Ultimate Resource For Your Crypto Hardware (And Other) Wallets (#GotBitcoin)
Daimler, the German multinational corporation behind the Mercedes-Benz brand, partnered with European blockchain interface solutions startup Riddle & Code to provide an open car hardware wallet solution, the startup announced in a press release published on July 22. Ultimate Resource For Your Crypto Hardware (And Other) Wallets (#GotBitcoin)
‘Turn Automobiles Into Future Market Places’
Per the release, car wallets have a wide variety of use cases, such as car-sharing, autonomous vehicles, real-time exchange of secure traffic data and with smart city environments to reduce congestion and lower insurance premiums. The startup’s CEO Tom Fürstner declared:
“Autonomous cars must behave consistently to be trusted. Cars are already computing devices. A secure identity ensures that the right authorities have approved code executed inside vehicles and the trustworthiness of data exchanged. RIDDLE&CODE secures this with its cryptographic hardware and uses ledgers to turn automobiles into future market places.”
(Registration) Would Enable Unique And Secure Ledger Transactions.
Blockchain In The Automotive Industry
A press release published in February also revealed that Mercedes-Benz has developed a platform based on blockchain technology to increase transparency and sustainability in complex supply chains. Furthermore, in January 2017, Mercedes-Benz has acquired digital payments startup PayCash Europa, spurring rumors that the giant is in the process of launching a payment service of its own.
As Cointelegraph Reported Earlier This Month, Self-Proclaimed
electrification, automation and digitalization global giant Siemens has shown an interest in adopting blockchain-based solutions. In particular, Siemens is exploring the use of blockchain in the transportation industry.
Investment App Abra Expands US Offerings With 60 New Cryptos
Abra is expanding its U.S. offerings, adding support for 60 new cryptocurrencies and doubling users’ bank deposit limits.
The crypto wallet and investment app provider announced Tuesday that U.S. customers are now able to deposit, withdraw or trade bitcoin SV, DAI and cosmos, among many other crypto assets. Additionally, customer withdrawal and deposit amounts will rise to $4,000 per day, $8,000 per week and $16,000 per month.
The service expansion also adds deposit and withdrawal capabilities for at least four stablecoins, including tether, TrueUSD, paxos and DAI, according to the firm.
In coming weeks, Abra will open up access to the new assets for users outside the U.S. as well. The additions bring the total number of cryptocurrencies on offer to over 200. Unlike most exchange services, Abra allows users to freely exchange all in-app assets without trading pair limitations.
The new options will not include Qtum (QTUM), bitcoin gold (BTG), EOS or OmiseGo (OMG), a spokesperson told CoinDesk. Abra announced earlier this year that its U.S. customers would not be able to hold those particular cryptocurrencies from Aug. 29, due to “regulatory uncertainty and restrictions” in the country.
At the time, the firm also said that residents of New York state could no longer use bank ACH or wire transfers, or American Express cards for deposits and withdrawals after the same date. Other U.S. users can currently fund accounts with AmEx, Visa and Mastercard, as well as bank and wire transfers, and crypto.
Ngrave Announces ‘Military-Grade’ Hardware Crypto Wallet
Ngrave has launched what it claims is the first cryptocurrency wallet boasting EAL7-certification — one of the highest security gradings in the world.
Digital asset security firm Ngrave announced sales for its flagship product, the fully offline hardware wallet Ngrave Zero, will launch next month.
The devices will be made available for purchase on Indiegogo from May 26 and are slated for shipping in October.
Ngrave Claims The First EAL7-Certified Crypto Wallet
Ngrave’s co-founder and chief executive Ruben Merre told Cointelegraph that its product introduces “a number of innovations compared to existing solutions,” stating:
“The Ngrave Zero is 100% offline, and features extreme tamper-proofing. It’s the only blockchain wallet with EAL7 security certification, which is the highest security certification in the world.”
The Evaluation Assurance Level (EAL) is an international standard for security grading that was introduced in 1999. EAL7 is the second-highest level of fifteen gradings, only trailing behind EAL7+.
“It never needs to connect to another device or over 4G, WiFi, Bluetooth, NFC, or any other network connection; not even for key generation, syncing accounts or transactions.”
Zero will use wall charging and QR codes to remove the need for any connections to the device — allowing it to remain ‘air-gapped’ at all times. Merre stated that the wallet also “features multi-layered, military-grade anti-tampering.” The unit is operated using a four-inch touchscreen.
The company has partnered with R&D firm Imec for nanoelectronics and chip manufacturing, and Cosic — a firm known for hacking Tesla vehicles on multiple occasions — for its expertise in apple industrial cryptography.
The firm has received funding from the European Commission, the Flemish government, and the Web3 Foundation, in addition to private investors.
Zero Was Developed Over 20 Months
Merre states that Zero’s development was motivated by the experiences of Ngrave’s co-founding team with poor crypto security, including Ngrave’ CTO Xavier Hendrickx’s loss of 44,000 Ether (ETH) in the 2017 Parity hack:
“Ngrave’s three co-founders asked ourselves if there was an existing solution that we would really and completely entrust keeping our crypto for us. We couldn’t find any solution in the market, so we decided to build it ourselves.”
Ngrave began developing Zero in April 2018. The team built a functional prototype on a raspberry pi and pitched their vision to Imec. “That was the beginning of our collaboration with many world-class teams to build the Ngrave ZERO from scratch,” stated Merr, “It took us a bit over 20 months to fully develop it.”
Ngrave Seeks To Replace Paper Wallets
Ngrave will also launch Graphene, which the company describes as “the first recoverable backup in the industry.”
Graphene comprises “a cryptographic puzzle consisting of two durable stainless steel plates and fully resistant to shocks, rain, fire, and other damage,” and is intended to replace “antiquated” paper wallets.
Merre asserts that Zero “notices when it is under attack and will, in that event, wipe all keys.”
Ngrave will also roll out a mobile app that syncs the accounts from a user’s devices for management, communicating with the hardware wallets using QR codes to maintain the air-gap.
Sales To Launch On Indiegogo
When asked why the firm has chosen to launch via Indiegogo, Merre emphasized the platform’s “huge user base” and “considerable traffic.” Merre added:
“[Indiegogo] helps us in identifying demand that we might otherwise overlook. For example, if the Philippines are a region that is very interested in what we have to offer, we will likely notice this on the platform.”
Ngrave Releases More Details of ‘World’s Most Secure Hardware Wallet’
With less than a week until its launch, Ngrave has unveiled more details of its EAL7-certified hardware wallet, the Zero.
Digital asset security firm Ngrave has released more details of its fully offline hardware wallet, the Zero. As previously reported, the Zero claims to be the first hardware wallet to receive EAL7 certification — one of the highest security gradings in the world.
The Evaluation Assessment Level is graded from EAL1 to EAL7, with the latter representing the fullest battery of testing possible, including design documentation and analysis, functional, and penetration testing.
In The Belly Of The Beast
To achieve such certification, Zero integrates the ProvenCore Trusted Execution Environment (TEE) from Prove & Run. Prove & Run co-owner Christophe Pagezy explained:
“ProvenCore is the first TEE to be formally proven down to the generated code. The proof also covers all of the essential parts of the TEE. ProvenCore provides a distinctively higher security level and a lower cost of security.”
The software is paired with a new, highly secure and tamper-proof microprocessor unit from ST Electronics. The Zero also features a built-in secure element that is wrapped in a tamper-proof sealed metal casing, which also shields against incoming and outgoing frequencies.
A Fresh Approach To Security
In contrast to many hard wallets, the Zero does not rely on one “master seed” that ships with the device, but incorporates elements of biometric data such as fingerprints and even environmental randomness from light levels.
The Zero eschews USB or Bluetooth connections to remain fully air-gapped and remove a potential point of failure.
Instead, communication between the device and its associated mobile phone app occurs solely through the exchange of QR codes, which contain no data about the user’s private keys.
Ngrave CEO Ruben Merre explained why potential customers should seriously consider the wallet:
“Our technology’s firmware and hardware meets the security industry’s most stringent specifications possible. This lets us assure NGRAVE wallet customers they’ll own the world’s most secure crypto cold storage wallet, as independently verified by the world’s best information technology and security standard.”
As Cointelegraph reported, Ngrave recently took on Jean-Jaques Quisquater as an advisor. Quisquater is a pioneering cryptographer and was quoted by Satoshi Nakamoto in the original Bitcoin whitepaper.
NGRAVE Hard Wallet Hits 450% of Crowdfunding Goal Within Two Days
A hardware wallet’s IndieGoGo crowdfunding campaign reached 450% of its target funding amount within two days of launch.
The NGRAVE ZERO, claimed to be the world’s most secure hardware wallet, launched its crowdfunding campaign for €25,000 ($27,850) on May 26. In the first two days it smashed this total four times over, and is now well on its way to number five.
The campaign, which was launched through the IndieGogo crowdfunding platform, is set to run for another 28 days. The campaign offers a number of perks for backers who donate above certain amounts. These range from a single ZERO wallet, through bundles including the Graphene accessory, to multiple wallet bundles and even every future product NGRAVE launches for those wishing to donate €2,500 ($2,785) or more.
Crypto Crowdfunders Support Tech Without Reward
These perks generally represent a substantial savings compared with the suggested retail price. For example, a single NGRAVE ZERO is offered to those donating €228 ($254), and the retail price is listed as €398 ($443); a savings of 42%.
Interestingly, only 33 of the 430+ backers at time of writing had opted for a perk, representing €11,760 ($13,000) or around 10% of the total raised. This means that 400 people have chosen to donate €106,500 ($118,600) without receiving anything in return.
It must be noted that some of those choosing a perk may also have over-donated for their reward tier. Otherwise the average donation for those choosing no perk was enough to bag them a ZERO wallet on release.
Security Rating Is In The Details
As Cointelegraph reported, the NGRAVE ZERO is the first cryptocurrency hardware wallet to receive the top EAL7 security rating.
In contrast to other cold wallets, which connect to their mobile phone or desktop apps via USB or Bluetooth, the ZERO communicates purely through QR codes. The benefit of this is that this method does not reveal any information about the wallet’s private key.
The Graphene accessory is billed as “the coldest backup available,” and comprises a cryptographic puzzle made of two everything-proof stainless steel plates. Together these plates allow you to store and retrieve your private key, although individually they reveal no information to an attacker.
