Uniswap launches iOS mobile wallet in select countries

April 13, 2023 Coin Telegraph

Apple

The decentralized exchange had previously stated that Apple was not allowing the app to be listed on the App Store.

Decentralized exchange Uniswap has launched a mobile wallet that features built-in support for the exchange, according to an April 13 announcement from the company. The app is available for iOS devices in select countries and can be found in Apple’s App Store.

1/ THIS IS NOT A DRILL

The Uniswap mobile wallet is out of Apple jail and now live in most countries ✨

Download our self-custody, open-sourced app today! https://t.co/yWxuw79xTY pic.twitter.com/QhK06icKBL
— Uniswap Labs (@Uniswap) April 13, 2023

The Uniswap team complained on March 3 that Apple was blocking the app from its stores. But in this new announcement, the team said that its wallet is “out of Apple jail and now live in most countries.”

Uniswap said the new wallet allows users to swap tokens on the Ethereum, Polygon, Arbitrum and Optimism networks. It can also be connected to any Ethereum app through WalletConnect. Users can back up their accounts by either writing down their seed phrase or encrypting their key vaults with a password and storing them in iCloud.

The Uniswap app also allows users to see detailed information about nonfungible tokens (NFTs) stored within it, including their floor prices and collections.

To make Web3 onboarding easier, several wallet developers have offered mobile apps with built-in decentralized finance (DeFi) functions over the past few years. In 2020, Argent integrated MakerDAO and other DeFi protocols with its wallet app, and 1inch provided similar integrations in 2021.

Uniswap is Ethereum’s largest decentralized crypto exchange, with over $3.4 billion of total value locked inside of its smart contracts, according to its own analytics page.

Cointelegraph reached out to the Uniswap team for a list of countries where the app is available but was unable to get a response by the time of publication.

Europe’s digital ID wallet — Easy for users or a data privacy nightmare?

April 7, 2023 Coin Telegraph

Coin Telegraph

European Union lawmakers are planning an EU-wide digital identity wallet for access to essential services.

On March 15, the European Parliament voted 418 to 103 (with 24 abstentions) in favor of negotiating a mandate for talks with the European Union member states about revising the new European Digital Identity (eID) framework and creating the “European Digital Identity Wallet,” also known as EUDI Wallet or EU wallet.

Citizen’s IDs, health cards, certificates and many other documents could soon be digitally stored in a smartphone application for EU citizens.

According to an official statement from the European Parliament, the system would allow citizens to identify and authenticate themselves online without relying on big commercial providers like Apple, Google, Amazon or Facebook.

The new eID framework will purportedly give EU citizens digital access to key public services across the EU. Citizens will remain in “full control of their data” and be able to “decide for themselves what information to share and with whom.”

European lawmakers have set an ambitious goal for this new wallet, aiming to bring it to 80% of the population by 2030. This could be achieved by mandating that the wallet be supported by e-government services and companies that have a legal requirement to identify their customers through Know Your Customer checks. It could require major online platforms like Google or Facebook to offer the EU wallet to log in to their services, with soft law and delegated acts that could require small and medium-sized enterprises to support the wallet.

Negotiations with the European Council on implementation would be the next step, but digital transformation and data protection experts have doubts and differing opinions about implementing the wallet.

Usability is the key to adoption

The EU wallet — like the current electronic ID cards in Germany and other European countries — will hardly be adopted by citizens in their daily lives if it doesn’t offer a good use case.

The challenge is to make it easier and more efficient for citizens to interact with public services and administrations, enabling authentication and verification processes, especially in the private sector.

According to Clemens Schleupner, policy officer of digital identity and trust services at Germany’s digital association Bitkom, the possibility of storing electronic IDs on a smartphone to use online as well as digitizing drivers’ licenses, health cards, passports, tickets, school reports, credit cards, membership certificates, etc., and combining them into one wallet could have mass market potential.

*Applying for a bank loan with eID. Source: European Commission*

The EUDI Wallet could make that happen; however, this will only succeed “if adoption among citizens in Europe is ensured through security and usability, relevance through a high number of possible uses and interoperability of different applications throughout Europe,” Schleupner told Cointelegraph.

Lack of usability and public awareness are also significant concerns for Christof Stein, spokesperson for Germany’s Federal Commissioner for Data Protection and Freedom of Information (BfDI).

Stein told Cointelegraph that using proven technologies and trusted infrastructures with enforced IT security and data protection standards are crucial for citizens using the EU wallet.

