Holding your digital asset is easy but finding the right way to store it is a tedious task. Online wallets have a risk factor of getting hacked and as it is said “Not your keys, not your money”. Hence hardware wallets are our only reliable option to store crypto assets. In this article, we will be talking about 8 of the best hardware wallets.
Table of Contents
What is a Hardware wallet?
Hardware wallets are physical devices that are used to store cryptocurrencies. They cannot connect to the internet and run complicated applications. Instead, they store private keys in offline mode and are safe from attacks.
The market offers many hardware wallets to choose from like Ledger, Trezor, Ngrave, Ellipal, BitBox, Prokey, SecuX, and Coldcard. To make it easier for you, we compare all of these wallets according to their Physical Appearance, Connectivity, Battery, Hardware, Security, Backup and Recovery, cryptocurrency Support, and cost.
There are other types of crypto wallets as well, you can read them about here.
Hardware wallets are easy to maintain, but we also follow some rules and practices to keep our precious cryptos safe.
Hardware wallets: Physical Appearance
|Ledger Nano X||128 x 64||72mm x 18.6mm x 11.75mm||Brushed stainless steel and plastic|
|Trezor T||240 x 240||64 mm x 39 mm x 10 mm||Reinforced Plastic|
|Ngrave Zero||4 inch||125mm x 72mm x 14mm||The tamper-resistant outer casing, inner casing, and PCB.|
|Ellipal||3.97-inch||118 x 66 x 9.7 mm||An aluminum alloy, which is dust and waterproof.|
|BitBox 02||128 x 64 px white OLED||54.5 x 25.4 x 9.6 mm with USB-C plug||Polycarbonate material|
|Prokey||-.||50mm x 41mm x 9.4mm||ABS Plastic.|
|SecuX||2.8-inch touch screen||1.3 x 8.9 x 5.9 cm||Plastic|
|Coldcard||128 x 64 px white OLED||88 x 51 x 9 mm|
Ledger Nano S offers two buttons to navigate at the top of the device. Ledger Nano X has two front-facing buttons on each side of the screen, making it easier to use as analogous to smartphones. However, if you long-press both the buttons, you will directly return to the home screen for Ledger Nano X.
Trezor One offers two buttons, while Trezor T is a complete touchscreen device protecting your passwords from keyloggers.
- Firstly, the resolution is 480 x 800 pixels.
- Further, an LCD capacitive 600 Cd/m2 touch screen with high brightness.
- Thirdly, a 640 x 480 built-in camera.
- Moreover, it has a 12 x 12 mm fingerprint sensor.
- It also built-in light sensor
- Finally, a button to switch “on” on the side of the device.
Read our detailed comparison between Trezor and Ngrave.
Ellipal wallets have one side button that is used to power up the device. Additionally, it comes with a built-in camera of 5mpx.
BitBox02 wallets do not have any buttons.
- The design is sleek and minimalist, with built-in sensors around its edges.
- The invisible touch sensors using three simple gestures: Slide, Tap, and Hold.
- A card slot to insert micro SDCard for backup.
- Tap – Navigate and Select
- Slide – To verify your address.
- Hold- It avoids any accidental transaction.
- To learn more, read BitBox02 Review.
SecuX wallets have a sleek design and are easy to use. With a 2.8-inch touch screen, it has a plastic body.
Coldcard wallets have a full-sized numeric keypad to enter the pin quickly. It weighs approximately 30gm.
Read Full Review Coldcard Review: Keep Your Bitcoin Safe in Hardware Wallet
Hardware Wallets: Connectivity
You can connect the Ledger Live App to Desktops and smartphones.
While Ledger Nano S uses USB type Micro-B for connection, Ledger Nano X can be connected using a USB Type-C cable and Bluetooth. So even if the Bluetooth is compromised, the attacker won’t get hold of the user’s private keys. To learn more, read Ledger Live Review.
Trezor uses a USB to connect to an internet-enabled device. Trezor One uses Micro-B, while Trezor T uses Type – C USB.