NGRAVE also recently brought on board renowned (and Satoshi Nakamoto-cited) cryptographer Jean-Jacques Quisquater in an advisory role. He described the ZERO as:
“… the most advanced solution, really exceeding the state-of-the-art as publicly known today.”
Ngrave Launches Physical Encrypted Private Key Backup
The crypto security firm has launched officially its new key backup for crypto hardware wallets, Ngrave Graphene.
Digital asset security firm Ngrave announced the launch of a recoverable, encrypted private key backup engraved on a steel plate for cryptocurrency hardware wallets.
According to the announcement on June 10, Ngrave Graphene is now available to the public after raising more than $159,000 from a crowdfunding campaign on Indiegogo.
Ngrave Graphene has a “cryptographic puzzle” design focused on resisting electric shock, rain, fire, heat up to 1,660 degrees Celsius (3,020º F).
The puzzle consists of two plates that contain the owner’s secret key with values on the plate arranged differently for each customer. Both plates are required to recover the key.
Ruben Merre, co-founder and CEO of Ngrave, told Cointelegraph that Graphene removes the “remaining pitfalls of status quo” backup solutions:
“For one, it removes the durability issue of paper wallets or even of electronic backups that can degrade or stop functioning over time. The Graphene is a durable solution made out of stainless steel, so it can withstand a house fire and other extreme circumstances. Also, it removes the ‘single-point-of-failure’ issue of existing metal wallets.”
Major Features Of The Crypto Private Key Backup
Merre stated that it all started with a question the company asked itself and whose answer is for the entire industry: “Which solution would we fully entrust with our very first, until our very last Bitcoin?”
“The Ngrave Zero is a physically tamper-proof hardware wallet with no online attack vectors. It features top security certification for firmware updates. We also realized that, for the device to be fully secure, we needed to include usability as a layer of security. If you can make mistakes when managing your crypto on your secure hardware wallet, you might even be able to lose them by doing something wrong. So, we made the device as intuitive and foolproof as possible.”
The crypto security firm will soon launch the ability for custodians designated by the keys’ owner to recover those keys, even after that owner has died.
Partnerships With Chip Manufacturing Hubs And Research Groups
Ngrave Graphene uses cryptographic protocols like EAL7 and partnered with Imec, a research and development hub for nanoelectronics and chip manufacturing, and COSIC, a research group for applied industrial cryptography, to develop its security features.
Developer Successfully Hacks Bitcoin Wallet To Win A Contest
A Bitcoin developer managed to crack a BTC wallet as part of a contest launched through Twitter.
Bitcoin and Lightning Network project developer, John Cantrell, explained how he was able to successfully hack a BTC address by checking around a trillion seed combinations over the course of 30 hours. The feat was accomplished as part of a contest launched on Twitter by Alistair Milne — the CIO of the Atlanta Digital Currency Fund.
Milne published hints to a 12-word Bitcoin wallet seed over the course of several days. Cantrell succeeded in brute forcing the mnemonic with only 8 out of the 12 words, ultimately claiming the 1 BTC prize contained inside.
Developer Rented Several Graphics Cards
Cantrell decided to rent several graphics cards through GPU marketplaces and Microsoft’s Azure cloud computing service after realizing that his Macbook could only check 1,250 mnemonic combinations per second using his self-written CPU seed solver.
The Developer Explained:
“I was worried about other people doing the same and is why I included a .01 BTC miner fee. I didn’t think even this would be enough and thought there could be a ‘race to zero’ where people continually increased the fee trying to get the miners to include their transaction in the next block.”
Developer Who Successfully Hacked Bitcoin Wallet Ensures Bitcoin Is Still Safe
John Cantrell ensures people that Bitcoin is still safe despite the fact he successfully hacked a Bitcoin wallet.
John Cantrell, Bitcoin and Lightning Network project developer, recently revealed he had successfully hacked a Bitcoin address. His article, however, received a number of responses with many concluding Bitcoin isn’t secure. Cantrell felt people missed the point of the exercise so, in a tweet thread on June 19, explained and ensured people that despite hacking a wallet, Bitcoin is still safe.
Takes Forever To Crack The Wallet
According to Cantrell, bitcoins stored in a wallet generated from a 12-word mnemonic is secure. The only reason why he was able to hack the Bitcoin wallet was because the wallet’s owner publicly exposed eight words from his 12-word mnemonic seed. He explained:
“It would take the same system that brute forced the last 4 words of his mnemonic 837 quintillion millennium to brute force all possible 12 word mnemonics […] if you know as few as 5 words. To brute force all 12 words (just to break even on your $100B investment, assuming you can actually liquidate all the BTC) still takes 422 TRILLION YEARS.”
The only way Bitcoin is not secure is when seed words are revealed. “Your bitcoin is safe. 2^128 is a REALLY big number. Just don’t let anyone near your seed words,” he concluded.
Contactless NFC Hardware Wallet Authorizes Crypto Transactions With A Tap
A new cryptocurrency hardware wallet stores private keys securely and fully isolated, while NFC technology enables authorization of transactions through a mobile device.
Keycard is a new credit-card sized hardware wallet featuring near-field communication (NFC) to authorize cryptocurrency transactions. At launch, it features integration with combined private messenger/wallet/DeFi browser, Status App, although further integrations are planned.
The Keycard team has also released an open application programming interface (API) and software development kits (SDK) for Android, iOS and Go, so that developers can build Keycard functionality into any app requiring authorization or other user authentication.
Secure Storage And Communication Of Private Keys
Security is key. In fact, when it comes to cryptocurrency security, it is literally all down to the private key used to access your account. One of the most secure options for storing private keys is using a hardware wallet, and there are certainly an increasing number to choose from.
However, the method for sharing keys and/or authorizing transactions between the hardware wallet and mobile or desktop front-end differs greatly between devices. From early USB connected wallets, through wireless versions featuring Bluetooth, and even the recently announced NGRAVE which communicates only through visual QR codes.
The Keycard uses NFC to allow transaction authorization by simply tapping the credit-card sized wallet against your mobile device. The keys meanwhile, remain safely stored on the device itself.
What’s The Status?
The Keycard is produced by the Status Network, who also develop the Status App which it integrates with at launch. The Status App combines private messaging functionality, an Ethereum wallet supporting ERC-20 and ERC-721 tokens, and a decentralized Web3 browser.
However, the launch of the API and SDKs allow the technology to be readily implemented in a host of wallets and other applications. Whether it is to store private keys and authorize transactions, or as part of a two-factor authentication system.
Keycard project manager Guy-Louis Grau believes that the use of such technology should become the industry standard:
“As a project with an open source API, we believe the Keycard model will be an industry standard for all sorts of products that expect normal people to interact directly with their cryptocurrency. Tapping a Keycard against your phone as an added layer of authorization and ownership of your private keys should be the norm anytime someone wants to login, send money, store value and more.”
Another benefit over the ever more complex technologies employed by other wallet manufacturers to secure private keys is the price, as an NFC-enabled Keycard costs just $32.
More Companies Build Products, More Companies Build Products, More Companies Build Products,More Companies Build Products, More Companies Build Products, More Companies Build Products,More Companies Build Products, More Companies Build Products, More Companies Build Products,More Companies Build Products,More Companies Build Products, More Companies Build Products, More Companies Build Products,
NGRAVE Raises Over $430K From Hardware Wallet Crowdfunding Campaign
Cointelegraph speaks with NGRAVE’s CEO following its successful crowdfunding campaign.
The Indiegogo crowdfunding campaign for the NGRAVE ZERO has ended, raising over €385,000 ($430,000) through pre-orders via various reward tiers.
More than 1,200 backers from around the world made the campaign the most successful ever for a hardware wallet, with the total funds raised being eight times the amount of the next best.
Cointelegraph Spoke To NGRAVE Co-Founder And CEO Ruben Merre About The Success Of The Crowdfunding Campaign:
Cointelegraph: The Indiegogo campaign raised over 1,500% of its initial €25,000 goal, during what can only be described as a challenging period for the global economy. Did you ever imagine such a response was possible?
Ruben Merre: Covid not only brought uncertainty to buyers, but also for example pushed all high-converting offline events to cancellation. From the outset, we faced a big challenge. But, we came well prepared and knew where to shoot. Our own big goal set forth was to reach €250,000 with around 1000 backers. But we even broke our own “ultimate” goal of €300,000.
CT: You have beaten the previous best hardware wallet campaign by a factor of 8. What do you think attracted backers to this project in such droves?
RM: First of all, we’ve gone all out on building that one solution that we would fully trust with our first till our last cryptocurrency. We have built the most secure hardware wallet [and] obsessed about the customer- and brand-experience. Combine such a great product with two years of travel around the world to build our network and understand the customer’s needs allowed us to think deep about our brand and what we want to bring to the blockchain space.
CT: Can you give us any initial insight into regions where the ZERO has been especially popular?
RM: Well, we are a Belgium-based company, and the truth is that Belgium is actually not very into crypto. Regardless, around 20% of our sales in the campaign came from Belgium. The largest demand came from, as we expected, the USA. Around 30% of turnover stems from the USA region. The third place was for France at 9%, then the UK, Spain, and the Netherlands.
Gemini Unveils Hardware Key Compatibility on Mobile App
U.S.-based exchange Gemini announced hardware key compatibility for its mobile application, bolstering security capabilities for customers.
Gemini revealed hardware security key functionality for its mobile application, giving customers compatibility with devices such as YubiKey for added security.
Thanks to WebAuthn compatibility on Gemini’s app, iOS and Android “Gemini customers can now use USB and near-field communication, or NFC, security keys to securely sign into the Gemini Mobile App,” the exchange said Tuesday in a statement provided to Cointelegraph.
The Addition Bolsters Two-Factor Authentication
Two-factor authentication, or 2FA, allows for added security beyond a simple website password login.
If enabled, 2FA requires a code from a mobile device for website login after a user inputs their password. The code — a single-use, time-based string of numbers — comes from either a text message or a third-party application, depending on the user’s settings.
Other formats also exist for 2FA, requiring a physical device plug-in for logins, such as Yubico’s YubiKey. Hardware keys serve as one approach to protection against hacking or mobile phone SIM card swapping.
Gemini And Yubico Partner Up
Also part of the announcement, Gemini and Yubico have teamed up. “Yubikeys provide a secure, cross-platform solution you can use to access your Gemini account via our Mobile App, as well as any other sites that support WebAuthn,” the statement said.
