Topic: Show off your hardware wallet - page 4. (Read 2052 times)

I have limited knowledge in regards to NFTs as a whole, but IIRC, the POAP NFT that came with the genesis edition of the S Plus had restrictions or rather wasn't made to be like a regular NFT, so I think the same would probably apply to this one as well ^{[I don't think they'll be able to easily sell it]}!

I agree with you... Even though "they've fixed most of it", I'm still surprised to see a couple of apps are still missing after roughly 4 months!

---

Considering that only a few users have posted so far, perhaps it's time to find them from other threads:

e.g.

• BitHD Razor review ^{[and Trezor One (by Rath_)]}
• Safepal hardware wallet review and opinions ^{[by Lillominato89]}
  
  • Same thread but another user ^{[by TedMosby]}

I would never go for the Nano X over the older Nano S. Looking at how good my Nano S has served me in all these years, I didn't make a mistake when I bought it. There is the regret of having some of my data leaked together with my friend who received the package, but Ledger isn't the first nor the last company that will be affected with something like that because of negligence.

I was never a fan of the Nano Xs Bluetooth feature or the battery and we can see the problems the battery has caused with the latest batches. The Nano S Plus seems better to me than the X if it weren't for the missing support for a whole bunch of assets. Not that I need that support because I have very few altcoins, but just the idea that they forgot to add it or didn't do it intentionally to be able to release it as soon as possible, gives me a bad feeling and makes me question what else they might have forgotten or intentionally left out? 

Probably in one of the topics dedicated to Nano S, like Why I wouldn't buy Ledger Nano S ever again? - info about the last 10.000 devices here would put a bullet point so as not to buy it.


The company decided to get rid of the last copies of this model as soon as possible, and for this it is trying to stimulate buyers with the help of nft bonus. Otherwise, no one would have bought them, because there are updated models.

Wasn't sure where to post it, so I will just briefly mention it here.

The official Ledger website is now calling their Ledger Nano S the Ledger Nano S: Final Edition. I am not sure when this was changed, I just noticed it now. Sorry, if it was mentioned already. Anyway, it's the end of production and the last 10.000 devices will include an NFT of some sort.

There are a few pictures of this digital collection on https://shop.ledger.com/products/ledger-nano-s-final-edition.
Doesn't seem appealing to me, but I guess every product has its buyer. Hopefully, they won't drop support for the Nano S after a few months.

Well, yeah, you're right, actually buttons is used often.

I'm one of these people who don't like that address is divided into 3 parts and doesn't fits in single screen. But you have good point that's easier to verify it when it's divided into 3 parts.

You actually need the buttons quite often. You need them to setup and verify your PIN and seed words. Every time you want to unlock the wallet, you use the buttons to find the correct PIN numbers. To interact with a particular cryptocurrency, you have to open the associated app on your hardware wallet. As you mentioned, the buttons are used to verify addresses, amounts, fees, etc. You also need them for settings changes, display configuration, creating a passphrases... 

I don't mind the screen size either. A lot of people seem to be displeased with it. But if you think about it, it's much easier having your address divided in 3 parts when you verify it. The address is a string of random letters and numbers. It's not a logical sequence of characters you can remember whether or not you see the whole thing or a 3rd of it. I find it easier to see one string and verify it's identical to what is shown on Ledger Live, and then move on to the 2nd and 3rd one. 

As Pmalek show above, there is buttons on wallet. In general, you won't use button that much, it's only needed to verify your actions. About screen size is optimal I think, it's not touch screen. But another question is quality of that screen.

There are two buttons on the Ledger Nano S. Do you see those two black things popping out in the first first picture? Look closely at the top of the casing. Those are the buttons. You use them to navigate around the interface, open/close different menus, confirm transactions, etc.

They are easier to see on this picture for example:

The question here is, how do you operate this device for transactions when there is no button? and the screen is not big enough to operate as screen touch. I am only seeing flash drive. Tell me more.

I'm not sure if security by obscurity is the reason for that, as I find it a severly flawed concept for sustained security. I haven't read everything that Trezor published regarding their open-source SE, but when it's available I'd really want to see exactly why something needs to be kept hidden if the SE isn't fully open-source.

Well, we'll have to wait and see if their SE can tick all desired boxes and proves to be a good piece of silicon to use and is as secure as desired. Time will tell. (I'm impatient, though.)

