Topic: [LIST] Open Source Hardware Wallets (Read 2621 times)

I added both Portal and Bitkey hardare wallets.
Source codes can be found on their github pages but I would wait to see if this is actually reproducible.
Portal is still in pre-order phase, so I think we are going to wait few months for main release.

Updated and modified slightly, but I don't think this was so important

Yes. Portal is still in the preorder phase.
I do anyway believe it is an interesting product to be aware of. At least for his innovative approach to mobile environment and UX, based on NFC contacts.

---

@dkbit98, To reflect the hard reality,  I think, there is a need to refresh the foot-note to Passport device in HW list.

The current one states "using old ColdCard code".  I would suggest something like this "using the forked ColdCard code with many changes already  made  and envisaged afterward".

Grounds for this : "An Open Letter to NVK and Coldcard", Passport Firmware Releases, , "Coinkite's BBQr: A Troubling Development in Bitcoin Airgapped Wallet Standards"

A couple of additions:

Portal by TwenyTwo


Review:


BitKey



The code is open source

It seems that you are correct about this, it looks something similar like ColdCard license, but they only made changes few days ago so let's wait and see if they add proper Open Source license.
I asked CoolWallet for explanation and I will update list when I get official reply from them, but for now I am adding special note for CoolWallet Pro.
This is still better than closed source license, but it's not good to call something open source if it's not.

Hi.

We have a section in our website comparing all the open source wallets: https://thebitcoinhole.com/wallets/firmware/open-source and another with all the wallets with source available: https://thebitcoinhole.com/wallets/firmware/source-available

According to its license, CoolWallet seems to be source-available, not open source: https://github.com/CoolBitX-Technology/coolwallet-pro-se/blob/main/LICENSE

List of Open Source hardware wallets is updated today with few new additions.
CoolWallet yesterday release Open Source code for their Coolwallet Pro SE hardware wallet and they posted it on their github page, so you can report any bugs you notice.
Note that this device is based on Java Card OpenPlatform, but some crypto algorithms can't be open source due to license constraints.
At this moment we have no information if firmware for CoolWallet S regular version will also be released as open source or not.

Coolwallet Pro SE source code:
https://github.com/CoolBitX-Technology/coolwallet-pro-se

Coolwallet blog article explaining this decision:
https://www.coolwallet.io/coolwallet-will-open-source-its-hardware-wallets-secure-element-chip-code/

OneKey Touch was added along with other two models from OneKey (CLassic and Mini).
Another addition is upcoming Keystone3 devices, that includes both regular and pro version.

I had never heard of this hardware wallet passport batch 2, thank you for letting me know, I saw the prices and they are a bit high but obviously you pay for the quality, as soon as I have two free minutes I read your review carefully so don't ask questions you may have already answered in the thread. Thanks again

If you are paranoid, honestly get yourself a Passport batch 2. It is on the expensive side, but it's worth its price, since the hardware (and of course, software) is all open source and verifiable, so it has no hidden mini chips in the camera, display or elsewhere running closed firmware. It is also just very convenient to use.
Click the hyperlink for my full review, otherwise I'll start repeating myself..

you are absolutely right, open source is not synonymous with security, but in some ways it is always safer than a closed source, which you must necessarily trust! by that I don't mean that there are malicious companies to steal funds, but scams are always around the corner. that's why I got paranoia 😅. I've had a look at your new thread and I have to say it's a good thing that OneKey commissioned this bugbounty. they fixed quite a bit of a problem

I wanted to buy one for my testing when it was dirt cheap, but I gave up on that idea and I didn't want to wait for delivery from China.
Open source doesn't automatically mean that something is more secure, it's easier for secure experts to inspect the code to find bugs, but that can also be done by malicious actors.
You might want to read up the latest post I wrote about OneKey wallet:
https://bitcointalksearch.org/topic/onekey-hardware-wallet-hacked-5439320

oh sorry I was convinced you had a OneKey, thanks anyway for answering some of my questions. I'll take a closer look at your list, I've been getting paranoid about closed source hw lately and was hoping to get some advice on the buying an open source one

I don't own OneKey hardware wallet so I can't answer everything you want, but I know they are forked from Trezor wallet with added secure element ATECC608A.
They are making regular updates for their native OneKey app, but not all of their devices have battery, only OneKey Classic 100 mAh and OneKey Touch 800 mAh.
I am not going to recommend any hardware wallet, you have the list with more information, and you can make your own decision based on your needs and coins your use.

I think it's time for me to change hardware wallet, this time I would like to take an Open source hardware wallet that doesn't cost much, I looked at your list and the onekey classic caught my attention, it looks like a good device but I would like to ask what do you think? Are the updates regular? does the battery have a long life? Or would you recommend a different wallet? thanks to whoever replies

I'm just saying Jade has retail, and DIY device options

Not really interested in a shitcoin hww, but thanks?