Gemini’s main browser-based platform unveiled WebAuthn and physical security device compatibility in May 2019, a separate company statement said.
Security is key in the crypto space — an industry showing no shortage of hacks and data breaches.
A Deep-Dive Into Some Of The ZERO Wallet’s Advanced Security Features
Cointelegraph gets techy with CEO Ruben Merre, on some of the NGRAVE wallet’s security advances.
From its initial announcement back in April to the $430,000 raised in the recently completed crowd-sale, the NGRAVE ZERO has created huge buzz in the crypto community. Billed as the most secure hardware wallet available, the permanently air-gapped ZERO is the first to gain a top security rating of EAL7.
But the devil is in the details so they say, so while waiting for the first units of the device to ship, Cointelegraph asked NGRAVE CEO Ruben Merre to explain just how one goes about making the “most secure hardware wallet in the world.”
Necessity Is The Mother Of Invention
The ZERO came about following the NGRAVE founders’ poor experiences with crypto security. Not finding any existing solutions that they would completely trust with their cryptocurrency, they set about building their own.
In April 2018 the team began to develop a working prototype using a Raspberry Pi. It was the start of a journey which would see them collaborate with many world class teams and individuals, including the recent acquisition of Jean-Jacques Quisquater as an advisor.
Quisquater is considered the father of zero knowledge proof cryptography, and is famously cited in the Bitcoin whitepaper. So what does he bring to the development of a secure hardware wallet?
“Jean-Jacques is closely involved in revealing and resolving potential security threats, even those that are on practically no one else’s radar. Because he was involved in the development of the many security projects including those by secret government instances, he knows backdoors as no other. He’s also one of the minds in our team that helps us think future-proof.”
No Man Is An Island… But The NGRAVE ZERO Is
Much has been made of the fact that the ZERO remains fully air-gapped, eschewing USB and Bluetooth connectivity to communicate solely via QR codes which contain no data about the users private keys.
Also, private keys generated by the wallet’s Perfect Key system are not derived purely from a “master-seed” shipped with the device. For extra security they incorporate elements of biometric data such as fingerprints and the introduction of environmental randomness from factors such as light levels.
This might leave you wondering how you will import your existing cryptocurrency private keys onto the device, and whether they will be as secure as freshly generated ones.
“We support all the available ‘status quo’ ways of generating seeds, so you can both import a mnemonic phrase made with another hardware wallet, regardless of the length, or you can also simply create a new one on ZERO.
While we recommend using the NGRAVE Perfect Key because of its advanced security features, the user can basically choose what he or she feels most comfortable with.”
Can’t Touch This
Finally, in case anybody gets their grubby little mitts on your physical device, the ZERO has four different cumulative levels of tamper-proofing.
The first is tamper resistance, including shielding of radio frequencies, and the physical difficulty of gaining access to the device’s innards.
Then comes tamper evidence, which means that if anyone does manage to break open the device, the screen will break and it will be apparent to the user. It also incorporates cryptographic attestation, whereby NGRAVE will verify a device on first use.
“The third level is called “tamper responsiveness”. This means there are mechanisms in place inside the device that will notice that it is under attack. And ZERO will then automatically wipe the keys. This goes as deep as on the level of individual components that have their own anti-tamper mechanisms.”
Finally, there is tamper resolution, which takes place when the user is manipulating the private key in the aforementioned generation process. This results in the resolution of any potential tampering or pre-defined keys in the device.
Cointelegraph will get hands on with the device as soon as it starts shipping to bring you a full review.
A Newly Discovered Vulnerability In Ledger Wallet Could Be Disastrous If Not Properly Fixed
Ledger has failed to fully fix a major vulnerability that allows for a “Bitcoin Fork” attack.
A recent report contends that the Ledger app has failed to fix a major vulnerability that allows for a “Bitcoin Fork” attack.
Mo Nokhbeh has claimed that Ledger’s wallet fails to properly isolate the apps responsible for authorizing the transactions of different assets. This creates a vulnerability where a user’s wallet can be fooled into authorizing a transaction for a less valuable asset — such as Litecoin (LTC), Bitcoin Cash (BCH) or any other Bitcoin fork coin — when in reality, a Bitcoin (BTC) transaction is being released. Nokhbeh told Cointelegraph:
“This app should be isolated such that it only signs for testnet derivation paths. However, sending it a regular mainnet bitcoin transaction will pass. In addition, it will present the TX as if it’s testnet bitcoin, to a testnet bitcoin address.”
According to Nokhbeh, he made Ledger fully aware of this vulnerability, and despite acknowledging it, the company has failed to fix it. Instead, they have chosen to release an update to their existing app that will provide users with a warning prompt if such an exploit is detected.
Blockchain Phones And Bitcoin Watches: Revisiting The Crypto Tech Hype
Blockchain smartphones and crypto-storing watches: Which innovative devices have actually gone from concept to reality?
Talk of cryptocurrency and blockchain-powered gadgets inevitably spiked alongside the hype for token prices. But looking back, have they delivered any meaningful changes to users, or are they just another result of the hype synonymous with the space?
The surge of interest in the space came to a head in 2017 as Bitcoin (BTC) hit never-before-seen highs of around $20,000 before crashing dramatically and entering the bearish crypto winter. While the collapse left devastation in its wake, the months of focus brought Bitcoin, cryptocurrency and blockchain technology into the mainstream consciousness like never before.
Many projects were conceptualized and brought to life during that period, and that inspiration led to a number of technological developments that were aimed at cryptocurrency users and blockchain innovators.
Blockchain smartphones and cryptocurrency-enabled luxury watches have grabbed headlines over the past few years. Some have received positive feedback, while it’s not clear if other products have even seen the light of day.
Smartphones have become a literal extension of the bodies of billions of people over the past decade. According to Statista, over 40% of the global population uses smartphones, meaning that over 3 billion people have them. The likes of Samsung, Huawei and Apple’s iPhone are dominating the sector with the latest technology crammed into their futuristic devices.
Smartphones can do almost anything these days, and it was only a matter of time before cryptocurrency and blockchain applications were integrated into these companion-like devices. Indeed, there are a handful of manufacturers that are positioning their devices as blockchain smartphones.
Samsung’s Galaxy S10 is probably the most high profile, although the device itself isn’t “blockchain-powered” but, more specifically, blockchain-enabled. The S10 made headlines for its application for storing cryptocurrency private keys, dubbed Samsung Knox, as well as a built-in cryptocurrency wallet, the Blockchain Keystore.
Over the course of 2019, the Galaxy S10 added support for over 30 different cryptocurrencies in its wallet. Toward the end of the year, Samsung launched the “KlaytnPhone,” a variant of the Galaxy Note 10 that featured its cryptocurrency wallet and Knox application and also rewarded users with 2000 Klay tokens, the native currency of the Klaytn blockchain.
These crypto and blockchain features were integrated into the company’s latest Galaxy S20 smartphone.
Taiwanese electronics firm HTC also has its own blockchain smartphone, the Exodus. Launched in March 2019, the device was originally only available for prepurchase using cryptocurrency, but it became available via fiat as well.
The Exodus comes standard with a hardware wallet application that allows users to store their own private keys. It also comes with the Opera browser, which provides access to a plethora of decentralized applications. As Wired summed up in its product test, it’s a useful smartphone that provides reliable applications for cryptocurrency users.
The latest edition of the HTC blockchain smartphone is the Exodus 1S, which it claims is the first device capable of running a full Bitcoin node. The device’s social key-recovery feature was applauded by Ethereum co-founder Vitalik Buterin, as it allows users to give parts of private keys to trusted contacts to enable recovery.
The HTC Exodus 1 can only be purchased from the manufacturer’s website, although not all payment options are available, and its Binance model appears to be out of stock. The HTC Exodus 1S is only available for purchase in certain regions and is not yet available worldwide.
Blockchain startup Sirin Labs laid claim to the title of the first company to launch a blockchain smartphone in November 2018 with the “Finney.” The device comes standard with a built-in cold storage wallet, token conversion service and DApp ecosystem powered by its proprietary Sirin operating system.
The cold storage is physically separate from the rest of the device, and users can carry out peer-to-peer transactions without the need for a centralized exchange. The Finney appears to only be listed for purchase on the Sirin Labs website, although it was also available on Amazon at one point.
Pundi X, a decentralized offline cryptocurrency sales network, is reportedly also working on developing its own blockchain smartphone. The company claims that its “Blok on Blok,” or BOB, smartphone will have all data executed by its Function X blockchain.
According to the company, users will be able to switch between two operating systems: a blockchain mode and a conventional Android mode. The blockchain mode aims to give users complete control over their data. The project will be bankrolled by a crowdfunding initiative, and only 5,000 devices will be offered in the first manufacturing run.
All things considered, the devices that were released were seemingly met well. Further development of crypto-enabled smartphones with reliable functionality may introduce a swathe of new users to the space, provided they offer the same level of experience as any non-crypto smartphone.
Furthermore, aside from Samsung’s S10 and Galaxy Note models, these devices seem fairly difficult to acquire online, as they are mostly only listed for sale on their own websites.
Nice Watch, But Does It Accept Crypto?
While cryptocurrency functionality is slowly being incorporated into handheld devices, three world-renowned Swiss watchmaking companies have released timepieces that are inspired by Bitcoin and cryptocurrencies.
In September 2018, Hublot announced the launch of its Big Bang Meca-10 P2P watch. The Bitcoin-inspired timepiece was designed as a commemorative collector’s item celebrating the 10-year anniversary of the preeminent cryptocurrency.
Only 210 watches were made in the collection, with that number symbolizing the 21 million supply limit of Bitcoin. The watch was initially valued at $25,000, and prospective buyers had to sign up for a presale managed by Asia-based digital asset brokerage firm OSL. Another caveat was that these watches could only be purchased with Bitcoin.
It is not clear if the limited Hublot watches were actually built and sold. A confirmation request sent by Cointelegraph remained unanswered at the time of publishing.
Another luxury Swiss watchmaker, Franck Muller, also launched its own cryptocurrency-inspired timepiece in May 2019. The “Encrypto” watch series was released in partnership with investment firm Regal Assets, with its core functionality featuring a Bitcoin cold storage function.
The Frank Muller Encrypto line now features different styles for both men and women, with price tags ranging from $20,000 to $65,000. The different watches are made of various luxury materials including gold, diamond and carbon fiber.
