| Review: Coldcard’s BTC Hardware Wallet Is Air-Gapped for Added Security
There has been an explosion of hardware wallets recently, with new models shipping on a weekly basis. What’s more, many of these units are more than mere Ledger or Trezor clones, offering unique form and features compared to the market leaders. This week news.Bitcoin.com took delivery of Coldcard, a BTC wallet that promises to be “cheap and ultra-secure.”
Also read: Marshall Islands President Attacked Over National Cryptocurrency Plan Coldcard or Cheap Calculator?
The Coldcard looks like a cheap calculator, and it feels like one too. It’s light and plasticky in the palm of the hand, more akin to the sort of mass-produced gadget you could bulk order off Alibaba than the latest must-have hardware wallet (HW). In fact, the Coldcard that reached this U.K. reviewer from Canada had been marked as a calculator on the shipping label. That didn’t stop customs imposing a $20 tax, however, which I was obliged to pay before taking receipt of the $70 device. The translucent design, which exposes the Coldcard’s circuitry, won’t be to everyone’s tastes, but I like its nakedness. Peer closely and you can just make out the words “Genuine Caution” printed above the micro SD card slot. Wise words indeed.
Out the box — or rather the packet, since the Coldcard didn’t even come with so much as a cable, let alone a box — the wallet looks disarmingly flimsy. This is not necessarily a bad thing, though. In the design stakes, there are two types of hardware wallets: those so beautiful you wanna show them off to all your friends, and those so ugly you wanna chuck them in a drawer and never look at them again. Guess which one is likelier to be resistant to theft? The Coldcard is not a “coffee table” HW then, and for the sake of your bitcoin, that’s probably a good thing. Warming up the Coldcard
The Coldcard uses the BIP39 standard for seed phrases, based on a 2,048-strong word list. In effect, this provides 128-bit security, which ought to be ample for securing a BTC wallet. There’s an even more interesting Bitcoin Improvement Proposal that the device uses, though: BIP 174 . It’s the first HW to adopt this multisig standard for partially signed bitcoin transactions, which also allows air-gapped wallets such as the Coldcard to sign transactions without needing to connect to the web.
Connect the Coldcard to a computer using a micro USB and it comes to life, with instructions displayed on the tiny yet decipherable 128×64 OLED screen. The diminutive size of the text is not a problem. The responsiveness of the buttons is, however. Unfortunately, buttons do not always respond at the first, second, or even third time of asking, with the problem exacerbated by the absence of any sort of haptic feedback to serve as a guide. Hopefully this is just a production problem in early devices, as it’s liable to alienate users accustomed to more responsive buttons, such as those found on the Ledger Nano. Early Days But Positive Signs
The Coldcard has just launched, and there’s already quite a buzz about the wallet in cryptocurrency circles, despite its unprepossessing appearance. This may be because it’s the product of Coinkite, which is also responsible for the Opendime USB stick that enables BTC to be spent like a “bearer bond,” gifted from one person to the next, without being unsealed to preserve its value. By the company’s own admission, it’s early days for the Coldcard, and by the time new features have been introduced and minor bugs eradicated, the wallet should be a lot better to use. Connecting the Coldcard to Electrum
Setting up the device calls for creating a two-part PIN and noting down the two anti-phishing words that are displayed on screen. After that, you’ll be shown a range of options, including the ability to create a new wallet or import an existing one. After selecting the former, you’ll need to note down the 24-word seed, which calls for scrolling down repeatedly since the screen can only accommodate three words at a time. Once the seed phrase has been recorded, you’re prompted to recall the words, with each of the 24 words shown in a random order, with three options to choose from each time. It’s a laborious process, exacerbated by the button pushes occasionally not registering, though there is an option concealed within a submenu to adjust the touch sensitivity.
There’s another surprise lurking within the Coldcard’s submenus: It also operates as a litecoin wallet. While the controls and menu options to be found on the device aren’t always intuitive, the quickstart guide clears up a lot of the confusion. It’s not immediately apparent, for example, how you go about creating a new BTC address in order to receive funds. As it turns out, this calls for downloading the Electrum desktop wallet and then connecting it to the Coldcard, either by USB or, for those wishing to keep the Coldcard offline at all times, by writing a new-wallet.json file to a micro SD card, w...