Jade hardware wallet is already in this list for some time and I know it's open source.

New hardware wallet added today is called Hito.
They are still in pre-sale phase, and they promised to release open source code when they complete pre-sale, but I would be careful and wait for github links to be released.
Additionally, someone (like WalletScrutiny) should verify if code is going to be reproducible or not inreality.

Should add Jade DIY hww to the list. Blockstream has a repo on their github specifically for esp32 related devices. See here for visuals: https://twitter.com/notgrubles/status/1355209508335841280

I think this approach is much safer than what most other hardware wallets are using today, especially if they are closed source black boxes.
Some DIY signing devices are also using this approach of not storing keys and secrets on device, but you import them quickly with QR codes, or slower manually.
I am not supporting or defending Cypherock, but they are doing something in a differently and I applaud  for that.

This information should still be verified, don't trust me aka some random geek on internet that could be wrong
I just wanted to know this information myself and I couldn't find it anywhere, so I decided to collect everything in one topic.

Hardware wallet ecosystem can be a jungle for newcomers... And it's even more true when the marketing kicks out (fancy screen, +10000 (shit)coins supported, finger print sensor...)

Imho, the best security is the one you can manage from A to Z, knowing the risk on each steps and how to mitigate it. No need the latest high end, fully equiped hardware wallet that will soon or later no more working because of a poor camera or a poor finger reader, right ?

I'll keep on eye on this thread...
By the way, thank you for this very helpful thread.

The device should work, no matter if they're still on the market or not.
If a card is broken, it shouldn't matter either, since you have multiple ones and only need 2 to sign, as far as I know.

I personally just find it inconvenient having to carry 2 cards or 1 card + the device around to quickly sign a transaction. For me, hardware wallets are all about convenient, secure Bitcoin usage - cold storage can be done very securely and reliably with paper and / or metal.

Very weird hardware wallet if you ask me, since it depends on a splitted seed that is only stored at four cards. If you need to set up a new hardware wallet you can not put on the seed in just any device but you have to hope that they are still on the market in that moment. Also you are lost if the card is not readable anymore in maybe 20+ years.

New device is added to the list of open source hardware wallet and it is called Cypherock X1.
If you are interested in testing this device you can purchase it right now with Black Friday discount for around $100 plus shipping.
This hardware wallet is working in unique way and in package you receive one X1 wallet and four X1 Cards.
Cypherock code is available on github for inspection and iut was audited by Keylabs:
https://github.com/Cypherock

For what it's worth, by helping implement AOPP they actually helped their probably largest userbase (Swiss users) do something they would otherwise need to do anyway, quicker. Swiss Bitcoin services require the users to sign a message with the private key of their withdrawal address to prove ownership of that address. Without AOPP, they would've needed to do it manually, with AOPP it can be done automatically by the wallet software. More on AOPP here.

Don't be mad; it's just that this forum is by far the biggest pool of good Bitcoin information, and your questions were answered before. I recommend to use this site for quickly and easily searching on BitcoinTalk:
https://ninjastic.space/search

This forum does require a little bit of a thick skin sometimes, though it should be noted dkbit98 never insulted you.


Anyhow; let's stay on topic.. Looking forward to those new wallets. I would love to see more airgapped stuff!

Sorry if you think this way, but I never argued with you and I don't think I was disrespectful in any way, but maybe you forgot to drink your medications.
This is my topic about Open Source Hardware Wallets, not about me giving advices what you should or shouldn't buy with your own money.
And yes the rumors are true, I am very young kid, that is why I always use year of my birth for creating accounts, and I use 1234 for all my passwords  

---

Back on topic, there are few new hardware wallets ready to be added on this list, but I am waiting for the official release and updates.

Of course i was talking about AOPP, "someone" just misundertsand it on purpouse to primping among us...
For the companies... they can decide to be not collaborative expecially if they are multinational and have a multisite branch in different countries...

btw, thanks a lot for your help.... definetley i wil made my own research... elsewhere

---

i have prepared a fully a complete answer to your allegations, then I thought that since I already have white hair it made no sense to argue with disrespectful kids. I simply put you on "ignore" so don't bother to answer any more. thanks

Collaborative in what way? Are they collecting, storing, and sharing user data with government agencies upon request? I am sure they all do that. Companies (crypto-related or not) have to respect local laws and regulations and aren't exempt from them. Maybe you are talking about the Address Ownership Protocol (AOPP) they support when you said they collaborate with the government. 

Trezor IS fully open source, it doesn't have secure element yet, but it works just fine and can be used with passphrase.
Bitbox is NOT collaborative with authorities, and I never said that, it's fork of Trezor wallet with secure chip integration.
I don't like satodime so much, but you can do your own research and don't ask same questions multiple times.

