{{Header}} {{#seo: |description=Quick comparison of hardware wallets. |image=Wallet_comparison12312.jpg }} {{Title| title=Comparison of Hardware Wallets }} {{crypto_hardware_wallets_mininav}} [[File:Wallet_comparison12312.jpg|thumb]] {{intro| Quick comparison of hardware wallets. }} = Introduction = The main objective of the comparison table is to highlight an important aspect: even if the firmware of a hardware wallet is 100% Open Source and Freedom Software, and supports reproducible builds, users may still be unable to [[Hardware_Wallet_Security#verify_firmware_device|verify if they are running the official firmware]]. {{Quotation |quote= And open source doesn’t really solve this. It’s impossible to have guarantees that the electronic itself is not backdoored, nor that the firmware that runs inside the wallet is the one you audited. |context= [https://twitter.com/P3b7_/status/1659187094764285952 Ledger CTO] }} Only the latest and best hardware wallets by vendors are considered. Older models are disregarded. Any mention of a hardware wallet on this page, in any form, should not be interpreted as an endorsement. A strict [[Terms_of_Service#Non-Endorsement|non-endorsement policy]] is in effect. For further details, please refer to the comprehensive [[#Disclaimers|disclaimers]] section of this wiki page. It is recommended to read this wiki page in conjunction with the [[Hardware_Wallet_Security|Cryptocurrency Hardware Wallet Threat Model]] wiki page. The latter provides additional insights and information regarding the security aspects of hardware wallets. = Comparison = {| class="wikitable" |- | ! Ledger ! Trezor ! OneKey ! Coldcard |- ! 100 % Open Source and Freedom Software | {{No}} | {{Yes}} | {{Yes}} | {{Yes}} |- ! reproducible builds | {{No}} | {{Yes}} https://docs.trezor.io/trezor-firmware/common/reproducible-build.html | {{Yes}} * https://walletscrutiny.com/hardware/onekey/ * https://github.com/OneKeyHQ/firmware/issues/404 * https://github.com/OneKeyHQ/firmware/issues/579 | {{Yes}} |- ! User-compiled and flashed firmware | {{No}} | {{Yes}} https://trezor.io/support/a/warning-unofficial-firmware-detected | Deprecated? Initially this might have been possible and is still documented on the website. {{Quotation |quote= You can install unofficial firmware on OneKey devices, but doing so will erase device storage and display a warning every time you boot. |context= https://help.onekey.so/hc/en-us/articles/6118461753743-Common-Security-Threats }} This feature might be been deprecated. {{Quotation |quote= No longer support installing firmware with unofficial signatures |context= https://github.com/OneKeyHQ/firmware/releases/tag/classic%2Fv3.0.0 }} | {{Yes}} |- ! Easy (User) [[Hardware_Wallet_Security#verify_firmware_device|Trustless verification of firmware running on device]] | {{No}} | ? | ? | {{No}} {{Quotation |quote= Mk3 and earlier made a virtual serial port available over USB. As it was only useful to developers, it was disabled by default. Mk4 uses a real universal asynchronous receiver-transmitter (UART) leading to physical pins. It is not only disabled by default, but it also cannot be accessed without breaking the case. A developer wanting to interact with the pins must be willing to damage the COLDCARD's case to do so, but the option is there if needed. |context= [https://github.com/Coldcard/firmware/blob/master/docs/mk4-security-model.md#virtual-debug-serial-port-removed coldcard MK4 Security Model] }} |- ! Trustless verification of firmware running on device by developers | {{No}} | ? | ? | ? |- ! Re-lock bootloader with user custom keys. / [[Verified Boot]] with user keys. | {{No}} | ? | ? | ? |- |} = Other Criteria = {| class="wikitable" |- ! Criteria ! Details |- ! Security audited | The security audit of a hardware wallet depends on the scope and the organization conducting it. It is not a simple yes or no question. Please refer to the {{audit_mininav}} for more information. |- ! Certification | Similar to above. * The secure element might be certified. See [https://bitcointalk.org/index.php?topic=5304483 Secure Element in Hardware Wallets]. * The hardware wallet itself may or may not be certified. These are an indicator but should not be taken alone as a seal of quality, because, see next column. |- ! Vulnerabilities | [https://thecharlatan.ch/List-Of-Hardware-Wallet-Hacks/ List of Hardware Wallet Hacks] |- ! Warning if running custom firmware. | Users running the official firmware should get a warning if an attacker flashed a custom firmware from their device's bootloader. |- ! Installation of custom firmware deletes storage. | This is a security feature to avoid a malicious custom firmware stealing the private keys. |- ! Detach storage | Can storage be detached, duplicated and re-attached? If de-soldering of the storage chip is possible, this may or may not be a security issue because a custom firmware by an attacker might decrypt, steal the private keys. |- ! Bitcoin only | Attack surface reduction, complexity reduction to ease security audits by only supporting 1 cryptocurrency, most likely [[Bitcoin]]. |- ! Multiple cryptocurrency support | If the user wants to use other cryptocurrencies such as [[Ethereum]]. |- ! Secure Element | |- ! Private Key never leaves Secure Element | Yes / No |- ! Private Key never leaves Device | Yes / No |- ! Country of Incorporation | Of the hardware wallet vendor. |- ! Country of Production | Of the hardware wallet vendor. |- ! Supply chain attacks | |- ! Track record | History of past security issues and their handling. |- ! Quality of Entropy | Low entropy can result in private keys getting compromised through bruteforce attacks. See also [[Dev/Entropy|entropy]]. |- ! User supplied additional entropy. | For better entropy. |- ! Multisig support. | |- ! Multisig compatibility with other hardware and software wallets. | For diversification of multisig, not relying on one single vendor, one single point of failure only. |- ! USB / SD / Micro-SD Card Backup Support | For diversification of multisig, not relying on one single vendor, one single point of failure only. |- ! Native desktop app | Or only a (wrapped) web interface. |- ! Mobile app | |- ! Wallet compatibility | |- ! [[Hardware_Wallet_Security#Insecure_Display_versus_Secure_Display|Secure Display]] | |- ! Big Display | For ease of readability of long cryptocurrency addresses. |- ! Display can show QR Codes | To receive funds. |- ! Camera can scan QR Codes | To send funds. |- ! Can show account number (address) on Secure Display. | |- ! Can show balance on Secure Display. | |- ! Can show transaction history on Secure Display. | |- |} = List of Hardware Wallets = Most of the following hardware wallets are not included in the above comparison and are unlikely to be included in the future. For more information, please refer to the [[#Disclaimers|disclaimers]] chapter on this wiki page, which outlines the goals and non-goals of this page.