Hardware wallets are more secure than software wallets, right?
This sentiment has been repeated throughout cryptocurrency circles, websites, and internet forums over the years. The meme goes like this: hardware wallets have no connection to the internet and are “secure”, and software wallets, which have a connection to the internet, are “not secure”. From this framing many go on to conclude that users should keep vast amounts of wealth on specialized hardware and they should store only very small amounts on software wallets that users are okay with losing.
This framing is a false dilemma that lacks proportionality and an understanding of the greatest probability of loss for crypto-asset holders. It might “feel” or “sound” right, but many things about cryptocurrencies are non-intuitive.
Security is not an “either or” phenomena. At Edge we’ve always tried to steer clear of the ambiguous phrase “more secure” when referring to a particular solution, and replace it with a full statement about a particular solution, the known threats to the solution, what threats it secures users from, and what it doesn’t protect against.
Based on our experience, as well as the numbers and anecdotes reported by the larger crypto-community, we rank the following as the largest threats to crypto-asset loss:
- User Error (lost devices, lost backups, etc.)
- Social Engineering (phishing, SIM port, etc.)
- Third Party Custodial Risk (exchange or bank hack, fraud)
- Malware (keyloggers, screen captures)
- Physical Attack (wrench/gun/knife attack)
Hardware vs. Software
Hardware wallets are special physical devices designed to store and protect crypto-assets. The purpose of the specialized hardware is to isolate and protect private keys as much as possible from insecure network connections and malicious software or malware. Keys are often stored in a special area of the hardware’s microcontroller which makes it very difficult to access the private keys. The private keys can’t be extracted out of the device in plain-text even if an attacker was to find his/her way deep into the hardware. This powerful set-up is extremely effective against the threat of malware.
Hardware devices are secure against the threat of malware, but when we look at the largest threats to asset loss we see that malware is a distant 4th.
Does hardware protect against the largest threat of user loss? It does in the sense that users are provided with a 12 or 24 word seed, but that’s no different than most software wallet solutions, so there’s no advantage found there.
Does hardware protect against social engineering attacks? Not any better than a software solution. This attack has nothing to do with software or hardware, but a user being tricked or someone or something in a user’s social network being manipulated into giving up important information or access. Many hardware wallet companies have published blog posts and announcements about all the phishing and social engineering attempts made on their users which continue to get more sophisticated. When we consider this threat we find that hardware has no advantage over software.
Do hardware wallets protect against third party custodial risk? The obvious answer is yes, but non-custodial software based wallets offer the same level of protection, so it can’t be said to be more secure, just equivalent on this front as well.
We’ve already stated that hardware is specifically designed to be immune to malware. It does a great job of protecting users from this threat, but this begs the question: how probable is this threat?
It’s difficult to get hard numbers on this question, but from our experience in the space and working with users all around the world everyday for the past 5 years, the actual loss from malicious software is reported orders of magnitude less frequently than user error, social engineering, and third party fraud and/or incompetence.
Having said that, the threat of malware is real and successful attacks have happened and will continue as long as software exists. Specialized hardware specifically designed to combat malware will always be “more secure” than a generic computing device with an internet connection against this specific threat.
But we can split up this question of security even further because users use different computing devices that have different risk profiles for malware. Software wallets can be used on a personal computer, a mobile phone, and a tablet, but they should not be considered equivalent from a security perspective.
Software: Desktop vs. Mobile Wallet
Desktop/notebook computer use frequently requires us to download and install various applications from the internet. Anything from tool tray apps, device drivers, price-tickers, office suites, photo editors, and messaging apps. All of which expose the user to unscreened applications. Typical desktop applications have nearly full access to the entire desktop machine including hard drive storage, screen, keyboard, and mouse input. Hence the reason why users frequently download extra security software to scan for and protect against malware on their PCs.
In contrast, mobile device users usually download software from the operating system’s respective app store. These stores are typically safer environments to download software from than random sites on the internet or third party app stores. The applications on the mobile device app stores go through a screening process and Apple and Google have the chance to remove any malicious applications. They can’t catch everything and don’t have security experts looking at every line of code of every application, but if you’re only downloading applications off the app stores the probabilities of downloading malware are going to be much smaller than many other options.
Not only do the app stores scan for malware, but the mobile devices themselves use security mechanisms such as sandboxing that help mitigate the threat of malware. Even if a user happens to download malicious software, their mobile device will be able to isolate that software and create separation between the malware and applications on the device. These techniques prevent vulnerabilities from spreading to other applications or to other critical device resources.
In addition, there is much more malware specifically designed for desktops compared to their mobile counterparts. PCs and Macs have been around a lot longer than their mobile brethren so it makes sense that there would be more malware. Cyber-criminals are rational economic actors and want to go after the biggest markets with the best bang for the buck.
Even though desktops are more vulnerable to malware than modern mobile devices, there are many users that have successfully used desktop wallets with no issues, and many more will in the future without any problems.
If we had to rank general solutions to securing users against malware specifically, we would put hardware at the top, then mobile wallet software, then desktop wallet software.