Dude I am not your babysitter so do as you want with your money... you are not purchasing rocket to Mars, and I don't like repeating myself

According what you said,
Bitbox is collaborative with authorities
Trezor is not open source, until they build a property chip
keystone seems to be the the only alternative, but cost more than 100€ and needs battery

what about satodime? considering that i don't like the card reader but it seems not strictly necessary if using NFC

I guess KeepKey could also be an alternative; as far as I know it's basically a Trezor clone in a different case.

Hmmm yeah I see what you are referring to :/
This was probably my mistake with table information and I corrected it now.
According to Tangem sources I found, only app and NFC communication protocol are open source, everything else including firmware is closed source.

You don't really need to have support for lot of coins because most of them wont exist in few years.
Best comment I saw about this is like you are using highly secure vault for storing bunch of bananas aka shitcoins, they will all be rotten soon enough.

I would say that Bitbox, Keystone and Trezor are your the best choices for hardware wallets in 2022, that is if you want to have support for Bitcoin and other altcoins.
Everything else is not recommended by me, but you can do whatever you want with your money.

I was referring to your post here.

https://bitcointalksearch.org/topic/secure-element-in-hardware-wallets-5304483

in the table it says that it is open source.

the alternative for me was satochip, but i saw that tangem has a lot more coins available and moreover doesn't need any card reader

i'm not considering keystone and hypermate due to the price and One key is available only in the mini version at the moment and is outdated according your table.

so i'm open to advices

In case you didn't saw or read correctly, I created the this topic for list of Open Source wallets, and I am not talking about applications but about device firmware.
If you have more information that Tangem released their firmware as open source please post them here.
Until then I am not going to recommend anyone Tangem devices.

Tangem has crypto cards, but they also have hardware wallets that look like cards, but it's true they are all closed source devices.

Tangem is a crypto card, so it's not a hardware wallet.

The Tangem is closed-source as far as I know. The product uses an open-source secure element according to dkbit98's description in Secure Element in Hardware Wallets.
However, the Android and iOS apps are closed-source according to Wallet Scrutiny:
https://walletscrutiny.com/iphone/com.tangem.Tangem/
https://walletscrutiny.com/android/com.tangem.wallet/

hello,

just considering to buy Tangem, but i saw that is not very popular here despite has all the specs considered safe as open source, EAL6+ etc...
guessing why

There shouldn't be any confusion, to be honest; it's a pretty straightforward concept: 'Does the GitHub release, when compiled, match the exact same binary you're giving your customers to download, or not?'.
I don't think there's much room for interpretation, because it's a yes or no answer which simply asks whether the binaries do match or whether they don't.

This two website obviously have slightly different definitions and interpretations for what reproducable code really means, and it's true that Bitcoinbinary is owned by Coldcard aka NVK.
Let's not forget that ColdCard was misleading their customers for a long time claiming they are open source, but they recently changed that description on their website to Verifiable Source Code.
That is not open source so I don't have ColdCard on my list, but I do consider it better than ledger, safepal and other closed source stuff.
 

I've thought about making a list of a few wallets and periodically try to reproduce the latest builds myself; not sure if I can find the time for it, though.

Yes, I actually thought at first to just add such a 'reproducibility label' simply based on data from walletscrutiny and maybe bitcoinbinary; as you correctly stated they both test firmwares from time to time.

The latter was critiqued in the past though; since they are sponsored by CoinKite, they claimed ColdCard to be reproducible, while the more neutral walletscrutiny website claimed this to be false. Not sure how it played out in the end, though.

Can you personally verify if code for all this wallets is reproducible or not, and do this with each new release?
I can't do that for sure, but I understand what you are trying to say and it's not a bad suggestion
All we can do is check out websites like Walletscrutiny.com and Bitcoinbinary.org and see if developers checked latest firmware release and if they can be reproduced.
According to Walletscrutiny wesbite, only Trezor, Passport, Keepkey and Krux DIY hardware wallet firmware can be reproduced, and someone on Bitcoinbinary website reproduced firmware for Trezor, Bitbox and Coldcard wallets.
I updated this information in first post.

Thanks for putting in the work to keep this thread constantly keeping this updated; it's one of the few threads I regularly go back to and link to people looking for hardware wallets. I believe open-source is an absolute must, otherwise you're trusting your money to an intransparent system; the very problem Bitcoin aims to solve.

However I think it would make sense to add a 'reproducibility' label. An open, auditable source doesn't help if the wallet doesn't actually run it. Even if it runs a slightly modified firmware, those modifications could easily have been put in to deanonymize users. It also doesn't allow you to verify if a reseller / middleman replaced the firmware, for instance, which can be a big security risk.

List of Open Source hardware wallets is updated, cleaned and I made few changes.

I recently found out that Bitlox hardware wallet released their code as open source for everyone to check, and it was even more surprising to see they updated firmware recently.
I was not able to find Bitlox device available for purchase because they are sold out, but making it open source is good news for old owners, and it's possible they will have devices available in future again.
They even have their own open source Bitlox explorer that is forked from insight.is explorer.

