Skip to content

How To Buy A Bitcoin Hardware Wallet With Confidence

How To Buy A Bitcoin Hardware Wallet

This is a guest post by Alpha.

The process of acquiring a hardware wallet for your bitcoin is simple, but it’s important to do your research before making a purchase. This article will guide you on where and how to buy a bitcoin wallet, as well as what to do once you’ve got it to help ensure the safety of your bitcoin.

Understanding Bitcoin Hardware Wallets

You never want your private keys touching that revolting, malware infested computer/phone of yours. Trust us. Hardware wallets are cheap ($50+ USD) and easy to setup and use so it’s a must if you’re wanting to properly secure any funds you don’t want to lose access to.

A hardware wallet, also sometimes known as a signing device, is like your own personal fortress. Its purpose is to protect your digital wealth from online threats by storing private keys offline and giving you complete control over your funds. Think of it like having a bouncer at the door of your Bitcoin club that keeps out any potential troublemakers.

But these wallets are more than just for show, they play an essential role in safeguarding your valuable assets in the world of Bitcoin. With hackers lurking around every corner, having a hero on hand to defend against their attacks becomes crucial. Hardware wallets serve this exact function and act as saviors for users who want peace of mind when managing their bitcoin.

Major Functions Of Hardware Wallets

Hardware wallets generally perform a few key functions. One is of course the storing of your bitcoin keys in such a way that hackers or other malicious programs can get to them. However there are a few other critical things they do that many aren’t aware of.

Most hardware wallets are also responsible for securely generating your private key in the first place. This is because to do so requires a good source (or preferably multiple sources) of entropy. This entropy is what generates randomness which makes your keys secure against others guessing it.

Generating proper, random entropy is actually quite difficult, so having a properly designed hardware wallet do this task is a core function. Beyond generating and securely storing bitcoin offline, they also generate receive addresses, sign transactions and perform lots of tests and verification to make sure other attacks against you don’t succeed.

For example, a well known attack is to change the receive address or even change address during a send so that your precious sats end up in the attackers wallet, rather than your own. A good hardware wallet will have robust verification code to ensure this doesn’t happen.

Types of Bitcoin Hardware Wallets

Let’s turn our attention to the various categories of bitcoin hardware wallets. There are many different types ranging from air gapped ones to USB connected ones to ones that are simply a NFC card. You’ll also see all sorts of claims made by manufactures like how high their Secure Element is graded or how open source their code is.

Understanding which one is actually safe requires quite a good deal of investigation and understanding (far too much for this article) which is why we have gone through virtually every hardware wallet out there and assessed them all based on extremely strict security and privacy testing standards. This extensive hardware wallet comparison page rates and reviews all wallets so you can easily tell what’s available and which ones are actually secure and why.

Selecting the Right Hardware Wallet

While you’re welcome to buy any hardware wallet you think is appropriate, we’d only advise it after considerable scrutiny. Here are a few major considerations you should weigh up before just purchasing any random device you find on the internet:

  • Has A Screen: It’s critical that you’re able to visually compare what the hardware wallet is showing you (eg a receive address or transfer amount) versus what your computer is showing you. This requires the wallet to have a screen on it.
  • True Randomness Generation: It should uses two independent sources of randomness (or more) for your private key generation. A poorly generated private key is a huge security hole.
  • Open Source: Its code should be 100% viewable for you or any other security researcher to review and interrogate. Open source code, vetted over many years is one of the top ways to ensure a secure environment.
  • Verifiable Software Binaries: It should have verifiable software binaries and PGP key signature checking with easy-to-follow instructions on their website. This allows you to verify that the software you’re downloading from their website hasn’t been maliciously altered or tampered with.
  • Uses Interoperable Standards: It should use common, industry standards for its seed phrase words to allow for interoperable use in case there’s any reason to migrate away from that hardware vendor (eg they go bankrupt / get taken over / start acting stupid).
  • Reasonable Company History: The company itself should have been around for at least 5 years or more and the more revisions of the hardware they have, the better (eg. COLDCARD is up to “Mk4” while BitBox is up to “02” now). This hopefully ensures (but doesn’t guarantee) that hardware level issues have been resolved at the source and that the hardware and software have had most of their main kinks sorted out. You should also review their general practices like storage of customer data, history of how they handle security breaches and how they work with the security community in general.
  • Works With Standard Wallets: It should work with any industry standard third party Bitcoin wallet such as Sparrow Wallet. You should not be locked into using only their bundled software wallet program as this can be both a privacy risk and a problem if the company ever runs into troubles.
  • Full Bitcoin Node via Tor Support: It should fully support you connecting it to your own Full Bitcoin Node via Tor. This is vital for Advanced and Expert levels both for privacy and security and many hardware wallets “experts” recommend such as the Ledger don’t do this!
  • Easy Import / Export: It should fully support importing and exporting of all required info (Including Coin / UTXO Labels) for easy backup and restore, especially across various third party wallets (eg exporting from their wallet app and importing into a third party wallet) and for Multisig wallets that require more detailed backup information than single signature ones.
  • Multisig Support: It should fully support Multisig Wallets as well as xPub / Watch Only wallets and this support should extend to the standardized third party wallets as well.
  • Labeling And Control Of Coins: It should fully support labeling of coins (UTXOs) and being able to control which coins you spend either through their own app or through a standardized third party wallet.
  • Purchase Only From The Supplier: It should come in a tamper evident bag directly from the supplier and no one else. Do NOT buy from other random online sellers, eBay, forums or any other source.
  • Consider Physical Size: When choosing a device many people prefer large screens to enable easier reading / interaction, but be aware that the larger the device is, the harder it is to store / hide. It will also likely be more expensive.

