The Coldcard is an “ultra-secure” bitcoin-only hardware wallet that is packed full of security functionality that helps you to keep your funds safe.
This includes a number of duress features, countermeasures to prevent evil maid and supply chain attacks, as well as the ability to use the Coldcard without ever connecting it to another device.
The Coldcard isn’t right for everyone, but it’s easily my favourite hardware wallet.
Coinkite’s Coldcard is a popular Bitcoin (BTC) hardware wallet that’s been available since 2018. The latest revision, the MK3, was released in October 2019.
Without a doubt, it’s my favourite hardware wallet.
In this Coldcard review, I’m going to walk through everything you need to know about it.
Advantages & Disadvantages
- Open-source software.
- Built with a dedicated secure element.
- Simple, compact, and lightweight design.
- Can be operated without ever being connected to a computer.
- BIP39 passphrase support.
- Includes plausible deniability features, login countdown settings, and can be configured to self-destruct.
- Compatible with a few popular bitcoin wallets (e.g., Electrum and Wasabi).
- Wallet (and settings) can be backed up to a microSD card.
- Only supports Bitcoin (BTC).
- Quite expensive ($120 / €100 / £88).
- Isn’t as beginner-friendly as alternative hardware wallets.
What Is a Coldcard?
The Coldcard MK3 is the third iteration of this popular hardware wallet (by Coinkite).
Making a transaction using a hardware wallet like this requires physical access to the device. That’s because the critical information (the private key) is securely kept on the device itself.
Hardware wallets are widely recommended across the crypto-community. They’re not free, but they’ve made it simpler and easier for more people to securely store their cryptocurrencies.
I'll go on the record and say the Hardware Wallets are better than software and paper wallets for all except a handful of opsec/infosec experts. Security isn't about absolutes. It's all relative and complexity/operator skill are of the utmost importance.
— Andreas (BEWARE of giveaway scams!) (@aantonop) March 27, 2018
Coldcard MK3 Price
You can currently buy the Coldcard MK3 from the official Coinkite website for $119.97. That’s roughly £85 or €100.
The Coldcard MK3 ships from Canada, but the shipping costs to the UK aren’t too bad. When I ordered mine, I was asked to pay $9.00 for basic delivery (which is about £ or €) to the UK.
Fortunately, I wasn’t charged any import duties when this arrived in the UK and it only took about 10 days to arrive.
You can pay with a debit/credit card or Bitcoin (BTC).
What’s in the Bag?
Here’s what’s in the bag:
- The Coldcard MK3 hardware wallet.
- Backup card (where you can write down your 24-word seed).
- Coldcard sticker.
A micro-USB cable isn’t included. You can buy cheap ones from Amazon (like this) if you don’t have one you can use.
You’ll also need to buy a compatible microSD card if you want to use the Coldcard without ever connecting it to a computer.
It’s a bit bulkier than alternatives out there, but the Coldcard still comfortably sits in the palm of your hand (88 x 51 x 9mm) and is lightweight (approx. 30g).
It has a screen that’s clear and easy to read (128 x 64px OLED), as well as a responsive, adult-sized numeric keypad.
The Coldcard’s clear plastic case is a purposeful design feature. This allows you to visually check that your device hasn’t been tampered with.
Bitcoin (BTC) is the only cryptocurrency that you’re able to store using the Coldcard MK3. I don’t expect this to change either, as it’s explicitly marketed as a Bitcoin (BTC) only wallet.
If you want to secure your alternative cryptocurrencies, then you’ll want to consider getting a hardware wallet like the Ledger Nano S or Trezor One. Both these alternatives support more than 1000 cryptocurrencies and tokens.
Supported Wallet Software
Coinkite hasn’t built any custom software that can be used to interact with the Coldcard.
However, the Coldcard is compatible with Bitcoin Core and a handful of popular Bitcoin (BTC) wallets. This currently includes:
The Coldcard MK3 has a truly impressive number of security features.
Here are the main things:
- Stores your seed words inside of a dedicated secure element (ATECC608A). For more detailed information, check out this.
- Firmware is open-source – which means that it can be audited for problems by anyone.
- Firmware’s signature and device’s flash memory are verified on each boot-up. If they don’t match, then the caution light will be switched on. Find out more here.
- Supports Multisig Bitcoin (BTC) wallets (with up to 15 co-signers).
- You’ll be shown two anti-phishing words whenever you boot-up the device and insert the first half of your PIN code. This verifies that the Coldcard you’re using is really yours.
- Coinkite have taken steps to help you verify that a Coldcard ordered from them hasn’t been tampered with. For instance, it’ll arrive in a “tamper-evident” bag with a serial number that should match the code embedded in the secure element. See here for more details.
One thing about the Coldcard which stands out is that it can be used without ever connecting it to your computer. You can do everything offline – including going through the initial setup of the device, as well as receiving and sending Bitcoin (BTC).
You can do this by ensuring that you only ever connect your Coldcard to a battery pack or power outlet. As the Coldcard has a microSD slot, you can then transfer data in and out using a microSD card.
This is awesome, but it will make it more of a pain to send Bitcoin (BTC).
The Coldcard MK3 includes more plausible deniability functionality than any other alternative hardware wallet that I’ve checked out.
If someone was physically forcing you to open up your device (i.e., $5 wrench attack), then these functions could be used to redirect the attacker to a decoy wallet, delay them from accessing your main wallet, or completely destroy the device.
- Duress PIN: Setup an additional PIN code that redirects you to a completely separate wallet.
- BIP39 Passphrases: Select a 25th word (i.e., passphrase) which encrypts your seed words and generates a separate wallet. You can use this function to multiple separate wallets. Find out more here.
- Login Countdown: You can force a specific time delay (up to 28 days) before the Coldcard can be used after entering your PIN code.
- Brickme PIN: Configure an additional PIN code that triggers the destruction of the secure element when entered (rendering the device unusable). You can also enable a specific delay (up to 28 days) before it’s obvious that you’ve entered the Brickme PIN.
There are plenty of alternative cryptocurrency hardware wallets out there.
Here are three of my favourites:
Summary: Best Bitcoin Hardware Wallet
There’s nothing quite like the Coldcard MK3 on the market.
Here’s what stood out to me:
- It uses a specialised chip to secure your seed words, but all of the firmware code is open source.
- You can use the Coldcard without ever connecting it to an internet-enabled computer. This is awesome.
- It’s packed full of security features. This includes duress functionality that other wallets I’ve reviewed don’t have (e.g., login countdowns), as well as firmware and device verification every time the Coldcard is booted up.
It’s a unique beast and, without a doubt, my favourite hardware wallet.
But it’s not for everyone. It’s an unapologetically bitcoin-only hardware wallet and nowhere near as beginner-friendly or cheap as popular hardware wallet alternatives like the Ledger Nano S and Trezor One (which put a huge emphasis on usability).
But if your main concern is keeping your Bitcoin (BTC) funds super-secure, then the Coldcard might be worth a closer look.
Have a Question?
Thanks for checking out this Coldcard review!
Have a question you want to ask about Coinkite’s Coldcard?
Let me know in the comments section below.