Hardware wallets removed from this list are Opolo and Keypal because they never released any code publicly, so I am considering they are not open source.

I added new certification symbol C for hardware wallets certified by OSHWA (currently that is Trezor and Passport).

The costs would certainly increase if the chips were produced in Europe and they also mention 3rd party licenses as reasons why the production wont take place in the EU.

---

It's great news that this is moving in the right direction. Too bad that the article is in Czech and Google translate isn't the perfect way to translate the piece. Anyone speaking Czech on Bitcointalk?

I found a few interesting things in that Czech article.

"Largely open" as in mostly open-source? That would match some of their previous posts where similar terminology was used to describe their chip as "as open-source as possible" if I remembered it correctly. For security reasons, certain parts of the code could stay closed-source. Maybe the firmware like they mention in the following sentence.

Not sure if this translated sentence is telling us that the firmware will be closed-source or "closed" means something else in this case.

I appreciate the advice, sincerely.  And as I've said many times, I'm not crazy about Trezor's design anyway (though if it were an ideal HW wallet I'd go with it in spite of that). 

I'll look into Keystone and Passport, though at this point for bitcoin I'm not sure that using Electrum and storing the seed phrase in a secure place isn't an easier option. 

Thanks for posting this is good news not only for Trezor and other hardware wallets, but for all industry of chips that desperately needs to have open source chips.
One problem I see in their deal is they are using Taiwanese company UMC and there are a lot of tensions between China and Taiwan that could escalate any moment,
they can't move production to Europe or anywhere else in the world, according to this article, and that can be security risk.
I see old TASSIC name is ditched for new name TROPIC01, and they are not sure what license they are going to use for this chip.
Interesting article to read for sure.

New update on the Secure Element chip development. It's in czech and you need to use Google translate.


https://www.lupa.cz/clanky/cesi-se-chystaji-vyrabet-miliony-vlastnich-bezpecnych-cipu-pomahaji-jim-tvurci-trezoru/

I think we won't finally see the product until next year.

I didn't change my mind about Trezor, but I do think other hardware wallets I mentioned are better option to buy in 2022.
It is possible that Trezor will eventually have to retire version One, as being the oldest existing living hardware wallet, and I don't feel comfortable recommending it anymore, and model T is to expensive for my taste.
On top of that, they really messed up with recent AOPP introducing and then removing it after community backfired on them.
I will probably recommend them again as soon as they add secure element that is expected in the end of 2022 or in 2023 (I hope so).

I am not sure why you changed your mind about Trezor. I understand why you are against Ledger and especially the Nano X (or Nono X as you call it) Trezor not having a secure element isn't new information. Their seed extraction vulnerability is public since 2019 I think, and it can be mitigated with a strong-enough passphrase and/or storing a code on an SD card. Either way, it requires physical access to the device. You could even wipe the device clean and reset it to factory settings if you aren't using it very often and have other wallets for daily needs. That would require much more time to set it up again if you want to spend from it.

The thing I don't like about Trezor is that they are playing this hardware vulnerability down instead of putting more attention on the importance of having a passphrase if you are using their HWs. But that's just a company protecting its investment and own ass, and that's the way it is. Whenever they release that new HW with a secure element, their Trezor T should get cheaper and become a great purchase.   

Bitbox was never absent from this list, and looks like you need glasses my Italian friend  
You can check archive of this topic and see that Bitbox was among first wallets that I added on my list, and I talked about it before many times.
Bitbox is basically Trezor wallet code with secure element and I like them, except the part when they started to support controversial swiss AOPP rule that violates privacy in my opinion.

Right now I would consider recommending only two hardware wallets that are open source, air-gapped devices and that is Keystone and Passport hardware wallets.
At the moment I am not recommending Trezor wallet (until they release version with secure element), and Bitbox wallet I am not recommending for reasons I wrote previously.
That doesn't mean that other hardware wallets are bad, but they just don't meet my criteria.

I too will suggest BitBox02, it is completely open source, it can be connected with open source wallet like Electrum. I checked Electrum release note for Electrum version 4.2.0 which support pay-to-taproot for this hardware wallet. It will also be resistant to damage if compared to many other hardware wallets. Its secure element makes me to more prefer it, it will be hard for a physical attack to fetch out its seed phrase or keys.

Between Ledger and ShiftCrypto, I'd go for ShiftCrypto, since it's open source and better quality. Ledger is known for bad QC and completely closed-source codebase.
However, the Swiss brand has been in discussion lately for being highly involved with the development of AOPP and the screen scratches easily.

Personally, for lower budget I still like the original Trezor One and for higher budget I will probably recommend the new Passport - main concern in everyday usage (with the v1) is honestly the battery consumption / non-rechargeable battery.

