Review: Coinkite Coldcard Bitcoin and Litecoin Hardware Wallet

The biggest challenge to mass acceptance of cryptocurrencies, before mass adoption will ever be possible, is in making them easy to both secure and spend. Current hardware wallets, like the popular Ledger Nano S or Trezor One, are a great first step, but they’re simply too expensive – which is where Coinkite’s Coldcard comes in.

“Cheap & Ultra Secure”

The Coldcard is a very different device to most hardware wallets. Its design is based around a calculator layout, with a small single-colour OLED display to the upper-left and a 12-key pad dominating the face. Coinkite’s design centres around cost reduction, though, so the ‘keys’ aren’t actually keys at all: they’re holes in the translucent plastic casing exposing capacitive pads on the printed circuit board itself. Overall, the wallet is only slightly bigger in footprint than a standard credit card – though significantly thicker.

Coinkite argues that “cheap” doesn’t have to mean “insecure.” Internally, the wallet uses an Arm STM32 processor to both power its operation and provide a “secure enclave” – a portion of the processor in which the private key associated with the wallet can be stored and in which the signing operations take place, insulating the key from the outside world. Even the packaging is nominally secure: the plastic pouch, inside which you’ll find the Coldcard itself, a recovery card for the 24-key BIP39 seed, and a sticker, is marked with a unique serial number verified by the device on first boot and sealed with tape that displays VOID when removed – though either could be defeated with a sharp knife and a cigarette lighter.

First Run

Setting the Coldcard up is straightforward, at least initially: connecting a micro-USB cable fires up a self-test which, if all is well, illuminates the “GENUINE” LED to the side of the screen, then prompts the user to confirm the serial number of the Coldcard matches the packaging. After that, the Coldcard prompts the user to select a PIN of up to twelve digits – cleverly split in two, with the prefix generating a pair of verification words which can be used to ensure the device hasn’t been tampered with post-setup before entering the second half.

After confirming the PIN, and recording it on the recovery card, you can set up the wallet itself. Here you have two choices: importing an existing wallet from BIP39 seed, extended private key (XPRV), or a backup file from an existing Coldcard, or creating a fresh wallet. If you choose the latter, the private key is generated and stored entirely in the STM32’s secure enclave – but be prepared to be stabbing at the keypad for a while, as you need to scroll through a full 24-word seed to record it on the recovery card then re-enter each word one-by-one in random order to verify you haven’t made a mistake.

Glitch in the Matrix

Sadly, using the Coldcard – even at this stage – isn’t as easy as it could be. The keypad is extremely problematical: sometimes it suffers from debounce, registering two keypresses where there should be only one; sometimes it suffers from a lack of sensitivity, ignoring your presses entirely; other times it registered phantom presses, often scrolling to the bottom of the menu even while not being held.

The firmware running on the device is also unreliable: at several points during testing the Coldcard became entirely unresponsive, requiring it to be disconnected from its power source and reconnected again before it would respond to either keypad inputs or control from a connected PC. Whether this is something that will be addressed in future firmware updates remains to be seen.

Spending and Signing

The Coldcard, interestingly, has two modes of operation: online and offline. In online mode, the device is connected to a PC using a micro-USB cable and controlled from compatible software – which, at the moment, means solely Electrum 3.2.3 or later. In offline mode, a wallet JSON file is created by the Coldcard and written to a micro-SD card, without its private key, which can then be imported into Electrum. Electrum can then write transactions back to the micro-SD, which can be transferred to the Coldcard for signing before being brought back into Electrum for transmission onto the blockchain – a laborious process which nevertheless provides maximum protection for the private key.

In the more reasonable online mode, the Coldcard is used to both encrypt the Electrum wallet and sign transactions. It comes with a major limitation, however: while technically supporting segregated witness (segwit) wallets, it only works with the newer Bech32 P2WPKH address format – which is still unsupported by the majority of wallet clients and exchanges. For compatibility, legacy P2PKH non-segwit wallets can also be generated – but it’s impossible to use the commonly-used P2WPKH-P2SH format, which combines some of the benefits of segwit with a legacy-compatible address.

The actual process of signing a transaction is simple: generate a spending transaction in Electrum as normal, and the unlocked Coldcard will bring up a confirmation prompt with the details of the transaction. Once verified, a simple tap of the tick pad – which is referred to in various points of the software as “Y” or “OK” – signs the transaction and returns it to Electrum for broadcast.

Verdict

The Coldcard has some great features: it’s compact, the offline mode is a bonus even if it is awkward to use, and it supports both Bitcoin and Litecoin on mainnets and testnets. The lack of support outside Electrum, though, is an issue, and software glitches couple with a tricky keypad to make active use unpleasant.

The Coldcard’s main selling point is price, though: at $69.99 (around £46 excluding VAT and shipping), the Coldcard is considerably more affordable than its rivals. Assuming the software glitches can be addressed in a future firmware update, that the device itself receives wider support outside the Electrum wallet, and that the keypad issues can be solved in software, that makes it a cheap alternative to more capable devices like the Ledger Nano S (£69.99 inc. VAT) or Trezor One (£74.15 inc. VAT).