The dial of the watches includes a laser-etched QR code for its corresponding public wallet address for receiving Bitcoin payments.
Users also receive a USB stick that stores the private key of the corresponding public address. Franck Muller has claimed that its deep cold storage wallet “cannot be hacked” and uses “offline generated, non-deterministic TRNGs (True Random Numbers Generated).” Like the Hublot Big Bang Meca-10 P2P, the Franck Muller Encrypto can be bought with either BTC or fiat currencies.
The third Swiss watchmaker to have announced the design of a luxury watch with a built-in cryptocurrency cold wallet is A. Favre & Fils.
The company unveiled a concept idea of what it claimed as the first-ever Swiss handcrafted mechanical watch with a built-in cryptocurrency cold wallet and state-of-the-art security solution.
The watch was expected to be launched in the second quarter of 2019, and it was touted to cost in excess of $100,000, making it the most expensive cryptocurrency cold wallet timepiece on the market. Cointelegraph reached out to A. Favre & Fils to find out if the timepieces were ever released but received no response as of publication.
It seems clear that as technology progresses, more functionality is being crammed into the latest devices. Whether it’s a smartphone or luxury timepiece, there’s a good chance that the item has some serious technological capabilities beneath the surface.
This is the case with cryptocurrency-enabled gadgets. Devices are now being delivered to the market with built-in cold storage wallets, decentralized and centralized exchange applications, and numerous other functions.
Some of these gadgets are arguably overhyped, but it seems that the majority of companies that are incorporating cryptocurrency support into these devices are trying to give users the best in security and functionality.
Meet Torus, The One-Click Blockchain Wallet Trying To Make Web3 As Easy As Chrome
People may like the idea of blockchains and web 3.0, but they tend to hit an immediate obstacle in the form of private cryptographic keys and mnemonic seed phrases that cannot be lost, forgotten or divulged at any cost.
Private key management specialist Torus replaces that jarring user experience with what appears to be a familiar single login, but one that’s reinforced behind the scenes by a clever distributed architecture built for web 3.0.
Announced Monday, the Singapore-based startup has released a one-click Chrome browser extension for its Torus wallet and added a new product called tKey, a custom version of two-factor authentication (2FA). The extension will also work in Brave.
When information is exchanged online, users don’t want to know about the underlying public key infrastructure (PKI) – and so it should be with blockchains and the next generation of the internet, or “Web3,” said Torus Labs CEO Zhen Ju Yong.
But while people don’t want that tricky user interface, they do, of course, want to control the process in a decentralized manner, Zhen added.
“Our goal is to make key management convenient to the mainstream user – my parents, for example – to be able to use crypto, while still retaining the level of security and non-custodiality which is needed for decentralized applications,” Zhen said in an interview.
“We’ve always seen ourselves more as a key management company rather than a wallet. We are kind of a step up for wallets, more like an
How Torus Works
At a high level, Torus splits and distributes sensitive data needed to construct a user’s private key between the user and nodes on the Torus network, which includes Binance, Ethereum Name Service (ENS), Etherscan, Matic Network, Ontology, Skale, Tendermint Core and Zilliqa.
Distributed key generation is generally divided into three parts, or “secret shares” (Shamir’s Secret Sharing, or SSS, for the technically conversant), with two held by the user and the third further split across the Torus network.
The new tKey release allows users to easily add and control incremental layers of security, a kind of customizable 2FA that works like a smart contract, said Zhen. An obvious extra security layer to add would be a mobile phone, which could store a user’s additional secret share in its secure enclave, protected by a biometric passcode.
If the user has more than one mobile device, they could add as many layers of security as they want.
Similar to other 2FA systems, as long as the user has access to two out of three of their secret shares, they will be able to retrieve their private keys and login.
‘On The Shoulders Of Giants’
For many users, logging into dapps is done by authenticating with MetaMask, the kind of default Ethereum browser wallet. Torus has built on top of MetaMask (although it should be mentioned that the ConsenSys-backed plugin recently changed its licensing) to create its new Chrome extension.
“We greatly appreciate the MetaMask team’s hard work and development,” Torus wrote in a press statement. “However, due to Torus’ necessity of being open source, Torus Extension (forked from 22 June 2020) continues to use its older MIT license.”
Zhen described the arrangement as “building on the shoulders of giants” and stressed that Torus is not seeking an edge over MetaMask.
“By no means do we feel like we want to compete with MetaMask. We’re actually in talks with MetaMask with regards to their licensing changes, and about potentially integrating,” he said.
In July of last year, Torus raised a $2 million seed round led by Multicoin Capital including Coinbase Ventures and Binance Labs, while testing the first version of hassle-free login using Gmail, akin to OAuth protocol on the internet.
Torus has always had a close relationship with Binance, which invested $500,000 in the seed round, and the largest exchange by volume is now playing a central role in the new Torus product releases.
“We’re super-excited that Binance actually co-developed tKey with us, and it’s going to be an open-source SDK,” said Zhen. “We are launching this together. Along with this SDK, Binance itself and the Chrome extension for Binance DEX and Smart Chain is going to have both Torus and tKey integrated into it as one of the core key management flows.”
Bitcoin Hardware Devices Need To Improve To Handle Complex Transactions
Time for hardware wallet devices to make a difference.
Jameson Lopp, co-founder and CTO of Casa, a crypto custody firm has released a test result report on Bitcoin multi-signature hardware signing performance on the Casa blog on Sep. 13.
The result shows that hardware crypto wallet devices can handle small, simple transactions well. However, they have trouble performing once the transaction becomes complicated. Casa is said to be built upon geographically distributed multisig, dedicated hardware devices to secure keys, designed user experience, and client services.
Lopp pointed out that while the company has no control over the hardware devices, the goal is to support any device at the end of the day. Thus, he decided to conduct research and hoped to draw some conclusions and help multisig software providers better understand the limits of hardware and customize wallet software for better performance.
Casa is currently compatible with six hardware including Trezor, Ledger, Coinkite and Coldcard The test was done on all the supported hardware devices and also BitBox.
Lopp set up the test by leveraging Electrum’s 4.0.2 appimage on Debian Linux and created a variety of P2WSH (native segwit) multisig wallets that use Bitcoin’s testnet and with the hardware devices plugged in via USB. In each wallet, there was a deposit of 100 UTXOs.
Lopp created a series of tests to determine these hardware wallet capabilities when signing multi-signature transactions of varying complexity. He repeated these tests and concluded that it’s better and more secure if hardware devices can show progress indicators for loading and signing. He added that:
“I came to really dislike hardware devices that don’t show progress indicators for loading and signing. As such, I highly prefer Coldcard and Trezor in this respect. BitBox and Ledger are anxiety-inducing because you have no idea if anything is actually happening.”
When it comes to overcoming transaction size limitation and delay of transaction processing time, Lopp suggested that hardware wallets could try to break up a send into multiple smaller transactions that are below its limits.
When the transaction process takes too long, some devices will lock itself from inactivity. Lopp suggests that the least device manufacturers could do to avoid such inconvenience is to disable the screen lock timeout while the device is still working on the transaction.
According to Lopp, hardware devices should also support Partially signed Bitcoin transactions (PSBT) and all possible valid multisig transactions. He added that:
“I believe it’s time for hardware manufacturers to start acting like platform providers and ensure that they are providing robust platforms that can be used to build a wide variety of solutions.”
There are two steps for hardware devices to follow when signing a Bitcoin transaction, according to Lopp:
“First, The transaction gets loaded onto the device, it parses the details and displays them on the screen for user confirmation. These details are generally the address(es) to which funds are being sent, the amount(s) being sent, and the fee being paid. Then, Upon user confirmation, the device signs each transaction input and then returns the signed transaction to the wallet software.”
Crypto Wallets In 2021: From Hot To Cold, Here Are The Options
The main thing regarding crypto wallets today is the safety and responsibility of users.
After another jump in the price of major cryptocurrencies at the end of 2020, crypto enthusiasts began to mine, sell and buy currencies with renewed vigor — which means that nowadays, the topic of custodying cryptocurrencies is more relevant than ever. But unlike the past bullish waves, this time many users are also concerned with how to protect their assets.
The blockchain industry is developing, and traders have become noticeably smarter, but scammers and thieves have also become much more agile. This is also indicated by the period appearance of news related to exploits and rug pulls, not only regarding ordinary users but also large exchanges, decentralized finance projects and even nonfungible tokens.
Fraudsters use a variety of tools, from hacking accounts to creating malware. Even well-known projects do not avoid this fate. For example, Trezor recently detected fake apps on Google Play, which affected some users. And at the end of December 2020, more than 270,000 clients of the popular Ledger wallet faced threats after their personal data was exposed by a hacker.
All of this suggests that crypto enthusiasts should be exceedingly careful when choosing how to store their assets.
Buying Crypto Goes Mainstream
In 2021, Bitcoin (BTC) has firmly established itself as a commonly accepted investment instrument and store of value, and it is now being likened to gold. This became especially noticeable when institutional investors started to explore and invest hundreds of millions of dollars — sometimes billions — into BTC.
From Jack Dorsey’s Square recently spending a further $170 million on BTC to M31 Capital filing documents with the United States Securities and Exchange Commission to launch a new Bitcoin hedge fund, crypto is going mainstream.
Furthermore, Grayscale Investment’s Bitcoin trust now manages over $37 billion in BTC, which suggests institutional investors feel confident in the instrument. All of these examples work to cement crypto as a viable investment option for retail investors as well.
Also, in addition to simply buying cryptocurrencies, new ways to earn money have appeared on the market, such as decentralized finance protocols that offer various blockchain-based financial services. In fact, this is a very good way to get a fixed income in cryptocurrency with rather high annual interest rates.
The rise of decentralized exchanges has simplified even further the process of owning and exchanging cryptocurrencies. This method of trading cryptocurrencies has been rapidly gaining popularity lately.
Such exchanges, like Uniswap, allow users to carry out transactions directly between wallets. This method implies that users have to know how to store crypto properly and transact through a third party.
Alternatively, users also have centralized exchanges at their disposal; however, there are certain risks regarding the storage of funds. For centralized exchanges, this means that crypto in the platform’s accounts automatically falls under the custody of the exchange, which means that users don’t have full control over their assets. Thus, it is advised by most crypto commentators to store crypto in external wallets.
Examples Of Crypto Wallets In 2021
Each user should remember some elementary security rules unrelated to cryptocurrencies themselves or the equipment that is used. The most important one is that users need to remember their password. It would seem obvious, but users regularly lose huge amounts of money simply because they forget passwords.
