Are cryptocurrency hardware wallets a dying industry?
How can hardware wallets keep iterating? Is the market saturated? Where do they go next?
From one angle it looks like hardware wallets are a dying industry.
The product is caught in no man's land between two encroaching fronts. Consumer-grade hardware wallets are increasingly found in smartphones, such as the Samsung Galaxy S10, presenting a hardware wallet alternative for your everyday cryptocurrency user. From the other direction, institutional-grade crypto custody solutions are proliferating rapidly to serve heavyweight users and serious investors.
Plus, the tiny market has to be saturated by now. A number of perfectly good hardware wallets have been available for years now, and new buyers only enter the market whenever Bitcoin prices leap. It would be nothing short of miraculous if anyone's still buying them.
And hardware wallets aren't exactly multi-functional or feature-filled products. Their sole job is to secure private keys. It's impossible to seriously iterate on such mono-functional devices, and if hardware wallet design hasn't plateaued by now, it's because the designers aren't trying hard enough.
From another angle, all of the above is completely incorrect.
Myth: Saturated markets
"Demand is there, and it's growing," says BC Vault business development director Dmitry Fedotov.
BC Vault is a comparatively recent entrant to the hardware wallet market. While it might look like a rough market at a glance, things are actually going rather well, he says.
"Market demand has skyrocketed on two factors. The first is the rally that started in April this year. And secondly, the all time high in hacks of very prominent figures such as Binance."
"Once you have even one Bitcoin, you really don't want to lose it," Fedotov says. "It's a significant amount of money. We have seen a significant spike as a result of any hack, especially the one on Binance."
It's tough to say how many people own cryptocurrency, but according to one Finder survey of over 2,000 people, the proportion of Americans who own a cryptocurrency almost doubled from 7.95% in 2018 to 14.4% in 2019. This translates into about 36.5 million cryptocurrency owners in the USA.
It seems a little high, right? But it actually squares almost perfectly with data from Coinbase, which shows an almost identical near-doubling user count from 2018 to 2019 and somewhere north of 30 million total users as of July 2019.
And while leading hardware wallet brands don't habitually publish their full sales figures, the last we heard, Ledger had sold about 1.3 million Nano S units as of October 2018. And by every reckoning, that's the world's best-selling hardware wallet ever.
So even with just a quick once-over of some rough numbers, it looks like there's still plenty of room in the market for sales to grow whenever prices jump or a major exchange gets hacked.
It also helps that those Ledger Nano S sales figures may be somewhat overstated, relative to the number of devices actually in consumers' hands, according to Fedotov.
The massive rise of 2017 blindsided everyone, including hardware wallet manufacturers, he explains. With these sudden waves of demand and growing backlogs, it made sense to put a buffer into the market.
"Because of this, I guess, they started to implement such rules such as requesting distributors for Ledger to maintain a stock of at least fifty wallets, or a hundred devices, which they put on the books as sold, but they were not in circulation," Fedotov says. "So, you can imagine that if you take all these figures for Ledger, and multiply it by fifty units... the number of wallets in circulation is very different from what was provided."
Myth: Hardware wallet design has plateaued
As a latecomer to the space, BC Vault can make some design choices that incumbents can't, Fedotov says.
"The difference between ourselves and the mainstream wallets on the market, such as Ledger and Trezor, is that we started off much later than the guys at Ledger and Trezor," he explains. "That gave us the very good benefit of not having the cost of legacy... a few functionality advantages that those big guys just can't provide. Not because they lack the resources, but just because we developed our product at the beginning of last year."
A new source of entropy
One example is the way seeds are generated. Simply by virtue of how seeds are generated, there are limits to the number of separate wallets a Trezor and Ledger device can support, Fedotov says.
Basically, you need a random number generator, or a source of entropy, to randomly pick a bunch of different words (typically 24 of them) from a set list of 2,048 different words. The selected words become your super-secret seed phrase, which can be used to gain full access to a device.
Without a good enough source of randomness to pick these words, someone could look at the how a wallet generates its randomness, or whether it's ever predictable, and then reverse-engineer the process to decipher an existing seed and steal funds.