Ngrave is a standalone air-gapped device. As a result, it doesn’t require any connection like USB, Bluetooth, NFC, or Wi-Fi. This, in turn, brings down the digital attack surface to a minimum.
They offer a USB-C port for wall charging which securely transmits the firmware updates. Furthermore, these updates are verified in an isolated partition fully sandboxed from the rest of the operating system.
To learn more read our NGRAVE ZERO review.
Ellipal wallet is entirely air-gapped. Therefore, all communication between the application and the wallet is authenticated through QR codes. In addition, both the application and the wallet can generate QR codes.
BitBox02 uses a USB-C port which is attached to the device. Additionally, they provide a USB C to A adaptor.
Prokey uses a USB Type Micro-B to connect to any internet-enabled device such as a Desktop, laptop, or phone.
You can connect via Bluetooth 5.0. Additionally, you can connect via USB Type-C for SecuX V20 or USB-Micro B for SecuX W20/W10.
Coldcard wallets do not need to connect to a computer or smartphone. Instead, it draws energy from a USB power pack or AC power adapter. Additionally, if you wish, you can connect it to Coldcard Adaptor, a 9V battery.
Hardware Wallets: Battery
Ledger Nano S does not use a battery. However, Ledger Nano X consumes a battery of 100 mAh, which you can charge by connecting a USB cable to a PC or laptop. It provides a battery life of 8 hours if in continuous use, but it extends up to three months if it is kept idle.
Trezor does not require a battery. Instead, they consume power through a USB connection.
Ngrave uses a 1200 mAH (Ultra-Efficient Low Power) battery. In addition, it uses a USB-compatible battery charger.
Ellipal consumes a 1400 mAH battery with a standby time of 259 hours. The battery can be charged using a USB cable.
Bitbox wallets do not use a battery.
Prokey wallets don’t require a battery. You need to plug it into a device such as a laptop to make it on.
SecuX offers a 600 mAH Li-polymer battery with up to seven hours of use and three months of idle time. It takes two hours to charge the battery fully.
Coldcard wallets do not require a battery.
Ledger uses a distinctive hardware architecture, BOLOS (Blockchain Open Ledger Operating System), and specialized chips called Secure Elements. The Secure Element contains an STM32 microcontroller (MCU) that acts as a router between the secure Element and peripherals.
Trezor uses an ARM Cortex-M3 processor @ 120 MHz, with custom software. In addition, it has a micro SD card slot. Trezor Model T consists of a micro-controller or one chip or for storing and generating the private keys.
Ngrave provides a multi-layered anti-tempered hardware device made up of high-end material. The metal casing helps reduce the range of private keys while making a brute force attack and guards the radio frequencies that an attacker could pick. It uses custom firmware, which security experts have verified. Furthermore, they are planning to open-source the firmware for community review.
Ellipal uses secure hardware. Furthermore, firmware updates are an important part of increasing cryptocurrency support and updating the firmware.
In Ellipal wallets, you have to download the updated firmware from the manufacturer’s page and copy it to an SD card. Then, the SD card has to be inserted into the wallet. You can check the detailed procedure to upgrade here.
Bitbox uses the ATSAMD51J20A micro-controller with a true random number generator. In addition, for protection against physical tampering, they use the secure chip ATECC608A. This prevents brute force attacks and provides additional security to private keys.
Prokey uses secure hardware. They use STM32F205VG chips with a true random number generator (RNG).
You can get more information about their hardware from the Github repository.
SecuX wallets contain Infineon Chip CC EAL 5+ Secure Element, the highest grade for the financial industry to protect your private keys. In addition, it ensures that there is zero transaction leakage.
The secure element and important parts of the processor are covered by epoxy at the factory. This makes it harder to remove any chip or change the wiring around them. A factory private key signs the firmware updates.
Hardware Wallets: Security
They use stickers to ensure that no one has physically tampered with the wallet after leaving the factory. A trusted computing base is used, which is validated using cryptographic proofs. The integrity of the device can be checked by performing an attestation check.
You can set a pin code using the buttons. To confirm, you have to press both the buttons simultaneously.