Blockchains do not have a password reset function, and there’s no support service to call on. Also, forgetting a wallet’s 12-word seed phrase or writing it down on a medium that gets lost easily is a mistake. The most effective recipe for protecting crypto assets is to be responsible for storing passwords and create a passphrase for the key.
In the case of online wallets, it is a little easier, and the effects of losing a password can be avoided because the keys are held by a trusted third party. The owner of the wallet does not control the keys, they simply login with a username and password. Thus, if their password is lost, they can contact support services, confirm their identity and reset the password. However, from the perspective of decentralization, this is not the perfect option, as the user delegates the control of their keys to a third party.
It is up to the user to decide what’s more important to them and if they indeed trust the company that hosts the gateway to their crypto holdings. Furthermore, any user should be responsible for their capital themselves because no crypto wallet or blockchain is responsible for forgetfulness or inattention.
There are several prominent types of wallets out there:
Hardware wallets represent a more sophisticated way to have a wallet, storing currencies on external offline devices. Some of the most popular solutions are Trezor, Ledger Nano X and KeepKey. These wallets usually come in a form of small flash drives and can support thousands of cryptocurrencies.
For example, Trezor offers two types of wallets, Trezor One and Trezor Model T, which can be purchased for $60 and $193, respectively. The Trezor One wallet has two control buttons, and the newly developed Trezor Model T has a touch screen.
The device is connected to the user’s PC using a cable. Security is ensured through the device, which stores the secret key and signs off on transactions offline within the device itself. If viruses are present on the user’s PC, it does not mean that they have access to the wallet. Naturally, in order to avoid losing money and being scammed, users should buy such wallets only through the official websites and make sure that the device is packaged as stated by the producer.
The process of connecting a wallet is quite simple: Users need to go to the official website, download an app and set up a new wallet. The main requirement is to write down and save a mnemonic phrase of 24 words then create and confirm a password.
Local wallets are the most popular type because they can be downloaded or installed onto devices. Users can enter such wallets only from the device on which they are installed. When using a local wallet, the owner has full control over their assets, as private keys are stored locally on the device without third parties having access to this information.
Today, some of the most popular local wallets are Jaxx, Exodus and Edge, which are examples of free multicurrency wallets that support a huge list of cryptocurrencies. In addition to a desktop version, these wallets tend to also have a mobile version. Most of such platforms have been integrated with the likes of ShapeShift and Changelly, where currency conversion is carried out directly within the app without switching over to a cryptocurrency exchange.
Private keys are stored exclusively on the owner’s device, and protection is provided by using a PIN code, with the option to copy private keys for storage offline.
Web wallets work with cloud storage, and users can access them from any device. Such wallets are just apps on mobile phones or can be accessed via websites, which is very convenient. For example, Matbea, Coinbase and BitGo are all web wallets and exchanges in one service. Matbea supports only seven major cryptocurrencies, which is not a broad range by today’s standards, but in terms of security, this wallet has a head start.
Most of these services make use of two-factor authentication: a code sent via SMS or email and a separate password. Even if a virus has settled on users’ PC, in no way will it be able to read the code from their mobile device to gain access to the wallet. And if a virus settles on a smartphone, it will not be able to read the password or email code. Files are regularly backed up, so even in the event of an accident or hard drive failure, users’ currency will be immediately restored.
Finally, paper wallets are quite reliable, but due to the fact that their public and private keys are printed on paper, they are not used very often. But such wallets seem to be the most interesting way of using crypto. In fact, a paper crypto wallet is just a sheet of paper with a printed QR code that contains an encrypted address for storing cryptocurrency funds. QR codes first need to be scanned to carry out cryptocurrency transactions.
This method of storing cryptocurrencies is fairly safe, as the cryptocurrency is completely protected from the attacks of fraudsters. Along with hardware wallets, paper wallets are often referred to as “cold storage,” as they are completely isolated from the internet and cannot be hacked from the outside.
To create a paper cryptocurrency wallet, users need special software such as Bitaddress.org, which has an open-source code. The service creates a cold storage wallet using randomly generated numbers right in one’s browser. Secret keys remain with users and are not saved on Bitaddress.org’s servers.
WalletGenerator also works like Bitaddress.org, with users needing to move the mouse to increase the randomness of the key generation. The developers also recommend turning off the internet and running the generator from a local HTML file after downloading the archive from GitHub.
There are wallets that combine several methods that were mentioned above. For example, Casa, developed in mid-2020, combines the functions of a local and mobile wallet, with developers outlining security as the main end goal.
When creating a wallet, the user does not need to enter and save a seed phrase or personal data, only email and name. In addition, the wallet does not track one’s location or data transmitted and is devoid of third-party analytics tools. The user is prompted to create a key that will be stored on the device, and the backups will be split between Casa’s own storage and Google or Apple cloud storage. Only the user has access to the key, which requires two-factor authentication.
Another wallet that provides a combined experience is Savl, a mobile wallet for Android and iOS that brings together a peer-to-peer platform, crypto wallet, messenger and cryptocurrency payment service.
The wallet has been operating since 2020, and as in the case of Casa, the developers claim that special attention was paid to security and privacy.
When registering a user, the application generates a unique string of 12 words that is stored on the user’s device. No one except the user has access to it, not even the developers. Access to the app is protected by a six-digit PIN code that is set by the user.
Can A Wallet Be Completely Secure?
All crypto wallets are safe in their own way, if one chooses them carefully and understands why they are needed. Which wallet to choose depends on the specific person, but the main thing here is security and the ability to store private keys or seed phrases.
If a user needs to store a large amount of crypto, then it’s better to buy a hardware wallet. For those constantly trading on exchanges, users can store funds in wallets created on these exchanges so as to quickly make transactions and not have to pay a transfer fee. However, if the exchange is hacked and there is no insurance fund in place, crypto may be lost.
For everyday use, web wallets are rather suitable. The popularity of this type of wallet is due to the ability to quickly and easily sell various cryptocurrencies and make transfers directly to an exchange.
Overall, cryptocurrencies were created on the premise of decentralization, which means each user controls their own funds instead of a centralized entity. Hence, no matter what method for storing crypto the user chooses, they must bear the responsibility for their funds.
Jack Dorsey Outlines Square’s Tentative Plans For Bitcoin Hardware Wallet
“Bitcoin is for everyone. It’s important to us to build an inclusive product that brings a non-custodial solution to the global market,” the CEO said.
Square Inc., the mobile payments company behind the popular Cash App, is strongly considering developing an open-source Bitcoin (BTC) wallet, signaling continued conviction in the future of digital currency payments.
“Square is considering making a hardware wallet for Bitcoin,” CEO and co-founder Jack Dorsey tweeted Friday. “If we do it, we would build it entirely in the open, from software to hardware design, and in collaboration with the community.”
Square is considering making a hardware wallet for #bitcoin. If we do it, we would build it entirely in the open, from software to hardware design, and in collaboration with the community. We want to kick off this thinking the right way: by sharing some of our guiding principles.
— jack (@jack) June 4, 2021
Dorsey outlined his rationale for a new Bitcoin hardware wallet in a series of posts where he reiterated the importance of self-custody and the need to create a seamless mobile experience for crypto users. In Dorsey’s view, “assisted self-custody” can greatly simplify the experience of managing one’s own crypto wallet:
“Custody doesn’t have to be all-or-nothing. We can probably simplify custody through ‘assisted self-custody.’ Assisted requires great product design: minimal setup time, relying on existing devices, and end-to-end reliability.”
While self-custody is important, Dorsey said a confluence of forces are needed to attract new users to Bitcoin. “Layer 2 is essential for growth,” he said, adding:
“The orders-of-magnitude growth we imagine requires a mix of custodial, off-chain, and second layer solutions that allow people to ‘get off of 0.’ What tech investments can enable seamless, scalable, L2 native support for a hardware wallet?”
Square is one of the largest corporate holders of BItcoin, with 8,027 BTC on its balance sheet. Its holdings are currently worth $297 million based on current prices. Square’s Cash App is generating the bulk of its revenue from Bitcoin sales, highlighting growing retail interest in the digital asset class.
Jack Dorsey Confirms Square Is Building An ‘Assisted Custody’ BTC Hardware Wallet
Jack Dorsey and hardware lead Jesse Dorogusker have both confirmed Square’s plans to develop a Bitcoin hardware wallet.
Digital payments firm Square is building a Bitcoin (BTC) hardware wallet, with CEO Jack Dorsey and hardware lead Jesse Dorogusker both confirming the plan on Twitter.
The tech entrepreneur and Bitcoin proponent first teased the idea for a Square hardware wallet and custody service last month but revealed today that “we’re doing it.”
— jack (@jack) July 8, 2021
Dorogusker said on Twitter that Square wants to make Bitcoin custody more mainstream and outlined the pathway for the hardware wallet rollout:
“We have a lot of questions and issues to reconcile and we’ll start with this product direction: bitcoin first, global distribution, multisig to achieve ‘assisted-self-custody,’ and prioritizing mobile use.”
Our next step is to build a small, cross-functional team, which will be led by @max_guise (welcome back!!). We will incubate this full-stack of tech, design, product, manufacturing, and supply chain with @templetonthomas & Square’s hardware team to start with a strong foundation.
— Jesse Dorogusker (@JesseDorogusker) July 8, 2021
Our next step is to build a small, cross-functional team, which will be led by @max_guise (welcome back!!). We will incubate this full-stack of tech, design, product, manufacturing, and supply chain with @templetonthomas & Square’s hardware team to start with a strong foundation.
Dorsey explained the term “assisted-self-custody” last month, noting that the firm is looking to provide a simplified experience for managing a hardware wallet.
“Custody doesn’t have to be all-or-nothing. We can probably simplify custody through ‘assisted self-custody.’ Assisted requires great product design: minimal setup time, relying on existing devices, and end-to-end reliability,” he said.
As crypto has seen a massive uptick in speculation from new investors amid the growth of the sector over the past 12 months, the topic of crypto custody is becoming increasingly important.
Hardware wallets are one of the most secure ways to hold crypto-assets because they enable users to store their private keys and holdings on external offline devices. But average users complain they are complicated to learn how to use.
Storing funds on an exchange can be risky, as the user doesn’t have full control over their assets, which can be lost to hacks or caught up in regulations.
