Bitcoin Tech Review – Coldcard cold storage, a Bitcoin hardware wallet

TL;DR –  3 reasons to buy a Coldcard

1. It feels like a security game changer upgrading to a Bitcoin only Coldcard with all of the added security and fund protection measures in place for both real life and online threats.
2. With your hardware wallet completely offline forever and needing to access it less frequently only to send bitcoin is a great piece of mind.
3. The hardest thing to think about will be how complex or tricky you decide to be with activating the duress, brick me and login countdowns, having the option to consider these is something we wished we’d had a lot sooner!

If you’ve ever bought a FastBitcoins voucher from one of our merchants you may have noticed a discount code for Coinkite on it. Coinkite are the makers of the popular hardware wallet, Coldcard. We tend to recommend this wallet to friends and customers because it’s Bitcoin only, open source, easy-to-use and secure. But could it make it a good hardware wallet for you?

What are the unique features of the Coldcard (Mk 3)?

The Coldcard is air-gapped, meaning you do not need to connect it to a computer or the internet to access your bitcoin

• It is air-gapped, meaning you do not need to connect it to a computer or the internet, data is transferred and backed-up over microSD card. This reduces the chance of it getting hacked and your precious bitcoin getting stolen.
• The device can be powered by a modern USB power pack, wall adapter or even a 9-volt battery using the Coldpower meaning no need to connect it to a computer for power.
• It’s secure, open source element (specialised security chip) for your private keys and seed words (recovery words)
• Numeric, easy to use keypad which most hardware wallets don’t come with.
• Secure supply chain with mechanism to make sure the device cannot be tampered with, including a clear case and sensitive components covered in epoxy.
• Anti-phishing words created by the device that the user memorises and confirms everytime they enter their pin to guarantee it is actually their Coldcard.
• ‘Duress’ PIN code option to take a coerced user to a separate wallet with only a small amount of bitcoin in and not the main wallet. Good to have handy if you ever face a one on one threat situation.
• A Brick device PIN code option which allows a coerced user to instantly destroy the secure element. Can also be set to brick the device after a set time delay
• Login countdown option for a set time delay before having to re-enter the PIN a second time to use the device.
• Option of using dice to guarantee the generation of properly encoded seed words (recovery words)

How easy is it to set-up?

If you are coming from using a more generic hardware wallet to a Coldcard it can take some time to take it all in. Going through the user docs before you use your new Coldcard is useful. However there are many technical terms and references used during set-up that will likely mean users will need to seek further information elsewhere.

It is worth investing time researching before you start the set-up so that you understand the device and can take advantage of the many useful features that come with it (particularly the security and backup aspects which you’re now realising you should’ve had sooner).

Coinkite lists some video guides from The World Crypto Network, BTC Sessions, Tales From The Crypt and Ministry Of Nodes. We recommend watching some of these to confirm your understanding and get on with booting your Coldcard up!

You can connect your Coldcard directly to your computer but for increased security we used a Coldpower with a 9V battery to keep our Coldcard air-gapped (offline), selected a pin number, were given our device anti-phishing words and created a new wallet. At this point you’re given a randomly generated 24 seed words code (recovery/backup words). But you can also use dice rolls to introduce your own guaranteed randomness to the process which ultimately represent your own Bitcoin private keys. It’s important to record these words safely as instructed (the device will test you on them as well). You also have the option of recording these words encrypted onto a microSD card.

You don’t have to use your own node, it is best practice though so as to verify your own transactions and wallet balances without relying on a third party, so using our Umbrel node with the integrated Specter Bitcoin Wallet (other nodes and desktop wallets are available) we simply exported the wallet data from our Coldcard using the microSD card to our Specter desktop wallet and followed the instructions to import the data.

The wallet generates multiple receive addresses removing the need to use your Coldcard to generate these addresses unlike other hardware wallets. You only need the device to send bitcoin from your wallet.

We sent some funds to one of the receive addresses on the Specter wallet and then got to try a partially signed bitcoin transaction (PSBT) which allows you to keep your device air gapped throughout the process. You generate a send transaction as on a normal wallet but it creates a file that you save to your microSD card, which you then insert into your Coldcard to simply sign (authorise) the transaction, this saves a new ‘signed’ transaction file to the microSD card which you put back in your computer and tell Spectre where it is and it will broadcast your transaction to the network, we found it surprisingly simple to do.

There are even more things the Coldcard is useful for such as multi-sig wallet setup’s and the ability to generate seed words for wallets on other devices but we will address these functions in another post.

Get a 10% discount on purchasing your Coldcard wallet anytime you purchase a FastBitcoins voucher from any of our participating merchants! Find one near you on FastBitcoins.com.