Privacy is king

As the final rules are not yet known, it is too early to evaluate the EU wallet at this early stage of implementation. For citizens, it is important that the legal framework provides a data-saving solution that only lets organizations ask for user data when they need it.

According to Stein, it is critical that users are protected from tracking by wallet providers, and wallet providers must ensure that wallet data processing is in line with legal requirements.

“What is necessary is a central anchor of trust enabling the enforcement of rules for the protection of individuals. For example, the infrastructure must be designed so that all organizations participating in the system must register to ‘identify’ themselves to users.”

The previous proposal from the European Commission lacked essential privacy safeguards that would have enabled third parties to obtain data about user transactions, possibly allowing bad actors to exploit the system for identity theft or fraud.

According to Thomas Lohninger, executive director of data protection Austrian NGO epicenter.works, the European Parliament has drastically improved the law and adopted a good position in the first reading. He told Cointelegraph:

“It is unlikely that the Parliament will win 100% of the trialogue negotiations. But we hope that the Council and the Commission will realize that the success of the whole system depends on the privacy and trust that is built in. Only if it is the trusted and chosen tool of citizens for their most sensitive health, identity and financial data can the European Digital Identity Wallet be a success.”

The problem of “over-identification”

Lohninger also warned of “over-identification,” i.e., if everyone in the EU is obliged to always use the wallet, this could lead to a loss of anonymity and pseudonymity in everyday interactions.

BfDI’s Stein shared this view, arguing that there should be no general obligation to use the EUDI Wallet and that there should be alternatives.

The European Parliament appears to have heard these concerns, as one of the most important safeguards in the recently passed identity framework is a non-discrimination clause that “protects anyone who chooses not to use the EU wallet, whether it’s in access to government services, freedom of business or the labour market.”

In the European Parliament, all four committees adopted this safeguard with a cross-party consensus. Now this safeguard must survive the trialogue — negotiations with representatives from the European Parliament, the Council of the European Union and the European Commission.

What about zero-knowledge proofs?

As Cointelegraph reported, the EU’s Industry, Research and Energy Committee included a standard for zero-knowledge proofs (ZK-proofs) in its eID amendments.

This technology, which allows the selective disclosure of certain information — like revealing only one’s age, for example — could become a core function of the EU wallet, said Stein.

Epicenter.work’s Lohninger noted that ZK-proofs could provide “unlikability.” For example, someone could prove they are of age to someone else on different occasions without the latter party knowing the former is the same person.

Recent: Islam and crypto: How digital assets can comply with Islamic financial law

Although ZK-proofs allow personal data to be anonymized, Schleupner sees two challenges. First, ZK-proofs in their current application are “a new technology and vulnerabilities may arise if they are not implemented properly,” and second, “many use cases [of ZK-proofs] have not yet been conclusively evaluated.”

Before trusting the technology, EU regulators must ensure that ZK-proofs comply with privacy regulations and meet all specific requirements of the General Data Protection Regulation.

The trialogue at the EU has much to consider before passing eID into a usable, safe and reliable tool for Europeans. How regulators balance these considerations could have profound implications for other formers of digital or blockchain-based ID.

Binance self-custody wallet launches crypto-to-fiat off-ramp

April 5, 2023 Coin Telegraph

Binance

Trust Wallet has partnered with MoonPay and Ramp to allow customers to convert their crypto to fiat without using any centralized exchange.

Trust Wallet, the noncustodial and multichain crypto wallet, has partnered with Ramp and MoonPay to introduce seamless crypto-to-fiat withdrawals for its users. The partnership will allow wallet users to convert crypto to fiat directly within the wallet app.

The feature eliminates the need for transferring funds to a centralized wallet to liquidate or convert to fiat. With the help of this new functionality, users may now enter and exit the cryptocurrency market totally through their self-custody wallet and take complete control of their cryptocurrency funds.

The crypto-to-fiat conversion feature comes when centralized exchanges and even peer-to-peer platforms are shutting down. The latest to shut up shop is Paxful, a popular P2P global exchange that announced its closure on April 4, citing regulatory challenges and staff shortages.

Trust Wallet’s head of product, Eric Chang, said that the off-ramp feature would prove to be a boon for customers, especially at a time when the market is turbulent, and crypto platforms are under heavy scrutiny over managing customers’ funds.

Trust Wallet is the official cryptocurrency wallet of Binance. It offers access to 65 different blockchains and boasts a customer base of 60 million users. The wallet also gives users access to decentralized applications (DApps), enabling them to communicate with DApps on any supported blockchain. Some of its key features include buying, staking, trading and storing various cryptocurrencies.