It is also alarmingly easy for hackers to swipe users’ digital assets by deploying tactics aimed at acquiring personal information, such as SIM swaps, malware and even fake apps on Google Play.
Software wallets on computers or mobiles also face the risk of malware.
How Crypto Wallets Fit Into Investors’ Pockets
A coming wave of companies providing accounts for digital assets could reorder the consumer crypto landscape.
More players are beginning to arrive in the world of digital assets. Investors will have to think about what it means for their wallets—and for wallet stocks.
At the beginning of a person’s journey into the world of cryptocurrencies such as bitcoin, “wallet” often refers to what a traditional bank or brokerage account already does: hold a customer’s assets. It is a basic building block of crypto finance’s future. A wallet can be attached to an exchange for trading, used to make purchases with crypto, or to help access the world of nonfungible tokens and decentralized finance, or “DeFi.”
Many Americans started investing in crypto through dedicated platforms such as Coinbase Global. Others might have taken advantage of crypto trading at online brokers such as Robinhood Markets or SoFi Technologies, or via payment companies such as Square or PayPal.
This relatively small group of mainstream firms offering crypto access has seen revenue surge during the recent boom, propelling public stock offerings and share-price gains.
Now the range of investments might be growing, with old-school financial firms offering ways to hold or trade crypto. Interactive Brokers launched crypto trading in September. Visa and Mastercard, through individual partnerships with crypto firms, said they are working on bringing the ability to offer crypto services to banks and beyond. Some established custodians that back online brokerages are also at some stage of supporting crypto.
A big question for investors is whether rising mainstream interest in crypto also will bring the mainstreaming of crypto wallets. If casual investors are soon able to cheaply hold crypto in the same place as their longtime checking, saving or brokerage account, could early dedicated wallet companies lose their edge?
But wallets come in many flavors. One distinction is whether a wallet is “custodial” or “noncustodial.” A custodial wallet is what most brokerage investors are used to, entrusting the accounting of your holdings to intermediaries that ultimately hold the assets. (Yes, you only indirectly “own” that Apple stock).
By contrast, a noncustodial wallet essentially lets individuals hold digital assets directly, with the ability to move them around on their own. They are secured by codes known as “keys.” Noncustodial wallets also can be a way to branch out and hold nascent alternative coins or take advantage of “DeFi” applications.
Some would say that the latter type is fundamental to the whole decentralized promise of crypto, often with the saying: “Not your keys, not your crypto.” However, an individual then bears the risk of losing her or his keys or having them stolen.
In an extra step, some owners prefer physical devices not connected to the web to keep keys safe. Square, for example, says it is going to build so-called hardware wallets.
Mainstream crypto brokers typically provide a form of custodial wallet. Coinbase notably offers both types as part of its aim to stay on the cutting edge. Wallets themselves are generally free to use. Brokers make their money from fees for trading, lending or other activities. Those fees are expected to come under pressure as more firms offer services and consumers become more sophisticated.
Even basic wallets might be vulnerable to the continuing evolution of cheap and familiar exchange-traded funds linked to crypto. An investor who just wants a bit of bitcoin exposure can now do so in an existing brokerage or retirement account.
Today’s basic wallets could get more sophisticated quickly, though. Robinhood is working on a new wallet with additional capabilities it expects to start rolling out soon. Over one million people already are on a waiting list.
A more settled regulatory picture would likely accelerate things, too. A group of top U.S. financial regulators recently urged new standards for certain custodial wallets. Often a limit on what noncrypto-native firms offer is their comfort with the regulatory regime.
They frequently work with back-end crypto specialists that can support an array of activities for wallets. For example PayPal, Interactive Brokers and others work with Paxos, a regulated custodian that provides exchange services.
Some people may get introduced to crypto wallets without even realizing it. Mastercard, for example, joined with recently listed Bakkt to help banks, merchants and others offer services such as crypto rewards on card spending.
Those rewards might be viewed in a bank’s app, but could live in a custodial wallet with Bakkt. Offering wallets might also help future-proof banks and other traditional players in a world in which there are tokenized dollars or shares.
Wallets could play a role in spending, too, even if crypto itself isn’t widely accepted by stores. Visa is working with digital-asset firm Anchorage to help banks offer crypto services, as well as to help Visa itself settle transactions with a digital token fixed to the U.S. dollar—a so-called stablecoin.
This could make it easier to spend digital assets in a wallet via Visa’s networks without needing to change it to traditional fiat money to settle.
The big question may be whether holding customers’ crypto is key to getting their broader financial business. At the end of the day, the most important wallet is the customer’s.
The Team Behind The World’s First Hardware Wallet Says It’s Still Thriving After 8 Years
As long as there’s a recovery seed written down, a PIN and passphrase installed, it’s theoretically impossible to hack the Trezor One, which debuted in 2014.
Like all things, Trezor, a household name in the crypto community with over 1 million units sold, came from humble beginnings. The idea all started out in 2011 after a Bitcoin (BTC) conference in Prague, Czechia — which, by the way, was just voted the most beautiful city in the world in a Time Out magazine survey.
Two crypto enthusiasts, Pavol “Stick” Rusnák and Marek “Slush” Palatinus, envisioned a small, single-purpose computer that would securely store users’ Bitcoin private keys.
In 2013, the two founded SatoshiLabs. The following year, the first-ever Trezor wallet — Trezor One — launched. Then came the Trezor Model T, which added a touchscreen to the device. Both are still found on the market worldwide, with their firmware patched each month or so.
With the invention of seed recovery and passphrase protection, Trezor set the norm for the industry in terms of hardware wallet security.
During an exclusive interview with Cointelegraph, Kristýna Mazánková, head of PR at SatoshiLabs, and Josef Tětek, Trezor’s brand ambassador, discusses how Trezor still remains true to its goal of privacy and security after all these years. When asked about the vulnerability of their customers’ data, they said:
“We don’t have any data on our customers [in our servers] because every 90 days, we wipe whatever is stored. So that’s something that is super important to us because we understand that everything is theoretically hackable.”
They noted that, “When it comes to security, the key feature is it’s a standalone physical device. It’s not possible to hack it remotely.”
“If somebody were to get your hardware wallet, there is an additional layers of protection, such as the PIN code, which locks the device. Even if they were to get around that, there’s always the recovery seed.”
Tětek then explained that it’s still not the end of the world if hackers manage to find one’s recovery seed, as the inclusion of a passphrase makes the recovery seed useless by itself. “If you have your Trezor setup, with a recovery seed written down and protected with both PIN and passcode, there’s no way to hack the device at all,” says Tětek. However, he warned:
“Without the passphrase protection, there is the possibility to read the seed from the device if you have very specialized equipment.”
When asked about just how on Earth a hacker managed to hack a Trezor wallet and recovered $2 million in ‘lost’ crypto in January, Mazánková and Tětek told Cointelegraph:
“It was like a double coincidence that the owner didn’t update their firmware for five years and didn’t have a password set up. So I think the engineer conducted about 1,000 tries to make sure he didn’t fry the chip before extracting it because if he had one mistake on the chip, he would fry the chip, and the wallet would become non-recoverable.”
Privacy and security aside, since the release of Model One and Model T, there have been additional features, such as doing everything on display, desktop, or web applications when connected. In addition, one can buy and sell Bitcoin and other cryptocurrencies directly to an address via Trezor Suite.
This year Trezor is also focusing on integrating CoinJoin into its hardware wallet. Made possible by Bitcoin’s Taproot upgrade last November, CoinJoin collates multiple Bitcoin transactions into a single arrangement to obfuscate who owns which coin afterward, thereby significiantly improving user privacy.
Another major update on the table is being able to run one’s own node directly from the Trezor Suite.
Wallet Provider Ledger Launches Crypto Debit Card
The new crypto debit card supports several leading digital assets, including Bitcoin, Ether, XRP, Litecoin and USD Coin.
Cryptocurrency wallet and infrastructure provider Ledger has debuted a new debit card that enables users to buy goods and services with their digital assets, potentially opening the door to wider adoption of crypto payment services.
The Crypto Life card, also known as “CL,” was introduced at Ledger’s biannual Op3n conference on Thursday. The debit card is linked to Ledger Live, a desktop and mobile application that enables Ledger users to buy, swap and stake cryptocurrencies. The CL card supports several cryptocurrencies, including Bitcoin (BTC), Ether (ETH) and stablecoins USD Coin (USDC) and Tether (USDT).
Cardholders have the option of instantly converting their crypto into fiat for the purpose of spending as well as obtaining a line of credit using their digital assets as collateral. The latter option gives cardholders the ability to use their debit card without having to sell their crypto. Users can also deposit their paychecks and select which percentage of their income they want to convert into BTC and ETH.
The CL card is set for launch in the first quarter of 2022 for users in the United Kingdom, France and Germany followed by a second-quarter rollout in the United States.
Ledger’s foray into the debit card market follows a strategic pivot into the decentralized finance, or DeFi, market. The company, which is known for its Ledger Nano S and Nano X hardware wallets, concluded a $380 million private financing round in June of this year, bringing its total valuation to $1.5 billion.
— Cointelegraph (@Cointelegraph) December 1, 2021
Payments are a highly touted but underutilized use case of the crypto economy. However, that appears to be slowly changing now that major players such as Mastercard have entered the crypto payments landscape. Meanwhile, crypto payments provider BitPay recently entered into a partnership with browser and wallet extension MetaMask to provide a payment gateway to tens of millions of new users.
Coinbase Announces Support For Hardware Wallets, Starting With Ledger
The partnership will take into effect during the first quarter of 2022, with the Coinbase mobile app planning to also support Ledger down the road.
Major exchange Coinbase has announced it will begin to support crypto hardware wallets, starting with Ledger. The two companies made the announcement at the Ledger Open conference, which is taking place in Paris on Thursday and Friday.
Ledger is a major supplier of cold hardware wallets, which store users’ private keys more securely than hot online wallets.
Users of the Coinbase Wallet browser extension will be able to connect their Ledger hardware wallets, maintaining self-custody and full control over their assets.
The partnership will be rolled out in phases, starting in the first quarter of 2022. Further down the road, the Coinbase mobile app will also support Ledger hardware wallets.
Max Branzburg, vice president of product at Coinbase, said, “We’re excited to share more announcements on how we’re making Coinbase Wallet the safest and most secure way to participate in Web3 over the coming months.”
