Author

Topic: There is no Hardware wallet thread on first page of Beginners & Help! (Read 246 times)

newbie
Activity: 21
Merit: 34
Thanks for all your interesting answers and comments, I will summarise and edit my first post!
legendary
Activity: 2968
Merit: 3406
Crypto Swap Exchange
it's better to buy it in a physical store,
Only if that store belongs to an official reseller...

- Perform all hardware steps alone, in a quiet area. Mask all camera, and never type/take picture of your seed on your mobile or computer even offline.
In addition to these things, we should also worry about devices that come with a microphone [sometimes we involuntarily read stuff out loud, and there's always a chance that someone else might be listening at the other end].

- If seed and PIN lost, there is no way to retreive funds
That's true in most cases, but if you happened to have an outdated [version 1.6.0] Trezor One, then it's a different story: Trezor hacked (again)
legendary
Activity: 2268
Merit: 18711
I would suggest rather having more backup but this could be a problem for many as storing them on various places is hard to remember and what if someone got access to it by mistake
If you can't even remember visiting a single location which isn't your own home and physically hiding a copy of your seed phrase there, then you've probably got bigger problems to worry about.

As I said above, if you are worried about someone gaining access to it then you need to first look for a better location, but you can also consider using an additional passphrase or a multi-sig set up so even if one of your back ups is compromised your coins cannot be accessed.

Can you tell me which HW wallet allows that?
I know that ColdCard and Passport both give the option to display the seed phrase once you've unlocked the wallet.
sr. member
Activity: 952
Merit: 339
invest trade and gamble wisely
I feel important to note that user will not be able to restore the seed itself.
Why not? ...

Because it's security risk IMO. Same why HW wallets won't show private keys directly and interacts only by signing messages.
Maybe skilled software engineer might be able to get the seed out. But there isn't any simple button "show my seed" for Average Joe to use.


...Hardware wallets need access to your seed to generate private keys, addresses, and sign transactions. That means these seed words (albeit in encrypted format) are stored somewhere inside the hardware wallet. ...
Agree but again, there isn't any simple button "show my seed". Or should not be.  
I guess this is the know-how behind the closed source code (i mean the way how seed is actually used, stored, encrypted, decrypted, w/e ... )


...Moreover, some wallets can display your seed words in plain text if you request them to do that via "advanced options." ...
This I consider a major design flaw exactly because of the case you mentioned after.
Can you tell me which HW wallet allows that?
EDIT: @o_e_l_e_o: Thanks for reply


My assumption was based on:
Quote
Lost your Recovery phrase?
If you lost your Recovery phrase but still remember your PIN code, you can unlock your Ledger device with the PIN code and manage your crypto assets. However, it is highly recommended to quickly send all your crypto assets to temporary accounts and generate a new set of 24 words since the Recovery phrase is the only backup to your crypto assets.
Source: https://support.ledger.com/hc/en-us/articles/4404382075537-Don-t-have-your-Recovery-phrase-?support=true


legendary
Activity: 1960
Merit: 2124
The most important thing you have not mentioned is redundancy.

One back up is no back up at all. You need, at a minimum, two back ups, with one of those being stored off site. Writing your seed phrase on paper and storing it in the same building (almost always your home) as your hardware wallet is effectively no back up at all, since you will lose both hardware wallet and seed phrase back up with any natural disaster, fire, flood, etc. You should have your seed phrase written on two separate pieces of paper, with one of those stored in a secure location away from home, with a friend or relative, in a safe deposit box, etc. If you are uneasy with a copy of your raw seed phrase being stored away from home, then use additional security such as a passphrase or multi-sig, although these also require at least two more separate back ups.

That way it doesn't matter if your home is destroyed and you lose both your hardware wallet and your seed phrase; you can always recover from your second back up.
I would suggest rather having more backup but this could be a problem for many as storing them on various places is hard to remember and what if someone got access to it by mistake so the backup should be on the places you can easily access in the need.You are right that it should never be stored at single place like in the same building because as you siad in natural disaster it could be destroyed and you don't have the backup at all.