However, Trust Wallet is not a cold wallet or hardware wallet, where it remains offline until given access by the users. Trust Wallet works as a hot wallet as long as there’s an internet connection. The wallet can be accessed via a secure connection online. While this feature was intended to help users, it proved to be a disaster for the co-founder of the Web3 metaverse game engine “Webaverse,” who lost $4 million from his Trust Wallet.

Metamask addresses privacy concerns with new features for enhanced control

March 14, 2023 Coin Telegraph

Coin Telegraph

The new features allow a user to manage which servers are able to receive their IP address.

Web3 wallet app Metamask has introduced a number of new features aimed at enhancing privacy and giving users more control, according to a March 14 blog post by the developer. The new features come after Metamask had previously been criticized for allegedly intruding on users’ privacy.

MetaMask Mobile v6 is now available to everyone! Our biggest release yet fixes issues around slow load times and provides a new and improved UX that gives users more control over their funds and digital identities.

Upgrade to the latest version todayhttps://t.co/tGtA4GUXR1
— MetaMask (@MetaMask) March 14, 2023

Previously, Metamask used its Infura RPC node to connect to Ethereum automatically, whenever a user first set up the wallet. Although the user could change the settings later, this still meant that the user’s public address was transmitted to Infura before they had a chance to change their node, according to a report from Ethereum node operator Chase Wright.

Infura is owned by Metamask’s parent company, Consensys.

Under the new version of Metamask extension, labeled “10.25.0,” users are prompted with the option to use an “advanced configuration” during setup. Choosing this option reveals a number of settings that can be configured, including one that allows the user to choose a different RPC node than the default Infura one.

In addition to letting the user enter their own node details, the “advanced configuration” dialogue box also allows them to turn off incoming transactions, phishing detection, and enhanced token detection. These features require data to be sent to third-parties such as Etherscan and jsDeliver, according to the app’s UI. Users concerned about privacy can now turn off these features during setup if they want to.

According to the post, the new mobile version of Metamask also includes privacy enhancements. Previously, the app did not allow users to connect one account to a Web3 app while leaving another account disconnected. The user only had the option of connecting all of them or none at all.

However, the new version allows users to select which particular accounts they want to connect to an app, without disclosing the other addresses they control.

In its post, Metamask stated that it has always intended to preserve privacy for users and that it believes these new features align with these values, stating:

“Data exploitation goes against MetaMask core values. Instead, we believe in equipping our community with the founding principles that guide our development—true ownership and privacy[…]We are committed to protecting the privacy of our users so that you will not, and ultimately, cannot be exploited by yet another centralized entity.”

On November 23, Metamask became heavily criticized in the crypto community for releasing a privacy policy that stated it would collect IP addresses from users. Consensys responded to the criticism on Nov. 24 by saying that RPC nodes have always collected IP addresses and that the substance of the privacy policy was not new, although the language used in it had changed. On Dec. 6, Consensys announced that IP addresses collected through Infura would no longer be stored for more than 7 days.

Multiparty computation could offer increased protection for crypto wallets

January 11, 2023 Coin Telegraph

Bitcoin Wallet

Multiparty computation can help users to protect their private keys and seed phrases when used in wallets.

Multiparty computation (MPC) is a type of cryptographic protocol that allows multiple parties to jointly compute a function over their inputs without revealing those inputs to each other.

MPC can be useful when parties want to compute some function together but want to keep their inputs private from others. For example, a group of banks may want to determine the total amount of money in their joint account without revealing their account balances to each other.

In MPC, each party has a secret input that they keep to themselves. The process is done by carefully encrypting the inputs and performing the computation on the encrypted values so that the final result is the desired function, all while keeping the values secure.

MPC protocols typically involve multiple rounds of communication between parties exchanging encrypted messages and performing various computations on their own inputs.

MPC is a complex and technical topic, and there are many variations and approaches to implementing MPC protocols. Some key challenges in designing MPC protocols include ensuring that the protocol is secure against various attacks, such as malicious parties trying to learn other parties’ inputs, and ensuring that the protocol is efficient with regard to computational resources and communication costs.

What is a multiparty computation crypto wallet?

A multiparty computation crypto wallet is a crypto wallet that uses MPC technology to manage and store users’ assets securely. In an MPC crypto wallet, the private keys used to access and manage the users’ cryptocurrency are split into multiple parts, known as “shares,” which are distributed among the parties involved in the MPC protocol.