- Specialized Hardware Device
- Mobile Device
- Desktop Computer
We highlighted that risks do exist and there are bad actors out there, but the probability of a successful malware attack on a mobile device is quite low. According to a study conducted in 2015 by security firm Damballa (now a part of Core Security Corporation), only .0064% of mobile devices in the United States were infected by malware. The researchers pointed out that this was less than the probability of being struck by lightning in your lifetime (.01%).
If these numbers have changed materially in the last few years we’d love to hear about it, but this low probability of success matches with our experience helping users for the last several years. We know mobile malware has grown but we have not seen this change the low probability of a successful attack.
Malware isn’t close to the clear and present danger it’s presented as for the vast majority of crypto holders. This isn’t a denial of the risk, but the attention paid to it compared to other risks like user errors and social engineering is out of proportion.
Of the three biggest threats to crypto-asset loss, hardware is no better than software and it isn’t until the 4th most plausible threat that there is a difference. And then when you look into the difference itself, there isn’t that much of a gulf in effective security compared to the rhetoric.
Last but not least, the possibility of a physical attack is still around although we’re dealing with magic internet money. Software and hardware wallets offer no material advantages over the other.
Even though the probability of a successful malware attack is very low, users should exercise best mobile security practices, especially when using crypto-assets. No two users are equivalent. The sloppier and less aware someone is, the higher their probability of loss. Those that stay aware and practice mobile security will dramatically lower the probability of loss. Below are some best practices:
Best Mobile Security Practices:
- Ensure your device has full disk encryption enabled with auto-lock turned on
- Enable 2FA on all sensitive accounts
- Do not install software from unknown sources
- Do not install “custom keyboard” apps which may expose your keystrokes
- Do not jailbreak or “root” your device as this gives malware open access to your device
- Keep your device updated with the latest operating system security patches
In the case of the Edge mobile wallet, user accounts are encrypted locally on the user’s mobile device with a hash of their password before their account hits their phone’s disk. If malware was downloaded onto the user’s mobile device, the device itself will probably do a good job of not letting it affect the device resources (sandboxing). If a particularly sophisticated piece of malware does overcome the device’s defense, and happens to access the device’s disk, the attacker will come across an encrypted blob of data. The attacker would then have to guess (bruteforce) the correct hash to decrypt the account. This has no guarantee of success and will be very costly for the attacker. And the more powerful the device the costlier it will be for the attacker.
Programmable Security and Distributed Custody
What we’ve described in the sections above is security from the perspective of a single digital signature produced by one private key being sufficient to move funds. Over the next decade many expect a significant amount of value will be stored in addresses that require multiple signatures to move funds on a blockchain such as Bitcoin.
Bitcoin, Ethereum, and others deliver on the dreams of programmable financial instruments. Multi-signature (multi-sig) transactions are at the foundation of these assets’ programmability.
Multi-signature transactions require a certain number of private keys of a possible pool of designated public keys to sign a transaction before any funds can be moved out of a specific address. This set-up is often described as needing M of N signatures to spend funds. M being the threshold of signatures needed to spend and N being the total number of possible signatures.
For example:
A 2 of 3 multi-sig set-up requires two signatures from 3 possible keys.
A 5 of 15 multi-sig requires 5 signatures from 15 possible keys.
A 3 of 5 multi-sig requires 3 signatures from 5 possible keys.
Although multi-signature transactions at first glance describe the conditions that allow funds to be spent, its main benefits come from its use as a security and governance technology.
Multi-signature schemes enable many different models for custody, security, and organizational structure to arise, creating a very different financial system and data security infrastructure than the one that currently exists.
Multi-signature technology isn’t new and has been active in Bitcoin for half a decade now, but will become increasingly more important over the next decade as the technology matures and platforms like ours deploy it for broader use.
Once multi-signature is deployed in mass on purely software platforms like ours, the meme, hardware equals safe and software equals unsafe, really loses what little meaning it has left in a single signature world. Properly architected multi-signature schemes will be able to reduce the risk of user error, social engineering, custodial risk, malware, and physical attack considerably well. Your use of a desktop, mobile, tablet, or specialized hardware will become less important than the multi-signature setup itself. The device you use is always important but many other devices besides specialized hardware can and do get the job done.
Multi-sig allows for a mix of devices, people, and organizations to be part of a security architecture designed for each person’s, family’s, and organization’s specific needs, purposes, and contexts. Someone can have a specialized device as a part of their setup, but they wouldn’t need to if they didn’t prefer one. In a multiple signature world, the core advantage of specialized hardware, malware immunity, becomes less and less important when multiple signatures are needed from multiple people, organizations, and/or devices.
Many users prefer complete control over their assets. Many others prefer to give responsibility to a trusted third party. And a great many will prefer to have a mix of personal sovereignty and distributed trust.
The beautiful thing about programmable assets is they give users the ability to fine tune their preferences based on their own needs and experiences. If you want complete anonymity, responsibility, and personal sovereignty you can have that. If you want someone else to be your trusted custodian, you can set that up too. If you want to set up a personal security system that comes somewhere in between, you can do that too.
Programmable money opens up the possibilities. Edge helps make those possibilities come to life.