Bitcoin Hardware Wallet Comparison

"Your keys, your bitcoin. Not your keys, not your bitcoin."

KeepKey

Ledger Nano S

Trezor Model T

Coldcard™ Mk2

USD Price (excluding shipping)
Multisig Support
Airgap
User Input
Privacy
Trustless
Other Criteria
Programming Language Python C Python C & Python
Altcoin Support 40+ 1,100+ 1,000+ Not Really

(Click on each star rating for supporting details)


FAQs

Q: Why is multisig so important?
A: Multisig (with > 1 required signatures) is essential for large transactions because it eliminates single points of failure in both your hardware and software. There are so many things that could go wrong and cause you to lose funds with a single hardware wallet. You can spend an insane amount of effort to be 99.999% sure it won't happen with one signature, or spend much less effort to be 99.9% sure that each of two devices are secure. It's a huge security/useability win. See this tweet for more info.

Q: What's the best way to do multi-device multisig now?
A: For now, the easiest solution for most people is to use Electrum (guide here). This is very bad for privacy unless you run your own Electrum Personal Server, which is much more complicated than just running Bitcoin Core. Hopefully, all decent hardware wallet manufacturers will adopt BIP174 in the future. Then you can get the privacy, security, and enforcement of consensus rules that only Bitcoin Core can provide, and without the heavy resources requirements of Electrum Personal Server.

Q: Why the alarmism, isn't any hardware wallet good enough?
A: As any software engineer will tell you, all the modern systems we use are held together by the tech equivalent of duct-tape, and cryptography is much harder than writing regular code. It's not just an academic thing, stealing bitcoin private keys is perhaps the most lucrative use of bugs, exploits and backdoors. This talk on the History of Hardware Wallet Attacks should convince you that solving 100% of these and all future problems is an unrealistic goal (hence the importance of multi hardware wallet multisig).

Q: Why are you so zealous about securing bitcoin?
A: While it is impossible to know for sure how many coins have been lost, estimates range from 0.5%-2% of all coins are lost each year (excluding Satoshi's possibly lost bitcoin). The ability to secure bitcoin is fundamental to its value proposition, and threatens its adoption. When bitcoin is hard to secure, users turn towards trusted third parties. This is the problem bitcoin was made to solve, and these trusted third parties with massive bitcoin holdings create systemic risk for the bitcoin ecosystem.

Q: Who are you and why should I trust your opinion?
A: I'm just a humble HODLer who has become frustrated that after a decade bitcoin still doesn't have a straightforward way for end-users to secure their own bitcoin trustlessly (and without giving up their privacy). With PSBT (BIP174) now part of Bitcoin Core, we are really close to solving this problem. I have no affiliation with any of these companies and none are paying me. Don't trust me and do your own research anyway. Follow me on twitter here.

Q: Why such a strong emphasis on BIP174 (PSBT)? Isn't it just a serialization format?
A: Partially Signed Bitcoin Transactions (PSBT), aka BIP 174, is a serialization format for passing around new bitcoin transactions between devices in various states (unsigned, partially signed, and fully signed). As of bitcon core v0.17, it is the "official" standard for how to do this. PSBT support is not sufficient for simple multi HW wallet multisig, but accomplishing that goal without PSBT is very difficult. Thus PSBT adoption signals that a wallet is attempting to be interoperable and support more of bitcoin core's features. While currently it's command-line only in bitcoin core, there are several teams building GUIs on top of this (and any wallet that doesn't support BIP174 will likely be excluded).

Q: Why isn't "security" an evaluation criteria?
A: Each category is directly tied to security, and being "secure" is very hard to define. While it's hard to prove that something is secure, any wallet that doesn't get high marks on all these criteria is likely insecure.

Q: What about hardware wallet X?
A: I excluded hardware wallets that don't support multisig as this seems fundamentally broken for a security product. These include CoolWallet S, Ellipal, BitFi, and SafePal S1, Cobo Vault (supports multisig but not with competitors). If any of these add multi HW wallet multisig support, it might be worth reconsidering them. While the best measure of supporting multisig across different hardware manufacturers is using Bitcoin Core (ideally with BIP174), hardware wallet multisig with Electrum is another possibility. TODO: consider adding BitBox02 and Archos Safe-T mini?

Fork me on GitHub