The key advantage of using MPC in a crypto wallet is that it allows the users to securely manage their cryptocurrency without any single party having access to the entire private key. This can help protect against various attacks, such as hackers attempting to steal users’ cryptocurrency by compromising a single party’s private key share.

Recent: Remote work could redefine the global workforce for good

MPC crypto wallets typically use a combination of cryptography and secure communication protocols to enable different parties to jointly manage users’ cryptocurrency. The process can involve complex calculations and communication between the parties, but the result is a secure and efficient way to manage users’ cryptocurrency assets.

Crypto wallets like ZenGo use multiparty computation to improve wallet security, and Coinbase has the feature enabled for their noncustodial wallet. As a result, MPC crypto wallets can provide increased security and protection against certain attacks. Still, they also require more computational resources than other crypto wallets.

Benefits and drawbacks of multiparty computation crypto wallets

The main advantage of an MPC crypto wallet is that it can provide increased security for users’ cryptocurrency assets by splitting the private keys used to access and manage the cryptocurrency into multiple parts and distributing those parts among different parties.

Tal Be’ery, co-founder and chief technology officer at crypto wallet ZenGo, told Cointelegraph, “MPC solves cryptocurrency’s most pressing problem: The single point of failure (SPOF) of the private key. This SPOF is the main reason users lose their funds: Whether by misplacing their private key, having their private key stolen, or accidentally sharing their seed phrase through a phishing scam.” He continued:

“With MPC, the indivisible private key is replaced by multiple distributed secrets often called ‘shares,’ such that a quorum of these shares can distributively sign a message — without creating a private key.”

Be’ery mentioned how separating the pieces of the private key and storing them in different locations makes it more difficult for malicious actors to compromise a user’s wallet.

“If each of these shares is held in an orthogonal place (e.g., mobile device and a server), then it makes it orders of magnitude more complicated for hackers to steal, as the attacker would need to steal from multiple independent places in different ways,” Be’ery said.

“This type of architecture also solves the dilemma discussed above: Creating copies of shares as a backup against loss is much easier, as no one share represents the ‘the and only’ private key,” he added.

Parth Choudhary, founder and CEO of Glip — a Web3 gaming and wallet application — also told Cointelegraph, “MPC could make it so that a wallet provider can’t get to a user’s money or control it. It may also make it harder for hackers and other bad people to steal private keys.”

MPC cryptocurrency wallets have some advantages over traditional wallets. MPC wallets are more reliable since they can ensure that a user’s assets are still accessible, even if one or more parties become unavailable or unresponsive. Privacy is also improved because the private keys are split into multiple shares and distributed among different parties.

By preventing any single party from discovering the user’s complete private key, the user has a reduced chance of losing their funds. Security is also improved since the computations are carried out on encrypted outputs, preventing malicious parties from learning sensitive information.

However, there are also some potential disadvantages to using an MPC crypto wallet. One of these disadvantages is the complexity associated with MPC protocols, especially for non-experts in cryptography. So, an MPC wallet can be more challenging to set up for the average person.

Recent: Crypto layoffs mount as exchanges continue to be ravaged by the prevailing bear market

Additionally, due to the computational resources needed by MPC protocols, they may be slower to operate. In this regard, an MPC wallet may be less efficient than other crypto wallets. Finally, not all cryptocurrency assets can be managed using an MPC crypto wallet, and some assets may be difficult or impractical to manage using MPC.

Wallet security has always been important for anybody who uses cryptocurrency, and the need for self-custody has become all the more apparent with the collapse of several high profile cryptocurrency firms and the loss of millions in user funds.

The decision to use an MPC crypto wallet will depend on the specific needs and requirements of the user. For example, it may be useful for users who prioritize security and privacy, but some people may prefer a more simple solution.

The Easy Company secures $14.2M funding for new crypto wallet with social features

January 10, 2023 Coin Telegraph

The Easy Company secures .2M funding for new crypto wallet with social features

Coin Telegraph

The company says it wants to make it easier for users to engage with Web3 and use digital wallets.

The Easy Company, a startup focusing on building a consumer layer for the decentralized web, has raised $14.2 million in a seed round for its “social” crypto wallet, which seeks to help onboard more mainstream audiences into the Web3 ecosystem.

As reported by TechCrunch, the seed funding round was supported by a diverse group of investors, including venture capital firms Lobby Capital, Relay Ventures and 6th Man Ventures, as well as Tapestry, Upside and Scribble. Additionally, the round featured angel investors with backgrounds in traditional social media and Web3, including former executives from Instagram, Novi, Airbnb, Twitter, Uber, OpenTable and Eventbrite.

