What is a hardware wallet?There is no globally accepted definition of a hardwa

1. What is a hardware wallet?
2. There is no globally accepted definition of a hardware wallet. Some consider a paper with 12 words a hardware wallet - after all paper is a sort of hardware or at least not software and the 12 words are arguably a wallet(‘s backup).
3.  
4. For the purpose of this project we adhere to higher standards in the hardware wallet section. We only consider a hardware wallet if dedicated hardware protects the private keys in a way that leaves the user in full and exclusive control of what transactions he signs or not. That means:
5.  
6. The device allows to create private keys offline
7. The device never shares private key material apart from an offline backup mechanism
8. The device displays receive addresses for confirmation
9. The device shares signed transactions after informed approval on the device without reliance on insecure external hardware
10. Our steps when reviewing a hardware wallet
11. We try to follow the spirit of the software review process, looking at the firmware and its updates for public source and reproducibility.
12.  
13. In addition we look at physical properties of the device.
14.  
15. Are the keys never shared with the provider? If not, we tag it PROVIDED KEYS
16.  
17. The best hardware wallet cannot guarantee that the provider deleted the keys if the private keys were put onto the device by them in the first place.
18.  
19. There is no way of knowing if the provider took a copy in the process. If they did, all funds controlled by those devices are potentially also under the control of the provider and could be move out of the client’s control at any time at the provider’s discretion.
20.  
21. Can the device sign transactions? If not, we tag it LEAKS KEYS
22.  
23. Some people claim their paper wallet is a hardware wallet. Others use RFID chips with the private keys on them. A very crucial drawback of those systems is that in order to send a transaction, the private key has to be brought onto a different system that doesn’t necessarily share all the desired aspects of a hardware wallet.
24.  
25. Paper wallets need to be printed, exposing the keys to the PC and the printer even before sending funds to it.
26.  
27. Simple RFID based devices can’t sign transactions - they share the keys with whoever asked to use them for whatever they please.
28.  
29. Can the user verify and approve transactions on the device? If not, we tag it BAD INTERFACE
30.  
31. These are devices that might generate secure private key material, outside the reach of the provider but that do not have the means to let the user verify transactions on the device itself. This verdict includes screen-less smart cards or USB-dongles.
32.  
33. The wallet lacks either an output device such as a screen, an input device such as touch or physical buttons or both. In consequence, crucial elements of approving transactions is being delegated to other hardware such as a general purpose PC or phone which defeats the purpose of a hardware wallet.
34.  
35. The software of the device might be perfect but this device cannot be recommended due to this fundamental flaw.
36.  
37.