Trezor wallets are CE and RoHS-certified. In addition, they use tamper-evident seals with industrial glue to prevent supply chain attacks. So if anyone tries to tamper with the device and seal it again, you can spot a visible difference to know that the device has tampered.
Ngrave provides cryptographic attestation to ensure that your device has not been tampered with physically by scanning a QRCode. Furthermore, they provide two ways to secure your wallets. The first option is to choose a twelve, eighteen, or twenty-four-word recovery seed phrase.
The second option is to create a customized key, “NGRAVE Perfect Key.” This is a sixty-four character hexadecimal equivalent of the 256-bit master seed. They use biometric data and light from the built-in light sensors for increasing randomness. After processing all this information, the key changes in real-time. There is no backdoor to the keys by neither the chip manufacturer nor Ngrave. It allows you to “freeze” and “unfreeze” and highlight certain key parts, making the experience intuitive and fast.
Ellipal is entirely isolated from the internet. They use tamper-proof seals to protect the wallets from supply chain attacks. You should contact the support team if the seals are broken.
The data is transferred using the microSD card slot. Thus, you can verify all the transactions. Additionally, it allows you to set up multiple passwords and passphrases.
The wallet is password-protected, and if anyone tries to unlock the device repeatedly with the wrong password, it deletes all the data from the wallet. Thus, you can recover your account entirely using the recovery seed phrase.
Bitbox attests to all their wallets during factory setup. The application only accepts firmware signed by Shift Crypto. The firmware is open-source and has a bug bounty program for reporting any security breaches.
Bitbox wallets are delivered in vacuum-sealed plastic bags to prevent supply chain attacks. The bootloader prevents installing firmware of a different edition or any downgrades. The secure chip contains a monotonic counter limiting the number of attempts for password entries to avoid brute force attacks. All communication between the device and application is encrypted.
Additionally, you can use Universal Two Factor (U2F) for some of your online accounts – GitHub, Dropbox, Google, Facebook, and more. However, it doesn’t allow you to log in without authenticating through your device. You can do the authentication by plugging and touching it.
Prokey uses secure firmware; therefore, there is no need for vendor reputation or hologram seals to protect against supply chain attacks. When you receive the wallet, there will be no firmware installed on the device. For example, suppose the device has been compromised before receiving it; the latest firmware update will not get installed.
A mutual authentication process starts between the Prokey servers and the device if the firmware has already been installed. So, if your device is tampered with, it would not gain access to your accounts due to authentication from the servers.
They do not use third-party wallets for your coins or tokens to prevent phishing attacks. Instead, they use the highest level of security on both Omni Protocol and Ethereum Blockchains for managing USDT.
SecuX uses an internal supply chain and manufacturing. So if anyone tried to tamper with the packaging, it would be evident.
You can set a four to eight digits PIN. Furthermore, the device resets automatically after five wrong inputs. Additionally, a dynamic keypad is implemented to trace the fingerprints if your device has been stolen.
The PIN code of your Coldcard wallet is divided into two parts. After you enter the first part, you are shown two words on the screen. These are unique for all PIN prefixes. Therefore, you need to memorize them and check them before entering the second part of your PIN.
Coldcard offers a duress PIN that operates similar to the PIN code of the wallet, but the bitcoin key generated is not the main key. You can also put some bitcoin in the duress wallet to make it more real.
Additionally, a “BRICK ME” PIN destroys the secure element and makes your wallet worthless. Furthermore, they support BIP39 passphrases to create an unlimited supply of distraction wallets.
Coldcard does not store The private key is not stored in the main microprocessor but a separate secure element ATECC608A. This chip is robust and secure. The communication is controlled by complex challenges and SHA-256 responses, which prevent eavesdropping and replay.
The firmware is signed with a factory key to preventing your wallet against Evil Maids. In addition, every byte of the flash memory is verified with a green/red light set. Moreover, Coldcard uses a tamper-evident plastic bag to package the product. There is a unique number in the bag that matches Coldcard’s secure element.
