Why should you use a hardware wallet?
Last updated
Was this helpful?
Last updated
Was this helpful?
In the previous article on the types of wallets, we briefly talked about hardware wallets (cold wallets). It was mentioned that a hardware wallet is safe from hacking because it stores the private key on a separate device that is not connected to the Internet. Let's go a little further and explain how a hardware wallet is secure.
Wherever assets are stored, threats should always be considered. Assets on the blockchain are related to whether or not the private key is stolen. Here, we focus on direct key takeover. (Attacks such as phishing and address swapping are different cases from key theft, since the attacker's intention and user's mistake are combined to lose assets.)
Operating process of a hardware wallet
Hardware wallet works in conjunction with a separate internet-connected device as shown in the figure below. Devices that connect to the Internet can be PCs, laptops, or mobile devices. The ultimate purpose of a transaction is to move an asset by sending a transaction history to the blockchain network. This requires a digitally signed transaction history.
In general, to write transaction details, information is obtained from the blockchain network and the transaction history is created as shown in the figure below. Then, the transaction history is sent to the hardware wallet, and the hardware wallet creates a digital signature in a safe place using the private key. When the digital signature is completed, the signed transaction is returned and the transaction is transmitted from the internet-connected device to the blockchain network.
Secure key storage
Let's say you have all your private keys stored on your smartphone. If your smartphone falls into the hands of an attacker, you may be anxious. If the attacker knows your locking pattern, the owner of the smartphone becomes the owner of the private key. Since the private key is stored within the smartphone, the security of all assets depends on the lock pattern.
If you have the key in a cold wallet, separate hardware, you don't have to worry about losing your assets from the loss or theft of your smartphone. Since a hardware wallet is a physically separate device, there is no information related to the private key left on the smartphone. The private key only works within the hardware and never leaks out of the device.
An attacker can also take over your smartphone and hardware wallet at the same time. And he will try to transfer the assets through several attempts. To prevent repeated attacks, the hardware wallet includes a mechanism to reset the device if the password is repeatedly entered incorrectly (for example, more than 10 times). This prevents attackers from transferring assets even after they have taken all the equipment.
Defense against man-in-the-middle attacks
An attacker can get your assets in a number of ways, even if they don't take your hardware wallet. Address swapping, one of the representative methods, is a man-in-the-middle attack that occurs between a hardware wallet and an Internet-connected device.
For example, let's say you want to transfer assets from a hardware wallet to an exchange. You need to make sure that the addresses on the exchange match exactly, but the addresses are not familiar to people. Malware entering the Internet can replace the recipient's address with the attacker's address. If the transaction history is not verified correctly, the asset can be sent to the attacker's address, resulting in the loss of the asset.
Therefore, it is very important to check the entire transaction history on the hardware wallet device. You can keep your assets safe by verifying information such as the recipient's address accurately within the hardware wallet and then authorizing the signature.
So far, this has been a brief explanation of how you can keep your assets safe from attackers. However, users may lose their hardware equipment due to negligence. In this case, how can the user recover ownership of the asset? This can be recovered by using the mnemonic phrase that was output to the user during the initial setup of the hardware wallet. We will learn about mnemonic phrases in the next article.
