How do hardware wallets compare to paper wallet cold storage? The price of convenience is examined as security researcher Saleem Rashid reveals vulnerabilities in the Ledger hardware wallet.
On 20 March 2018, Saleem Rashid, a security researcher, published a quality write up on a vulnerability found in the Ledger’s Nano S hardware wallet. It’s a security principle which can extend to all hardware wallets built on similar architecture. Even if you’re more into the financial side of cryptocurrencies it’s recommended reading: as computing blends with every industry, we all need to learn a bit more about how our devices actually work.
One of the best characteristics with dealing in cryptocurrency is cutting out all the entities in the ‘middle’ which have built up over the last century to take a cut from a transaction, or sell transactional data. It’s this ‘middle man’ characteristic which some spectators use as the catalyst to start a fire of ridicule regarding the decentralized asset class. Major credit card suppliers certainly preach that this ‘middle’ serves to help protect consumers, but those that have begun using cryptocurrency as a currency in a truer sense know that with the power over purchase control, balance transferring, and privacy comes the possible risk of making a detrimental mistake in some capacity.
Image from Ledger.fr
How do hardware wallets work?
Cold wallet storage has long been the standard for keeping cryptocurrency funds on hand, quite literally, while still maintaining a good standard of security. The devices are essentially air-gapped USB keys which when rubbed the right way, produce the 20 plus word paraphrase needed to access a wallet in one part, but not revealing the key itself to the computer the device is directly connected to.
The security of these devices have long been trusted. They use a hardware security module or enclave similar to Apples security chip in an iPhone, which separates the main core from the encryption device. The paperwork which comes with most hardware wallets claim they are ‘tamper proof’. It’s a bold claim in security but we’ve all accepted it to a degree.
The Nano S has been one of the best selling hardware wallets for cryptocurrency, selling their millionth unit a few months ago in the wake of the late 2017 gold rush. Rashid describes three core methods of breaking the security specifically on a Ledger Nano S; however, it should be noted that these methods can easily translate to other brands of hardware wallets using the secure enclave model (such as a Trezor).
Major hardware wallet manufacturers have issued updates to firmware, which should be done as soon as possible. Take care in updating your devices – one attack vector utilizes the user’s need to update to remotely attack by malware disguised as the update. It’s a fortunate by product that the average cryptocurrency user also being a bit of a cryptographic geek, and checking fingerprints for installing updates should be second nature.
But how can something like this attack be prevented, or how can you remain safe when using a hardware wallet? One important factor is to only buy hardware wallets directly from the manufacturers.
The Nano S was at the center of another supply chain attack early this year, when a man bought the Ledger product from an eBay seller who had opened the package and inserted a ‘seed’ document into the box – something that should be only revealed during the setup of a new hardware device. The seller had the same key, and once the victim moved his life savings to the Nano S, the eBay seller only needed to access the same wallet and transfer the funds away.
In addition to only buying hardware wallets from the manufacturer, you should always perform a hard reset of the wallet as an added measure.
Convenience vs security
It’s the age old trade off: convenience vs security. The debate will rage on. We are leaving the play pen of the banks behind in search for more financial freedom, but outside of the walled garden built before many of us were born there is no-one but ourselves to blame for an incorrect copy and paste of a cryptocurrency
address, or the loss of a wallet seed. Humans remain the weakest link in security, evident through every cryptocurrency scam we see that has a social engineering element. We have more control than ever before over a digital commodity, and as such the cryptocurrency security industry is thriving to offer solution which can remain ahead and protect users.
The security researcher was clearly unsatisfied by both the bounty offered and the conduct of Ledger: he waived his right to the bounty in order to outline the vulnerability and expose the conduct.
Ledger’s handling of this leaves a bad taste in the mouth, yet it’s undoubted that they will remain a major hardware wallet playing into the future. Hardware wallets are here to stay, and are still a major upgrade in protecting your assets from multiple other methods. It seems though that for the ‘life savings’, it’s going to be hard to beat a paper wallet and a safety deposit box, rather ironically, housed in a bank.
Update 26th March – 16h30 (GMT): Andreas Antonopolous, security expert and renowned Bitcoin evangelist, has taken issue with thesis of this article. He argues that for the average bitcoin user, a hardware wallet is significantly more secure than a paper wallet due to the level of technical expertise required to securely generate the latter.
Use hardware wallets, most people can’t do paper wallets securely. DON’T recommend paper wallets to non-experts