Once the first excitement of having bought bitcoin wears off, the next question for many holders is how to store them safely.
While self-custody might seem a daunting task at first, luckily, many crypto wallet manufacturers are providing options to keep Bitcoin holdings safe. One of those is the Coldcard MK3.
This review will cover the differences between hot and cold storage, why you should store Bitcoin for the long run in cold storage, and all you need to know about the Coldcard MK3.
Hot vs Cold wallets
As a general rule of thumb, owning and taking full custody of your private key is the best way to keep your crypto safe from attacks and malicious actors.
The difference between cold and hot storage lies in their connection to the internet. If a wallet is online, it's referred to as a hot wallet.
Commonly used hot wallets include mobile wallet apps, browser extensions and web apps. The benefits of hot wallets is that they are easy to set up and allow you to transfer bitcoin or other cryptocurrencies quickly.
When storing your private key in cold storage, they are offline and not accessible through an internet connection. Cold storage options include paper wallets and hardware wallets.
Why use a hardware wallet?
A hardware wallet is undoubtedly the best option for storing larger amounts of cryptocurrency as it keeps private keys entirely offline.
Hardware wallets make remote attacks impossible by cutting the link between your private keys and the internet. Despite being offline, you can still receive funds to your hardware wallet at anytime, as a private key isn't required to receive, only the public key.
What to look for in a hardware wallet?
The most crucial aspect to check for when choosing a hardware wallet is its security.
The element keeping private keys safe in a hardware wallet is a "secure element". It's a microprocessor used in payment cards, SIM cards, and passports with very few interfaces to the outside world to ensure a minimal surface for attackers. It includes solid physical protections to mitigate hardware attacks and is physically reinforced to prevent any unauthorized access.
These processors go through certification processes such as EAL5+, which prospective buyers should keep an eye on when choosing a wallet.
Next on the list of features to look out for is what cryptocurrencies a wallet can store and how easy it is to use. While some wallets support a wide range of native assets, others are custom-built for one currency.
The Coldcard is Bitcoin only.
Lastly, only buy wallets from certified resellers or directly from the manufacturer to ensure the product's authenticity. Coldcard promises to be one of the most secure Bitcoin Wallets, but what does it offer to back this claim?
Introducing the Coldcard MK3
The Coldcard wallet is produced by Coinkite and was launched in 2019. Coinkite developed the Coldcard as a secure wallet that lets users perform dynamic tasks such as importing existing wallets and managing their funds.
Coinkite CEO Rodolfo Novak (@nvk) is the designer of the wallet and built it considering his own security needs and expectations.
The wallet uses open-source software, which ensures that a global community of developers can continuously contribute to its improvement and fix potential bugs fast.
Coldcard's superior features
Let's take a quick look at the features that sets the Coldcard apart from other wallets. Highlights will be its superior security aspects. Here is an overview of the features setting Coldcard apart from other wallets like the Ledger and Trezor:
Brick Me Pin: ColdCard lets users create a Brick Me Pin. Once this PIN is entered, the ColdCard will destroy its secure element (storing the private key), rendering the device worthless.
Duress Pin: With the duress PIN, you can define another wallet to mislead potential attackers. Coinkite recommends allocating a small amount to this fake wallet to make it more realistic. This can prove beneficial if you're at high risk of physical attacks.
Login countdown: Instead of letting users log in to their wallet immediately, you can define a lockdown countdown. Setting a countdown means that you'll have to wait for the specified time after entering the PIN for the first time. At the end of the countdown, you'll be asked to enter your PIN a second time.
Trusted and tested Secure Element: ColdCard uses ATECC608A Microchips to store your secret key.
This chip only allows controlled communication through encryption and SHA 256 responses, preventing replay and eavesdropping messages. By preventing repetition, it enforces that the only way to access the secrets is by knowing the PIN.
Attackers can't try breaking into it by brute force or by trying to replay the PIN. The security of the chip holds up even if attackers remove the chip from its board or replace the firmware in the microprocessor.
Additionally, the secure element contents are encrypted with a one-time pad only known to the main micro. For more information on that, refer to the ColdCard documentation.
What is "SHOOT THIS"?: This is an indication of where the secure element is. If you want to dispose it, it's ideal to destroy the device.