Coinbase Stores 12% Of All Crypto
Meanwhile, Coinbase chief financial officer Alesia Haas made some big statements in her testimony to the United States House Committee on Financial Services on Wednesday. She claimed that Coinbase stores about 12% of all crypto across more than 150 asset types and said crypto was moving beyond simple coin swaps.
“Nearly 50% of our transacting customers are doing something other than buying and selling crypto, which indicates to us that crypto is moving beyond its initial investment phase into the long expected utility phase,” she said.
Coinbase claims to have over 73 million customers globally, including 10,000 institutions and 185,000 application developers.
Coinbase Wallet Extends Support To Ledger Hardware Wallet
As a part of the launch, Coinbase has partnered with Ledger to release a limited-edition Coinbase-branded Nano X hardware wallet.
Coinbase Wallet, an in-house wallet service offered by prominent crypto exchange Coinbase, has rolled out browser extension support for Ledger hardware wallets.
The Coinbase Wallet extension, available in the Chrome Web Store, is a noncustodial wallet that allows users to store and transact cryptocurrencies and nonfungible tokens (NFT). By adding support for Ledger, Coinbase users can opt to use a physical Ledger device to store the private keys to their wallets offline.
Coinbase senior product manager Adam Zadikoff highlighted the development as being a means to providing an additional layer of security and greater peace of mind for users. He said:
“We want to empower everyone to use DApps and access Web3, and that requires building the easiest-to-use and most accessible self-custody wallet in the ecosystem. Today’s release solves [..] the ability to use a hardware wallet for enhanced security.”
As a part of the launch, Coinbase has partnered with Ledger to release a limited-edition Coinbase-branded Nano X hardware wallet on Ledger’s official website.
As Cointelegraph previously reported, Coinbase reportedly stores about 12% of all crypto across more than 150 asset types, with the company’s chief financial officer, Alesia Haas, stating at the time:
“Nearly 50% of our transacting customers are doing something other than buying and selling crypto, which indicates to us that crypto is moving beyond its initial investment phase into the long-expected utility phase.”
Cointelegraph recently highlighted the rising vulnerabilities for crypto wallets built as browser extensions — such as MetaMask, Binance Chain Wallet and Coinbase Wallet — owing to the launch of a new malware called Mars Stealer.
The malware targets over 40 browser-based crypto wallets by exploiting two-factor authenticators via a grabber function that steals users’ private keys. According to security researcher 3xp0rt, the new malware is a powerful upgrade to the information-stealing Oski trojan.
The researcher also noted that the malware can target all Chromium-based browsers, including Google Chrome, Microsoft Edge and Brave.
Exchange Outflows Hit Historic Highs As Bitcoin Investors Self-Custody
Confidence in centralized exchanges appears to be waning as Bitcoin flows into self-custody wallets at near-record levels.
Bitcoin investors have been increasingly moving their holdings to self-custody solutions following the collapse of the world’s second-largest crypto exchange last week.
On-chain exchange flow data is showing a surge in withdrawals to self-custody wallets, according to analytics provider Glassnode.
In a Nov. 13 post on Twitter, Glassnode reported that Bitcoin exchange outflows had hit near historic levels of 106,000 BTC per month.
It added that this has happened only three other times — in April 2022 and November 2020, as well as in June/July 2022. It also reported that the number of Bitcoin wallets receiving the asset from exchange addresses surged to around 90,000 on Nov. 9.
— glassnode (@glassnode) November 13, 2022
Exchange outflows are usually a bullish sign that BTC is being hodled for the long term. However, in this scenario, it appears to be the result of loundering confidence in centralized crypto exchanges.
Glassnode commented that outflows have resulted in “positive balance changes across all wallet cohorts, from shrimp to whales,” before adding:
Since Nov. 6, when the FTX fiasco began, balance changes have increased across all BTC wallet sizes with “shrimps” that have less than one coin increasing by 33,700 BTC.
Whale wallets with more than 1,000 coins have seen an increase of 3,600 BTC indicating that the self-custodian push is happening across the board.
Industry leaders are now starting to advocate self-custody solutions as the phrase “not your keys, not your coins” bears more weight than ever before.
On Nov. 13, Ethereum educator Anthony Sassano said that crypto holders shouldn’t be storing their assets on centralized exchanges unless their actively trading large amounts.
MicroStrategy’s Michael Saylor told Cointelegraph in an interview that self-custody prevents centralized third parties from abusing their power.
Glassnode also reported that stablecoins, many of which destabilized last week, have been flowing onto exchanges at increased rates over the past week.
Nov. 10 saw more than $1 billion in stablecoins arriving on centralized exchanges. The total stablecoin reserve across all exchanges it tracks reached a new all-time high of $41.2 billion, it added.
“The echos of the FTX collapse will likely act to reshape the industry across many sectors, and shift the dominance, and preference for trustless vs centrally issued assets,” it concluded.
CZ And Saylor Urge For Crypto Self-Custody Amid Increasing Uncertainty
Binance CEO Changpeng Zhao said self-custody is a “fundamental human right,” while Michael Saylor said self-custody is necessary to prevent powerful actors from accumulating and abusing power.
Industry heavyweights have urged crypto investors and traders to self-custody their crypto assets amid the significant market uncertainty brought on by the collapse of FTX.
In a Nov. 13 tweet to his 7.6 million followers, Binance CEO Changpeng “CZ” Zhao pushed the crypto community to store their own crypto via self-custody crypto wallets.
“Self custody is a fundamental human right. You are free to do it anytime. Just make sure you do do it right,” he said, recommending investors to start with small amounts in order to learn the technology and tooling first:
Self custody is a fundamental human right.
You are free to do it at any time.
Just make sure you do do it right.
Recommend start with small amounts to learn the tech/tools first.
Mistakes here can be very costly.
— CZ Binance (@cz_binance) November 13, 2022
Speaking to Cointelegraph during the Pacific Bitcoin conference on Nov. 10-11, MicroStrategy executive chairman Michael Saylor also discussed the merits of self-custody given the current market environment.
Saylor suggested that self-custody not only provides investors with property rights, it also prevents powerful actors from corrupting the network and its participants:
“In systems where there is no self-custody, the custodians accumulate too much power and then they can abuse that power.”
“So self-custody is very valuable for this broad middle class, as it tends to create […] this power of checks and balances on every other actor in the system that causes them to be in continual competition to provide transparency and virtue,” he explained.
Backstage interview with the charming Michael @saylor ⚡️
✅ check @Cointelegraph to read his advice on how to handle the bear market
— Joe Nakamoto (@JoeNakamoto) November 11, 2022
Saylor also made the argument that self-custody plays an important role in maintaining the integrity and security of blockchains because it increases decentralization:
“If you can’t self-custody your coin, there’s no way to establish a decentralized network.”
The recent events that transpired last week appear to have already pushed many investors and traders towards self-custody solutions.
Since the sudden collapse of FTX in early November, the number of Bitcoin (BTC) withdrawals on centralized exchanges reached a 17-month high, according to on-chain analytics firm Glassnode:
While at the same time, net inflows into self-custody wallets have soared.
— glassnode alerts (@glassnodealerts) November 13, 2022
Smart contract wallet Safe — previously Gnosis Safe — reported over $800 million in net inflows since last Tuesday when the FTX saga began to spiral out of control:
— lukasschor.eth | Safe (@SchorLukas) November 13, 2022
The outflow from centralized exchanges caused by the FTX meltdown also created problems for hardware-based cryptocurrency wallet provider Ledger — who were temporarily unable to process a mass influx of inflows due to scalability issues.
The token of the Binance-acquired self-custody wallet Trust Wallet (TWT) also increased 84% to $2.19 over the last 48 hours before cooling off to $1.83, according to CoinGecko.
The token allows token holders to participate in deciding how the wallet operates and what technical updates are to be made.
Investor confidence in centralized exchanges took another hit on Nov. 13 when Crypto.com accidentally sent 320,000 ETH to Gate.io.
Ethereum bull and host of The Daily Gwei Anthony Sassano on Nov. 13 called out the crypto exchange over its mistake and later stated that investors should not store assets on centralized exchanges “for longer than you need to.”
Meanwhile, Blockchain Association head of policy Jake Chervinsky said that self-custody education should be one of the first things newcomers learn, while Bitcoin proponent Dan Held told his 642,800 Twitter followers that self-custody is a crucial element to self-sovereignty:
Self custody your Bitcoin and run a full node.
That’s how you achieve self sovereignty.
Don’t trust, verify.
— Dan Held (@danheld) November 12, 2022
Binance CEO Zhao Pushes For Crypto Self-Custody
“Self-custody is a fundamental human right,” Zhao tweeted, encouraging people to use the company’s Trust Wallet to take control of their coins.
The CEO of leading cryptocurrency exchange Binance, Changpeng “CZ” Zhao, called on members of the crypto community to take personal control of their digital assets using Trust Wallet, sending the app’s native token, TWT, to a record high.
“Self-custody is a fundamental human right,” Zhao tweeted Sunday. “You are free to do it at any time. Just make sure you do it right.”
Zhao’s push for self-custody comes as investors rethink how to keep their assets safe in the wake of cryptocurrency exchange FTX’s collapse and a subsequent hack that drained $600 million worth of coins from its wallets.
Acquired by Binance in 2018, Trust Wallet is a decentralized hot wallet facilitating the storage of cryptocurrencies and non-fungible tokens. It is compatible with several blockchains.
Trust Wallet Token (TWT) is the wallet’s official token, allowing holders to participate in decision-making related to app features and updates. The token has soared 80% in the past 24 hours to a record $2.3, according to data source Messari.
“You have not bought bitcoin until you receive it in a wallet for which you control the private keys to,” Blockware Solutions said in a market intelligence newsletter published Friday. “The repeated, reckless handling of user funds by exchanges is proof that you cannot trust that these institutions actually have the bitcoin you purchased.”
Zhao recommended investors start with small amounts and get comfortable with the technology to avoid mistakes that can be very costly.
Zhao added that Trust Wallet facilitates the self-custody of crypto. “@TrustWallet your keys, your coins,” Zhao said in another tweet.
“You have not bought bitcoin until you receive it in a wallet for which you control the private keys to,” Blockware Solutions said in a market intelligence newsletter published Friday. “The repeated, reckless handling of user funds by exchanges is proof that you cannot trust that these institutions actually have the bitcoin you purchased.”