But honestly, the BitBox02 is a good middle ground and if you can excuse the questionable AOPP involvement, it's a good value for the price. The main advantage over the Trezor in my opinion is the secure element and built-in USB (if you use a laptop with USB-C connectors you don't need a cable).

I am very curious on your suggestion about this one: I heard different producer (shiftCrypto vs Ledger, amongst the others) calling their design choice superior to the competing one for the exact same reasons (privacy, security).
What would you advice?

Since you address 'the community in general': are you looking for a way not to leak your address / identity to the seller? Regarding this, it should be the same precautions for any brand.. such as using a PO box and paying with a 'clean' (e.g. mixed) Bitcoin UTXO.

Regarding 'what would be a really good one', it depends what your definition of 'good' is. I think open-source is a must-have; regarding anything else, it comes down to preference.
Aspects to consider: do you prefer air-gap or USB connection? Do you like something with altcoin support or Bitcoin-only? Secure element or fully open source hardware (secure chips are most of the time closed source)? Budget?

Yeah, why in the world would anyone do that, unless maybe they were at a bitcoin convention and it served some purpose being on your person--but even then it's crazy to do that if that device represents a huge stash of crypto.  Jeez, I was riding my bike home from the pharmacy last week--less than 1 mile--and had the prescription bag fall right out of my pants pocket without me even noticing it (luckily no one had picked it up when I re-rode my route back to the store).

Hey dkbit98, I've been pondering a lot of what you've written about hardware wallets in addition to a post that was written about HW wallet manufacturers and their access to customer data.  Could you recommend a HW wallet other than the Trezor that would be a really good one?  Same question goes out to the community in general.  I was thinking of starting a thread but it'd look like I hadn't done any research, but I have.  I just want input.

How can Bitbox02 be absent from this list?



Amonst the security features you see that the code is open source:


https://shiftcrypto.ch/bitbox02/security-features/


Link to GitHub Repository:
https://github.com/digitalbitbox/


Edit:
Now I see on the list. Not sure if I missed it, or the OP got edited.
I either need glasses, or I am getting old. Or both, actually.

I can't remember one from the top of my head. Personally, I have never found myself in such a situation. You can apply the same logic to fiat money. If you need to run down to the shop for a package of milk and a dozen of eggs, you aren't going to put $10.000 in your trousers, take it all out, and start looking for a $10 bill in front of the cashier and other customers. You are putting yourself in the spotlight.

I don't do that with my savings either. My debit card is not connected with my savings account where most of my capital is. It's a separate account that I manually deposit to every time I need money to spend. Losing the card wouldn't create too much of a headache like would be the case if my main savings account would be in jeopardy.   

No matter how big or small, if your hardware wallet holds the majority of your funds, or one big stash of it, carrying it with you in your pocket everywhere you go isn't recommended. Hardware wallets have been and still are/could be vulnerable to various types of physical attacks. It doesn't matter if the wallet is protected by a PIN, it's a line of defense can be penetrated with enough time or willpower. Keep your HW hidden like you would with other things valuable to you. Carry only the things you need on you. It's better to lose $1k than $100k because you were flashing your Trezor in public.

maybe someday I can buy one of my dream hardwer wallets, I just read about Trezor from a physical point of view, its advantages and specifications,
oh yes, the friends above are busy discussing the mini one key whose shape is attractive and simple so it is practical to carry it everywhere. I hope other countries don't join in and ban it from using it, and the Chinese country hopes that there is a solution until the ban is lifted. this presence makes it easy, I have also read the prices of other hardware wallets here

https://bitcointalksearch.org/topic/--5282364

I'm starting to understand and it's interesting, especially when there are physical/materials that are easy to carry, thanks OP

OneKey mini looks like iPod device but it has much smaller dimensions, and I don't think it's possible to create functional DIY wallet with iPod.
There was some iPod Linux project few years ago but I am not following the progress, and it's probably cheaper to just buy open source Onekey.

Missed opportunity to give the thing a click wheel
That makes me wonder: fuse iPod Classic modding + DIY hardware wallets => hardware wallet in iPod shell? Would be pretty sick, and also a way to hide keys 'in plain sight'.
Although, it would be a much more involved project than regular iPod modding, it would be reusing shell & I/O with all-new components. Not sure if even possible. I'm just brainstorming

New hardware wallet OneKey Mini added to the list of open source wallet, but their github page is a mess full of deprecated and old firmware so watch out if you are confirming their source code manually.
Device itself looks interesting, it has unknown secure element and very affordable price with free shipping from China.
From information I have OneKey is currently most popular hardware wallet manufacturer in China.