8/ Easy is backed by Lobby Capital, Relay Ventures, 6th Man Ventures, Tapestry VC, Upside Partnership, Scribble Ventures and other experienced social and web3 Investors.
— The Easy Company (@TheEasyCoHQ) January 10, 2023

The wallet is said to be available to the public on iOS and Android after completing a 30-day private testing phase. According to Easy’s CEO, Mike Dougherty, the company aims to combine user-curated profiles with engaging social features so that people can search, navigate and discover the world of Web3 on their own.

A lot of Web3 products and services today are too technical for the everyday person to use, Dougherty shared. The company aims to make it easier for users to engage with Web3 and use digital wallets. The platform reportedly has a similar layout to social media apps like Instagram, where users can swipe to view both their own NFTs or those of people they “watch,” like Instagram Stories.

Despite a long crypto winter, Web3 projects continue to receive substantial funding from Venture Capitalists. In 2022, billions of dollars poured into various projects in the ecosystem, including blockchain-based startups.

In the first two quarters of 2022, Venture Capital inflows were over $14 billion, and even though it receded to just under $5 billion in the third quarter, that was still a substantial amount given the negative impact of the sudden collapse of several prominent players in the industry, such as Celsius, Three Arrows Capital, BlockFi and FTX. Venture capitalist funding for the 2023 remains yet to be seen.

On Jan. 4, Cointelegraph reported that Singapore-based cryptocurrency exchange MEXC plans to invest $20 million to support the growth and development of Sei Network, a layer-1 blockchain platform that is specifically tailored for trading.

How to keep your crypto safe in 2023: a few tips from an analyst

January 9, 2023 Coin Telegraph

Bitcoin Wallet

Lead on-chain analyst at Glassnode, James Check, explains why taking self-custody of your private keys has become more important than ever and how to do it in a few simple steps.

There is no excuse for not putting a few hours of research into how to properly custody your crypto, according to lead on-chain analyst James Check. Joining the latest debate around self-custody, the analyst pushed back against the notion that managing private keys is too complicated and risky for the average crypto user.

“If you have gold in your vault, if you have cash in your wallet, it's the same concept: you need to exercise a level of responsibility,” said Check in our latest Cointelegraph interview.

Check argued that, while third-party custody and semi-custodial solutions such as collaborative custody may appear more user-friendly for the average user, they also have their own, even bigger, vectors of risks.

To the analyst, when it comes to custody "there are no solutions, only trade-offs." His position is that being in full control of your own crypto and eliminating the third-party risk is well worth the effort of learning how to keep your wallet's 12 word seed phrase safe.

Ultimately, Check pointed out that the amount of time and effort someone should put into learning self-custody should be scaled proportionally to the size of thei holdings.

“If you're not willing to put more than 5 minutes into it, then don't put more than $5 into it. If you're willing to do 100 hours now, you can start talking about doing your significant sums of savings,” he said.

To find out more about Check's approach to self-custody, check out the full interview on our YouTube channel and subscribe!

BitKeep exploiter used phishing sites to lure in users: Report

December 26, 2022 Coin Telegraph

Coin Telegraph

The attacker appears to be attempting to cash out funds using Binance and Changenow.

The Bitkeep exploit that occurred on Dec. 26 used phishing sites to fool users into downloading fake wallets, according to a report by blockchain analytics provider OKLink.

The report stated that the attacker set up several fake Bitkeep websites which contained an APK file that looked like version 7.2.9 of the Bitkeep wallet. When users “updated” their wallets by downloading the malicious file, their private keys or seed words were stolen and sent to the attacker.

【12-26 #BitKeep Hack Event Summary】
1/n

According to OKLink data, the bitkeep theft involved 4 chains BSC, ETH, TRX, Polygon, OKLink included 50 hacker addresses and total Txns volume reached $31M.
— OKLink (@OKLink) December 26, 2022

The report did not say how the malicious file stole the users’ keys in an unencrypted form. However, it may have simply asked the users to re-enter their seed words as part of the “update,” which the software could have logged and sent to the attacker.

Once the attacker had users’ private keys, they unstaked all assets and drained them into five wallets under the attacker’s control. From there, they tried to cash out some of the funds using centralised exchanges: 2 ETH and 100 USDC were sent to Binance, and 21 ETH were sent to Changenow.