“The ‘not your keys, not your coins’ mantra rings truer than ever,” Ilan Solot, co-head of digital assets at London-based Marex Solutions, said in an email.
Investors have been moving coins off exchanges since FTX went down. Early today, Binance saw a net outflow of more than $72 million, while Huobi and Crypto.com registered outflows of $12.7 million and $7.3 million, respectively, according to data tracked by blockchain analytics firm Nansen.
Data from Glassnode show bitcoin’s exchange withdrawals have picked up recently, indicating increased investor preference for self-custody.
Crypto Exchanges Need To Start Giving Customers Their Keys
Exchanges should introduce decentralized finance to their centralized models to protect their customers and restore confidence in cryptocurrency.
The business model that cryptocurrency exchanges currently use relies on ignorance and fear.
It relies on their customers not knowing much about decentralized finance (DeFi) and their fear of what could happen if they get things wrong with their crypto investments.
Cryptocurrencies seem like an obscure and risky investment to most, and unsurprisingly, concerns about losing assets in market crashes, losing wallets or security keys through carelessness, or being scammed by unscrupulous operators are prevalent.
These concerns are reasonable considering the volatility of the market and the prevalence of sharks, crooks, bluffers and shysters who operate in the industry.
In theory, exchanges exist to assuage these concerns. They exist to mitigate that risk for your average retail investors, who are given a safety mechanism to hedge against losing their savings. This model has enabled exchanges to grow at an exponential rate in recent years and to create vast fortunes in the process.
However, it would be remiss of those who run crypto exchanges to assume that the current level of ignorance and the fear it engenders will remain in perpetuity. Customers are learning more all the time; they are becoming far savvier.
The next generation is learning about crypto in a number of different ways, such as through market trends such as GameFi and nonfungible tokens (NFTs). As adoption spreads, the knowledge of the average customer increases accordingly. This, in turn, makes them less reliant on exchanges.
Many customers will also have been spooked by stories about disgraced crypto entrepreneur Sam Bankman-Fried, who masterminded the implosion of FTX. In light of this, exchanges do not seem like such a safe and secure option after all.
It is likely that a combination of these factors will accelerate a trend toward customers wanting more control over their crypto assets, and if exchanges want to avoid risking being cut out completely, they need to embrace this.
That is why exchanges — if they want to survive, if they want to avoid their own downfall — should lean into this trend, instead of fighting against it. To do this, they must empower their customers and trust them with their own money and security keys.
That is not to say that this will be simple or easy. Understandably, there are technical and educational constraints when giving security keys back to customers. If a customer loses their security keys, the likelihood of them being able to access their assets ever again is pretty much zero.
Exchanges also have a technological challenge. Their entire infrastructure is centralized, which is ironic, to say the least. It is not entirely in keeping with the spirit of decentralized finance. There are some good reasons for this.
Uniswap, the ecosystem for DeFi apps, is decentralized, taking only a small fee per transaction. However, this comes at a price. Uniswap is unregulated, which means pretty much anyone can create a scam token and perform a rug pull. This is why exchanges do their best due diligence on projects — it’s to ensure that this kind of thing doesn’t happen.
But there are ways in which centralized exchanges could implement more decentralized methods without falling into some of the pitfalls. It is possible to create a kind of hybrid — to get the best of both worlds.
Retail investors and the average exchange users quite understandably don’t want to buy a token that could be a rug pull. But they also want the safety of knowing that their crypto can be accessed at any time.
However, the price of ownership and assuming control of the assets means taking on the requisite responsibility, which, in turn, necessitates the requisite level of education. Exchanges that are considering the future of crypto need to understand this.
Critically they need to understand that the sooner customers become educated on crypto, the sooner they’ll find themselves on a direct pathway to complete decentralization. Therefore, I would call on exchanges to take the decentralized way forward by creating a hybrid system that protects customers as well as their own brands.
History is littered with examples of corporate giants that failed to adapt and paid the price. Blockbuster was an arrogant behemoth that never thought streaming would be a thing; today, it is dead. Money is the same. It’s not your money if the bank owns it; it’s not your crypto if an exchange holds it. Freedom comes from letting go of the fear of responsibility.
Companies, like living organisms, have to adapt to changing environments in order to survive. It’s clear that customers want to be able to fully control their digital assets. If exchanges don’t embrace this trend, they may just embrace their own destruction.
The Strongest Protection For Your Online Accounts? This Little Key
Passwords aren’t enough to fend off hackers; these dongles are the best defense.
Strong passwords are very important, but they’re not enough to protect you from cybercriminals.
Passwords can be leaked or guessed. The key to online security is protecting your account with a strong secondary measure, typically a single-use code. This is referred to as “two-factor authentication,” or 2FA, as the nerds know it.
I’ve written about all the different types of 2FA, such as getting those codes sent via text message or generated in an authenticator app.
Having any kind of second factor is better than none at all, but physical security keys—little dongles that you plug into a USB port or tap on your phone during account logins—offer the highest level of protection.
Security keys have been around for over a decade, but now they’re in the spotlight: Apple recently introduced support for them as an optional, added protection for Apple ID accounts.
Last month, Twitter removed text-message-based authentication as an option for nonpaying users, recommending instead an authenticator app or security key.
Some people are hesitant to use security keys because carrying around a physical object seems burdensome and they come with a $30-and-up added cost. Plus, what happens if they get lost?
I’ve used security keys since 2016 and think they are actually easier to manage than codes—especially with accounts that don’t require frequent logins. They’re not only convenient, but they can’t be copied or faked by hackers, so they’re safer, too.
Here’s How To Weigh The Benefits And Common Concerns Of Adding One Or Two Of These To Your Keychain:
Which Security Key Should I Use?
Many internet services support the use of security keys, and you can use the same security key to unlock accounts on many different services. I recommend two from industry leader Yubico:
* YubiKey 5C NFC ($55) If You Have A USB-C Laptop Or Tablet
* YubiKey 5 NFC ($50) For Devices With Older USB Ports
Other options include Google’s Titan security keys ($30 and up). In addition to working with laptops and tablets with USB ports, these keys are compatible with smartphones that have NFC wireless. Most smartphones these days have that, since it’s the technology behind wireless payments such as Apple Pay.
Adam Marrè, chief information security officer at cybersecurity firm Arctic Wolf, recommends that your chosen key is certified by the FIDO Alliance, which governs the standards of these devices.
How Do Security Keys Work?
To add a key, look in the security settings of your major accounts (Facebook, Twitter, Google, etc.). During setup, it will prompt you to insert the key into your laptop or tablet’s port or hold the key close to your phone for wireless contact.
Apple requires you to add two security keys to your Apple ID account, in case you lose one.
Typically, when you log in, you just go to the app or website where you’ve set up a key, enter your username and password as usual, then once again insert the key into the device or hold it close.
(Some keys have a metal tab you have to press to activate.) At that point, the service should let you right in.
Why Are They So Secure?
Getting those two-factor login codes via text message is convenient, but if you are someone criminals are targeting, you could be the victim of SIM swapping.
That’s where thieves convince carriers to port your number to a new phone in their possession, and they use it along with your stolen password to hack your accounts.
Even if they don’t go to all that trouble, criminals might try to trick you to hand them your codes, by calling you or spoofing a website you typically visit.
At that point they can use the code for about 60 seconds to try to break in, said Ryan Noon, chief executive at security firm Material Security.
Security keys protect you in two ways: First, there’s no code to steal, and second, they use a security protocol to verify the website’s domain during login, so they won’t work on fake sites.
You can also add an authenticator app such as Authy to your most important accounts, to use only as a backup. But once you add these secure methods, you should consider removing the text-message code option.
In the rare case that someone snoops your passcode then steals your iPhone, beware: The perpetrator could still make Apple ID account changes using only the passcode, and even remove security keys from your account.
What Happens If You Lose Your Key?
The most important rule of security keys is to buy an extra one (or two).
“Think of your security key as you would a house or car key,” said Derek Hanson, Yubico’s vice president of solutions architecture. “It’s always recommended that you have a spare.”
If you lose a security key, remove it from your accounts immediately. You should have already registered your spare or an authenticator app as a backup to use in the meantime.
Where Can You Use A Security Key?
Start with your most valuable accounts: Google, Apple, Microsoft, your password manager, your social–media accounts and your government accounts.
When it comes to financial institutions, many banks don’t offer security-key protection as an option, though most leading crypto exchanges do.
What Comes After Security Keys?
Security professionals and tech companies widely agree that passkeys are the future. They’re a new type of software option that combines the high security of a physical key with the convenience of biometrics such as your face or fingerprints.
Passkeys are supported across the Android, iOS, Mac and Windows platforms, and some of your favorite sites already let you use them.
You can create a passkey on Facebook in security settings by following the app’s instructions under the security-key option. Dropbox has a similar passkey setup. Once you’re done, you’ll use your face or fingerprint as a second factor, instead of a code or key.
Eventually, physical security keys could be what we keep safe in strong boxes, as backups for our biometric-enabled passkeys. Even then, you’re probably going to want to have spares.
Jack Dorsey’s Block Bitkey Bitcoin Wallet Comes To Market In More Than 95 Countries
The company’s new self-custody wallet consists of an app, hardware device and recovery tools.
Jack Dorsey’s fintech company Block (SQ) has unveiled its self-custody bitcoin wallet Bitkey for pre-order in more than 95 countries.
Bitkey consists of a mobile app, hardware device and a set of recovery tools, Block announced on Thursday.
The app allows customers to make bitcoin transactions via their mobile phone, while the hardware device stores their assets offline.
The app and hardware device form two of the three keys used to secure a customer’s bitcoin, with the third stored on Bitkey’s servers.
The third key is used to verify transactions made by customers using only their phone (when they don’t have the hardware device to hand) and to recover their wallet if they lose their phone, device or both.
Bitkey commenced beta testing over the summer ahead of the global rollout. Block announced in June that the wallet would connect to its payments platform Cash App and crypto exchange Coinbase (COIN) to facilitate buying and selling of BTC within the app.
move your bitcoin off the exchanges: https://t.co/x1oLkjhs0H
— jack (@jack) December 7, 2023
Self-custody of crypto-assets became an increasingly significant area of concern for users following the collapses of numerous centralized cryptocurrency platforms, most notably FTX, but also Voyager and Celsius. Millions of users found out the hard way the truth in the old adage: “Not your keys not your coins.”
Pre-orders of Bitkey are expected to be shipped in early 2024, Block said.