As the value of digital assets continues to grow, the importance of securely storing cryptocurrencies off exchanges has never been more critical. For everyday users, hardware wallets represent one of the most secure options for safeguarding significant holdings.
However, with a growing number of hardware wallet options available, how can users effectively assess their security and trustworthiness? The market is filled with varying claims about openness, security certifications, and functionality—making informed decision-making essential.
This guide outlines key evaluation criteria to help users make educated choices when selecting a hardware wallet. We emphasize transparency, verifiable claims, and functional reliability over marketing language.
Is the Security Module Open Source?
A foundational element of trust in hardware wallets is open-source design. When we say a device is "open source," it means that both the hardware schematics and software firmware are publicly accessible and auditable. There is no middle ground—partial openness does not equate to full transparency.
Some manufacturers claim their products are open source while withholding critical components such as the operating system, secure element firmware, or circuit schematics. For instance:
- One vendor promoted "the first open-source secure element firmware," but failed to disclose that their device’s OS remained closed.
- Another advertised open-source applications but kept the core firmware proprietary.
True open-source hardware requires detailed documentation, build instructions, readable schematics, and a complete bill of materials (BOM), including datasheets for critical components like secure chips.
We recommend that manufacturers adhere to established standards like the Open Source Hardware Association (OSHWA) certification and use well-recognized licenses such as the CERN Open Hardware License. These frameworks help ensure genuine openness and reproducibility.
👉 Explore open hardware standards
Trustworthiness of Components
Even with open designs, hardware wallets rely on physical components that must be trustworthy. Not all parts are created equal—some introduce potential vulnerabilities.
Key components to evaluate include:
- Display: Does the screen run proprietary firmware? Many high-resolution displays use closed-source drivers.
- Touch Interface: Touchscreens often include embedded processors with non-open firmware.
- Microcontroller (MCU): Is it from a reputable supplier like NXP, STMicroelectronics, or Microchip?
- Secure Element: Is it a passive component, or does it run its own OS? Is its firmware open and auditable?
- Camera: Many cameras include internal processors. Inputs must be sanitized to prevent exploits.
- Battery: Some batteries include firmware that could be manipulated to monitor power usage patterns.
Transparency in component sourcing helps users assess supply-chain risks and overall device integrity.
Supply Chain Transparency
Global hardware supply chains are complex and often opaque. Manufacturers should disclose:
- Suppliers for critical components (e.g., display, secure element, battery)
- Involvement of third-party engineering firms
- General location of contract manufacturers
Even if a device is closed-source, basic supply-chain transparency allows for better risk assessment. For example, users may want to know if a U.S.-based company relies on manufacturing or design partners from high-risk regions.
Promised vs. Delivered Features
Many new entrants in the hardware wallet market promote features based on future updates rather than current capabilities. Roadmaps are not guarantees.
Examples include promises to:
- Open-source firmware in a future version
- Add support for PSBT (Partially Signed Bitcoin Transactions) later
- Introduce new security enhancements via updates
Users should only evaluate a wallet based on what it can do today—not what the manufacturer says it will do tomorrow. 🛑 Avoid companies that prioritize marketing over tangible functionality.
Accuracy of Claims
The cryptocurrency space is rife overhyped security claims. Users often encounter marketing language that exaggerates real-world security. Examples include:
- "Hackers can’t even attempt to steal your crypto."
- "The first hardware wallet resistant to physical attacks."
- "Uses the most secure chip available."
Such statements are often misleading. No device is 100% secure. Hardware wallets can have vulnerabilities, and users deserve honest communication about limitations and risks.
Reliance on Security Certifications
Certifications like EAL5+ or EAL7 are sometimes used to imply superior security. While certifications can indicate rigorous testing, they are not substitutes for transparency and independent auditing.
Limitations of certifications include:
- They are paid for by manufacturers
- Testing covers only specific attack vectors under controlled conditions
- They don’t guarantee real-world security
Be wary of manufacturers who use certifications to justify closed-source designs or avoid community scrutiny.
Support for Partially Signed Bitcoin Transactions (PSBT)
PSBT is a standard that enables interoperability between different wallets and is essential for advanced setups like multisignature transactions. Wallets that do not support PSBT may limit user flexibility and inhibit broader ecosystem innovation.
Before purchasing, verify that the wallet supports PSBT in its current version—not a future release.
Frequently Asked Questions
What does "open source" mean for a hardware wallet?
Open source means that both the hardware design and software are publicly accessible. This allows experts to review, audit, and verify the security of the device. Truly open-source wallets provide schematics, firmware code, and build instructions.
Why is supply-chain transparency important?
Many hardware components come from global suppliers, some of which may pose security or reliability risks. Knowing where parts come from and who assembled the device helps users assess trustworthiness.
Are security certifications like EAL5+ meaningful?
They can be, but they shouldn’t be the sole reason to trust a device. Certifications test specific scenarios and don’t replace open audits or real-world security testing.
What is PSBT and why does it matter?
PSBT is a transaction format that lets users sign transactions across different hardware and software wallets. It is essential for multisignature setups and enhances interoperability.
Can a hardware wallet be 100% secure?
No device is completely immune to attacks. Hardware wallets significantly improve security over software or exchange storage, but they must be used correctly and kept updated.
Should I avoid wallets that aren’t fully open source?
Not necessarily—but you should favor devices with greater transparency. If a wallet isn’t open source, look for independent audits, reputable manufacturing partners, and a track record of honesty.
Conclusion
Choosing a hardware wallet requires careful attention to security, transparency, and functionality. Prioritize devices that are open, honest about capabilities, and built with reputable components. The cryptocurrency community must hold manufacturers to high standards to ensure that security remains a priority—not a marketing tactic.
By asking the right questions and scrutinizing claims, users can make better decisions and contribute to a safer ecosystem for all.