Coldcard

Formerly a Bitcoin exchange, Coinkite has successfully pivoted to being the parent company of several Bitcoin hardware products. Opendime (like a USB thumb drive to store the private keys of a Bitcoin wallet) and the Coldcard hardware wallet are the more popular products that are known in the space. Coinkite is based in Toronto and was founded in 2013 by Rodolfo Novak and Peter Gray. After experiencing legal and regulatory complications, and a number of DDoS attacks against their online wallet services, they pivoted their business strategy to focus solely on their hardware products. Opendime was developed soon after in 2016 as a read-only USB stick for users. In 2018, Coldcard was developed to provide all of the necessary tools for users to perform more dynamic tasks like supporting new wallets as well as importing existing ones for better fund management. Coldcard requires open-source software that is viewable by anyone around the world to troubleshoot and test for weaknesses within the source code. This allows for immediate improvements to be made rather than relying on a slow and opaque process for a dedicated team to monitor.

• Bitcoin only
• Open-source
• True air-gap operation with PSBT: Partially Signed Bitcoin Transactions. The physical device never has to be connected to a computer in order to generate a seed phrase or execute a transaction.
• Your private key is stored in a dedicated security chip. Not within the device’s main flash storage.
• Bright, 128x64 pixel OLED screen. Shows all critical details of your transactions.
• MicroSD card slot for backup and data storage. This allows truly offline signing, by transferring the unsigned/signed transactions on sneakernet (moving data physically rather than over a network).
• Unlimited number of wallets can be created using BIP39 passphrases. These may be useful to use as decoy wallets.
• A “Brick Me” pin may be used to destroy all data on the device.

The package contents of a Coldcard MK3 include: 

• The device (looks similar to a calculator).
• Information Booklet. 
• Wallet backup cards.
• A Coldcard wallet sticker.

‍

Step 1: Generate a Seed Phrase

‍

Required:

• The Coldcard device.
• A micro SD card to save the wallet.
• A USB cord to connect the device to your computer or a power source.
• A desktop wallet must already be set up on your computer.

Here is a step-by-step guide to set up the seed phrase for your Coldcard wallet:

• Use the USB cable to plug the device into your computer. If you choose to use the air-gapped method, you will not need to plug the device into a computer. A phone charger or power brick may be used to power the device on. The air-gapped option allows the user an extra layer of security that will never connect the device to the internet or a computer.
• Confirm that there was no tampering with the Coldcard packaging and then remove the contents from the packaging.
• After turning the Colcard on, set up the first part of your pin code. The pin code will only be used to unlock the device. If the pincode is lost, you may recover your funds on another device with the seed phrase.
• You will be prompted to write down the two anti-phishing code words. These are used to verify the validity of the device before you enter the last part of your pin. If the anti-phishing code words do not match the original words, either you have entered the pin incorrectly or a bad actor is performing a phishing attempt to gain access to your pin.
• Set up the second part of your pin code.
• On the device screen, select to create a new wallet.
• Copy the 24 word seed phrase that appears. It is very important to write the seed phrase on a non-digital material. If you lose your device, you will be able to recover your funds on a new device with the seed phrase.
• Double check that you have copied the seed phrase in the correct order. You will then be quizzed for which words appear in which order of the sequence.

Step 2: Desktop Wallet Setup 

‍

A desktop wallet is required to be used in tandem with the Coldcard device because it will act as a UI to perform transactions. The general steps are the same for whichever desktop wallet you choose. It is important to remember that the desktop wallet will not have access to the private keys (seed phrase) of your Bitcoin wallets on the Coldcard device. The desktop wallet, by itself, will be unable to move your bitcoin. The Coldcard device is required to do so in tandem with the desktop wallet. This process provides the desktop wallet with your public key so that you may view your balances.

Option 1 setup a desktop wallet without air-gap: Connect the Coldcard directly to your computer. You will need a USB cable for this option.

Required:

• The Coldcard device.
• A USB cord to connect the device to your computer.
• A desktop wallet. Electrum and Wasabi are popular choices. A list of compatible desktop wallets are found on the Coldcard website.

Setup:

• Connect the Coldcard device directly to the computer.
• This will depend on the desktop wallet you choose but there should be an option to check for the hardware wallet.
• Once it is detected, you may then load the wallet.

Option 2 setup a desktop wallet with air-gap: The air-gapped option does not require the Coldcard to be connected to a computer. This is an added layer of security to ensure that your funds are safe from computer viruses or phishing attempts. For this set up, you will also need to purchase a micro SD card. 

Required:

• The Coldcard device.
• A  micro SD card to back up the seed phrase and generated wallets (not included with purchasing a Coldcard device).
• A phone charger or battery pack to power the Coldcard device.
• Also, your desktop wallet must already be set up on your computer.

Setup:

• Insert the micro SD card into the Coldcard device.
• Navigate to Advanced and then select the micro SD card option.
• On the Coldcard, there will be an option to select the compatible desktop wallet you have downloaded on your personal computer. This will create a file that the desktop wallet can recognize and perform a partial transaction with (almost like setting up the transaction without a signature for it to execute).
• Eject the micro SD card from the Coldcard device and insert it (using the correct adapter or port) into your personal computer.
• Open the desktop wallet on your computer and drag or import the generated file from the micro SD card into the desktop wallet.
• This will depend on the desktop wallet you choose but there should be an option to load the wallet from the file you just imported.

