Introduction: Security of Hardware wallet
In recent few years, with the rise of blockchain technology and cryptocurrencies, several hardware wallets. and software wallets have come up to store different cryptocurrencies. A user is can to store cryptocurrencies on different kinds of wallets like software wallets and hardware wallets. Despite different kinds of wallet. many users prefer to store cryptocurrencies on a hardware wallet since it is safe and not hack able by any hacker. Hence hardware wallets are the primary choice for several cryptocurrencies users. Security of such hardware wallet are much important.
But in recent few years or months, such claims have been proved to be wrong since quite a few hardware wallets available are hacked or have a potential to get hacked. Such wallets are Ledger, trezor, keepkey and many such hardware wallets.
According to different resources, Kraken Security Labs, a cyber security division of the most famous exchange for cryptocurrencies have claimed to have different attacks against a ledger hardware wallet called Nano X.
Although patches are available for vulnerabilities. Hence it completely turns several claims to be false that hardware wallets are secure.
Different hacks conducted on hardware wallets
According to Kraken Security labs, two different hacks are conducted on hardware wallets. Bad Ledger in one such attack, in which a hacker performed a tampering of a device before a customer bought on ebay. In this attack a hacker tried to add several different protocols which do send different malicious keystrokes to victims devices.
Another such attack of Blonde ledger, here a hacker tries to run different malicious programs on a non secure processor. And it switches off the display of the hardware wallet, even though it is running on battery. Such a way allows hackers to do social engineering to convince victims to press different buttons and perform a transaction which transfers all the cryptocurrencies to the hacker’s address.
In such attacks, it is more prone for users to lose all amounts of cryptocurrencies since with disabled display, a user won’t be able to check any history of transactions. A basic way to prevent such attacks is to buy hardware wallets from authorised stores.
Another claim by shopify says that their data hacked and with data breaching hardware wallets like trezor and ledger SAS faced a similar kind of attack.in such hacks, hackers tried to use the database of users of shopify. Such databases do include sensitive information like private keys or wallet keys which allows hackers to access the cryptocurrencies holding.
Several research works do claim that hardware wallets can be hacked.
With all such attacks and claims researchers from Ledger concludes that such attacks are doable on different products like keepkey wallet. Here a hacker can figure out a pin used to protect the wallet. Likewise, many such vulnerabilities are in hardware wallets.
For more precise details, different researchers developed a hack against a keepkey wallet for finding loopholes. Different results came from such research and it was found that hackers could acquire a pin which can unlock the wallet and steal all cryptocurrencies.
Hardware wallets do have different chips which do output several voltages at different times. During such output, researchers were able to establish a link between such powers consumption fluctuations and the amount of data processed. With such a link, it does not leak any information. A recent article in wired.com,,donjon researchers found how pin inputs can be used to identify pin itself. With different decoders for voltage outputs at the pin retrieval phase, attackers could identify the pin of the victim’s wallet.
Hence, the hardware wallets are prone to hacks. Such observations have led to a conclusion that due to a single point of failure . And having a single PIN to secure a wallet has led the hacks to occur. So we do need a solution which solves the issue of single point of failure and prevents the
How to prevent different hacks on hardware wallets?
One such solution is to prevent Multi Signature wallets. Multi Signature wallets are advance solutions that ensure the reliability and security of wallets. Multisignature wallets do need different signatures to validate any transaction. Such wallets work on the doublock system in which more than one person has private keys to maintain the security.
With a multi signature hardware wallet, one can prevent redundancy and single point of failure. Many times people do buy millions of cryptocurrencies and store it in a hardware wallet. Such multisig mechanism would be useful since it will be more transparent and secure. It will not face any single point failure.
A multisignature storage would prevent single point of failure and stealing for cryptocurrencies.
How multisig wallets prevent such hacks and losses.
- All keys of multisig wallets are available in different geographical areas in different separate devices. With such a large distribution a hacker would not be able to hack or locate keys.
- It woul be more transparent since it stores all the transactions stored which are referable multiple times.
- It provides an extra layer of security to process any transaction in a multi storage wallet. Even if a hacker manages to acquire all different keys, it would still need co-signers to sign transactions to validate it.
- Different signers secure the keys. And it becomes more sort of group ownership, hence different decisions are easy to make.
Conclusion: Security of Hardware Wallet
Different hardware wallets secures the cryptocurrency with a pin, hence for any transaction to take place, a pin should be available. Such a pin doesn’t provide much security to the hardware wallet since it is more prone to single point of failure. Whereas if we secure the same hardware wallet using the multisig storage, a single point of failure is preventable.