Some interesting turn of events happening in China with OneKey, biggest hardware wallet manufacturer in China.
After recent ban from government they had to make some drastic changes for their customers who live in mainland China, canceling anything related with dex, staking, defi and lending.
This makes me think if they could potentially stop future maintaining of their code and nodes that operate transactions for coins.
OneKey claims they are based in Singapore but I think we all know the truth 

Automatic translation from source: https://help.onekey.so/hc/zh-cn/articles/4407225238159

First archived version of your website shows a different story, and first ''donation'' was from Coinkite (Coinkite = Coldcard = nkv), only later you added one for Achow, but I guess you can time travel:
http://web.archive.org/web/20210916165204/https://bitcoinbinary.org/

So Coldcard was never open source and it never changed a license?
I think LICENSE is more important part of the question that I was asking, like topic subject is, not if wallet really is reproducible or not.

I was asking a question, so I don't know how I could be wrong about that.
Maybe you should have a bit less pride and arrogance, but that is just my opinion :/

I followed this story from the beginning and I did my research (maybe I made some mistakes), but thanks for your kind replies  


PS
ColdCard License:
https://github.com/Coldcard/firmware/blob/master/LICENSE

1. That's incorrect, I seeded the donations and the bounty was paid to the first submission Achow101. That website is open to anyone to submit, I wish more people cared and donated to pay bounties.
2. Code has always been viewable and buildable. Repro builds started a few versions ago, not since the begining.
3. Also incorrect, COLDCARD only shared one crypto library with Trezor which we were contributors. That library was since replaced with Core's Libsecp256k1, far superior.

Before so much negativity, maybe do a bit of research

Maybe it is reproducible now, but I wrote that post in August and I think that you released your website one month later, after you donated yourself for creating it.
We talked more about that subject in different topic, and I have to say that you made terribly bad selfish move when you changed and removed Open Source license from Coldcard.
Is your code 100% made by you or you used code parts from other open source hardware wallets like Trezor?

COLDCARD code can definitely be reproducible see here https://bitcoinbinary.org/

I'm really very confused right now. I was recently looking up the Cobo Vault again and saw they switched brand to Keystone a while ago.
Now, Cobo says it stops supporting the Vault - but why don't all Cobo Vaults just continue working and continue being supported under Keystone?
Is there any difference between Keystone Vault and Cobo Vault at all?
I hope these questions will be answered in a new topic by Lixin.

Edit: I think everything is answered in: Hey bitcoiners if you are interested in the rebrand from Cobo to Keystone...

Hi Lixin and welcome!
This is general topic for all open source wallets.
My suggestion that you should first make a post explaining what happened with Cobo wallet, your team and new brand you started in old Cobo topic:
https://bitcointalksearch.org/topic/ann-cobo-vault-second-generation-launch-qr-code-air-gapped-hardware-wallets-5244214
Than you should create new ANN topic for Keystone hardware wallet, post some information, links and images (maybe you will need copper membership or more posts for doing that)
Hardware wallets section is here: https://bitcointalk.org/index.php?board=261.0

I think you proved a connection with your twitter account making your previous post, so only thing left is to read bitcointalk forum rules and you are good to go:
https://bitcointalksearch.org/topic/unofficial-list-of-official-bitcointalkorg-rules-guidelines-faq-703657

Welcome to the forum.

As a courtesy to this thread and the thread users, you should probably start a new topic - especially since this topic is about a variety of open source wallets rather than just your own wallet, and presumably you are going to want to both promote your own product and to make comparison and contrasts that revolve somewhat around your own product rather than openly exploring various open source wallets, which seems to have been the intent of this here thread.

And for sure, you could put a link to your new thread here.  Of course some people are going to want to know that you are not a fake (which I see you made a subsequent post to attempt to address that), so you might need to provide some information to verify your representative status.  

For sure, if you start a thread, you would likely be posting some links to overall introduction topics, and of course if specific questions are being raised in this thread they could either be answered here or in your thread (in which you would probably redirect people to the specific answers or the status of certain matters that might not have answers at the moment).

In your new thread, you may also want to provide some links to some podcasts because I believe I have heard interviews from you or someone else from your company/project at more than one time on some podcasts.  I cannot remember which ones, but you probably know about those more specifically - or if you believe any of the interview(s) might be helpful.

Hey I am Lixin. One of our users shared me the link of this post in our Telegram group which guided me here.

Thanks for your explanation for what happened.

I am new here. Should I apply for opening a new topic (or maybe an AMA?) to answer people's questions about the rebrand?
(I don't want to break any rules here.)

No, a consultant that I deal with a lot has one. But, since I am the go-to guy for crypto stuff, he saw the tweet that they were shutting down and gave me a call.
Which does bring up the point, that they had his email and did not even contact him. Not a great way to do business.

-Dave

LixinLiu was lead developer who worked for Cobo before, but when they decided to ditch their hardware wallet, he separated with his team, purchased license from Cobo and created new brand and company called Keystone.
They made some improvement changes in QR codes, changed place for entering SD card, code is the same like in Cobo but it will change in future.
It is a a good idea suggesting him to create new topic with support here in bitcointalk forum.