Step 3: Sending and Receiving Funds

Option 1 sending and receiving funds without air-gap: Connect the Coldcard directly to your computer.

Required:

• The Coldcard device.
• A USB cord to connect the device to your computer.
• A desktop wallet must already be set up on your computer.

‍

How to send and receive funds with your Coldcard directly connected to a computer:

For receiving:

• Connect the Coldcard device to the computer with the USB cable.
• Enter the first half of your pin. Verify that the two anti-phishing code words are the original ones that you wrote down during the initial set up.
• Open the desktop wallet and select to load the Coldcard device.
• Select to receive funds on the desktop wallet.
• Send funds from the sender address (for example this could be from an exchange) to the newly generated address within your desktop wallet.

For sending:  

• If the Coldcard device is already connected, go to the send tab in your desktop wallet to set up a transaction. This may vary depending on what desktop wallet you are using.
• Paste in the receiver’s address.
• On the desktop wallet, select the amount of BTC you wish to send as well as the fee you wish to pay for the miners to record your transaction. The speed of the network confirmations depends on how much you are willing to pay. For example, the lower the fee that you pay, the longer the confirmations will take and the opposite is true if you are willing to pay higher fees.
• On the desktop wallet, select “send transaction”.
• On the Coldcard device, approve the transaction.

‍

Option 2 sending and receiving funds with air-gap: The air-gapped option allows users to never connect their Colcard device to a computer or a device that has access to the internet. 

Here is a step-by-step guide to use a Coldcard wallet with PSBT.

Required:

• The Coldcard device.
• A  micro SD card to back up the seed phrase and generated wallets (not included with purchasing a Coldcard device).
• A phone charger or battery pack to power on the Coldcard device.
• Also, your desktop wallet must already be set up on your computer.

How to send and receive funds with your Coldcard not connected to a computer:

For receiving:

• Within the desktop wallet, you may generate a public address to receive funds. This does not require any interaction with the Coldcard device. The desktop wallet has access to the public key from the imported Coldcard file. The public key can only receive funds. It cannot send funds without the signature or approval from the Coldcard wallet.
• Send funds from the sender’s address (for example this could be from an exchange) to the newly generated address within your desktop wallet.

For sending:  

• Insert the micro SD card into your computer.
• The steps may vary depending on which desktop wallet you are using but they will be generally the same. From the desktop wallet, you may build a transaction. This will be a separate option from a “Send” transaction option. You would use “Send” or a variant option like that if your hardware wallet was connected directly into your computer.
• Insert the receiver’s address.
• Adjust the fee you wish to pay the miners for recording your transaction. The lower the fee, the longer it will take to verify the transaction.
• Export the PSBT onto the micro SD card.
• Eject the micro SD card from the computer and insert it into the Coldcard device.
• On the Coldcard device, select “Ready to Sign”. On the device’s screen, it should read out the exact amount of BTC you are sending to the receiver’s address.
• Scroll down and select the checkmark button to approve the transaction on the Coldcard device. All of the information attached to the transaction will appear and you may select the checkmark button one more time.
• Eject the micro SD card from the Coldcard device and then insert it back into the computer.
• On your computer in the desktop wallet, there should be a tab (or a variant) to “Broadcast transaction”. Select “Broadcast transaction” and then “import transaction” from the micro SD card.
• Once the transaction is imported, you may then confirm to broadcast the transaction to the Bitcoin network. The transaction is now publicly available to view on the blockchain.

The Coldcard MK 3 was built with security being its top priority. It is one of the few hardware wallets that offer an air-gapped option so your wallet never touches a computer. While utilizing the BIP174 protocol (air-gap feature), it is considered the most trusted device for storing bitcoin. Here are the other main security features available in a Coldcard wallet:

• Tamper resistant packaging.
• The hardware and firmware are open-source and available on GitHub. This allows anyone the ability to audit and verify the source code.
• BIP174 gives the user the option to never expose their private keys to the internet.
• Micro SD card slot for air-gapped transactions. Card has to be physically removed from the device to the computer in order to execute transactions.
• The private keys stored on the device will never touch the internet. 
• Private keys for wallets are stored on a dedicated security chip.
• “Brick me” pin feature is enabled in case the device needs to be wiped quickly. The device will automatically be wiped after 13 failed attempts to enter the pin. This feature would be helpful in the event that a bad actor gains physical access to your device. Once the device is rendered useless, you will be able to recover your funds on another device with the seed phrase.
• Login countdown. After entering the pin correctly, the device may be set to a countdown. Once the countdown is reached, the user must then enter the pin again to access the funds on the device.
• Anti-phishing words are used as a way for the user to verify they are entering their pin on the correct device.
• Clear case option to see if the device’s board has been tampered with.

• Arguably the most secure hardware wallet for Bitcoin
• Air-gap support
• Easy navigation
• Open-source
• “Brick me” feature to wipe the device if needed