Topic: Switching hardware wallets won't solve a thing; different chips in cold wallets (Read 56 times)

So you want to have hardware wallet device without microchips? 
It's not the problem with microchips, Bitcoin also need chips to operate, but closed source firmware is the biggest problem because code can't be verified.

No it's not.
Coldcard changed license from open source to Common Clause and now it has only verifiable source code.

Open source hardware wallets are listed here in my topic:
https://bitcointalksearch.org/topic/list-open-source-hardware-wallets-5288971

It's actually a hot topic now after Ledger's new feature has came out. I'm not technically good with those aspects and terms and as well as jargons so threads like this is totally helpful to people like me. You've said it right when this issue popped out, it had me thinking that I should go for another hardware wallet for which my choice is the Trezor one since it's cheaper than the T version. After seeing the comparison of it, the features that has the One version is already good enough for me and will saved me more than a hundred bucks. While the topic relatively to Ledger is still going on, we'll see where this is leading but it's made the entire community of it dismayed and lost their credibility that has been looked up and protected for a very long time.

Coldcard is supposed to be open source !

Here is the link of their github : https://github.com/Coldcard

bitcoin.org still have it as an open-source I'm not sure if the info is now outdated or not.

Using a hardware wallet should be optional, that's not he end of the means to ensure maximum safety to your bitcoin,you also have to know the kind of hardware wallet product you're going for, some brands are good while some can't be trusted, but to stay safe, it's either you run a bitcoin full node by downloading the blockchain and get connected to every nodes transactions of each block, using Tor client or make use of the multisig bitcoin wallet electrum and secure your keys privately, hardware is not the only option left as you have some alternatives incase you're in doubt of the hardware wallet you're seing.

It's disappointing to be deceived by a hardware wallet brand or company who claims that your seed phrases are safe with them, while it's all for promotional purposes. I've read, different complaints in the forum and other cryptocurrency communities like reddit, people saying I'll not use ledger it's closed source and uses a third party chip, I'm moving forward with Trezor or Keepkey. Not realizing that some of these hardware wallets share similar flaws; chips.

 In this thread, I listed different computer chips used in hardware wallets. Hope it helps.


Microcontroller Unit is a type of computer chip used to interact with other electronic devices, it executes commands through, microprocessors, memory and other peripherals. TV remote control  is a good example of a device that uses a microcontroller unit. Hence, such a chip is not safe for storing your cryptocurrency, according to Kraken after successfully discovering a way to hack Trezor hardware, who utilizing such chip, warned users not to allow anybody get hold of their hardware wallet and also to enable their Bip39 passphrase with the Trezor client. The chip is vulnerable to voltage and clock glitching attacks. Hardware wallets that use MCU to secure your recovery phrase are Trezor and Keepkey wallets. So, if you are moving away from Trezor to keepkey you didn't make any changes.

Secure Elements is a type of computer chip mainly designed to secure sensitive information and to deny unauthorized access to such information, It is added to hardware wallets to provide high security storage to the cryptography keys. Secure element is also used by banks to secure information on credit cards and has been proven able to withstand different physical attacks. Ledger is the only hardware wallet that uses this computer chip to secure your recovery phrase. Hence, the secure element is divided into two the firmware that is under NDA, which is closed source, and the SDK and application loaded code; open source. Ledger is working strides ahead to open their source codes running on secure element, but unfortunately some chip related information cannot be disclosed to everyone due their disclosure agreement with Secure Element engineers.

Safe Memory Chips It's a bit different from Microcontroler unit but has not been tested by any third party; lab. So, safe memory chips' claim to be secure from attacks is not yet proven and shouldn't be considered a better chip to store recovery phrases. To add such chip into a hardware wallet, MCU is required to facilitate fast transactions. That means Safe memory chips shifts the recovery phrase to MCU before it sends any transaction. This opens room for vulnerability and increase attack risks. Wallets that use Safe memory chips are; coldcard and bitbox

Quick question, please is coldcard open or closed source?





https://www.allaboutcircuits.com/news/two-firms-collaborate-to-reimagine-the-role-of-the-secure-element/

https://www.ledger.com/academy/security/not-all-chips-are-born-equal

https://blog.kraken.com/post/3662/kraken-identifies-critical-flaw-in-trezor-hardware-wallets/