Backup and Recovery
Whenever you are initializing your device, you must have received a 24-word recovery seed phrase. You can use this phrase to restore all your funds whenever you want. The seed phrase should be stored offline and in a secure place. Ledger offers a recovery phrase sheet to store the phrase. You should never make a digital copy of this card and must be kept safe from fire and theft. Furthermore, the platform also offers a crypto capsule to secure the phrase sheet.
Also, read Ledger vs Ngrave ZERO | Read Before Buy
Trezor offers a recovery seed card for storing the seed phrase. Furthermore, the wallets automatically initiate their devices with Shamir backup, which splits the seed phrase into multiple distinct shares. In addition, it generates up to 16 recovery shares, which are sequences of twenty or thirty-three words.
To recover the wallet, you have to use a specific number of shares. You can set this number while initializing the device. For example, if you use six shares to create a Shamir Backup, your threshold can be more than equal to three and less than equal to six. The minimum value of a threshold is more than one.
Ngrave offers a high-quality stainless steel solution known as the Ngrave GRAPHENE. It is a highly durable cryptographic puzzle. Furthermore, it can withstand water, housefires ( 1660 °C / 3020°F), corrosion, shock, or any such extreme condition. Furthermore, it is an encrypted non-electronic solution. It comprises two plates which you can keep in separate locations. Only if both of them are together can you know the key; else, you will not be able to know anything.
For every character, you should make a hole in the GRAPHENE by using an automated embossing pen. The click generates physical power exertion to make a hole in the first plate without damaging the second one. The characters on the first plate are positioned differently for customers. There are 1024 holes in the upper plate and 1078 possible upper plate configurations. Now only if these two plates are together can you know the key. It eliminates a single point of failure.
It is advisable to buy more than one lower plate since it is cheaper than the upper one.
Now suppose you lose the upper plate. Ngrave attaches an order number to every package. The order number entered in a dedicated Ngrave server or a blockchain interface, the upper plate configuration can be known. You have to identify yourself with your KYC Data with the Ngrave team. You can also contact customer support, who keeps offline records of all the orders and get information about the configuration.
You can tell the Ngrave team not to store your order details. However, on choosing this option, you can never recover the upper plate configuration.
Ellipal provides the Ellipal Metal Mnemonics, which is waterproof, fireproof, insect-proof, and mold proof. The size of this wallet is 86x60x8mm.
The wallets strictly follow the BIP39 standard mnemonics and allow storage of both twelve and twenty-four-word mnemonics. You have to store the first four letters of every word. There will be no two words that have the same first four letters. You can know the remaining characters of the word from the BIP39 list. You have to slide the letters to store your key.
To learn more read our Ellipal titan review.
BitBox offers steel wallet apocalypse-proof backup, made of stainless steel that can survive radiation, housefire, corrosion, radiation, or any such extreme situation.
The device is easy to use and provides an aging-resistant backup for future generations. Above all, they are BIP-39 compatible.
The steel wallet comprises two metal sheets with six words per side. The recovery words are stored on them using a puncher that creates a dent. The first four characters of recovery phrases are unique; therefore, you only need to punch them. You can initially mark the holes using a felt pen and then use a puncher to avoid mistakes. For example, to identify the first and the second sheet, you can make one and two holes on the side of the sheet, respectively.
To recover your Prokey device, you can disable the PIN by resetting the device to factory settings. To do so, you have to hold the C button simultaneously, plugging the cable to Prokey optimum. Next, you should click on reset device. Now, you have to reset your device from the start.
SecuX wallets use a hierarchical deterministic wallet architecture and is compliant with BIP32, BIP39, and BIP44 Protocol. After you initiate the device, it generates a twenty-four-word. You should write this on a recovery sheet and kept it secure. The architecture is based on BIP32, BIP39, and BIP44 protocol to swap from any hardware wallets made using the same architecture. You will be able to recover your data and load it in your hardware wallet with your 24-word seed phrases.
Coldcard offers two options for backup and recovery.
- It has a MicroSD card slot to backup signed and unsigned transactions offline.
