Hardware Wallets: Where are the keys stored?
In this post, we’ll look into one of the key aspects related to the security of hardware crypto wallets.
When it comes to hardware crypto wallets, one of the most important security advantages is that users’ private keys are stored inside the device. But where exactly? Let’s look at the most commonly used solutions for private key storage.
However, before we dive into different options for storing keys in hardware devices, we need to make sure the reader has a clear understanding of what we are talking about.
To make crypto transactions, such as sending and receiving funds, a user needs a pair of public and private keys. To some extent, your public key is similar to a bank card number or an IBAN that you can provide to another individual who will send you funds. In the same vein, your private key works similarly to the PIN code on your bank card, securing your funds.
The difference is that a private key is more sophisticated than a four-digit PIN code, consisting of a string of letters and numbers. Another way to think of a private key is as a personal digital signature that authenticates transactions. It is the only proof of ownership of your funds and should never be shared with anyone.
When setting up a wallet, you receive a recovery phrase (consisting of 12 or 24 words), also referred to as a (mnemonic) seed phrase. You use the seed phrase to generate your private key and, if needed, to restore access to your wallet in cases when your private key is lost.
Keeping your seed phrase safe is crucial for the security of your funds! Never expose it to other devices, as anyone can use your seed phrase to get access to your device and, consequently, to your funds.
There is one other aspect to consider concerning hardware wallets. A user’s public and private keys are linked to just one blockchain address, and if stored in a hardware device, they are isolated from the internet. A seed phrase, however, applies to your entire wallet, as it provides access to all private keys stored in it.
Therefore, to step up security, a hardware wallet can create a new seed phrase using a random number generator, or a seed phrase can be imported into it. The seed phrase is subsequently used to generate many pairs of public and private keys that are managed by the device and stored inside it.
Secure element
One option for storing private keys is a secure element (SE), or a chip with an extra security level that is used in passports and bank cards. To be genuinely secure, an SE has to pass rigorous third-party tests and receive certification. The main advantage of SEs is their unrivaled resistance to physical attacks and abnormalities in circuit features. However, secure elements come with a tradeoff, as users don’t normally understand what is going on under the hood, and an SE might be compromised at a production or vendor level. Secure elements’ source code is unavailable for public review, so users would need to rely on trusting the manufacturer.
MCU
The most common option for storing private keys inside a hardware device is a microcontroller unit (MCU). These are standard chips that can be found in most electronic devices. MCUs use fully open-source firmware, and operations are protected with a passcode. MCUs are flexible and functional, but hardly resistant to heavy physical attacks with special equipment and fault injections. One important thing to know in advance is whether a device has a separate SE and MCU. If a private key leaves the SE at a time when a transaction is in process, the MCU and SE directly communicate with each other, meaning that the private key is not protected by the secure element.
Safe memory and other schemes
Safe Memory (SM) is another type of chip, and it provides better resistance against physical attacks. A safe memory chip can send private keys to the device’s MCU, or an MCU and an SM can operate jointly. In the former case, keys are stored in an SM or SE, but when managing transactions, the keys are transferred to the MCU. In the latter case, keys are encrypted and stored in the MCU, but one or multiple keys can be stored in an SM/SE as an additional security level. However, hardware wallets employing that model should be additionally evaluated by third parties to verify their stated architecture.
Meanwhile, in new hardware wallets, more advanced solutions aimed at improving security are explored, such as dual approaches, system-on-chip with additional security levels embedded, and more.
Stay tuned for more news from the 1inch Hardware Wallet!
