Bitcoin is sovereign money; it gives you ownership over your own financial destiny. There is a common expression in the Bitcoin world: not your keys, not your coins! Whether you own Bitcoin as an investment, as a censorship-resistant currency, or as a convenient way to transact on the Internet, it is important that you store your own private keys (and we can help with that).
Exchange hacks and losses of funds are common occurrences in the Bitcoin world, and no exchange is too big to fail. The more Bitcoin owned by a single exchange, the larger the incentive for attackers to try to steal your coins – whether external hackers or malicious insiders.
By storing your own private keys, you can have true ownership over your Bitcoin while removing the ability for hackers to steal large quantities of Bitcoin from custodians – this strengthens the Bitcoin network! For most users, the best way to store your keys is on a specially designed device called a hardware wallet.
All hardware wallets make tradeoffs between usability, security, and openness. Below is a brief explanation of the tradeoffs from the leading hardware wallet vendors.
Ledger’s hardware and firmware are closed source, with a closed source operating system running on the device. This makes it more difficult for security researchers to discover vulnerabilities that may exist on Ledger’s hardware. Many find Ledger devices difficult to use, as there are only two buttons to navigate and a small screen. And Ledger devices are not airgapped; they use USB and/or Bluetooth. This has been shown to cause certain vulnerabilities.
Trezor’s hardware and firmware are open source, but they do not use a security chip (more specifically a secure element). This means that an attacker can extract the private keys in only 15 minutes with commonly available hardware (this can be mitigated by using a strong passphrase). Trezor’s Model T is easy to use due to the capacitive touch screen, but makes clear security tradeoffs as the screen and touch panel have embedded processors running unknown firmware. Trezor devices are also not airgapped; as they use USB.
Coldcard has, in our opinion, the best security model, with open source hardware and firmware plus a secure element for storage of private keys. Coldcard also has great security features, such as a phishing-resistant PIN entry process and security lights. However, Coldcard is designed for the hardcore Bitcoiner and is challenging for normal users.
Passport uses the same security architecture as Coldcard, with open source hardware and firmware plus a secure element, but places a significant emphasis on intuitive design and ease-of-use. Passport’s larger display, alphanumeric keypad, and navigation pad create a pleasant user experience. Its camera and microSD slot ensure airgapped operations. And it uses more trustable components, like a screen without an embedded processor and AAA batteries for power.
For new users, Passport is designed to be intuitive and approachable. The navigation pad and familiar interface make it easy to set up and use Passport. If you’ve previously found hardware wallets to be intimidating or difficult, we think you’ll have a better experience with Passport.
For expert users, Passport uses the same general security architecture as Coldcard and Bitbox02, but introduces (1) integrated AAA batteries and (2) a camera for more convenient airgapped transactions. Passphrase entry is also a breeze with Passport’s alphanumeric keypad.
Bitcoin is open source software, and we believe open source software should run on open source hardware. Bitcoin necessitates a completely new type of hardware security model – since transactions are immutable, there is no recourse if your Bitcoin are stolen or lost.
Today’s hardware is mostly closed source and uses proprietary designs with confidentiality agreements. This model worked in a world where thefts could easily be reversed by your bank or credit card company. But in a Bitcoin world, this model is fundamentally broken.
Open source hardware means that security researchers can more easily identify vulnerabilities in our products. It also means that we can adopt best practices from other open source hardware projects – and other open source hardware projects can adopt our best practices too! This leads to a healthy, more secure hardware ecosystem and means that your Bitcoin will be safer.