The attack happened across five different networks: BNB Chain, Tron, Ethereum, and Polygon, and BNB Chain bridges Biswap, Nomiswap, and Apeswap were used to bridge some of the tokens to Ethereum. In total, over $13 million worth of crypto was taken in the attack.

It is not yet clear how the attacker convinced users to visit the fake websites. The official website for BitKeep provided a link that sent users to the official Google Play Store page for the app, but it does not carry an APK file of the app at all.

The BitKeep attack was first reported by Peck Shield at 7:30 a.m. UTC. At the time, it was blamed on an “APK version hack.” This new report from OKLink suggests that the hacked APK came from malicious sites, and that the developer’s official website has not been breached.

How do crypto hardware wallet firms make money?

December 8, 2022 Coin Telegraph

Bitcoin Wallet

All the companies that are involved in producing hardware crypto wallets have multiple revenue streams, either directly or indirectly.

The hardware wallet industry has emerged as one of the most resilient sectors to the ongoing cryptocurrency winter, with issues like the FTX crash bringing in even more cold wallet sales.

The bear market of 2022 has once again reminded crypto investors of the importance of self-custody and independence from centralized exchanges (CEX).

As a result, some major CEXs like Binance has increased their investment exposure to hard wallet firms, while CEO Changpeng Zhao even suggested that CEXs may no longer be necessary in the future. Should it be the case, the crypto industry of the future will be quite unlike the existing one because the business model of hardware wallets is very different from that of CEXs.

One massive difference is how hardware wallets make money because — unlike CEXs — cold wallets don’t charge any fees for most transactions by design. But selling devices cannot be the sole revenue stream for cold wallet manufacturers due to a number of reasons, including that hardware wallets are durable devices that don’t often need upgrades.

So, how do hardware wallet manufacturers actually make money? Cointelegraph reached out to several cold wallet providers to discuss the issue to better understand their business model.

How long does a hardware wallet last?

There is no clear answer on how long a hardware cryptocurrency wallet is able to last, partly because the world’s first-ever cold wallets are still working properly.

Czech Republic-based hardware wallet firm Trezor was the first company in the world to officially release a cold wallet back in 2014. After eight years, the Trezor One model is still one of the most popular hard wallet devices, with many customers still using their first generation of Trezor devices, Trezor brand ambassador Josef Tetek told Cointelegraph.

“Trezor devices come with a two-year warranty. However, that doesn’t mean the devices break down after two years,” Tetek said, adding:

“At conferences we regularly meet users who still use the first edition from 2013. In general Trezor devices are very durable and the fault rate is minimal.”

The exec emphasized that users can break, lose or damage their devices, but they will keep their Bitcoin (BTC) if they keep their recovery seed backup intact.

According to Ledger, another major cold wallet provider, the lifespan of a cold wallet is “really long,” but is not something that the firm can estimate. “Devices are designed to last. Sometimes issues come up as with every product, but people should be able to bury them,” a spokesperson for the firm told Cointelegraph.

According to some hardware wallet providers, card-based cold wallets can last for dozens of years or never expire at all.

Recent: Into the storm: The murky world of cryptocurrency mixers

Andrey Kurennykh, CEO at the SBI-backed cold wallet firm Tangem, suggested that their card-like hardware wallet has the same lifespan as the underlying Samsung S3D350A secure element. “Samsung claims that they have a lifespan of more than 25 years. Since there are no other hardware components in Tangem wallets, we consider this to be the lifespan of the whole device,” Kurennykh said in an interview with Cointelegraph.

Adam Lowe, creator of another cold wallet company Arculus, also told Cointelegraph that the company’s card-like cold storage device “never expires.”

As hardware wallets might never require a user to upgrade the device, how do cold wallet firms keep running operations, given that such companies have to spend significant resources to provide long-time support for their customers?

Increasing demand for hardware wallets

Many hardware wallet providers have been forced to expand their support staff in order to meet increasing demand for cold wallet devices.

“We have significantly scaled up our support team, which has been important to us considering recent events in the crypto industry and the increase in people moving to self-custody,” the Ledger spokesperson said.

“We’re seeing a large influx of people new to crypto from different channels and geographies, and we're strengthening support proportionally,” Tangem’s Kurennykh noted.

A number of wallets have also introduced new support solutions including self-help tools and chat bots, allowing them to more easily handle frequently recurring requests like implementing an e-commerce API. “This helps to handle unexpected surges in inquiries such as that experienced in the recent FTX collapse,” Trezor’s Tetek said, adding that the firm has also been actively adding videos on solving the most common issues and difficulties.