- You can use the seed plate bitcoin backup metal plate. This plate contains twelve words per side. Its size is 12.7 x 7.62 cm with a tough 2mm thick steel. The etch marks are chemically colored in black for better legibility.
|Supported Cryptos list||1000+||1649||1000+||7000+ tokens||1200+ coins||1500+||1000+||Bitcoin and Bitcoin Testnet|
Hardware Wallets: Compatibility
The Ledger Live app supports up to twenty-seven assets and ERC20 tokens both from your desktop and mobile.
Ledger Nano S supports Android devices, while Ledger Nano X supports both Android and iOS.They are compatible with over 1100 apps. In addition, Ledger Nano X provides storage space for installing three to twenty apps, whereas Nano X can install up to 100 apps.
Trezor provides its proprietary application Trezor Wallet. It has an easy-to-use interface that allows you to transfer and manage your funds.
Ngrave offers its application known as NGRAVE LIQUID. To download the wallet, you can scan the QRcode in the wallet. Then, you can further scan the next QR Code to sync all your accounts on the device to your app.
All the communication between wallet and app will be using QR codes. The wallet communicates with the application, which in turn communicates with the blockchain. It fetches real-time data of all the transactions giving us a strong mobile application experience. However, it cannot access your private keys.
The Ellipal app allows you to store and manage multiple coins in a wallet. In addition, you can open up to ten accounts in a single wallet, depending upon the size.
The App supports both Android and iOS platforms. In addition, You can check crypto news and price charts. The app allows you to view real-time rates and your balance. For connecting to the app, you have to scan the QR code.
It supports macOS, Windows, Linux, and Android. You can download them from here. You can pair the Bitbox02 device with the app using BitBox Bridge. In addition, the application provides multilingual support.
It has its proprietary web-based application that allows you to manage all the transactions from a single interface.
SecuX wallets support Windows, macOS, Linux, and ChromeOS. For browsers, it supports Chrome V.71 or later, Opera V.57. In addition, a single SecuX wallet can support up to two hundred accounts.
Hardware Wallets Pricing
|Company||Model Name||Price (USD)||Price( EUR)|
|Ledger||Ledger Nano S||71.92||60.62|
|Ledger||Ledger Nano X||145.06||122.28|
|Ngrave||Ngrave ZERO and GRAPHENE||418.00||348,00|
|Ellipal||Ellipal Mnemoic Metal||49.00||40.59|
|BitBox||BitBox02 Multi edition||109.00||132.00|
|BitBox||BitBox02 Bitcoin only edition||109.00||132.00|
Hardware Wallets for Different Cryptos
- Best Cardano Wallets: Software vs Hardware
- Best Ethereum Wallets : Secure your ETH in a Hardware Wallet
- Best (SOL) Solana Wallets : Which is better, Hardware or Software Wallet?
- 5 Best Crypto Cold Wallets
- 10 Best Anonymous Bitcoin Wallets
- Best Shiba Inu and Baby Shiba Inu Wallets
- 6 Best Monero Wallets (XMR Wallet)
Best Hardware Wallets: Conclusion
Hardware wallets are needed to store cryptocurrencies safely in offline mode. After a detailed discussion of the eight top hardware wallets, the best hardware wallet depends on the features you need and the budget. Ngrave offers one of the costliest wallets, while Ellipal, with almost similar features, is available at nearly half the price. Additionally, you can stake, earn interest and also exchange cryptocurrencies using Ellipal. If you only want to deal in Bitcoin, then Coldcard offers one of the best bitcoin wallets. Though Coldcard and BitBox offer similar features compared to Ellipal but is not air-gapped.
Then comes Ledger and Trezor, who have the maximum number of customers in the market and have been leading for quite some time. Furthermore, with Ledger Live app you can stake, lend, buy/ sell, transfer, etc. your crypto assets.
If you are just starting out, you can opt for Prokey since it’s completely secure and cheap compared to the existing wallets in the market.
For any time, on-demand analysis on any cryptocurrency, you can join our Telegram channel.