Topic: Which best for long term investment? Hardware wallet or Software wallet . (Read 900 times)

This is an open and public community. People worldwide can read the posts and conversations. When you ask for help for random how-to issues, and someone offers it to you, ensure it's all public so everyone can see and warn you if what you are doing isn't the best approach. And, of course, if the person pretending to help you is lying or is outright malicious. Don't ask for help over DMs or Telegram and don't respond to such requests to protect yourself from possible problems.   

Again when talking help on the wallets from anyone, make sure you are getting help from a trusted person. I have seen people randomly asking in groups / Social media / Forums to set up their wallets and end up dealing with a scammer who will just run away with your funds while trying to explain how to use a Hardware /software wallet.

Getting help from youtube videos is great if you are a good learner and also you may have a new wallet with no funds, experiment with it, even get help from strangers and when you want to transfer funds, get a brand new wallet.

Not generalized. If newbie do not know much about hardware wallets can still be understandable because it is still very new so it needs effort to learn. It's a bit strange if there is something more senior but still don't know how to use a wallet well.

This means that anyone needs to find out in their own way if you want to get good security because the wallet is very important as a place to storage coins. It doesn't matter if we have to watch the YouTube channel if some of the tutorials available on the forum are not easy to understand.
This is my experience and I keep trying to be able to increase knowledge about the wallet both hardware and software.

Agree with you mate. If I don't have proper knowledge about the wallet I choose to keep my bitcoins in a secure position, I will not get any profit from using that wallet instead it will become a loss source. Many newbies don't know much about hardware wallets so they should first get a good idea how to use that wallet.

A few days ago I saw a safepal hardware wallet from one of my friends. But he didn't know how to use that wallet. He was intelligent. He took help form his nearest to learn about it and then he was able to use it. I personally had no idea. I learnt something from YouTube. Later I was able to get a better idea by looking at my friend's wallet. If he could try to do by his own self without lack of knowledge, the guy would have been fallen in danger and possibly even lost his bitcoins.

This is another important thing that for most people software wallets may fulfill the purpose as they do not have a lot of funds.
Let's suppose you are a beginner and newbie in a Bitcoin world, there is no need to possess a hardware wallet right from day 1. Better get an understanding of different wallets and you will be able to choose the right one according to your needs.


First of all, whether you use hardware, software, air-gapped or whatever wallet, you need to have an understanding of it completely. When you say that hardware wallets are easy to use for newbies, the newbies must know how to use a hardware wallet and how to keep it secure. Lack of knowledge can still result in loss of funds even if a person has a hardware wallet.

The basics of Cold Storage knowledge on hardware wallets seems to be necessary for most people to know, because it is very important.
We even know that many hardware wallets have many features, some are completely open-source, and some Closed Source, and even recently, one of the hardware wallets has a Recovery Phrase feature that makes all its users worry and choose to abandon it.

Many Hardware wallets support Airgapped such as ColdCard, Trezor Model T, KeepKey, Ellipal, Safepal, and Ledger Nanox (Exception). just choose the best one.

People are different from one another. Newbies are better than one another. It was not hard for me to know when I was introduced to both paper wallet and wallet on airgapped device. It is their money, they should learn how to protect it. There is nothing hard to know about cold wallets generally, but some people just not not want to learn.

It is airgapped, there is no way it can go online. People that study about airgapped wallets are better in safety reasoning and more security conscious than people that just go and buy hardware wallet without learning the basics of cold storage which are paper wallet and wallet on airgapped devices. And if they want to transfer PBST and ST, advice them to use QR code which is safer than Bluetooth, NFC and USB stick.

I do recommend air-gapped wallets, but i still believe it and paper wallets would be difficult for a newbie to use in a safe enviroment. Many newbies have the wrong idea of air-gapped wallets, some of them believe it can be connected to the internet once in a while, some of them may consider it paranoid to create tx's in their watch-only wallet and then send it to their offline device to sign the transaction, and back again to their online device for broadcasting, so they may just say "to hell with it" and connect their offline device to the internet to create and sign their transaction quickly, choosing convenience over safety and security.

You are correct that you do not need a hardware wallet to hold BTC offline and securely, but hardware wallets is easier for newbies to use, they can learn how to create their own air-gapped wallet or use paper wallet, but there is a possibility that they will make a mistake and set it up or use it in an unsafe enviroment.

You have quite a lot of good suggestions, so I will just have to support what @Libert19 said.

There are lots of malware attacks on most of the online device we use, so the best way to keep your assets more secure is to store them in an offline wallet, like the hardware wallet. It will give you peace of mind that you cannot get easily hacked because your hardware wallet is offline. When it can get hacked, is if you mistakenly misplace your seed phrase, or you lose it. But if you are using a software wallet, that's to say you will always use your device to do some online stuff and download some software online, and those can be a threat to your security.

Go for a hardware wallet since you have the intention to hold your Bitcoin for a long time, so that if you are doing some internet stuff with your phone or PC, you wouldn't have the fear that your asset can get hacked due to some website you browse.  But since you don't have any enough fund now to do so, be very mindful of the sites you visit, the files you download and the links you click. Be very cautious mate.

Cheers 🥂, Dr.Bitcoin_Strange👺👺

If he is able to create an airgapped wallet, it is the best for investment. Another alternative which how create it is the same as airgapped wallet is a paper wallet. He is not spending it for a long time, so he will be good with any of the two.

For a very small amount that he can afford to lose he should know that online wallet are not safe like cold wallets. He also needs to know that he needs to be security conscious and not doing what can make his device vulnerable to hack.

Recommend paper wallet and airgapped wallets to newbies and let them know the pros and cons. With both, the bitcoin user will be able to know you do not need any hardware wallet before you can hold bitcoin securely offline. Then it is also good to recommend hardware wallet, also letting them know about the pros and cons. But it is worth learning about airgapped devices and how to avoid hacks if not going for altcoins.

Air gapped is also a good one but you know that this is for those that are coming from a newbie that have found something interesting and wanting to learn more, not that advanced but more knowledgeable and still, hardware wallets are the best.

I'll also still do recommended hardware wallets but it's not going to be limited anymore to Ledger variants but will have them think and make their own research for the other choices that's also know which can be found on: https://bitcoin.org/en/choose-your-wallet?step=5&platform=hardware

I agree with changing the narrative after this Ledger mess, but when it comes to cold storage, hardware wallets are the easiest to use, especially for people that are not too technical, this is the reason why i recommend hardware wallets to newbies. The other type of cold storage is setting up a personal air-gapped wallet, which is more complicated and easier for people to make a mistake or set up in an unsafe enviroment. I will still recommend newbies to look for good hardware wallets other than Ledger, until they can securely set up their own air-gapped wallet in a safe enviroment.

It's time we change this narrative because it turns out that it's not completely true. What we considered as cold storage, or almost as good as cold storage is actually not as good as previously advertised. The data on secure element chips can be obtained and shared online. By sharing your private keys with other companies and undergoing KYC, there is a risk of someone confiscating your crypto or that the information gets hacked, stolen, or sold. Hardware wallets with secure elements may or may not protect your private keys.

There is always a middle ground as some hardware wallets are open source, you can buy the components and build it yourself and the code is open source, not all hardware wallets are that bad, even Ledger they haven't been hacked or know your private key, the wallet is still secure and no Scam has been reported But the company's continued lying makes future copies more likely to have backdoors.

Good Software wallets are open source and well reviewed. With a little bit of knowledge you can build relatively secure cold storage, the more you know the more secure you are.

Until recently, I also thought so and believed that using a hadrware wallet is the most secure way to store crypto long-term, but in light of recent events, I have very serious concerns and doubts. Yes, a HW device can protect you from hackers and other intruders online, but how can you protect yourself from an unscrupulous manufacturer, like a Ledger? No way. Here the owners of wallets find themselves in a trap, trusting false stories about security. Therefore, there is only one way to avoid this - never use hardware wallets. At least those companies that have trampled their reputation into the dirt. Personally.

Software wallets are also not an ideal solution and have their drawbacks. This is unavoidable. If you follow all the precautions, then these wallets can be used quite normally.

So the question arises for any owner of cryptocurrencies: either trust the hardware wallet's manufacturer, or trust yourself and your skills in organizing the security of your crypto wallet.

Well, for me, storing bitcoin is really better for long-term investment using Hardware wallet, because it can store your private key offline even if it's not connected to the internet, so it can't be hacked by a hacker.

       Because if a software wallet is used, it is the opposite of a hardware wallet because it can be used online, which is a bit prone to hacking and it can also store your private key online. But since there is nothing to buy, as most people have said here, Electrum is one of the main cold wallets that are good to use and I have been using it until now in my few years in this industry.

Op you have said it all that you don't have money to buy hardware wallet, so definitely you must use software wallet and if I will advise, I will tell you to use Electrum Wallet because it is well secured and reliable. Keeping, storying and investing bitcoin in an exchange platform is not advisable because anything can happen in the exchange and your coins will be gone forever. Either the platform might stop operating or hackers attacked the site and all your investment is gone. Therefore send your coins from the exchange to a open source wallet.

Luckily with hardware wallets, there is very little you need to do. They are very convenient and newbie-friendly. I am talking about the two most popular brands. The airgapped ones require a bit more work like moving signed/unsigned transactions to SD cards, via QR codes, etc.

Other than that, your job is to ensure you use a genuine software, send and receive to the correct addresses, and pay appropriate fees. Protect your seed and don't get phished. The latter is more about being generally cautious and using common sense than requiring technical skills to operate a hardware wallet.

It is true that we are willing to spend a little to buy a hardware wallet in order to get advanced security to store long-term investment assets.
It is also not uncommon for people to still use software wallets such as the Electrum wallet as a place to store assets for several years and are still safe today.
Like doing it offline from opening Electrum to the stages of sign a transaction.

I want to say that no matter how good the security is in a wallet, including the type of hardware wallet, it will not work properly if it is not used properly.

You're correct that any wallet connected to the internet is vulnerable to hacks, but that is why a hardware wallet is the most secure type of wallet because your keys are offline and are never connected to the internet. As for Electrum, it is a great software wallet, especially because it is open source, but when it is used online by users who lack great operational security, they can easily lose their funds stored in it, that's why for large sums of money, Electrum should be used in an air-gapped device with no connection to the internet ever.
Hardware wallets are not secure because of this features you mentioned, software wallets also have features like this, Electrum for example has the 2fa feature, multisig, pin, etc, hardware wallets are the most secure because the keys are stored offline, so it is impossible for a hacker to get your funds, except you lose your seed phrase backup.

IMO, both are vulnerable to risk whether that's a hardware wallet or a software wallet, as long as you're connected to the internet, you're prone to cyber attack.  Just like using Electrum, how many reports have been a victim of malware attacks even if they're knowledgeable enough about this wallet?  However, both software wallets and hardware wallets have their advantages and disadvantages, and the best choice depends on our individual needs and preferences.

But if you're going to ask me for storing Bitcoin or other cryptos in the long term, I prefer to choose a hardware wallet and spend a little amount on it.  These hardware wallets typically come with advanced security features like two-factor authentication and PIN codes and didn't leave any footprint on the device where you're connected at.  If you're storing a large amount of crypto in long-term investment and prioritize security, a hardware wallet may be the better choice.

The risk remains whether you are using a hardware or software wallet. It all depends on the user's behavior and how wise they are when dealing with their wallet. The seed phrase is the most important thing and should be everyone's top priority. It should be stored offline and in a safe place. As you mentioned private keys are generated in the background of the wallet during transactions, so we don't need to worry much about them. However, what matters is the safe environment when you're trying to use your bitcoin.

Regarding the OP's topic, the best long-term investment is undoubtedly a hardware wallet, as it offers a higher level of security compared to a hot wallet. However if a HW is not affordable, you can still use Electrum wallet as a cold wallet on an air-gapped device. This method can be as secure as using a HW as far as I know.

Software wallet are also not bad to serve as long-term storage as long as we can use them properly.
There is something we need to take good care of and that is seed phrases.
For software wallets, use one that can connect to a hardware wallet like Electrum.
If you are not interested in using Electrum, there are still several types of software wallet that can be used that have proven their use so far in storing assets.

Hardware wallet are also quite good if used as long term storage wallet. The price for one hardware wallet is not expensive and still affordable.
Two months set aside a little money, already got one piece of hardware.

Nowadays, we don't need to bother about individual private keys. With HD wallets, all we care about are the seed phrases. Private keys are accessed in the background during transaction signing but it's not something you as a user need to worry about. You are supposed to make seed backups with both software and hardware wallets. The dangers of phishing and social engineering scams are threats to both. A hardware wallet can't protect you from making mistakes and revealing your seed or entering it in a phishing site.

Both wallets are safe but its about "which is safer". I would also vote hardware wallets as the best one. Whenever it comes to the software wallet there are many human errors are possible. You could end up losing your private keys to pass phrases over phishing and anonymously you could compromise the wallet right on spot.

Ideally speaking when you access the hardware wallet it is the best known fact that you select the words by operating with physical keys, and all the data is stored on the chip inside. You are basically extra layer away from the internet environment since you are not really surfing the web directly.

In case of hardware wallet: (for long term investment)
You could initiate cold storage
You could save the passwords, passkey, mnemonic phrases somewhere safe and forget about them.
You can safely keep your hardware wallet locked up waiting for the time to open
You won't access the bitcoin immediately and could increase your chances of saving the bitcoins for longer than expected.

In case of software wallet, I am really scared. I can end up losing the wallet to obvious hacks for sure.

For long term I would stay on Foundation Passport hardware wallet.

It is open sourced in both way - software and hardware.

Besides it is airgapped in both way by using QRcode  and/or industrial grade  microSD card.

And last but not least  under its hood are the  hardware components of the highest quality.

Passport is a bit expensive compared with other HW wallet but you know what you pay for.

That's for sure, but it's also important to keep your Hardware wallet safe. Hardware wallets are safe from some hacks but not from careless use.
Keep the phrase seed in a place that only you know and make sure it stays safe.

And for Software wallets such as the muun wallet you are referring to, it is only one of the choices of several Bitcoin wallets.
There are several widely used Bitcoin wallet recommendations such as Electrum and Bluewallet.
and for now, I use 1 Hardware wallet and Electrum for use on Desktop and Android.

Hardware wallet, it gives unparalleled peace of mind compared to software wallets. But then again, it will take away 1 part of your holding if you were to buy it right now. So stick to software wallet like muun for time being, once savings are grown enough, purchase HW.

Every update that we are asked to do by dev must have something new that is good for us as users. Not all software wallets ask for updates if there is nothing important. But yes, every software that is connected to the internet is vulnerable to things that can harm us even though it is not wanted by the dev as the owner of the device.

In the context of security, storing large amounts of assets in software is something we always avoid, especially me.

Thanks for the additional note. Using a hardware wallet with a battery is indeed quite risky to be damaged and is designed for only 5 years of use, as you have an example of the Nano X or as I also have the Safepal S1.

Indeed quite vulnerable, Hardware wallets using batteries that are not turned on for a long time will result in battery life. A real example on the Safepal S1 that I have. When not turned on in a few months the battery turns out to be increasingly wasteful and even when it is Off the battery still decreases. this indicates that the battery has started to be bad. If there is indeed a problem and it becomes hardware that is still in use, you must replace the battery with the same battery model.

As in the safepal discussion thread, I looked for some suitable alternative backup batteries

Making electrum installed in a Flasdisk with Tail OS is a good idea. It can be a Bootable Electrum USB Tail OS that is only used when needed, quite compact only uses flash disk media. This is an option for those who can't afford a hardware wallet.

Additionally note, if you want to use a hardware wallet for long-term investment needs, I recommend not using a hardware wallet that has a battery feature (which is generally not easy to remove). Example Ledger Nano X:


However, if you look at the OP in the initial post, he does not have a hardware wallet yet.
Another alternative may be to use the Electrum installed on Tails OS, which is made portable on a flash disk. Of course, the storage location of the seed phrase/private key from the wallet is necessary to pay attention to.

The internet is the source of everything and it depends on how you use it. The use of Wallet on devices connected to the internet is very vulnerable to being infiltrated by malware. But not without prevention, there are many ways that can be done to keep the device safe from any malware.
The main prevention lies with the users themselves, how they use it and what they access.

Nowadays even malware is getting more sophisticated and unstoppable. Some of the latest malware cases such as Xenomorph are able to steal any information, be it crypto wallets and some bank user information. and Malware is injected into applications that we often use and are hidden, so that they can enter the Play Store. It can even penetrate security with SMS or 2-factor authentication. Malware is now quite powerful and there needs to be prevention from various security.

https://bitcointalksearch.org/topic/m.61893757

https://www.bleepingcomputer.com/news/security/new-xenomorph-android-malware-targets-customers-of-56-banks/

All security is still quite vulnerable, both hardware wallets and wallet applications.
But the use of the Hardware wallet is still quite recommended as the main storage wallet.

Electrum is a very good wallet and highly recommended, but it is a hot wallet, and even if the wallet is open source and we are very sure of the code, what about you and your device, is your device free from malwares, do you watch porn on your device, do you click links without giving it a second thought, Electrum is a good software wallet, but if used in an online device, the funds in the wallet are not safe, except it is just a small amount for your daily spending. But for long term and with huge funds, use electrum on one device as a cold storage, generate the seed offline and make sure that device is never connected to the internet, with Wifi disabled and airplane mode turned on, that's where you would sign transactions, then on a second device which is the online one, you use electrum on it for watching only and broadcasting transactions to the network, that is the safest way to use a software wallet if you can't afford a hardware wallet.
Updating your wallet sofware regularly is good, but that is not only where the vulnerabilities exists, as long as the device that holds your funds is connected to the internet, there are malwares, keyloggers and other forms of attack vectors waiting to steal your funds.

From what I've experienced here in cryptocurrency for several years, I haven't faced any issues using Electrum since 2018 until now. Since you're like op I can't focus on spending money to buy a hardware wallet.

      Although, I also believe that it is good to use the hardware wallet as others say here that it is really recommendable. And as for the software wallet, electrum is also recommended here in my opinion and experience here as long as you update it if it says something that should be updated.

Not your key not your coins.

Get all coins off exchange. Take self custody.

Get a Ledger or Trezor hardware wallet (This way you can access them anytime). There are a bunch of youtube videos on how they work.

Then make 3 seed backups in steel washers (or titanium). And ideally encrypt them with a simple cipher (or use a passphrase and store that separately)

Low cost, affordable, easily scalable, indestructible, fireproof 1400°C (a house fire is around 1100°C), waterproof, corrosion proof, shock proof, earthquake proof, offline cold wallet, seed or passphrase backup.

https://i.etsystatic.com/41503409/r/il/689efd/4813988559/il_1588xN.4813988559_fcds.jpg
Picture taken from here: https://www.etsy.com/listing/1434977816


More information on that topic here:

https://jlopp.github.io/metal-bitcoin-storage-reviews/
https://incoherency.co.uk/blog/stories/diy-cryptosteel-capsule.html
http://bulletproofbitcoin.com/
https://blog.lopp.net/a-treatise-on-bitcoin-seed-backup-device-design/
https://www.econoalchemist.com/post/backup
https://blockmit.com/english/guides/diy/make-cold-wallet-washers/
https://bitcointalksearch.org/topic/securing-your-seed-phrase-with-washers-5389446

I think the same way, and I called it politics a few months ago in a similar discussion that popped up concerning ColdCard. If I want to verify the code of a hardware wallet, ColdCard makes that possible. Whose code they used and why they now operate under a different license is not something I should have to concern myself with. They would be open-source in a perfect world because much of their code came from such clients, but nothing in this world is perfect.

Hardware wallets are always better for long term storage, since computers are way less safe.


That cold card is not open source may be right, but it is completely irrelevant for the OP. What the OP wants, is to store his bitcoins safely and not a fight about close and open source. For the OP the public code is as good as the open source code of others. The public code may be bad for the industry however, but thats not the topic here.

I understand what you are saying, but you are using the example of a hardware wallet brand that we know isn't open-source. Ledger uses closed-source firmware and hardware, which includes the secure element. I didn't see anything in that article which wasn't known before. We also know that the individual crypto apps on Ledger and the native software itself are open-source. Any developer can build open-source code for an asset and submit it to Ledger as part of their development program.

I never gave much thought to the bootloader question. But that part is apparently also open-source in selected HWs.

That article you shared makes a mistake toward the end though, when they discuss open-source alternatives. One of the brands they name is ColdCard. ColdCard does not use an open-source license. Their code is public and verifiable, but it's their properly, and you are not allowed to use it for your own products. That's completely different from open-source wallets like Trezor, where you can (if you know how) use the entre codebase and build a brand new product.

Usually the firmware, that is to say the software embedded into the hardware device is not open source, or only partially at most. It's the most critical part since it holds the seed and the private keys, though.
https://cyberscrilla.com/are-ledger-wallets-open-source/
In addition if you can't flash the device with code compiled by yourself, you will never know if the code running into it is the same as the one shown elsewhere, or is another one.  
Bitcoin allows to not have to trust the hardware and software you are using when you create a transaction thanks to the cold storage feature. If you don't connect your air gapped device before sending funds belonging to it elsewhere, you're safe no matter if your set up has been infected or not. So you can use any laptops, PCs, or phones with Bitcoin as long as they are disconnected before creating your seed and remain so until you no longer need the seed.

It's rather similar since the manufacturer can leave backdoors into its devices.

What part of them are not open-source? There are many open-source hardware wallets on the software side. There aren't many on the hardware level, though. I think Foundation's Passport is the only one with open-source hardware, except the secure element. Someone correct me if I am wrong. I am not sure how far Trezor has gone with the development of their almost fully open-source SE. But if the openness of hardware is a problem, we shouldn't use laptops, PCs, or phones for anything related to personal or financial data, but we still do.   

But that was a case of trusting an individual and believing they were honest, which they weren't. Plus, the Coldkey isn't a hardware wallet. It's a card-like paper wallet where someone else generated the keys for you and kept backups of them.

If he thinks it's the biggest problem with hardware wallets he is wrong. Because hardware wallets are usually not air gapped, they are plugged on connected computers. For a long term investment, that's far less safe than any software cold wallet. Because it's not easy at all to check that your hardware wallet is not a fake one, and has not been tampered. Moreover they are not open source, so you'll never know if there are backdoors or latent vulnerabilities into them, that will be discovered and used by someone one day. I would add that even if a manufacturer is reputed, there is no guarantee it will always stay honest (look the Coldkey case for example), and the CEO/management of the company can also change without notice.

Updates rarely fix major vulnerabilities that would result in you losing your crypto unless you install the latest version. It's usually cosmetic changes, new features, speed improvements, etc. It's almost always a user mistake that leads to getting your wallet emptied. Whether you have the newest version or one that is a few months old, you are still using a hot wallet and your keys are online. One slip-up might put your coins jeopardy or worse.   

Safe? Do you mean safely as in a safe way? Your keys are online, it's as simple as that. They would be safer if they were never online and always in a secure device and its chip. Even better, if they were created in a fully offline and airgapped environment.

So true and I agree, it's better to buy a hardware wallet, do you think it's better to buy a hardware wallet, friend? to be honest, I use an electrum wallet on my desktop, although I'm using it okay because I've been using it for 4 years, as long as it needs to be updated, I update it right away.

      And my password, private key, and the creation of a sign message if needed, I can also do it in the safe. Then it seems that there is a new hardware wallet coming out now and that's what you want to try. Thank you

To give you context, another poster brought up a concern that the biggest problem in purchasing a hardware wallet is privacy-related, because you have to give up your home address, real name and probably other information. I merely suggested a way in how a person can buy one without giving up any real information about himself/herself. You don't have to be angry and nitpicky about it.

It is paranoid and super expensive doing all this just for one hardware wallet, I am not talking if you are dealing drugs, selling alcohol or nuclear fuel all the time, so you need to have this.
But go ahead and keep recommending people to buy fake ID (aka commit crime) because that is ''standard safety measure'' in your world
What I proposed is 100 times more simpler, cheaper and safer, plus you don't have to commit any crime along the way.

For now, it's better if you just use a software wallet instead of buying a hardware wallet, but you should be able to secure it from others.
As long as you can secure it, I think the software wallet is safe because I keep some satoshis in it.
So before you have the money to buy that hardware wallet, you can use that software wallet to store your bitcoins.
If you have money, you can buy Ledger or Trezor and many people have recommended both but maybe Trezor is more attractive because it is cheaper.

I was merely posting a work around for those who truly don't want to give up their I.D. to a centralized database controlled by a third party in buying a hardware wallet, ser. If anyone can buy one over the counter using CASH, then that would be the most ideal way to buy one.

Plus it's not really "paranoid". That method of using fake I.D. and opening a P.O. Box is actually a standard safety measure used to buy "something else" from the internet.

Why would you go through all this hoops of buying fake ID and paying extra for that and PO box when you can probably find perfectly good hardware wallet in your local area or country?
There are official resellers and it would probably be cheaper to go with low cost flight and buy wallet directly in some other country if it's not available in your own.
Paranoid people can always make their own DIY signing devices, from regular devices like RaspberryPi Zero and similar devices.

The safest place to buy hardware wallets is in some store with physical beingness, preferably somewhere far away from your home. You enter, take the device, pay with cash, give no information of who you are, done. The second safest place is any Internet store using a postal service, so that the merchant don't know your name, phone number etc.

For people who truly want a hardware wallet without giving up real identity, go to the Dark Markets that sell fake I.D. for Bitcoin. Use fake I.D. to open a P.O. Box in your local post office, use the same fake I.D. to buy your hardware wallet from manufacturer's website.

 


OK, good for you.

Probably the question we should be asking is: where is the safest place to buy hardware wallets?

Somewhere where the number of second-hands (which are always risky) are kept to a minimum or not present at all, and where you don't have to give out your personal information when you place an order, and ideally one which lets you buy them in bitcoins. So not (most) manufacturers' websites.

Even though the hardware is the most secure option but sometimes even the software wallet can be used if the funds are now too much. I mean why need cold storage if you can just know how to properly secure your wallet? I am using a desktop wallet and have never been the victim of any hack or something.
You do not download random software, you do not click on the random link, a good anti virus software is installed on your computer, and you do not give your keys to anyone then you are good to go even with the desktop wallet (In case of fewer funds only).

For long-term investments using a hardware wallet is much safer although some use software.
Using a software wallet to store your long-term assets could be at risk of a virus or something that makes you unable to access it anymore.

I think from the many answers that have been left on this topic, you can judge and conclude what is best to use.
If you still don't have the money to buy a hardware wallet, then save little by little so you can buy one.
In the meantime, use a software wallet first.

That's true, I did consider adding that to my explanation. There's been arguments about Intel, and AMD having various things in the past. For example, the ME engine, and AMD's equivalent. So, yeah this is probably a risk also.

There's ways around the privacy issues with hardware wallets, but yeah most people won't have those provisions in place, and will be giving their home address. I do believe a lot of places these days refuse to send to PO boxes too, which obviously restricts what you can do to try, and keep your privacy intact.

Right, it's a sophisticated attack which isn't likely going to affect most users purchasing a hardware wallet, like I said it's probably something that's so unlikely that a lot of users are willing to ignore.

OP, it's always more secure to own a Hardware Wallet, but for how much coins you currently own, just keep saving and buying Bitcoin until you can comfortably spend for a Hardware Wallet. Plus you can always use an old computer for cold storage, and that would be as safe/secure as a Hardware Wallet.

 

Such things are difficult to judge from black and white logic, it is true that creating an airgapped wallet is cheaper and safer when it comes to physical attacks (the probability of someone stealing a flash memory to hack you is less than stealing a hardware wallet), but you need a degree of experience to do it properly.
Also, this example applies only to Bitcoin, but if you want to store some altcoins then hardware wallets will be the first choice.

Theoretically speaking, the same risk applies when buying a new computer. There's absolutely no practical manner to verify that it produces provably pseudo-random numbers, and that it hasn't been altered.

I'd say that the serious attack vector you're adding with a hardware wallet is privacy related. You're most likely not having a hardware wallet at your local place, so you're going to buy one from the Internet. So, the merchant has to know your home address, real name and so on. Some of us have experienced data breach with Ledger, and I'm sure lots of thieves would find this information valuable.

Hardware wallets have been known to have physical vulnerabilities, and someone might be more inclined to leave them lying around unsecured. A software wallet, you technically only need to save the seed, and generally you'll be warned to secure that pretty well. I'm not talking about a software wallet connected to the internet, I'm talking from the point of view where you want to generate an address, and just receive Bitcoin to that address. Since, with a hardware wallet you have to purchase it from a vendor, hopefully the original manufacturer, there's a element of risk of third party vendor having physical access to the device, and therefore altering the hardware wallet, with a wallet that you download, verify, and then keep in a offline environment you don't have these risks.

Hence, why I went on, and said about being more confident in securing a seed than a hardware wallet. Although, I could've probably been a little more clear in that. So, if I wanted to just generate a seed, and basically have a offline wallet, I'd probably not even need the offline wallet, copy the addresses, save the seed, and focus on securing that seed. Even, if you are going to be keeping the wallet offline, as long as its secure in the first place, it's no less secure than a hardware wallet technically. However, when regular access is needed, and therefore becomes a online wallet, a hardware wallet makes sense due to the reasons you mentioned.

However, for private key generation or a offline wallet, a hardware wallet is definitely more expensive, and potentially overkill if it's going to remain a offline wallet. If you intend to use it regularly, and therefore online then yeah I'd absolutely agree that software wallets then have more attack vectors.

It seems like the OP was talking about holding Bitcoin, hence the reason I believe a offline wallet should be fine, and technically could potentially have less chance of being compromised in a physical attack, since there's various ways of securing it, whereas a lot of people tend to think hardware wallets are invulnerable even physically, and buy them from third party vendors quite often.

The key thing is; if you want a offline wallet, that you are holding Bitcoin on; offline wallet generated via verified software. If you want to regularly use it, and therefore online; hardware wallet. The added risk to a hardware wallets depends on how you got it, and how you secure it. Those are the additional risks, with the latter also being true for offline generated wallets.

Worth noting, while the vulnerability was patched, I wouldn't doubt that we'll see similar attacks, but there's also less secure hardware wallets than a Trezor. Trezor are pretty decent hardware wallets compared to some out there.

So, my line of thought was due to third party vendor issues or an attacker gaining physical access it could potentially have more risks. Although, I'll admit I didn't really explain that all too well. However, the chances of someone doing that, and having a zero day exploit? Probably, rather slim. Although, worth mentioning since you can avoid the risk of that by not using it at all. What I will say; for the vast majority of users, a hardware wallet is probably going to be the most secure, especially for new users. Again, I should've probably mentioned that, but thought there was enough users saying that .

theoretically probably wasn't the right word. Needed to be something like if a offline wallet is generated under perfect circumstances, e.g airgap etc, then it technically can be more secure than a hardware wallet if it remains offline, or the seed is backed up, and then the wallet is deleted from the computer. I don't know, a lot of people will think physical tampering of a hardware wallet before it arrives to you, is so incredibly unlikely it probably shouldn't be worried about it too much, especially if it's bought from the official store. However, not everyone has that privilege since they don't always deliver worldwide. One thing for sure, is that is a risk that you don't have with a offline wallet that you generated. However, you still have to keep your seed secure, and obviously your hardware wallet due to physical attacks potentially being an attack vector.

If you have money to buy smartphone than I don't understand how you can't have much less money for purchasing hardware wallet.
Software wallets can never be safer than good hardware wallets, except if you are using them correctly on airgapped laptop, that is very unlikely for people who don't have money.

What?!  
No, hardware wallets don't have more attack vectors, because their only purpose is to work with cryptocurrency transactions.
Software wallets are installed on multi-purpose devices like computers or smartphones that by definition have multiple time more attacks vectors than hardware wallets.
Not to mention all the risk with malware, viruses, keyloggers, internet connection, and bunch of other issues that don't exist on good hardware wallets.

Theoretically speaking, a hardware wallet has more attack vectors than a software wallet, however that entirely depends on how you intend to use it. Personally, I believe a private key generated on a secure offline computer is the gold standard. Whereas, a hardware wallet is more suited to those that need to access their Bitcoin regularly, and don't want to think too much about security issues that could arise from that.

However, I'd probably be much more confident hiding my seed than my hardware wallet, since physical access to anything generally allows more sophisticated, and out of the box thinking attacks, I usually consider physical access possible to be compromised despite no documented attacks.

A seed can be reasonably secured, and potentially be as complex as you need it to be.

I think that mathematical calculations (rough) will help answer your question.
Your 0.01239BTC is now worth about $280. If you buy a hardware wallet, you will have to spend about $80-100. The question arises, is it worth spending a third of the amount just to keep it safe? It seems to me that it would be better if at this stage we limit ourselves to the software wallet. Just take care to make this wallet secure by taking all necessary precautions.
But if you plan to gradually increase the deposit, then you can think about the hardware wallet. Also, the argument in this favor will be that your 0.01239BTC at a rate of $100k will be $1200. Then the game may be worth the candle.

Hardware wallet is the best because it will save to a lot of security risk online that you can get when using software wallet. Hardware wallet is the best wallet for long term investment mainly if you don’t touch often times your holdings. You just need to protect its recovery seed phrase and you are good to go.

However, Software wallet like Electrum is safe too if you knew already the basic security against hacker. I’m using electrum wallet for 5 years and store above 1BTC on it without a problem because I’m always making sure that my computer and mobile phone is not infected by a malware.

They say the opponent of security is complexity. If you're not technically competent, I suggest you buy a peer-reviewed hardware wallet like Trezor, and sleep easy. If you think you're competent enough with software and OSes, and you have a computer spared, make it an airgapped device:

Buying a hardware wallet does not mean that you are safe unless your level of awareness increases. without awareness and realizationThe best device will not protect your currencies. Therefore, as long as the amount of 0.01239 BTC is too much for you, spending $60 to buy a hardware wallet is not a big loss.
But if you spend more time to learn, you can create cold stoarge for less than $10 and it will be relatively safe.
These are some links to learn and then create a topic about it and we will help you^[1][2][3]. Again awareness = safety.

[1] https://electrum.readthedocs.io/en/latest/coldstorage.html
[2] https://electrum.readthedocs.io/en/latest/tails.html
[3] https://github.com/sovereignhodler/tails-cold-storage

If you do not have money to buy a hardware wallet, you can go for wallet on airgapped device or the cheapest but still one of the safest wallet which is paper wallet, all you need is to write down your bitcoin address somewhere that would be used anytime you want to send bitcoin to the address if not using watch-only wallet with it. It is most important to backup your seed phrase. I will advice you to use electrum cold storage. You do not necessarily need watch-only wallet for it but you can have it to watch over your wallet using a device. After you set up a paper wallet on the cold storage device, you can delete it which makes it a paper wallet, or you can leave it on a cold storage device if you can spare your device for it and use it as airgapped walllet. Which means you can go for paper wallet or wallet on airgapped device.

Airgapped devices are devices that their WiFi and Bluetooth components are removed from just computer with newly reinstalled OS, making use of the device at the time for wallet creation, making sure it has no connection to the internet.

I mean, think about it — why would people spend money on a hardware wallet if a software wallet is more secure? Obviously hardware wallets are better for 99% of people.

But don't take the word from me, go do some reading and learn for yourself.

https://cryptosec.info/wallets
https://bitcointalksearch.org/topic/general-bitcoin-wallets-which-what-why-1631151

I think it would be best if you made sure that the device you are going to use is malware free before installing any wallet. I mean that's a no brainer for someone who wants to store bitcoin for long term.

Afterwhich, you can install electrum[1] for desktop because simply because it's lightweight, open-source and have many features that a bitcoin wallet must have (e.g., coin control, multisig, lightning network). Plus, it is beginner friendly. Just make sure to verify the signature[2] before installing the wallet on your machine to avoid installing malicious fake electrum wallet.

[1] https://electrum.org/#download
[2] https://bitcointalksearch.org/topic/guide-how-to-safely-download-and-verify-electrum-guide-5240594

As a new investor I am very curious to know in which wallet my bitcoins will be safe. I am holding on to some bitcoins I bought earlier. and I was interested in buying more bitcoins later today I bought some bitcoins again with some of my money. I bought 0.0068 bitcoins from Binance exchange long ago and held them. and today again bought 0.00559 bitcoins from Xt exchange. I currently have all the money I have invested in Bitcoin. I believe that investing in Bitcoin will bring me profits in the future. Right now I have bitcoins (BTC0.0068+0.00559)=0.01239. I think if I hold Bitcoin for long term I will definitely be able to make good profit. Because I believe Bitcoin will reach $100k.  And then my wallet balance will show (0.01239×$100000)=$1239 I hope. But I don't feel very comfortable keeping my money in exchange. So I want advice from seniors whether hardware wallet is better or software wallet. But if I want to buy a hardware wallet I will need money.
but right now I don't have any money to buy hardware. So I suggest using a software wallet.  However, I have no idea which wallet to use will provide the most security. So tell me a bit about what is a strong and security complete wallet?