What is a hardware wallet?
A hardware wallet is a dedicated physical device that stores cryptocurrency private keys in a secure element chip, isolating them from the user's phone or computer. Transaction signing happens inside the device, so the private keys never touch the connected machine even when sending crypto. Hardware wallets are the gold standard for storing meaningful crypto holdings long-term.
Are hardware wallets MiCA-licensed?
No — hardware wallets do not require MiCA authorisation. MiCA applies to crypto-asset service providers (CASPs) — entities that custody, trade, or facilitate crypto-asset services for clients. Hardware wallet manufacturers like Ledger, Trezor, Tangem, BitBox, Keystone, and Coldcard sell non-custodial products where the user retains exclusive control of their private keys. See /mica/check/ledger and /mica/check/trezor for the detailed rationale.
Ledger vs Trezor — which is better?
Ledger has broader asset support, more mature software (Ledger Live), and a stronger third-party app ecosystem. Trezor has fully open-source firmware (Ledger's is closed-source) and a strong open-source software stack. For users who prioritise auditability and EU jurisdiction, Trezor; for users who prioritise asset breadth and software polish, Ledger. Both use proper secure-element chips in their current flagship models.
Should I get a Bitcoin-only hardware wallet?
If you only hold Bitcoin, a Bitcoin-only wallet (Coldcard, BitBox02 Bitcoin Edition) eliminates the attack surface of supporting altcoin protocols entirely. The firmware is simpler, the audit surface is smaller, and the codebase changes less frequently. For multi-asset users, the trade-off is that you also lose convenient access to other holdings.
What about multisig with hardware wallets?
Multisig means requiring multiple hardware-wallet signatures (e.g., 2-of-3) to authorise a transaction. The strongest setups combine hardware wallets from different vendors (e.g., Coldcard + Keystone + BitBox) so a single-vendor compromise cannot drain the funds. Multisig adds operational complexity but dramatically reduces single-point-of-failure risk for large holdings.
Can a hardware wallet be hacked?
Modern hardware wallets with EAL5+/EAL6+ secure elements have very strong resistance to physical attacks. The most common attack vectors are: (1) social engineering against the user (phishing, fake recovery prompts), (2) supply-chain attacks (intercepting devices in shipping — always buy direct from the manufacturer), (3) seed-phrase compromise (write down securely, store offline). The hardware itself is rarely the weakest link.
How do I back up a hardware wallet?
All current hardware wallets use BIP-39 24-word seed phrases (sometimes with optional 25th-word passphrase). Write the seed on the manufacturer-supplied card, verify all 24 words, store in a fire-and-water-resistant location separate from the device. For high-value holdings, use a metal seed-storage product (Cryptosteel, Billfodl, SeedPlate) and consider Shamir Secret Sharing (Trezor Safe 3+) or BIP-85 to derive child seeds.