I think it's going to be great for the entire hardware wallet industry once it finally comes out. Not just the version that Trezor and Topic Square bring out, but each subsequent one that will get worked on and improved by other development teams based on the open-source codebase. It's worth pointing out though that even Trezor is considering not making everything completely open-source. I guess they understand it might be dangerous or too revealing. They have stated in their press releases/documentation that the chip will be as open-source as possible. People seem to constantly forget about these two underlined words that can make a big difference.

I think only model T is this expensive (and always has been); Trezor One has kept its price and is still competitive with Nano S (which is now (being) discontinued), but it's a very old device by now.

Sure, preferences play into this, but I do believe that you can put up a list of things that are objectively good and desirable in such a device and where I don't know why anyone would not want them. Just a few from the top of my head.

• Open source firmware and hardware
• Reproducibility of the firmware builds
• A screen to verify the recipient's address
• Limited amount of closed-source silicon (e.g. prefer screen with circuit on glass [1])
• Open-source secure element (protects from hardware attacks)

Aspects I would rate as being more subjective:

• Closed-source secure element (what's available today - tradeoff between trust in the manufacturer of this chip and security from hardware attackers)
• QR Code communication / air gap (depends on user's preference: if they are super privacy and security focused, won't use a phone and might not have a webcam)
• Phone app (see above)
• Form factor (see above)

I could just quote a Wikipedia article about secure element chips, but put shortly, they're small integrated circuits (example: [2]) that store your seed in a way that I can't just open up the hardware wallet and read it out with my PC. This chip is also shielded from physical attacks, like opening it and reading the bits with a microscope and these types of attacks. Until now they've always been closed-source, so in theory a complete open-source hardware wallet that uses such a chip is vulnerable to attacks that the developers and users can't identify since they don't have access to the secure chip's source. It could also be backdoored. If you use an open-source secure element though, you can^{[it's not that easy, though]} verify that it's not malicious and has no backdoor. Trezor appears to be working on such a chip currently.

There's also a curated list of hardware wallets with secure elements here: https://bitcointalksearch.org/topic/secure-element-in-hardware-wallets-5304483

[1] https://youtu.be/Hzb37RyagCQ?t=2061
[2] https://www.microchip.com/en-us/product/ATECC608B

I started out with the KeepKey because it was one of the cheapest open-source hardware wallets around, but I didn't really find it all that great.  The GUI that used to be available when I bought mine was one of the reasons I didn't like it, and ended up using it exclusively with Electrum.  It's no longer shipped with a user interface, because they're using it to promote their other product, ShapeShift.  To be honest the company kind of gives me the creeps, even more than Ledger.

I've also used Ledger's Nano and NanoX, but I tend to agree with you about Ledger as a company in general.  The fact that the wallets aren't open-source is a sticky point for me, but they really lost me when they let my personal information get leaked.  Forget about sats, I wouldn't give them a fraction of ripple.

I just reserved my order for a ColdCard mk4, so I'm interested to see how that works for me.

My go-to HW wallet has been the Trezor, I use both the One and the Model T.  I don't deal with altcoins when I can avoid it, and I have none that I'm holding so I primarily use them with Electrum as the interface, and both have been great.  The only limitation I find with the T-1 is that it's not compatible with XMR, which really hasn't been an issue since I don't HODL monero, but I do like to trade some on one specific P2P platform just as a way to (slowly) grow my stash of BTC.



As long as you know how to keep your coins (seeds) safe, a hardware wallet is just nothing more than a good way of keeping your coins mobile.  If you don't need the majority of your wealth to travel with you, then cold storage is more practical and more affordable.

---

Wow, I had no idea that the Trezor models have gone up so much.  They used to try to keep the price point competitive with Ledger, but I guess there's no point in that since Ledger shot themselves in both feet in recent years.

As for the "perfect device," I don't think you'll ever get a consensus on that one.  You can ask ten different people what they would consider the prefect hardware wallet, and you'll likely get ten different answers.  Hardware wallet manufacturers' primary marketing demographic isn't the technically astute, so their definition of the "perfect device" is more likely to result from how well it sells and how user friendly it is.  That's not likely to coincide with your definition (or mine.)



That's a good point about seeds being "out in the open."  I'm don't have the technical knowledge to what makes a "secure element," and whether it would be open-source or not.  But if not, then I'm inclined to keep using my Trezor with a strong Bip39 passphrase to encrypt the seed.

You can import seed words manually every time if you prefer to do it slowly, advantage of QR code import is speed.