Wait, so you actually own a Cobo hardware wallet?
I remember they offered some devices for free or with discount few years ago in forum.

Not everyone, someone not on the forum asked me about a tweet they saw about it, which is why I posed here.

I did a quick google search for wallet not vault (so that's on me):


The 1st 3 or 4 results were all to the altcoin sections. So I thought (incorrectly) that there was no dedicated post in the HW wallets section.
Their topic has fallen to the 2nd page so even a quick look did not show it on the hardware wallets page.

At that point I figured a post on this thread was worth it.


Did not mean bad as in going to steal your BTC, but bad as in "whoops that little bit of code does not work the way it was supposed to" and you now have a device that is not doing what you want. The same way any piece of unsupported hardware can have issues that will not be resolved.

As for LixinLiu and all the rest, if you look at the tweets from cobo and on the article I linked it does not mention him. So, look at it as someone who bought this product and got the shutting down info and has seen no other communication from the company.

I got a call last night, did a quick (wrong) search and followed the few links that cobo provided and sow nothing.

Just what happened.

My Opinion: If keystone / LixinLiu want to keep going they really should be posting here about it in a new topic.

-Dave

I wrote about this news few months ago (June) in their topic and everyone was aware that something like this was coming.

I would not use Cobo anymore that needs to be connected with their custodial wallet, but you can buy new Keystone device with 50% discount if own old Cobo device (Keystone essential with discount would be around $60, and Keystone Pro around $85).
Keystone is working with most software wallets like Electrum, and you can use spare parts and batteries from old Cobo device.

Their wallet is open source, so there is nothing hidden and anyone can check the code, plus their developer LixinLiu is very active and trying to help everyone.
I am not trying to justify anyone, Cobo made a bad decision

Cobo Vault is shutting down next week.

https://support.cobo.com/hc/en-us/articles/4407973083287-Cobo-Vault-Offline-Notice

Nice to give your users an entire 8 days before shutting down your back end.
Cobo / keystone should still work but no more updates.
But, I would still not use it anymore, you never know what could be lurking somewhere in bad code.

-Dave

I am not going to provide any reviews here because I didn't personally test all of those hardware wallets, and all other reviews are either paid bias or shilling of their own products.
Do your own research and listen opinions and feedback from several people both positive and negative.
My personal choice would probably be Swiss made Bitbox hardware wallet, it is open source, has secure element and it survived years of testing.

dkbit98, thank you for putting this list together. I understand now why open source is imperative for hardware wallets.
In the meantime, I'd like to read more reviews of some of the most popular models from this list, not just the simple listings of technical specs. You might have some resources on the subject in your bookmarks archive. Feel free to share any.

Latest updates and changes to the list of open source hardware wallets:

- Coldcard hardware wallet removed because code is not Open Source anymore, but MIT+CC license and it can't be reproduced anymore.
- Added separate list of DIY Open Source Hardware wallets for advanced users.
- Opolo hardware wallet added, but code is still not released and can't be confirmed on github.

I think what you are looking for can be found on this page. Scroll down to the bottom where they talk about creating your own Satochip hardware wallet. They posted links to the required chips, the files that you need to upload on the chip card, and how to download and configure the various Satochip clients.

Interesting, I didn't know that and I think that €25 it is a reasonable price, but I think that you would need to buy a card reader if you don't have one already, and that is plus €15.
Is there any page with instructions for dummies for making Satochip DIY wallet and loading code on card?

Hello,

You can also DIY your own Satochip hardware wallet.
We do sell blank javacard that are compatible with our Satochip Applet.

It's quite easy to make your own hardware wallet :
- Grab a card here : https://satochip.io/product/satochip-diy-and-developer-card/
- Load the code here : https://github.com/Toporin/SatochipApplet/releases

Et voilà

New Hardware Wallet KeyPal added to the list of Open Source wallets according to their statements, but we are still waiting for github code confirmation.
This wallet is one more device coming from China so I would be extra careful trusting them before doing some testing and examination by security experts.
It is made from zinc metal alloy and it has dual chip with secure element and military-level protection, and it is working only in combination TokenPocket wallet by same manufacturers.
They are claiming to have sensory, visual, operational and security features, but nothing can be confirmed because they are still in presale period until September 10.


Website: https://www.keypal.pro/
Github: https://github.com/KeyPalWallet

HyperMate hardware wallets manufacturer is claiming they are Open Source and you can check that on their Github page but I can't confirm that because I didn't test their wallets myself and it is lacking documentation.
They have two interesting devices offering hardware-level MultiSig support and they claim they are resistant against attacks on program execution, and physical attacks on chips (heated, frozen, filtered...) so it would be good to see someone testing out this claims.
Problem I have with this hardware wallet is that I must use their HyperPay app and can't connect device with other wallets like Electrum, and I can't choose to create my own PIN because it is random generated.