So many have suggested that metal plates should be engraved with the seed phrases instead of storing them on piece of paper which could handle extreme conditions of heat and other factors also whereas the paper could be destroyed easily in those circumstances.They are funds which need to be stored with proper care and this seed phrase is the key to your hardware wallets so whoever owns it is the real owner.
legendary
Activity: 2450
Merit: 4414
🔐BitcoinMessage.Tools🔑
I feel important to note that user will not be able to restore the seed itself.
Why not? Hardware wallets need access to your seed to generate private keys, addresses, and sign transactions. That means these seed words (albeit in encrypted format) are stored somewhere inside the hardware wallet. If they are stored, they can be retrieved especially when you unlock your hardware wallet with PIN-code thereby making your seed unencrypted. Moreover, some wallets can display your seed words in plain text if you request them to do that via "advanced options." That means if a hacker somehow knew your pin and has managed to access your wallet for a couple of seconds, your funds are no longer safe because an attacker has likely already stolen your main secret and will be able to spend your funds immediately or patiently wait until you make a larger deposit.
legendary
Activity: 2268
Merit: 18711
I'm not very confident with paper I like the metal way like crypto steel capsule. A bit expensive, but principle can easily be done with inexpensive materials.
If metal makes you feel safer, then by all means use a metal back up, but I don't think it is necessary. If you have your seed phrase backed up on paper in two separate locations as I said above, then many of the things metal protects against become irrelevant. Sure, a piece of metal will withstand fire, water, corrosion, etc., better than a piece of paper, but if you have a second copy somewhere else then it doesn't matter if one of your back ups is completely destroyed, since you can just recreate it from your second back up.

And yeah, there is no need to fork out $100 or more on a proprietary piece of metal; you can just buy a sheet of stainless steel for a couple of bucks from a local hardware store and do it yourself.

In plain simple: Having a physical HW wallet + knowing it's PIN will not give access to seed.
It depends on your model of hardware wallet. There are indeed some which will have the option to display the seed phrase to you again after the initial set up. This can be used to replace your seed phrase if it has been destroyed, but obviously if your seed phrase has been lost or there is any risk of it being compromised then you should move all the coins out of that wallet and to a new one.
sr. member
Activity: 952
Merit: 339
invest trade and gamble wisely
I'm going to add few details to one of your statements:

- If seed lost, funds are compromised and only way to restore is Hardware + PIN
I feel important to note that user will not be able to restore the seed itself.
User will only gain access to funds (as long as he has access to working physical HW wallet and knows the pin).

In plain simple: Having a physical HW wallet + knowing it's PIN will not give access to seed.
Should later something happened with hardware (lost, stolen, malfunction...) or forgets the PIN  (or tries wrong pin many times) there is no way to retrieve funds.

legendary
Activity: 2212
Merit: 7064
It is not mandatory for anyone to have hardware wallet and in some cases it can bring more problems that could lead to exposing your personal information, or giving false sense of security.
Many people wrongly think that coins are stored on device, and they don't care enough about actual seed words backup, or they become victims of phishing attacks.

There is a pinned post for all wallets with hardware wallets being included there, and we have active sub-section for talking about this subject.
Simple search would result in finding one of this sections, so I don't think pinning more topics is needed, or people will soon come with more ideas and more pins.
Here is Hardware wallets section with plenty of information.
newbie
Activity: 21
Merit: 34
The most important thing you have not mentioned is redundancy.

One back up is no back up at all. You need, at a minimum, two back ups, with one of those being stored off site. Writing your seed phrase on paper and storing it in the same building (almost always your home) as your hardware wallet is effectively no back up at all, since you will lose both hardware wallet and seed phrase back up with any natural disaster, fire, flood, etc. You should have your seed phrase written on two separate pieces of paper, with one of those stored in a secure location away from home, with a friend or relative, in a safe deposit box, etc. If you are uneasy with a copy of your raw seed phrase being stored away from home, then use additional security such as a passphrase or multi-sig, although these also require at least two more separate back ups.

That way it doesn't matter if your home is destroyed and you lose both your hardware wallet and your seed phrase; you can always recover from your second back up.


Yeah right indeed, I haven't mentionned redundancy. OG are here to add criticals informations!
Two differents place of storage is a must have.

I'm not very confident with paper I like the metal way like crypto steel capsule. A bit expensive, but principle can easily be done with inexpensive materials.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Indeed, the seed should never get online, not even for the printer (also mail, cloud, desktop are not proper places for storing).

Yeah right, memory of printers.

Not only the memory of printers, which in most cases is not targeted and can be "fixed" with a reset and/or one more page of whatever sent to be printed, more like nowadays the printers can be wireless/network attached, hence online.
newbie
Activity: 21
Merit: 34

Indeed, the seed should never get online, not even for the printer (also mail, cloud, desktop are not proper places for storing).


Yeah right, memory of printers.