I always prefer having physical backup on paper or metal instead of digitally encrypted file stored on sd cards or secure elements of hardware wallets.
For me it's better option to use multiple passphrases and that is something you can encrypt if you want, and keep them in separate place from seed words.
You can use seedsigner both for multisig and singlesig, and Trezor is inferior with this as well as dealing with change addresses.
I am not saying SeedSigner is perfect, but it is better option than ledger or trezor for Bitcoiners, and they are not wasting time on altcoins.
One more alternative is project called Krux wallet:
https://selfcustody.github.io/krux/

I agree almost 100% with everything you said here. To me, I think a Trezor One with secure element would be worth like $200 or 200€, but the current model T price tag is already around the 300 mark, without this new custom chip so I won't hold my breath.
You correctly figured out that most wallets have one problem or another; not open source, no screen, wireless connectivity, price - so even though at first glance hardware wallets seem like a pretty exhausted field after so many years, I'm pretty excited to see what the next months and years will deliver and if we can get the perfect device.

Do note, regarding SeedSigner and having to store the seed 'in the open' in your home, that any device without secure element is doing just the same. Software wallets and hardware wallets like Trezor models without SE (including PiTrezor), basically store the seed 'in the open' as well, just digitally.

The question whether this is a potential attack vector entirely depends on the circumstances: where will the device be stored, where will it be used, by whom will it be used, how often and does someone have access to it for longer periods of time unattended? In some cases it will be better to have a fully open device (but without SE) and in others you rather put some trust in the SE to be benevolent to in turn get almost guaranteed protection from technological attacks by malicious parties in your surrounding.

I have already seen SeedSigner and thought about it. Personally what I don't like with this product is that you need to have the mnemonic seed QR to use it, i.e. the most valuable wallet information unencrypted at home. Sure, you can hide it. Sure, you can add the protection layer of a mnemonic seed passphrase (I believe).
I felt that SeedSigner isn't quite the gadget that I need, yet. Worth considering though should I go more heavy on multi-signature wallets.

Sure, why not. The PiTrezor is in my opinion somewhat a "hacky" solution. While working pretty much the same as an original Trezor One, it's wallet data safety is basically non-existent if you don't use a mnemonic seed passphrase. The SeedSigner is a device on its own and doesn't store vital wallet data at all.

I have looked at available hardware wallets on the market. Almost all have something that I'm not happy with.
Ledger is NoNo, I'm not willing to support this company with a single penny/Satoshi.
Trezor One is pretty limited, same for PiTrezor; Trezor T too expensive for my taste. I hope a new Trezor with their own open-source SE chip isn't going to be with a price tag as model T.
Specter DIY is an interesting option for me.
Passport batch 2 looks interesting, too.
Bitbox02, well, not bad, but doesn't really outshine in my opinion.
Coldcard's recent move and future Mk4? Hm, not so happy and amused.
Other hardware that focusses on smartphone use or hasn't own displays is out of consideration for me.

Just wanted to give a glimpse of my thought processes... (I don't feel a pressing urge to have and use a hardware wallet, yet.)

I still feel like there should be a clear distinction in the table between a fully operational hardware wallet that you buy, take out of the packaging, and it's ready to be used, and one that you have to build yourself. I don't want someone to see the post and think that's how the HW is supposed to look only to receive a chopped up version of it that needs to be assembled. The next thing on their mind could be: Pmalek, may you burn in hell! I don't want that.

Nice one, but I think you should check out one more wallet project that is based on same Raspberry Pit Zero device, and it's called SeedSigner.
SeedSigner is only supporting Bitcoin and it's air-gapped device comunicating with other devices with QR codes.
That means you would need to buy few small parts like camera, 1.3 inch WaveShare LCD display, and print your own 3d case (or purchase from third party).
This is more like signing device and it doesn't have permanent storage, so I consider it safer than Trezor and other hardware wallets.
Seed words are quickly imported with QR code scan.
https://seedsigner.com/

It's Yannick's project on https://www.pitrezor.com and he calls it: PiTrezor
I'd stick to that name. No need to add DIY in front of it as DIY is implied.

Yes, that is exactly what I used and in addition I watched one or two Youtube videos just in case if there's something to pay attention to in particular. But the details on the blog are sufficient to assemble the device and get it up and running.

I didn't want to use a custom case to avoid making it look like a crypto hardware wallet. My assembly could be taken apart, the microSD card hidden and it would be rather "innocent" for visitors, bene- or malevolent.

Very interesting project. I am gonna add it to the table as DIY PiTrezor, unless you think it should be called differently?
I found this neat little explanatory guide that explains how to build one of these devices yourself in case someone is interested. Is that what you used or do you have alternative sources?