How do crypto hardware wallets work? If you’re in the crypto space and you haven’t asked yourself this question at least once and went searching for the answer, then you may be at more risk than you’re aware of. Most people hear about the importance of having a hardware wallet and if they can afford to and are serious about crypto they purchase one.
However, they are not actually aware of what risks the wallet is actually protecting them from and what risks they are still vulnerable to. In this article, you will learn the basics of what your metamask wallet can and can’t do to protect you.
Many people (including myself at one point) misunderstand the risks that a hardware wallet mitigates. Not knowing what you are actually safe from is extremely dangerous and will lead you to have a false sense of security toward your blockchain assets. I once foolishly thought that it was impossible for a hacker to get at my NFTs as long as I stored them safely in my crypto wallet. As you read further down you will learn that that’s not the case.
How do crypto hardware wallets work?
Before you learn how crypto hardware wallets work you need to understand a little about security online. In order to be able to manage the potential risks, you may encounter you need to first identify what risks there are. How can you implement steps to control risks without first understanding the risks that you are trying to control or prevent?
Once you understand the risks, you should look for the best ways to control or prevent those risks and implement the controls. Once controls are implemented, test them.
Risks in the online space fall into one of three categories: Confidentiality, Integrity, and Availability. All risks will align with at least one of these principles and they are foundational to security risk management
- Confidentiality – Ensuring that your data is kept private
- Integrity – Ensuring that your data is correct, authentic, and reliable
- Availability – Ensuring that your data is available when needed
How do crypto hardware wallets work to keep you safe?
Here are some of the common risks encountered and how your hardware wallet protects you from them.
RISK #1 Seed phrase / private key theft – This is a confidentiality risk. The main goal of a hardware wallet is to provide a safe mechanism for interacting with the blockchain while mitigating the risk of an unauthorized entity gaining access to your seed phrase / private keys.
However, a hardware wallet does not keep your private keys safe on its own. If your backup (please ensure you always have a backup) is compromised, a scammer can use the private keys to access your assets regardless of your hardware wallet
RISK #2 Man-in-the-middle signature – This is an integrity risk. Although your hardware wallet wasn’t specifically created to fight against this type of risk it also protects you against it. There is a risk that your metamask on your PC/phone could be compromised and have you sign an unexpected transaction that looks legitimate (which happened to me once).
Everything will look as if it’s the original transaction you tried to approve while taking your signature and applying it to a separate illegitimate transaction. If you are only using a software/hot wallet, you will have no idea this is happening.
If you are using a hardware wallet, it will always show the actual transaction on your screen as you sign it. If you find that the way transactions pop up to be approved is often difficult to read try gridplus Lattice1 as it has the capability to show you what you are signing in human-readable form (not hex).
What risks are you still vulnerable to?
There are many risks you may still be affected by if you’re not careful. This article does not go in-depth into all the risks but here are a few listed below:
- NFT / ETH drains – This often happens on fake mint sites and is more common than you might think. This essentially happens because you are approving these with your hardware wallet.
- Seed phrase backup theft – This happens when your pc/mobile is hacked or compromised and your seed phrase is taken. Never store your seed phrase on your devices or anywhere online.
- Seed phrase loss due to lack of backup – This happens when you misplace or lose your seed phrase and you are unable to provide it when it is requested.
- Losing staked NFTs due to contract hack – This occurs when the contract that’s holding the nft you have staked is hacked.
Security Tests
Now that you have an understanding of the risks/controls that you need to be aware of and you bought an appropriate hardware wallet and set it up. You now have to test the controls that you implemented to make sure they do what they’re supposed to do. To do this, simply attempt a transaction from your software wallet without your hardware wallet connected.
Does the transaction succeed? If it does, your software wallet is holding your keys and you are still at risk. You need to transfer your assets to an address that is derived from the seed phrase that is only located on your hardware wallet. YOU SHOULD NEVER IMPORT THIS PHRASE INTO A SOFTWARE WALLET!
Many people often find that their wallet is behaving in an odd manner only to find that they had imported the seed phrase from their hardware wallet into Metamask. If you have done this you are NOT SAFE. Create a new seed phrase on your hardware wallet and transfer your assets ASAP.
Now that you have a better understanding of how hardware wallets work and what they protect you from, check out this article that shows you How to keep your crypto safe and save money.
If you’ve enjoyed this article, please comment below if you have anything additional that you think was left out. Please let me know if you have any particular subjects that you would like me to cover in future articles ?