Cold wallets’ multiple revenue streams

All the companies that are involved in manufacturing hardware crypto wallets have multiple revenue streams, either directly or indirectly, according to comments from industry executives.

“Ledger isn’t just a hardware company, we’re a software company as well with Ledger Live,” a representative said, adding that its revenue comes from not only selling Ledger devices but also through services on Ledger Live.

The firm also offers its own nonfungible token platform known as Ledger Market, business-to-business (B2B) products tool called Ledger Enterprise and others, the spokesperson noted.

Ledger has also been actively expanding its devices, launching a total of seven different cold wallets since 2014. Ledger’s latest wallet, developed in collaboration with iPod Classic creator Tony Fadell, is priced at $279, which is $200 higher than the cost of the previous Ledger wallet.

Rival firm Trezor doesn’t offer any financial services and doesn’t levy any fees on using its Trezor Suite app, Tetek said. At the same time, its sister firm, Invity, enables Trezor users to buy and sell Bitcoin (BTC) and other crypto currencies directly from the Trezor Suite, he said, stressing that the firm is a separate business from Trezor.

According to Tangem’s Kurennykh, the firm has several revenue streams, with as much as 70% of the company’s revenue coming from hardware wallet sales. About 20% of revenues come from third-party services fees like on-ramp and off-ramp exchanges, while 10% is generated through white-label wallet sales, Kurennykh said. The company is also working on its own non-custodial payment solution, which is expected to make another additional revenue stream.

Ruben Merre, co-founder and CEO at Binance-backed crypto wallet Ngrave, also told Cointelegraph that the firm’s revenue is mostly generated from product sales. However, there are areas for additional revenue streams, including a transaction fee for a fiat-crypto onramp. “The user can then buy crypto directly from the hardware wallet app [...] The hardware wallet manufacturer may charge a transaction fee for this process,” Merre said.

Additionally, a number of cold wallets also participate in affiliate or promotion programs in cooperation with crypto services and exchanges.

There’s no public hard wallet company yet

As none of the existing hardware wallet companies are public, there is no readily available data on the revenues coming from their business. All the hardware wallet firms interviewed by Cointelegraph declined to provide any figures related to their financial information, citing their status as a private company.

At the same time, the executives reiterated that the collapse of the FTX exchange in November has driven massive sales and traffic to hardware wallet platforms.

In November, Ledger doubled its transaction revenue through Ledger Live month-over-month, also recording an all-time-high in number of trades through Ledger Live, the spokesperson said. “We had our best sales month ever in November, with our two best sales days ever on Nov. 13 and Nov. 14, following FTX,” the representative added.

“We can say that we have sold over 1 million devices, and we are experiencing record sales after the recent FTX collapse,” Trezor’s Tetek also noted.

As previously reported by Cointelegraph, the hardware wallet industry had been estimated to grow at a faster pace than exchanges, even before the FTX crash. But despite self-custody being one of the genuine purposes of crypto, investors should still be aware of the risks associated with storing coins by themselves.

What is a seed phrase and why is it important?

August 27, 2022 Coin Telegraph

Bitcoin Wallet

It’s crucial to remember your seed phrase, which is a string of random words produced by your cryptocurrency wallet when you initially set it up.

How to keep your seed phrase safe

A crypto seed phrase in the wrong hands can do damage, so it is advisable to always ensure it is safe. The following are some tips for ensuring your seed phrase is secure.

Never share your seed with anyone else: It’s extremely important that you never reveal your recovery phrase to anyone. Why? Because if someone else finds out your recovery phrase, they will be able to access — and therefore control — your crypto funds.
Make a note of it on paper and keep it in a secure location: This is the most old-fashioned way of storing your recovery phrase, but it’s still a perfectly valid option. You can either write it down by hand or print it out — just make sure that you keep it in a safe place where only you can access it. A fireproof and waterproof safe would be ideal.
Storing inside a Password Manager: A password manager is an encrypted digital vault that can store sensitive information like usernames, passwords, and recovery phrases. This way, you only have to remember one password (the password to your password manager) instead of dozens or hundreds of different ones. Some examples of password managers include Onepassword and Lastpass. Storing your recovery phrase in a password manager has several advantages, one of which is added security. Adding a secondary password — also known as a passphrase — users can create an even stronger and more secure backup.

If you want to be extra safe, store your recovery phrase in multiple locations. That way, even if one backup gets destroyed, you’ll still have another one intact.

Purchase a licence for this article. Powered by SharpShark.

What happens if you lose a seed phrase?

