Crypto Asset Management (Part 1)
We’ve recently been testing and playing around with hardware wallets to better understand best practices in storing and handling cryptocurrencies and crypto assets. If you’re handling tens of thousands of dollars it’s probably worth it to make sure that your assets are secure.
For personal use, we found that the best way to secure crypto assets is with a hardware wallet, with the seed phrase backed up in an offline manner. Ideally, you should buy two hardware wallets and clone the same seed phrase onto both of the hardware wallets, leaving one of the hardware wallets with the executor of your estate. This ensures that if something happens to you, your executor will be able to access/disburse your crypto assets.
Hardware wallet best practices
You’ve just received your shiny new hardware wallet and you’re itching to jump into the tepid (oof) waters of crypto. Hold on a minute! There are a few caveats. Even if you’re buying directly from the manufacturer, you need to be vigilant. Unless you’re buying the hardware wallet directly from the manufacturer, anybody with physical access to the device can easily perform a supply chain attack to get access to your private key. This is such a distinct possibility that all three hardware wallet vendors have specifically called out that you shouldn’t buy your wallet from eBay, Amazon, or any other third party sellers.
The standard method of generating wallet addresses in hardware wallets is to use a word seed. The word seed is a list of ordered words of varying lengths (usually 12,15, or 24) based on the BIP39 dictionary list that will generate a master private key. The word seed was originally developed as a Bitcoin Improvement Proposal (BIP) as has since been adopted by other major cryptocurrency and crypto asset platforms also. If your hardware wallet is lost or stolen, you can still recover your wallet address as long as you have your seed words. This also means that word seeds are interoperable between the different hardware wallet vendors.
Generating your own seed words
Although hardware wallets are generally much safer than software wallets, vulnerabilities do exist as seen in this recent post about a vulnerability in the ledger security model. The safest method to secure your assets is to generate your own seed phrase on a secure computer, instead of accepting the seed generated from your hardware wallet during setup. Ian Coleman has a great BIP39 generator available online here.You can also download the html to use it offline on his github. Once you’ve generated your seed phrase you need to do the following:
a. Store the seed phrases in a safe place
b. Recover the seed phrases on to the hardware wallet
All three hardware wallets below support this method of HD wallet creation.
General Support
A lot of the newer ethereum economy and smart contract sites don’t support hardware wallets, instead only working with MetaMask. We’ll talk more about how to balance the tradeoff between security and ease of use in part 2.
Next we’ll do a quick review of the three hardware wallets out on the market as of 2018. This is just intended to give a shallow look at some of the options out there when it comes to hardware wallets. This is not exhaustive!
Trezor
Let’s start with the trezor. The trezor required us to install trezor-bridge, an app which the quickstart guide could then use to communicate with the trezor wallet. To unlock the trezor, the user must type in the pin through the computer given that the trezor device only has two buttons. Since the PIN is inputted by an untrusted device, man-in-the-middle attacks are prevented by randomizing the digit positions. Pretty ingenious! The seed recovery process is also equally smart. To prevent MITM attacks, the Trezor will randomize the order that it asks for your seed words as well as randomly ask you to insert Trezor selected words. As a result, an attacker listening in may have all of your seed words mixed amongst other random words, but it will be unusable.
If you’re installing this on Linux, don’t forget to install udev rules to allow your USB device to communicate with the trezor app.
Compatibility
The trezor, as the first and oldest hardware wallet, was compatible with every single website we tested it on.
Ledger Nano
The Ledger Nano uses a set of chrome apps to set itself up; Ledger Manager and crypto asset specific wallets. For seed phrase recovery, you can directly input the words utilizing the ledger interface’s top two buttons instead of inputting the words through the computer. This results in setup taking a bit longer than the Trezor, but totally removes potential MITM attacks. Once the seed phrase is set up, you’ll need to install the specific crypto asset wallets onto the Ledger Nano device, which is a bit of a usability hassle as the device can run out of room if you have a wide asset list. This doesn’t mean that your coins are deleted; it just means that usability and convenience are affected. Having to uninstall the bitcoin wallet in order to install the ethereum wallet if you already have a few other wallets installed is not an ideal scenario.
Again, if you’re installing on Linux, you need to set up the udev rules -and- turn on website accessibility / contract data so that it’ll work with sites like MEW.
Compatibility
The Nano Ledger S was also compatible with every single website we tested it on.
KeepKey
KeepKey uses a chrome app to set itself up. Similar to the Trezor, the KeepKey uses a unsecured computer to enter input into the KeepKey. To prevent MITM attacks the number location is randomized. The seed recovery process on the KeepKey is an interesting twist on Trezor’s seed recovery process. The user types in the seed in order from an unsecured device. To prevent a MITM attack, a one-time pad is generated whenever a new letter is typed in through the computer, guaranteeing that the attacker would just see a string of gibberish.
Compatibility
KeepKey, as the newest entrant to hardware wallets, doesn’t seem to have as much integration as the other two hardware wallets. It isn’t supported in Gnosis’ Multi-Sig Ethereum Wallet, nor does it work with MyEtherWallet.
Our Recommendation
Although a large vulnerability was found in the Ledger Nano S (and the attack vector has recently been somewhat fixed) the Ledger still seems to be the most usable hardware wallet. It has the best support amongst the ethereum web3 ecosystem, supports the largest number of coins, and this is the hardware wallet that we would recommend for personal use.
Stay tuned for Part II, where we talk about general treasury management and best practices in securing an organization’s crypto assets.
