Coldcard is amazing because they go to great lengths to cover every possible avenue of attack they can think of. From tampering during shipping, to trick-pins in case there's a gun to your head.
The most important thing is, the company behind the ColdCard is Bitcoin ONLY! Unlike Ledger and most other hardware wallet companies. I refuse to do business with any company that perpetuates the notion that all crypto is equal. They are doing a disservice to the public. The public doesn't care to learn about what makes Bitcoin different, so it's up to principled individuals and companies to help show them!
Yes it seems that they care a lot about security. I like the fact that you can use it in air gap mode, without the need to connect it to a computer. That what i'm looking for, plus opensource.
We can discuss here about hardware wallets all we want, but Arman the Parman put an insane amount of work to sort all the information about them for us.
I highly recommend visiting his website and all the free content from very begginer to advance including the hardware wallet section.
Key sections are in multiple languages. I consider this site as ones of the best to to gather orange pilling information.
Coldcard is your best shot as a single wallet. Complexity is it's only weak point, but then again, investing time and effort into a strong self-custody is most probably worth it.
Blockstream Jade. For $40 bucks or so it’s incredibly useful and easy to understand. Plus they are very active in developing and releasing how to videos.
I get that, and I delayed getting a hardware a while for the same reason... but the time's going to come when you have more BTC than you're comfortable exposing to the internet.
The sooner you bite that bullet and learn how to store your property safely, the better, IMO. I know they're expensive (and they've gone up this year too), but it's an investment to protect the rest of your investments.
Depends on purpose... Personal Storage? Remote Signing?
Assuming for personal storage, nothing is better than an old laptop.
Generally, HWWs are an added risk to personal storage because now you're adding complexity of process and intermediate code above and beyond Bitcoin Core.
A dedicated laptop with a minimal Linux install reduces surface risk, and the opsec is way better too.
How a laptop can be more usable, secure, cheap, maintainable, tough, portable, conceable than an hardware wallet?
Talking about the laptop complexity you perhaps forgot all the OS stack, it is huge.
The supply chain attack for the HW? Did you hear about the libraries supply chain attacks that are popping everywhere?
I used Tails with a volatile boot to sign offline transaction and so on, too; but an HW is a relief in semplicity and user experience.
While an old laptop might be a good solution for some, for many it's just not possible. Too hard and too much that can go wrong. Imagine telling your mom to boot a minimal linux distribution, install bitcoin core, sync the chain, create a wallet and secure it properly.
Hardware wallets can guide a new user much better through all the steps necessary to hold their own coins and really don't have many drawbacks.
We're trying to build the easiest hardware wallet without sacrificing security. It's dead easy to use. If you have any questions about it, let me know.
If I understand correctly, the bitcoin-only version does not support it being used as a U2F. Why is that?
And how can a "transaction signer" device be aware of the coin it's signing?
How can the bitbox02 care if what it is signing is a bitcoin transaction, a love letter, or a declaration of war?
Only my node knows what bitcoin is. How can device that is not running a full node nor does it directly connect to a full node know what bitcoin is?
What if there is a hardfork that changes the transaction format?
I can understand that the bitbox wallet client software can be bitcoin only or not.
Personally I bought the "multi coin" edition just to be able to use it as U2F as well. In the bitbox client I connected it to my node and removed the other shitcoins from view.
There is a hint that the bitcoin-only edition has a more secure firmware since it's more focused / stripped down but frankly In don't see how or why.
Is it just a marketing ploy to attract bitcoiners?
Sorry for the rant, it's still a great product and I am a happy customer.
Great question! As @sime already mentioned, your hardware wallet needs to be aware of what kind of coin it's signing a transaction. Otherwise your host device could easily make it sign a bitcoin transaction instead of a litecoin one.
Differences between the coins not only include the derivation path, but also fundamentally how transactions work. For the hardware to support different coin transactions, the firmware needs additional code to support it.
The bitcoin-only version comes with a much slimmer firmware, because it removes these coin integrations (and other things, such as U2F). The goal of the bitcoin-only is to offer an as small as possible attack surface by removing all unnecessary code. Security wise the benefit might not be immense, but as a general rule, less code leaves less room for mistakes.
It's also really popular for people who want to gift it to their friends and family, because it doesn't lead to people asking about different cryptocurrencies and instead lets them focus on just Bitcoin.
Being the first means nothing when comparing hardware. Or do you still use Pentium CPUs?
Trezor failed their customers with AOPP and their CEO behavior.
Trezor is now partnered with Wasabi and their chainanalysis methods.
Trezor is just out dated hardware with pricey tag.
I've been using a Trezor One, which I like, but now I am putting together a multi-sig setup according to the 10x Security Guide. https://btcguide.github.io/