    •  

    Purchasing a Hardware Wallet Anonymously

    Don’t buy a hardware wallet with your real world identity.

    If the hardware wallet company gets hacked, your identity is forever linked to “this customer has so much bitcoin they needed to buy a hardware wallet” = huge target. An example of this is how Ledger had all their customer data stolen. Trezor also just had their customer support database hacked too recently. Now all those people are forever at physical risk with criminals knowing the names, addresses, emails and more. Not cool!

    That company may also link your identity and funds to that hardware bitcoin wallet and monitor your device / addresses / balance / transactions via their software (eg. Ledger Live)… which they then pass on to governments, third parties etc.

    Buying the device without revealing your own real world identity is a one time, highly beneficial security enhancement that ensures knowledge of your stash is never revealed no matter how many times they get rekt.

    Most hardware wallet manufacturers will accept Bitcoin too making this a relatively easy way to protect yourself. Using only the Tor Browser make up a name, create a one time Proton.me email account, pay via Bitcoin you obtained via a non-KYC source and send the device to a physical address that’s not associated with your real world identity such as a PO Box.

    Is it a bit more hassle? Sure. But it only has to be done once and will protect you forever.

    Setting Up Your New Hardware Wallet

    Firstly, install the necessary software required for your new hardware wallet. Then proceed to verify the device for authenticity, generate a new seed phrase and create a backup of your seed which is essential in securing the wallet.

    Next setup the software wallet side of things with the device (either via USB or other air gapped methods) and confirm that the receiving address being generated on your computer is matched with what’s shown on the hardware wallet.

    Next it’s wise to perform a test deposit and withdrawal to ensure that the keys that make up the wallet are indeed controlling the receive addresses that they’re generating. This only has to be done once when setting everything up, but is important before depositing larger amounts in the wallet.

    Deposit a small amount ($5 or so) of funds into the 1st wallet address. Wait for at least 1 block confirmation before moving on. Next, withdraw the funds. Wait and make sure that the withdrawal transaction is fully confirmed in at least 1 block confirmation
    If all goes well and you can indeed control and spend funds from the receiving addresses, continue to transfer your valuable bitcoin to the newly generated wallet.

    Other Considerations Before Transferring Funds

  • Consider connecting your wallet to your own full bitcoin node so that your transactions are broadcast more privately.
  • Consider sending your funds through one or more intermediary addresses for privacy purposes.
  • Consider the size of your UTXO and how this will impact later spending if fee rates rise. It’s recommended to not create UTXOs of less than 1,000,000 satoshi or 0.01 bitcoin.
  • Consider whether or not you should join bitcoin received from KYC and non-KYC sources. To do so will show common ownership and essentially de-anonymize your non-KYC bitcoin.
  • Consider spreading out the transactions instead of doing them all at once. This approach helps mix things up and prevents others from detecting any patterns in your actions and trying to uncover any sneaky moves you make with regards to switching wallets.

    •  

    Maintaining Privacy and Security Post-Purchase

    Once you’ve successfully purchased a hardware wallet and transferred your bitcoin, ensuring its security and privacy should be your top priority. To prevent theft or loss of the device, it’s crucial to enhance physical security measures such as keeping it in a safe or other locked, out of the way location. Do not keep it on your desk, in a drawer, in a cupboard, or other easily accessible locations.

    Also ensure you don’t post pictures or speak publicly about your shiny new toy. Security is made up of layers and your outermost one should always be privacy. Don’t tell friends. Don’t speak about it in public. Don’t post it on the gram.

    Best Practices for Hardware Wallet Owners

    As an owner of a hardware wallet, it is crucial to adopt good habits in order to protect your digital assets. It is recommended that your recovery seed phrase for the private keys is written on good quality paper (or steel), with a pencil (not a pen as they smudge or fade) which is then laminated and then stored somewhere off site in a secure, geographically separate location. This helps prevent you from loosing everything if your house burns down or gets flooded.

    Summary

    In the thrilling world of bitcoin, safety is key. And a hardware wallet is your best bet for keeping your digital wealth secure. From understanding what a hardware wallet is, to selecting the right one, buying it anonymously, setting it up, and maintaining security post-purchase, we’ve covered it all. So, go ahead, be the master of your own bitcoin.