of a deterministic (BIP 32) Hardware Wallet on a USB smartcard.

It is typically used as a blind secure device for multi signature transactions - holding a set of derived private keys and signing transactions without requiring user confirmation.

Power users can rely on it to confirm all transactions with a second factor scheme turning the dongle into a keyboard typing what the user is supposed to have signed, as a protection against malware.

It is also possible to customize HW.1 for more specfic needs, such as creating a prepaid card without revealing the deterministic seed before it is received by the user, or securing bitcoin transactions on a server.

E-shop | Technical Documentation


Ledger Wallet - USB Smartcard Hardware Wallet

Ledger Wallet USB

Ledger Wallet protects your Bitcoin data within a smartcard. Its micro-processor certified against all types of attacks (both physical and logical), and has been used in the banking industry for decades (think credit card chips).

The Ledger Wallet connects to your computer through the USB port and will do all the Bitcoin cryptographic heavy lifting such as signing transactions inside its secure environment. You can therefore use your Bitcoin account with maximum trust, even on an insecure or compromised computer.

It is compatible with Electrum 2.0 for power users, or with the Ledger Wallet Chrome application which provides an easy onboarding as well as a seamless user experience.

Ledger Wallet Home | Source and specifications


Pi Wallet - cold storage

Pi-Wallet

Pi-Wallet Shop

Further informations about Pi-Wallet

The Pi-Wallet is comparable to an offline Notebook.

However it combines all features of the Armory bitcoin client (e.g. offline transaction signing) with the advantages of a tiny computer.

To sign offline-transaction you will need an (unused) USB stick.



TREZOR The Bitcoin Safe

BitcoinTrezor.com

Confirming the transaction with TREZOR

TREZOR is a secure bitcoin storage and a transaction signing tool. The private keys are generated by the device and never leave it thus they cannot be accessed by a malware.

It uses a deterministic wallet structure which means it can hold an unlimited number of keys (BIP32/BIP44). A recovery seed is generated when the device is initialized. In case TREZOR gets lost or stolen, all its contents can be recovered using this seed (private keys, bitcoin balance and transaction history) into a new device or another BIP39/BIP44 compatible wallet.

TREZOR also introduced a unique way of PIN entering preventing keyloggers from recording it even when entered on a compromised computer. An encryption passphrase can be set on top of the PIN protection. More passphrases can be used for plausible deniability.

E-shop BuyTrezor.com | TREZOR Documentation


Not purchasable hardware wallets

BitcoinCard Megion Technologies-Card based wallet

Bitcoin Card

Bitcoincard Home Page

Excellent review by evoorhees

Incorporates a e-paper display, keypad, and radio (custom ISM band protocol.) Unfortunately it is fairly limited in terms of transaction I/O, requiring a radio gateway or another bitcoincard wherever funds need to be transferred.


BitSafe - allten/someone42's hardware wallet

Bitsafe wallet

BitSafe Hardware Wallet Development - BOM Ready - 50 kits being prepared

Signing transactions only, requires USB host software for transactions & USB power. Has a OLED display and Confirm/Cancel buttons. Evolved out of someone42's prototype below, and has significant contributions from someone42 as well.

someone42's original prototype

someone42's original prototype

Hardware Bitcoin wallet - a minimal Bitcoin wallet for embedded devices

Signing transactions only, requires USB host software for transactions & USB power. All work is rolled into the above BitSafe wallet currently.

Other/Defunct but with good discussion:

Seems to have gone defunct around Dec 2011. Some good ideas though and seemed to have started on execution.
Great discussion and good ideas from jim618. Also linked the following video:
Clemens Cap of Uni Rostock explains the Electronic Bitcoin wallet device he's working on. It's based on adafruit microtouch device.
The use of Yubikeys. They only support symmetric crypto, so you'd have to trust the host device.

Smart Card based wallets

This type of device requires complete trust in the host device, as there is no method for user input. See Smart card wallet

Related Resources