Airgapped: You can use the ColdCard wallet without ever connecting it to the internet!
Coldcard is the first native PSBT (partially signed Bitcoin transactions) hardware wallet enabling users to sign their transactions partially when the wallet is offline. Never having to connect the wallet to a computer further decreases the risk of suffering malware attacks.
Anti-Phishing words: The PIN code is divided into two parts. When using the wallet for the first time, two words will appear on-screen unique for all PIN prefixes and each card ever created. They're also unknown to the rest of the world, and users must memorize these words and keep them secret.
The anti-phishing feature serves to protect against trojan horse ColdCards as it offers a way to confirm to users that it's really their ColdCard.
Supply Chain and Physical Security: Microchips and secure elements are covered by epoxy at the factory. Thanks to its clear case, anyone can check if anyone inserted hardware implants or tried messing with the wiring.
Bag number: Coldcard's come in a tamper-evident plastic bag with each bag stamped with a unique number.
This "bag number" is written into the Coldcard's secure element and cannot be changed. This number can be verified when the Coldcard is powered-up for the first time.
The pros and cons
- Easy-to-read black and white screen
- Good navigation with numeric keypad
- Open source firmware
- Steep security learning curve
- Expensive compared to other hardware wallets
The Coldcard is selling for $119 plus shipping, putting it among the more expensive options.
Using the Coldcard
When ordering a ColdCard, the package will contain the device itself, an information booklet, wallet backup cards on which you can note down your seed phrase and a ColdCard wallet sticker.
The wallet is bulkier than other wallet alternatives such as Ledger or Trezor but fits nicely into one hand with dimensions of 88x51x9mm. It's also very light, weighing just around 30g.
The ColdCard wallet features an easy-to-read black and white screen as well as a numeric keypad.
Anyone who has ever used other wallets that didn't have numeric keypads but just a few buttons where you have to pick each number at a time will be able to appreciate this one (we're looking at you Trezor and Ledger, your move 👀). This makes it much easier to type in your PIN.
Coldcard quick setup
When setting up the ColdCard, you can pick between setting it up with or without an air gap. Setting up the wallet without airgap means connecting the wallet directly via USB to your Desktop computer and then load it into your desktop wallet.
ColdCard is compatible with various Desktop wallets such as Wasabi Wallet, Blue Wallet, Electrum and Bitcoin Core.
To set up the Coldcard without connecting it to your desktop, you'll need a MicroSD card to bridge between your wallet and the Desktop wallet.
After inserting the microSD card into your Coldcard, you can import the wallet file to the SD card. Then you just have to insert the SD card into your Desktop PC and drag the file into your desktop wallet.
Sending and receiving
While you can receive funds anytime as long as the sender has your public address, transferring from Coldcard works like setting up with or without airgap, when transferring by connecting your wallet to your PC, you'll simply have to confirm your transaction on the Coldcard.
When transferring with airgap, after creating the transaction on your desktop wallet, export the PSBT on the SD card and insert it into the Coldcard Device.
Then you can see the amount and recipient address and approve the transaction.
After approving the transaction on your Coldcard, you're one step away from final confirmation.
As the last step, you have to eject the SD card, insert it into the PC again, go to your desktop wallet, import the transaction, and then broadcast it to the network. It's now publicly visible on the blockchain.
The final verdict
Overall, it's pretty clear that the Coldcard goes above and beyond to ensure the security and safety of Bitcoin stored in the device.
Benefits despite the high level of security include the air-gap support, easy navigation, the various PINs allowing to destroy the secure element or open fake wallets, and the use of open-source software.
As so often, when it comes to high security, convenience is sacrificed. As illustrated above, users have to go through multiple steps that require some technical knowledge and understanding of Bitcoin, making Coldcard a less beginner-friendly wallet.
Additionally, as of now, the wallet only supports Bitcoin and makes no plans of adding support for other coins. Pricewise, considering all the security features, $119 seems to be a reasonable price.
Despite its minor shortfalls in terms of convenience and lacking support for other cryptocurrencies, Coldcard overall is a perfect wallet for Bitcoin hodlers. If you're looking for an ultra-secure wallet to HODL Bitcoin, it's worth a try.