How Hardware Wallets Actually Work

March 22, 2018 | In Crypto, Hardware wallets | By

Hardware wallets are special types of Bitcoin wallets that make use of a secure hardware device to store a user’s private keys. They are physical devices that carry an encryption and its sole function is to store your wallet file. They are preferred to standard software wallets due to some reasons:

They are immune to computer viruses unlike software wallets that are prone to malware attacks. User’s private keys are stored on a hardware device like a USB and cannot be transferred out of the device in plain text.

There’s increased security because transactions are made online and stored offline. They can be used securely and interactively. They also support different currencies and are also compatible with several web interfaces.

Transactions are easily made. Users simply plug in their devices to any internet enabled device. They enter a pin, initiates a transaction, and then confirms to send the cryptocurrency. It makes it possible for you to carry out transactions coupled with storing your money offline.

The best method for safeguarding your coins is to move them offline which entails keeping your access keys to your coins somewhere not accessible by the internet. This is also referred to as “cold storage”.

Hardware wallets acts as your Private key

According to the blockchain rules, Bitcoin stored on an exchange isn’t owned. This is because you don’t have the private key for your exchange account. This is similar to the use of online wallets for storing Bitcoin. The only way to claim ownership of the Bitcoin is to possess the private key to the address in which it is stored. Hardware wallets do not just run a node on your PC but stores your key on a dedicated chip. This helps in conducting safe transactions as private keys are never sent in plain text to the internet enabled device.

Hardware wallets use the display panel to carry out verifications of transaction in an isolated system.

Hardware wallets as multiple coin management

Multiple coins can be stored on Hardware wallets. E.g. the Ledger Nano S receives updates and helps users by adding support for multiple coins which enables the switch between different cryptocurrency wallets on the same device. This feature attracts cryptocurrency investors most especially those whose investments are spread across multiple online wallets. Cryptocurrencies supported includes Bitcoin, Litecoin, Ripple, Bitcoin cash, Ark and Ethereum. Users can install dedicated PC applications to aid interaction with the various cryptocurrencies stored on the wallet, or they can use extensions within Google Chrome.

Hardware wallet’s support of FIDO UNIVERSAL 2FA

If your hardware wallet does not support a cryptocurrency owned, or you prefer an online wallet where you control your private key, a hardware wallet could still be useful.

Certain hardware wallets support the two factor authentication format (Universal 2nd Factor). This functions as a physical key and gives you full control setting up your hardware wallet to access online wallets coupled with holding compatible cryptocurrencies in cold storage.

The U2F key standard is certified by the FIDO alliance and it is an essential tool to secure your DropBox, Google accounts, Facebook and GitHub.

There are several types of hardware wallets all with similar functions; let’s take a look at two of them (Trezor and Ledger Nano S)


This is also called the Bitcoin safe. It functions as a transaction signing tool as well as a secure Bitcoin storage. This device cannot be accessed by malware because it generates its own private keys. It can hold an unlimited number of keys to its deterministic wallet structure. When Trezor is initialized, a recovery seed is generated which helps in the recovery of all contents, in case the device gets lost or stolen. It’s also introduced a unique way of PIN entering, preventing key loggers from recording it, thereby curbing cases of compromised computers.

Ledger Nano S

This wallet protects your Bitcoin data with a smartcard. Its microprocessor is immune to all physical and logical attacks and has been used in the banking industry for decades. It connects to the USB port of your computer, embeds an inbuilt OLED display to carry out all the Bitcoin cryptography which includes double checking, confirming and signing each transaction in its secure environment. It is built around a secure element (ST31 family) and also built on top of a powerful and flexible operating system known as BOLOS, Which allows the secure execution of multiple open source applications in full isolation.

Specific features include:

  • Embedded and open source Bitcoin app
  • In-built security lock (4 digits)
  • Connectivity via USB
  • Secure chip that protects cryptographic secrets
  • Compact casing

Security Risks

To date, there are no reports of stolen Bitcoins from hardware wallets. They have at least maintained a good record unlike various records of stolen Bitcoins from Internet-connected devices.

They are high value targets which rest solely on assumptions aimed at security. Still there are several ways in which hardware wallets could fail you. It is very important to consider these risks in deciding on the type of hardware wallet you want to buy or how much trust you could place on them. These risks are outlined below:

The shipping process is compromised

Secure devices may be substituted or modified for insecure replacements; government programs may interfere and modify hardware to insert backdoors

Imperfect implementation

The quality of their implementation is the basis of security for all computing devices including hardware. Bugs may give way to attackers to gain unauthorized access to secrets. Even with a perfect design, the proof of security of hardware wallet is very hard

Swapping of recipient Bitcoin addresses by Malware.

Hardware wallets won’t free you from being deceived into sending Bitcoin to a false address. High value transactions could be monitored by Malware on PC, and then swaps the recipient’s Bitcoin address for another, which has the scammer’s control.

When high transactions are involved, a phone confirmation of the recipient’s Bitcoin address is necessary.

Production process is compromised

A perfect hardware wallet could be vulnerable to Intentional and unintentional holes in the final product due to a corrupt production process. Military and financial applications are really concerned about the introduction of hardware backdoors.

Insecurity of Random Number Generator (RNG)

Hardware wallets rely on RNG security usually embedded in hardware and functions to generate your wallet’s private keys securely. RNG may be insecure due to an unintentional error or a malicious weakening. Attackers may hack into wallet keys created by an insecure RNG by generating pseudo-randomness which would be similar to true randomness.

Posted by on March 22, 2018 in Crypto, Hardware wallets
Try Brave Browser


May 7th, 2019

Ledger Nano X Review

April 10th, 2019

The Brave Browser