Over the past few months, well known hardware wallet manufacturers have been swamped with sales during and after the holiday season. Hardware wallet deliveries have been backed up and some people have had to wait weeks to get direct shipping from source manufacturers. Much of the demand has stemmed from the typical holiday season, but also because digital assets have gained a lot in value during the course of 2017 and into the new year.
Also read: Indians Look to Buy Bitcoin Overseas as Regulations Tighten
Satoshi Labs Discloses the Company’s Processing and Shipping Procedure
This week the Prague-based hardware wallet manufacturer, Satoshi Labs, told the public how a Trezor order is processed utilizing the utmost security practices. The company explains that it puts a lot of focus on the procedure of shipping items that will store valuable cryptocurrencies after being sold and shipped.
A lot of digital asset investors use hardware wallets to store their cryptocurrencies in a safer location. Most of the reputable hardware wallets are known for having very little vulnerabilities and most of the vectors are due to Man In The Middle (MITM) attacks. MITM attacks consist of an attacker obtaining a relay of the device’s private keys whether it be from extraction or during the shipping process. Satoshi Labs says that when it comes to the processing and shipping of every Trezor order the firm takes security very seriously. The team explains this week that since the company is very transparent with disclosures, and open source code they feel its only right to detail the shipping process and its delivery methods.
After receiving a payment for a new Trezor device, the company prepares to ship the unit and uses the company DHL as its default shipping service. Satoshi Labs also offers delivery by standard post which can be a much slower delivery time depending on the customer’s location. The first part of the processing begins with a logistics team that inspects the goods for a proper seal and makes sure the product is ready for delivery.
Satoshi Labs emphasizes Trezor devices do not have firmware loaded on the device when they are shipped. The device only runs signed firmware verified by a write-protected bootloader and when downloading further firmware updates the device will warn you if the protocol is not correctly signed. Satoshi Labs details that the case is also ultrasonically welded which means if the exterior is broken the device will be difficult to restore.
If Ledger Wallet Went Out of Business “It Would Only Be An Inconvenience”
Ledger Wallet has also described in the past how its company protects the security of its devices. The company headquartered in France says that the hardware protocol used in its products uses a “decentralized wallet system.” Much like Trezor, the Ledger Wallet generates private keys during the initialization process and the keys are then stored on a secure ship within the confines of the products shell.
“Ledger never has the opportunity to make a copy of your private keys,” the company explains.
Both Ledger Wallet and Trezors use passphrase seeds (a sequence of 24 random words) during the initialization process which can be used for key restoration. This means if you lose your hardware wallet or the device gets damaged or stolen the seed phrase can be used to access the cryptocurrencies held on the device. Further, these seeds can be utilized to obtain the digital assets using another wallet as well just in case the company closed up shop and ran off into hiding. Ledger Wallet details how customers could handle the situation if the company went out of business.
“If Ledger shuts down all its activities, the Ledger Chrome app will most probably stop to function as our API servers would be stopped,” the company states on its website.
However, this would only be an inconvenience, as your Bitcoins would stay completely safe so long as you have your 24 words recovery phrase. With your recovery sheet and your 24 words, you can anytime restore your balance to another BIP 39.
Responsible Disclosures and Bounties
A hardware wallet’s key generation and the shipping process are very important subjects to customers especially when it comes to storing precious cryptocurrencies. These companies also disclose possible MITM vulnerabilities and offer bounties to the community for testing their products for weaknesses. It’s also good to know that if the manufacturers go out of business you can restore your cryptocurrencies without the devices or using the company’s wallet software. Anyone can test their seeds out today with another wallet just to make sure.
What do you think about the…