Wallet open with cards

Let’s talk about hardware wallets. For the uninitiated, a hardware wallet is a device which keeps your Bitcoin safe while also keeping them easily accessible. There are a few trusted varieties so far. Trezor and Ledger are the two I have experience with personally.

Photo by <a href="https://unsplash.com/@jankolar?utm_source=ghost&amp;utm_medium=referral&amp;utm_campaign=api-credit">Jan Antonin Kolar</a> / <a href="https://unsplash.com/?utm_source=ghost&amp;utm_medium=referral&amp;utm_campaign=api-credit">Unsplash</a>

Hardware wallets work by storing your private keys in a secure chip in the device. When you use the device, your unsigned transaction is sent from the computer to the wallet which then signs the transaction with your keys and sends it back. During this process your keys never leave the device, which is important because you want to limit your exposure as much as possible. The devices even generate your 24-word seed phrase within the device and display them on the screen for you to write down just so no device that has ever or will ever be network connected has seen your keys.

Hardware wallets fill in a gap between hot wallets (where your keys are stored on the device, think Electrum, Wasabi) and proper cold wallets (remember paper wallets?) In effect, a hardware wallet is the same as installing Electrum on an air-gapped laptop which has had it’s NIC and WiFi cards ripped out. To use that wallet you would generate your transaction on a network equipped computer, save it on a USB drive, load it into the laptop where you would sign the transaction with your private keys. Then save the signed transaction to the USB, load it back into the networked computer, and broadcast your transaction from there. Hardware wallets are the same workflow just much more accessible and user friendly.

In my opinion, these devices are the best blend of security and convenience that you can get. Ledger also has their Nano X wallet which is even Bluetooth enabled allowing you to use it through their mobile app on the go, I can highly recommend this one. I bought mine after initially buying the Trezor One because it’s the old guard hardware wallet; it’s been around a while and it’s well reviewed and well trusted. But haven’t touched the Trezor since.

If you have more than $200 of Bitcoin, it’s time to buy a hardware wallet. Do you research to find out which one works best for you. But whichever you choose be conscious of security. Here’s my advice:

  • Do not order your wallet from a third party source. It will probably be fine, but it could also not be fine at all. You don’t want to put your hard earned crypto on a compromised device and lose it all.
  • Check your respective devices documentation about their shipping security features. Trezor will have holographic stickers. Ledger does a firmware check during initialization. If anything seems weird or off, contact the company and don’t use the device.
  • Remember, your Bitcoin is not stored on the device itself your private keys are. You must keep these safe at all costs. So that means if your 24 word seed phrase is compromised no amount of cool wallet tech is going to keep you from getting robbed. A 25th word passphrase is your best protection against this. Treat this like a password: it must be random, it must be long, and you should not store it anywhere near your wallet.
  • Even better than a 25th word is using a 2-of-3 or even 3-of-5 multi-sig wallet. This provides the added benefit of resiliency in the event of a lost seed. In 2-of-3 you have a loss threshold of 1 seed. 3-of-5 is event better with a loss threshold of 2. If you have your seed phrases geographically distributed and lose more than 1, your Bitcoins are probably the least of your worries.

Photo by <a href="https://unsplash.com/@emielmaters?utm_source=ghost&amp;utm_medium=referral&amp;utm_campaign=api-credit">Emiel Maters</a> / <a href="https://unsplash.com/?utm_source=ghost&amp;utm_medium=referral&amp;utm_campaign=api-credit">Unsplash</a>

Bitcoin is a money revolution. It’s convenient, hard, and secure.. but not by default and it’s up to you to take the care to make it secure.