Website: https://hyperpay.tech/hypermatepro/pro
Github: https://github.com/hyperpayorg/hardwallet

OneKey hardware wallet is added to list of open source hardware wallet, and it appears they are using some modified fork of Trezor wallet with added secure element, battery and bluetooth support.
You can see familiar Trezor pin screen below (maybe they changed it later), they are using Trezor Bridge and OneKey is compatible with all Trezor compatible wallets like Electrum, Wasabi, Trezor web wallet, Mycelium, etc.
OneKey can also be used as 2FA device same like Trezor, and wallet firmware can be updated via Bluetooth.

 
https://shop.onekey.so/ and https://onekey.so/en-US

Prokey wallet is added to the list of Open Source hardware wallets.
Prokey is made in Kuala Lumpur, Malaysia and it's code is based on well known Trezor.

Official website with more information:
https://prokey.io/

Jade wallet added to the list of Open Source hardware wallets.
Jade is made by Blockstream, supporting Bitcoin and all Liquid Network tokens, and Jade does not have secure element, but it has secure boot and encrypted flash.

Official website with more information:
https://blockstream.com/jade/

You are correct about Opendime, it is open source and I will ad it to the list, but I would not recommend anyone keeping a lot of bitcoins on Opendime.
Thank you for suggestion.

What about other Coinkite products besides ColdCard: Opendime
https://github.com/opendime/opendime
https://store.coinkite.com/store/opendime

In my opinion, there should be extra storage space considering that Opendime is like a flash disk without an outer casing.

@Tibu thank you for posting your suggestion.

I updated the list now and added Satochip with all other Open Source wallets.

---

If I missed any other Open Source hardware wallet, please tell me.

------------------------------------ Satochip Wallet ------------------------------------

Take a look at Satochip hardware wallet.
It's an open source, affordable and community driven project.

Project is fully open source : https://github.com/Toporin

You can even buy a blank Javacard on the Satochip website, compile the code yourself and DIY your own hardware wallet :
https://satochip.io/product/satochip-diy-and-developer-card/



------------------------------------ More info ------------------------------------

Twitter: https://twitter.com/SatochipWallet
Telegram: https://t.me/Satochip
Website: https://satochip.io
Shop: https://satochip.io/shop

It seems you may be right. I never noticed that before. 
I'll have to update this info on my list too.

Thank you for suggestion, but as far as I can see this wallet is not supporting Bitcoin but just their own skycoin, and maybe in future they will add Bitcoin and other coins.
When they add Bitcoin I will consider adding this wallet to the list.
I don't understand why not using Bitcoin from start when they used Trezor firmware.

https://store.skycoin.com/products/skywallet

As I did a little research for my list of hardware wallets in the Croatian local section, I discovered another company that uses Open Source for their wallet firmware:

Skywallet - The firmware has been modified from Trezor
GitHub: https://github.com/SkycoinProject/hardware-wallet

Open source software is made freely and available for possible modification and redistribution by anyone.
Bitcoin is open source and I think that Hardware wallets should also be Open Source so that everyone can check and verify their code.
Not all wallets are open source, and who knows what code they have and if someone can post firmware update with big bug or malicious code.

Hardware wallets with Open Source firmware:

• Trezor ^{c r}
• Bitbox* ^r
• Passport** ^{c r}
• Jade
• Satochip
• Keepkey* ^r
• BitHD*
• Prokey*
• OneKey Classic*
• OneKey Mini
• OneKey Touch
• Secalot
• HyperMate
• Cypherock X1
• Hito (pre-sale)
• Bitlox
• Coolwallet Pro SE (? source-available)  
• Keystone (ex Cobo)
• Keystone3 ?

* based on modified Trezor code
** using old ColdCard code
^c open source hardware certified by OSHWA
^r firmware reproduced by walletscrutiny or bitcoinbinary.

DIY Open Source Hardware wallets (signing devices) (only for advanced users):

• Jade DIY Wallet
• Bowser DIY Wallet ^r
• Trezor DIY Wallet
• PiTrezor DIY Wallet ^r
• Specter DIY Wallet ^r
• SeedSigner DIY Wallet ^sd
• Krux DIY Wallet ^{sd r}

^sd Signing Device without permanent storage.

You can check and verify if someone managed to reproduce firmware for this hardware wallets using two websites walletscrutiny and bitcoinbinary.

Open Source can also have bugs, and code should be verified and checked before installing.
If anyone knows any other open source hardware wallet please post it here so I can update my list and make corrections.

- Secure Elements in Hardware Wallets

---

NOTE:
Information posted here is subject of change, so everyone needs to make their own research, don't trust anything you read here, but verify code for yourself.[/list][/list][/list][/list]