Trezor and Ledger both use similar, but different, sources of entropy.
Ledger's random numbers come entirely from the device itself. The same secure element that holds keys offline also generates random numbers, with a system that's been heavily audited and certified to be truly random and unpredictable to extremely high standards of randomness. By contrast, Trezor's creates some randomness of its own while also asking the user's computer to generate some randomness. The idea there is that two sources of entropy are more random than one.
Security-wise, the general consensus is that both of those systems are perfectly as good as they need to be. But function-wise, these entropy sources limit the number of different seeds a wallet can safely generate, Fedotov explains.
Fortunately, one seed can generate an infinite number of private keys. And Trezor, in particular, will let users create a range of hidden accounts inside one device, each of which is unlocked by a different password and each of which will open into different private keys. Most Ledger and Trezor end users will not necessarily chafe at this limitation.
But if you want to have a massive number of different seeds on the same device, such as if you want to have a large number of fully compartmentalised sections with their own seeds and no overarching master seed, that means finding a suitable source of entropy, such as a built-in gyroscope, for generating as many seeds and separate wallets as you want. A more flexible entropy source, which can generate seeds to more different standards, may also help avoid some compatibility issues down the line.
It's "something they can't go around anymore without going on and replacing all the existing devices," Fedotov says.
That's why BC Vault came up with a new source of entropy.
"Our seed is generated completely differently," he explains. "Our devices have a built-in gyro sensor, so our seed is generated by the physical movement of the hand that is holding the device. And the upside of that is basically that we don't have this limitation... because our seed is generated with a completely different algorithm."
What this means is you generate a seed on BC Vault by shaking the device around for a couple of minutes. Each shaking session will move it in a completely unique and unpredictable way, which gives it an infinitely reusable source of randomness.
On the plus side, even without this, one seed can generate an infinite number of private keys. And Trezor, in particular, will let users create a range of hidden accounts inside one device, each of which is unlocked by a different password, and each of which will open into different private keys.
But if you want to have a massive number of different seeds on the same device, such as if you want to have a large number of fully compartmentalised sections with their own seeds and no overarching master seed, that means finding a suitable source of entropy, such as a built-in gyroscope, for generating as many seeds and separate wallets as you want.
Ferroelectric RAM (F-RAM) is a type of computer memory which, due to the material it's made of, has a much higher tolerance for rewriting and has much better data retention than other types of memory.
It can be used for a longer time without degrading, it doesn't need to be periodically started up to prevent from breaking and it can reliably hold data for decades, even in some less-than-ideal environments.
Plus, because of the way ferroelectric RAM writes and wipes data, it also offers additional security against certain types of attacks that Trezor devices have, on a couple of occasions, been accused of being vulnerable to, Fedotov says.
Both of these are naturally good fits for hardware wallets, and are arguably a necessity if you're planning to use your wallet for very long term storage.
One downside, which has prevented F-RAM from seeing wider use in more applications, is that its memory capacity is comparatively limited. But this isn't a deal-breaker for hardware wallets. Its much higher price tag, however, is.
"We took apart the Ledger unit last year," Fedotov recalls. The total cost of all the materials and manufacturing each unit is probably less than US$20, he reckons.
But "the ferroelectric RAM, which is being produced by only two major manufacturers – Fujitsu and Texas Instruments – is about US$20 [by itself]... so it's extremely expensive compared to what is being used by Trezor and Ledger," he says.
"It's not going to be possible for our device to be a complete competitor price-wise to Ledger and Trezor, but right now we are more or less on the same price level with the new releases (the Ledger Nano X and Trezor Model T) that are more expensive."
For the end user though, an extra 20 bucks on the final price tag in exchange for those benefits may seem like a solid trade-off. But once again, this design choice is much easier to make as an industry late-comer than an early mover.
That's because Ledger and Trezor both came into existence in 2014, alongside a host of other early hardware wallets, most of which have since gone out of business.
The simultaneity is no coincidence. It was that first massive Bitcoin price rise in 2014 that attracted sophisticated thieves to Bitcoin and gave lots of people millions of new reasons to start caring deeply about the security of their funds.