And, important: after you generated the seed, wrote it for safe keeping and so on, write down 1-2 addresses (can go even to a text file), reset the HW once again, recover from the seed, match the addresses. This would ensure you don't come crying in 10 years that the seed you've written down doesn't give the addresses you expect.


Very important, I forgot to mention. (but fortunately I have done that check)
newbie
Activity: 21
Merit: 34
There is a pinned thread though on bitcoin wallets (*), which does include a section on hardware wallets. For those that explore around the forum a bit, there’s also a complete subboard dedicated to hardware wallets. Threads come and go, and for it to be regularly visible on the first page of a board such as B&H, it’s either got to be a pinned thread, or one with a heck of a lot of activity.  

(*) Regardless of whether a given thread is pinned or not, one should check and contrast to see if the information on the thread is still up-to-date and correct.



Yes you are right, my title was more like, no beginners ask question about hardware wallet, that's weird Smiley

Also maybe the threshold is outdated  Cheesy:

Quote
Amount: If you are dealing with large amounts of bitcoins you will need a secure wallet. Hardware wallets and secure offline wallets like Armory are good options.


Thanks for the links, it will help ones who find that thread.
legendary
Activity: 2268
Merit: 18711
The most important thing you have not mentioned is redundancy.

One back up is no back up at all. You need, at a minimum, two back ups, with one of those being stored off site. Writing your seed phrase on paper and storing it in the same building (almost always your home) as your hardware wallet is effectively no back up at all, since you will lose both hardware wallet and seed phrase back up with any natural disaster, fire, flood, etc. You should have your seed phrase written on two separate pieces of paper, with one of those stored in a secure location away from home, with a friend or relative, in a safe deposit box, etc. If you are uneasy with a copy of your raw seed phrase being stored away from home, then use additional security such as a passphrase or multi-sig, although these also require at least two more separate back ups.

That way it doesn't matter if your home is destroyed and you lose both your hardware wallet and your seed phrase; you can always recover from your second back up.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
There is a pinned thread though on bitcoin wallets, which does include a section on hardware wallets.

While you're right, OP is right too imho. People may not consider looking for Hardware wallets under Wallet software  Wink  (and maybe this could need a change in the hierarchy/the way how the things are presented to the users).


Better to start with good practice with a secure solution.

Indeed, the seed should never get online, not even for the printer (also mail, cloud, desktop are not proper places for storing).

Even if bought from official shop, it's safer to reset it at least once, just in case (iirc there were cases it already had a seed!)

Keep in mind that the HW may need an update before any other operations.

And, important: after you generated the seed, wrote it for safe keeping and so on, write down 1-2 addresses (can go even to a text file), reset the HW once again, recover from the seed, match the addresses. This would ensure you don't come crying in 10 years that the seed you've written down doesn't give the addresses you expect.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
There is a pinned thread though on bitcoin wallets (*), which does include a section on hardware wallets. For those that explore around the forum a bit, there’s also a complete subboard dedicated to hardware wallets. Threads come and go, and for it to be regularly visible on the first page of a board such as B&H, it’s either got to be a pinned thread, or one with a heck of a lot of activity.  

(*) Regardless of whether a given thread is pinned or not, one should check and contrast to see if the information on the thread is still up-to-date and correct.
newbie
Activity: 21
Merit: 34
I have waiting too long before buying an hardware wallet, but better later than never  Grin!

Don't start with a test wallet with a seed stored in a text file, because days after days that wallet might be your main one.
Better to start with good practice with a secure solution.

- Buy your hardware wallet brand new. Do not buy it from someone, even told "new" or with blister. These hardwares might be compromized.
- Not always possible but it's better to buy it in a physical store, if bought online, your address might be intercept.
- Store your seed in a safe manner, hidden and fire proof. Mitigate ratio safe / risk of lost. For example, I do not like the memory for storing my seed, or bury it in a very remote place. Ask yourself if you can find it in 5-10-15 years ?
- Perform all hardware steps alone, in a quiet area. Mask all camera, and never type/take picture of your seed on your mobile or computer even offline.


Remember that:

- If hardware wallet is lost, funds can be retreived with seed
- If hardware PIN wallet is lost, funds can be retreived with seed
- If hardware wallet is stolen with PIN, funds are compromised
- If hardware wallet is stolen without PIN, funds are safe
- If seed lost, funds are compromised and only way to restore is Hardware + PIN
- If seed and PIN lost, there is no way to retreive funds
- If seed and hardware lost, there is no way to retreive funds

In any case if one of the three, PIN, hardware or seed is lost or stolen, transfert all your funds to new settings.

Stay safe
Jump to: