Security FAQ

General Security Questions

• How secure are hardware wallets compared to other storage methods?

  Hardware wallets are widely considered the most secure option for cryptocurrency storage for several reasons:

  • Offline Storage: Private keys never leave the device and are not exposed to internet-connected computers, protecting against remote hacking attempts, malware, and keyloggers.
  • Physical Confirmation: All transactions must be physically confirmed on the device itself, preventing unauthorized transfers even if your computer is compromised.
  • Secure Elements: Most hardware wallets use specialized secure elements (tamper-resistant chips) similar to those used in banking cards and passports.
  • PIN Protection: Multiple failed PIN attempts typically result in device wiping or lockouts, preventing brute force attacks.

  Compared to alternatives:

  • Software Wallets: Vulnerable to malware and keyloggers that can steal private keys from your computer or phone.
  • Exchange Accounts: Subject to exchange hacks, account takeovers, and counterparty risk if the exchange becomes insolvent.
  • Paper Wallets: Vulnerable to physical theft, damage, and proper generation requires technical expertise.
• Can hardware wallets be hacked?

  While no security system is absolutely impenetrable, hardware wallets are designed to resist both remote and physical attacks. Here's what you should know:

  Remote Attacks

  Hardware wallets are extremely resistant to remote attacks because:

  • Private keys never leave the device
  • All transactions must be physically confirmed on the device
  • The firmware is cryptographically signed and verified during updates

  Physical Attacks

  If an attacker has physical access to your device, potential attacks include:

  • PIN brute forcing (mitigated by attempt limits and device wiping)
  • Advanced laboratory attacks on the secure element (extremely difficult and expensive)
  • Supply chain attacks (mitigated by firmware verification and tamper-evident packaging)

  The most practical "hack" is actually social engineering—tricking users into revealing their recovery seed or using compromised devices. This is why we emphasize:

  • Only purchase devices directly from manufacturers or authorized resellers
  • Verify device integrity and firmware upon receipt
  • Never share your recovery seed with anyone
  • Be wary of phishing attempts claiming issues with your device
• What happens if the hardware wallet company goes out of business?

  Your funds remain secure even if the hardware wallet manufacturer ceases operations. Here's why:

  • Industry Standards: Hardware wallets use standardized derivation paths (BIP39, BIP44, etc.) that are supported across many wallet applications.
  • Recovery Seed Compatibility: Your recovery seed can be used with compatible software or hardware wallets from other manufacturers.
  • No Dependency on Company Servers: Your funds exist on the blockchain, not on company servers. The device is simply a secure way to access and manage those funds.
  • Open-Source Software: Many hardware wallet companion applications are open-source, meaning they can continue to be maintained by the community.

  To prepare for this possibility:

  • Keep your recovery seed secure and accessible
  • Familiarize yourself with alternative wallets that support your recovery seed format
  • Consider periodically testing recovery using other wallet software
• How do I know my device hasn't been tampered with?

  Verifying your device's integrity is crucial for security. Here's how to check for tampering:

  Upon Receipt

  • Packaging Inspection: Check that the tamper-evident seals are intact and show no signs of removal or replacement.
  • Device Appearance: Inspect the device for any signs of opening, unusual components, or modifications.
  • Firmware Verification: During initial setup, the device should verify its firmware authenticity. Any failure here is a serious red flag.

  Red Flags

  • Pre-initialized device (should require you to set it up from scratch)
  • Pre-filled recovery card or "backup" provided by the seller
  • Instructions to use a specific recovery seed
  • Unusual companion applications or download links

  Best Practices

  • Purchase directly from manufacturers or authorized resellers
  • Avoid third-party marketplaces where supply chain attacks are more common
  • Update to the latest firmware immediately after verifying device authenticity
  • If in doubt, contact the manufacturer with your device's serial number

Recovery Seed Security

• What is a recovery seed and why is it important?

  A recovery seed (also called a seed phrase, mnemonic phrase, or backup phrase) is a sequence of 12-24 words that serves as a backup for all the private keys stored on your hardware wallet. It's the most critical security element of your hardware wallet system.

  Key Functions

  • Master Backup: The seed phrase can regenerate all private keys for all cryptocurrencies on your device
  • Device Recovery: Allows you to restore your wallet if your device is lost, stolen, or damaged
  • Cross-Compatibility: Can be used with compatible wallets from other manufacturers

  Important Security Considerations

  • Anyone who has your recovery seed has complete access to all your cryptocurrency assets
  • The seed should never be stored digitally (no photos, no digital documents, no cloud storage)
  • Physical storage should be secure against theft, loss, and environmental damage
  • If your seed is compromised, you should immediately transfer funds to a new wallet with a new seed

  Think of your recovery seed as the master key to your entire cryptocurrency portfolio—it requires the highest level of protection.

• What's the safest way to store my recovery seed?

  Storing your recovery seed securely is one of the most important aspects of cryptocurrency security. Here are recommended approaches:

  Recommended Storage Methods

  • Metal Storage Solutions: Purpose-built metal plates or capsules that are resistant to fire, water, and physical damage. These are specifically designed for recovery seed storage.
  • Multiple Secure Locations: Consider creating multiple copies stored in different secure locations (e.g., home safe, safety deposit box) to protect against localized disasters.
  • Seed Splitting: For advanced users, splitting your seed into multiple parts stored in different locations can add security (requires understanding of threshold schemes).

  Methods to Avoid

  • Digital Storage: Never store your seed in digital format (text files, photos, emails, cloud services)
  • Regular Paper: Standard paper is vulnerable to fire, water damage, and fading
  • Single Location: Storing only one copy risks total loss from theft or disaster
  • Obvious Labeling: Don't label it as "Bitcoin Seed" or "Crypto Backup"

  Additional Considerations

  • Passphrase Protection: Consider using an additional passphrase (sometimes called a "25th word") that must be used in conjunction with your seed phrase
  • Estate Planning: Ensure trusted family members or executors know how to access your recovery seed in case of emergency, without compromising security during your lifetime
• What is a passphrase and should I use one?

  A passphrase (sometimes called a "25th word") is an additional layer of security that can be used with your recovery seed. It fundamentally changes how your wallet works and offers both advantages and potential risks.

  How Passphrases Work

  • The passphrase is combined with your recovery seed to generate a completely different set of private keys and addresses
  • Each unique passphrase creates a separate wallet, even when used with the same recovery seed
  • Unlike your PIN, which only unlocks your device, the passphrase is cryptographically combined with your seed to create different wallets

  Advantages

  • Additional Security Layer: Even if someone obtains your recovery seed, they cannot access your funds without also knowing your passphrase
  • Plausible Deniability: You can create a "decoy" wallet with a small amount of funds using one passphrase, while keeping most funds in a wallet with a different passphrase
  • Multiple Wallets: You can create separate wallets for different purposes using the same device and recovery seed, just by using different passphrases

  Risks and Considerations

  • No Recovery Option: If you forget your passphrase, there is absolutely no way to recover your funds, even with the recovery seed
  • Complexity: Adds another element you must securely remember or store
  • Inheritance Planning: Makes it more complicated for heirs to access your assets

  Recommendations

  Passphrases are recommended for:

  • Users with significant cryptocurrency holdings
  • Those concerned about physical theft of their recovery seed
  • Users comfortable with managing additional security elements

  If you use a passphrase, ensure you have a secure way to remember or store it that is different from how you store your recovery seed. Consider including passphrase instructions in your estate planning documents.

Transaction Security

• How do I verify that a transaction is legitimate?

  Verifying transaction details is one of the key security benefits of hardware wallets. Here's how to ensure you're only authorizing legitimate transactions:

  Always Verify on the Device Display

  • The recipient address should be displayed on your hardware wallet's screen
  • The exact amount being sent should be displayed
  • Any transaction fees should be clearly shown

  Address Verification Steps

  1. Check the entire address, not just the beginning and end
  2. Compare character by character when possible
  3. For long addresses, verify in sections as the device scrolls through the address
  4. If available, use the QR code verification feature on devices with cameras

  Red Flags

  • Transactions you didn't initiate appearing for confirmation
  • Amounts that differ from what you intended to send
  • Unusually high transaction fees
  • Multiple transaction requests in rapid succession

  Best Practices

  • For first-time recipients, consider sending a small test amount before large transfers
  • Use the address book feature in your wallet software for frequently used addresses
  • For large transactions, consider verifying the address through multiple channels
  • Keep your device firmware and companion applications updated

  Remember: The ability to physically verify transaction details on your hardware wallet's screen is one of its most important security features. Never rush this verification process.

• Can malware change the address I'm sending to?

  Address substitution attacks are a common concern, but hardware wallets are specifically designed to protect against this threat. Here's how it works:

  The Threat: Address Substitution Malware

  This type of malware infects your computer and monitors for cryptocurrency addresses being copied to the clipboard. When detected, it replaces the legitimate address with the attacker's address, hoping you won't notice the switch before confirming the transaction.

  How Hardware Wallets Protect You

  • Physical Verification: The hardware wallet displays the actual recipient address on its screen, showing you exactly where your funds will be sent
  • Secure Environment: The address verification happens on the hardware wallet itself, which is isolated from your potentially infected computer
  • Manual Confirmation: You must physically press buttons on the device to approve the transaction after reviewing the address

  Best Practices

  • Always verify the entire address on your hardware wallet's screen before confirming
  • Be particularly vigilant when the address has been copied from a website or email
  • For frequent recipients, use the address book feature in your wallet software
  • Consider using a secondary verification method for large transactions (e.g., verifying via phone or separate device)

  This protection against address substitution is one of the primary security advantages of hardware wallets compared to software wallets, where the address verification and transaction signing happen on the same potentially compromised device.