Both of the top wallet brands of today, Ledger and Trezor, started in 2014 and had to find a way of surviving until this day, going through a slew of market ups and downs, and booms and busts, in the process. This Darwinian process has naturally favoured the evolution of wallets with low manufacturing costs, competitive prices and relatively robust supply chains, which can be scaled up and down quickly and aren't dependent on any hard-to-find materials.
Ledger, in particular, has previously attributed its longevity to its attractive price tag.
But these conditions certainly weren't conducive to the evolution of ferroelectric RAM in hardware wallets. Anyone who tried it back in 2014 likely wouldn't have made it to today. Similarly, it's not possible to spot the advantages of F-RAM in hardware wallets, relative to the components used by other hardware wallets, until you've had a few years to get a sense of how most people use hardware wallets.
This is also how BC Vault found room for improvement in other elements of the user experience, Fedotov says.
Value-adds for users
One of these improvements comes in the form of on-chain analytics via a partnership with blockchain analytics firm PARSIQ. This partnership opens the door to a range of value-adding services.
For example, it presents another way of setting transaction fees to match the current state of the blockchain network. The Ledger and Trezor accompanying apps also provide fee estimates and default settings for users, but in the future, PARSIQ may be able to optimise transaction fees for BC Vault users better than the presets provided by Ledger and Trezor can, and for more different blockchains and coins.
Other value-added services may include automatic alerts for users.
For example, it could help users set up Telegram, email or SMS alerts for payments made to their address, or any unauthorised withdrawals. A hardware wallet by itself typically can't do this automatically, as the wallet can't be internet-connected for security reasons, but with the help of a third-party analytics service, you can deliver this to users without compromising security.
"We are always looking for ways to improve customer experience," Fedotov says. "Nobody else provides this kind of service."
"As far as I know, nobody was looking to provide this kind of service, but maybe now that we have announced this cooperation with PARSIQ, it will change," he suggests. "In the future, this partnership will allow us to develop transaction speeds... we will be able to use PARSIQ data for blockchains to optimise the costs of transactions."
As things currently stand, PARSIQ monitors every transaction made with BC Vault hardware.
As Ledger CEO Eric Larchevêque said after someone demonstrated potential vulnerabilities in Ledger devices:
"All systems have vulnerabilities. That's part of the life of any security system. It's a game of cat and mouse."
BC Vault agrees, saying on its website: "There is no 100% guarantee in the world of hardware and software."
"Every wallet producer is claiming to have never been hacked, to be the most secure one, and so on and so forth," Fedotov says. "But it's always been proven that someone always gets through the device."
There are never any guarantees of perfect security, yet every wallet claims – sometimes without a shred of credibility – to be unhackable and perfectly secure.
How do you simultaneously assure users that their funds are safe, while conceding that security in general is tricky business and nothing is truly safe? And how do you explain your security credentials to users without drowning them in jargon?
The solution BC Vault came up with was a public bug bounty wallet on each device, Fedotov says.
"What we came up with was very much in the spirit of the Bitcoin community. Each BC Vault device has a bounty wallet that is encrypted in the same way that user wallets are, that holds one Bitcoin. So if someone manages to hack any BC Vault wallets at all, they immediately gain access to those funds."
"So if the funds are still there, we can very rightfully claim that we have never been hacked... This address is public. If anybody manages to hack our device, it will quickly become public knowledge... We have a very clear way of proving that we've never been hacked."
Sure enough, the funds are still there, and someone's even topped it up with a bit extra.
Of course, there's no guarantee that someone will steal the Bitcoin if they manage to crack the wallet. And someone would need to have a firm grasp of all the technical details to confirm for themselves that the bounty Bitcoin is actually secured in the same way as everything else on the wallet.
Still, it's reassuring to see that the canary Bitcoin is still perched in its wallet.
It's equally reassuring to see that the hardware wallet business is moving just as quickly as everything else in cryptocurrency.
Disclosure: The author holds BNB and BTC at the time of writing.