Second-Gen Hardware Wallets & Feature Support

Patrick Kim
Apr 28, 2020 · 7 min read

We built our first-generation Cobo Vault to be tough enough to withstand the harsh environmental conditions of isolated regions where miners operate for cheap electricity costs. Now we are announcing a second generation of hardware wallets that drop the military-grade aerospace aluminum exterior and other durability features to focus solely on air-gapping your private keys. Cobo Vault Essential and Pro inherit the core security features every hodler should have from the first generation like transparent QR code data transmissions and a Secure Element, but will also support a ton of new features we are set to add within the next year. This article provides full product details on the Cobo Vault Essential and Pro, lists all the roadmap features we will develop for them, and announces a Cobo Tablet giveaway to celebrate this momentous hardware wallet rollout.

All hardware wallets need some means of connecting to the network to sign transactions; how “air-gapped” your hardware wallet is depends on how it limits the attack surface when transmitting data to an internet-enabled device. QR codes have a smaller attack surface than USB, NFC, and Bluetooth, making them the perfect means of data transmission for an air-gapped hardware wallet. We have pioneered an animated QR code solution that enables transmission of larger amounts of transaction data and will also be developing microSD card capability (see product roadmap below) as requirements for compatibility with desktop wallets like Electrum and Wasabi are more demanding.

With QR codes, you can verify each and every data transmission to ensure that information coming into the Cobo Vault contains no trojans or viruses and information going out doesn’t leak private keys or any other sensitive information. In contrast to USB or Bluetooth, QR codes are entirely verifiable as any normal QR code scanner can convert their data contents into human-readable format.

Cobo Vault uses a bank-grade Secure Element to generate true random numbers, derive private and public keys, sign transactions, and protect private keys from being leaked if an attacker has physical access to the device. In addition to ensuring your keys really are your keys by sourcing them from physical entropy, a Secure Element is vital to storing your private keys with the best possible protection from physical attack. A hardware wallet equipped with a Secure Element is a foundation of security long-term hodlers can rely on.

Cobo Vault is the first hardware wallet to have open source Secure Element firmware code, which allows you to verify all core cryptographic operations such as how private keys are generated and contained entirely within the Secure Element. With firmware version V1.0.6 (available mid-May), you will be able to compile the open source Secure Element firmware and hardware wallet application layer code available on our Github page if you want to verify the genuinity of firmware upgrade packages for Cobo Vault Essential and Pro yourself. We will also release a device schematic circuit diagram later on (see product roadmap below).

The weakest link in an electronic device tends to be the battery because it’s usually only built to last a few years. Cobo Vault batteries are detachable to prevent corrosion damage and both Cobo Vault Essential and Pro come with AAA battery support so you never have to worry about battery failure down the road. Cobo Vault Pro also comes with a rechargeable battery, which will be available for purchase as an accessory.

Be aware AAA battery voltage is not steady, which is why it is generally used for products that do not need a steady voltage, like remote controllers. The AAA battery support option is intended for infrequent use. If you are likely to turn on your hardware wallet more than a couple times a month, we recommend getting Cobo Vault Pro or buying a rechargeable battery when it becomes available as an accessory.

More sophisticated hardware wallet owners may have multiple devices used for different purposes. Cobo Vault Pro has a fingerprint sensor option that can be used to take care of business in public locations like cafes or airports to prevent your passwords from being stolen by onlookers or surveillance cameras. Fingerprint authentication for device unlock and transaction signing can be toggled off in settings at the user’s discretion.

Hardware wallets are more vulnerable when you take them around with you. To prevent a side-channel attack from succeeding if you lose your device, we designed a multilayered self-destruct mechanism for Cobo Vault Pro. Upon detection of disassembly, the self-destruct mechanism will wipe the private keys and any sensitive information so that an attacker cannot extract it from your device.

Cobo Vault supports BTC, ETH, BCH, DASH, LTC, ETC, TRX, EOS, USDT, XRP, XZC, IOST and DCR, as well as ETH, EOS, and TRX tokens. View our full list of supported coins and tokens here. If you are interested in a Bitcoin-only hardware wallet, a Bitcoin-only firmware version for upgrading Cobo Vault Essential and Pro will be available in mid-May (see roadmap below).

Cobo Vault Essential is intended for long-term hodlers and comes with AAA battery support for 99 USD. Cobo Vault Pro is designed for more portable access to funds and comes with a rechargeable battery, fingerprint sensor, and self-destruct mechanism for 149 USD. Shipping is free to the United States and Canada.

Product Roadmap

The Bitcoin ecosystem is going through a period of rapid development and hardware wallets need to adapt the latest innovations and security improvements for advanced users. In addition to retaining the core security features of our first generation, Cobo Vault Essential and Pro will support the following feature updates we will add over the next year:

Mid-May (next firmware update V1.0.6)

  • Compatibility with Electrum for setting Electrum as a watch-only wallet

Short Term (next 3 months)

  • PSBT compatibility with third-party wallets like Electrum and Wasabi Wallet

Medium Term (3–6 months)

  • Bitcoin-only mobile companion app supporting SPV or full node connection

Long Term (6–12 months)

  • Taproot/Schnorr support

Absolute 100% security may not exist, but that doesn’t mean it shouldn’t be an ideal that we strive for. These improvements reflect our vision for improving hardware wallets and commitment to stay apace with developments in the community. To learn more about our approach to building hardware wallets, please read our article on Cobo Vault’s design principles.

If you have other features you would like to see us develop, you can propose or vote for items on our roadmap page.

When You Receive Your Vault

Please check your firmware version when you receive your Cobo Vault and upgrade to V1.0.5 if your device is running V1.0.4. Firmware upgrades require you to use your own microSD card with capacity not exceeding 32GB. We released V1.0.4 prior to restructuring the code as part of the process of making it more open source, and versions later than V1.0.5 will require you upgrade to V1.0.5 first.

All Cobo Vault models support Web Authentication, a process which ensures product authenticity. We highly recommend you complete Web Authentication when you receive your device to prevent supply chain attacks.

Give us a shoutout on Twitter @CoboVault if you have any questions or comments about our product and follow us to stay updated with all the upcoming feature releases.

Cobo Vault

@CoboVault is a hardware wallet devoted to air-gapped, verifiable security.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store