Losing a seed phrase is really the worst-case scenario for a cryptocurrency owner. One cannot recover a wallet seed in case they lost or forgot it.

Giving your seed phrase to someone or entering it on a website has no practical benefit as it may lead to losing your cryptocurrency assets. Additionally, avoiding writing a recovery phrase on a refrigerator may help you protect against theft.

The best way of ensuring you don’t lose your seed phrase is by noting it down and keeping it safe. In addition, keep your seed phrase somewhere it cannot be destroyed by any element. But, can someone guess a seed phrase?

The seed phrase is generated randomly; not even the cryptocurrency user knows what word combination will be used to generate the seed phrase. Due to a seed phrase’s random characteristic, it is hard to guess a seed phrase. Something else that makes it challenging to know a seed phrase is that it consists of 12 to 24 words leaving no chances of getting all the words right.

Can a seed phrase be hacked?

In the crypto world, losing cryptocurrency is a nightmare for all cryptocurrency owners. Losing your seed phrase to an attacker means you can’t recover your crypto funds.

Being in a digital world, crypto heists are tirelessly working to reap what they didn’t plant. The worst part you would want a hacker venturing into is your cryptocurrency wallet. As seen earlier, a seed phrase is a master key to accessing a cryptocurrency wallet, which means that in the wrong hands, damage is inevitable.

However, by having a large number of words in a seed phrase, it is hard to hack it. In order to access a seed phrase, phishing is the main method used. One way scammers try to get a seed phrase is by sending emails pretending to be customer support and request for a seed phrase or private key.

Once the seed phrase lands in their hands, they can access a crypto wallet and steal everything in it. It is always advisable to keep your seed phrase private and never share it with anyone else.

Recovery phrase vs. private key

Despite being related to each other, the recovery phrase and private key are different. They both are used for securing cryptocurrency wallets.

A recovery phrase is a crypto wallet recovery password. The recovery phrase is used for the recovery of a cryptocurrency wallet in case the owner forgot their password. A private key, on the other hand, is used to point to a blockchain address hence securing transactions. A private key is used for transacting cryptocurrencies by proving ownership.

In short, a recovery phrase is a master key to all of your crypto accounts. These words are what give you access to all of the private keys stored in your original wallet. The goal is to have full control over your assets. Having this phrase allows you to still access your blockchain assets even if you lose or damage your physical hardware device. But, how does a seed recovery phrase work?

Simply put, users may access their crypto accounts from whatever wallet they choose — it’s like having a charger for every type of phone. Imagine the confusion if every wallet necessitated a different recovery phrase format. This would imply that your crypto assets would be entirely dependent on which sort of recovery phrase you’re using, leaving you no control over them.

How does a seed phrase look?

A seed phrase might be confusing and probably you might be wondering how a seed phrase looks and maybe how it is created. The seed phrase is generated by a cryptocurrency wallet and the user has no way of customizing it.

The words generated are derived from a list of 2048 words. So, how many words is a seed phrase? A seed phrase is made up of a long string consisting of a group of random words.

The words on a seed phrase are simplified so that the user can remember them, unlike if the seed phrase consisted of long numbers or special characters.

The recovery phrase consists of 12 to 24 words like energy, road or open. To avoid errors, these randomly generated words do not include pairs like “man” and “men” in the same seed phrase. Bitcoin improvement proposal-(BIP)-39 in 2013 introduced these types of phrases and established a standard for deterministic wallets. Here is an imaginary 12-word seed phrase: Cry, planet, Loose, Typical, Humankind, Toddler, Anxiety, Difficult, Happy, Never, Alternative, Remorse.

A seed phrase controls all the private keys associated with a deterministic wallet. BIP-39 proposal makes major wallets cross-compatible, allowing the users to load the recovery phrase to a new BIP-39-compatible wallet to access the funds when they are lost or if you want to switch wallets.

What is a seed phrase?

A recovery phrase (also called a seed phrase) is a group of random words generated by the cryptocurrency wallet that allows you to access the crypto stored within.

One can consider it as a wallet comparable to a password manager for crypto, and the recovery phrase to be similar to the master password. You’ll have access to all of the crypto linked with the wallet that created the phrase — even if you delete or lose it — as long as you remember your recovery phrase.

A seed phrase aids to recover a cryptocurrency wallet when a user forgets their password. The seed phrase can be said to be a crypto wallet’s master key. For example, if you had a hardware wallet and lost it or deleted your wallet from your computer, you can easily create a new wallet and use the seed phrase, which will recover your cryptocurrencies.

Mobile wallet