What’s a Hardware Wallet

Cardano light wallet “Yoroi” by Emurgo now supports hardware wallets, and in this post, we will try to explain what is a hardware wallet at all and why would anyone need one.

What’s a crypto wallet

In the world of cryptocurrencies, the main difference from “classical” electronic financial systems is that people fully control their own funds. In simple words — (in proper cryptocurrency systems) no one can access your funds until you intentionally or accidentally give them the access.

Next important quality is that proper cryptocurrencies are global, meaning that you can access your funds at any point in time from any location on the planet, as long as you have an internet connection. This is a very important point to understand because it means that you don’t keep your own funds — they are always on the blockchain, but you hold keys from your funds.

When Yoroi shows you this message when you create a new wallet — it means that you are about to receive the secret key that gives you the ultimate access to this wallet. It means that you can create a new wallet from your home computer, and then travel to another side of the planet having nothing but these 15 very secret words — and there you can install Yoroi on any other computer and use the 15 words to access the same wallet with the same funds.

It means that coins themselves all this time were stored on the internet, so you didn’t have to take them with you. All you need is this “secret access code”, proving that you are really the owner of this wallet. This is a very powerful concept, that does not require your passport or your ID to control your own funds. But on the other hand — anyone who has the secret key can access the wallet, and there’s absolutely nothing to stop them because the system cannot tell who is the rightful owner if two people both have keys from a wallet.

And this makes the key security an utmost critical matter. If anyone gets your 15 secret words — there’s absolutely no barrier for them to take away your funds. There’s no password to stop them, and there’s no other person that can “block” your funds from being taken in this case.

So when people are talking about having a “crypto wallet” with funds — it means they have a set of secret keys (like 15 secret words) that allow them to access and spend their coins.

What’s a cold wallet

When people create a new crypto wallet (for example, in Yoroi) — they usually write down their secret words on a piece of paper or store it safely in some other way. But at the same time, if you create a simple basic wallet — Yoroi or other wallet-program also stores your keys on the computer, just so you don’t have to enter these secret words every time you want to send some coins. These keys are stored in a secure encrypted way (that’s why you have to enter password for every transaction), but nonetheless — the mere fact that your keys are stored on a computer connected to the internet — means that hackers can potentially get access to them (but they still would need to break your password if they ever do this), and that’s why these regular wallets are called “HOT” wallets, because the security of the key potentially depends only on the password.

To solve this problem people created “COLD” wallets, which are created in such a way that you get the secret keys (like secret words), but they are never stored on the computer.

The most simple version of a cold wallet — is “paper wallets”, currently supported in Daedalus, and expected to be supported in Yoroi at some point too. When you create a paper wallet — your secret key gets partially printed on a piece of paper, and partially displayed on a screen, and it’s never stored on the computer. That way, when you have a paper wallet — you can be sure that no hackers can get to it until you restore it back into a computer.

But the main problem is that you need to put your keys back into a computer (by restoring a paper wallet) in order to spend any funds. This means that paper wallets are one-off cold-storage, that you can use only once and then “destroy” it by restoring the full amount of the funds. Which is perfectly fine if your intention is just to store funds for a long time with no intention of spending them. But it would be really nice to have the same (or better) security properties while keeping the ability to spend funds any time.

What’s a public key

To understand how exactly hardware wallets work and how they achieve their security — it is very important to understand that your wallet secret consists of two parts: a private key and a public key. When Yoroi gives you your 15 secret words — both private and public keys are encoded in there, so it’s a “complete set of keys”.

Those two keys have different powers. Public key — allows the program to see, which addresses are yours, and to see your balance, but it does not allow to spend anything. Private key — allows the program to create and sign transactions, and therefore — spend your coins.

When you create a simple wallet, or when you restore a paper wallet — both public and private keys are stored in the computer, so that program can both show you your balance, and also can send transactions when you want.

So what’s a hardware wallet

Hardware wallet is an electronic device that provides two main functions:
1) It can create a new set of wallet keys right inside itself
2) When connected to a computer — it only ever gives away the public key

A proper hardware wallet uses this scheme to work with your computer:

1) You create a new wallet (secret set of keys) right on the device
2) Now the device has your private key and your public key 
3) You connect the hardware wallet to Yoroi, installed on your computer

4) Hardware wallet only gives to Yoroi your public key (and never the private key)

5) Yoroi now can use your public key to show you addresses, transactions, and the balance

6) When you want to send a transaction — Yoroi sends the transaction to the hardware wallet

7) Hardware wallet asks you to confirm the transaction on its screen

8) Then it uses the private key to sign it, and sends it back to Yoroi

9) Yoroi gets the signed transaction and sends it to the blockchain

This protocol ensures that no program can ever get access to your private key, just because the device itself is created in such a way that you can’t ever get it out. Instead, it can only sign a transaction inside of it, and only if you approve all the information shows you on the screen.

This seems like such a simple, but yet such a powerful idea that at the same time keeps you secret key away from hackers, but at the same time allows you to use your wallet as usual, to either see or spend funds. Just know that public key gets stored on the computer, so you don’t need to keep the hardware device connected to the computer to see the wallet details, but you need to connect every time you want to send coins yourself.

The message is shown by “Trezor” hardware wallet when connecting to Yoroi.

More

Install and start using Yoroi wallet right now — https://yoroi-wallet.com/

Watch a video about Yoroi — https://www.youtube.com/watch?v=Hd7ZO6dfUHE

Buy your own hardware wallet “Trezor Model T” — https://yoroi-wallet.com/get-trezor

Watch a video on how to use “Trezor Model T” with Yoroi — https://www.youtube.com/watch?v=Dp0wXwtToX0