CRYPTO WALLET RATING METHODOLOGY
Athena Alpha’s Hardware Wallet Rating Methodology gives a score between 0 and 5 stars with 5 indicating a perfect Hardware Wallet and 0 indicating that it has failed. The 5 stars are worth 10 points each, making up a total of 50 points. These points are broken up into two distinct sections: Security & Privacy (25 Points) and Features (25 Points)
We are Bitcoiners and as such, we’ve made sure that the entire review and rating methodology process is both open source and can be verified by anyone at anytime. All wallet score data can be accessed here in standardized JSON format.
Each Hardware Wallet displayed on our Compare Crypto Wallets list is assessed and given points as per the criteria outlined below. We do not accept any type of financial compensation from any company when grading a wallet. While the vast majority of hardware wallets are purchased by Athena Alpha without any knowledge of the vendor, free samples are sometimes provided for review. Ratings are only based on the objective privacy, security and features that a wallet supports and no vendor has any weight over what score they receive or what is said in our reviews or guides.
In Production
It’s common and normal for Hardware Wallets to be replaced by newer models from time to time. We will mark a Hardware Wallet as “Discontinued” in our list if either of the following two criteria apply:
- It’s no longer sold by the manufacturer (end of life)
- The code for it has not received any updates in 2+ years (end of support)
Security & Privacy (25 Points Total)
Code Openness (7 Points)
If the public can’t freely view the code for a Hardware Wallet, we don’t consider it secure as there is no way to verify what it’s doing. For Hardware Wallets that have publicly available code, but that are not Open Source, we award them the bulk of the points for this section.
This is because we believe that by restricting others from selling their code, it decreases the long-term scrutiny of the code. Non-sale clauses stop companies from integrating it into their products, leading to fewer professionals using, reviewing, and contributing to the code base, thus reducing its safety.
- 7 Points: Awarded if all Hardware Wallet source code is publicly available and is Open Source
- 6 Points: Awarded if all Hardware Wallet source code is publicly available, but is not Open Source
- 0 Points: Awarded if all Hardware Wallet source code is not publicly available and is not Open Source
Reproducible Build (4 Points)
Determining whether the code provided is reproducible is more complex than it seems. It can take considerable technical knowledge to troubleshoot the manufacturers build instructions and this analysis must be done for each new firmware released.
In order to provide the best information we have partnered with Wallet Scrutiny who specialize in Hardware Wallet firmware analysis. Scores for this section are based on their results and as thanks we provide a direct link to the wallet analysis whenever it’s displayed.
- 4 Points: Awarded if the Hardware Wallet firmware can be built from source and the binaries match (Wallet Scrutiny score of 12/12)
- 3 Points: Awarded if the Hardware Wallet firmware can be built from source but the binaries don’t match (Wallet Scrutiny score of 11/12)
- 0 Points: Awarded if the Hardware Wallet firmware cannot be built from source (Wallet Scrutiny score of 10/12 or below)
Seed Generation (4 Points)
- 4 Points: Awarded if the Hardware Wallet uses multiple unpredictable physical processes to generate the seed such as a True Random Number Generator (TRNG), sensors, dice rolls or camera images.
- 0 Points: Awarded if the Hardware Wallet does not use multiple unpredictable physical processes to generate the seed.
Seed Storage (4 Points)
- 4 Points: Awarded if the Hardware Wallet stores the seed on a Secure Element or does not store the seed (stateless)
- 0 Points: Awarded if the Hardware Wallet stores the seed on the main microprocessor
Can Display Information (2 Points)
If your computer or phone is compromised, the attacker can show you correct information on it, while sending incorrect information to your Hardware Wallet. For example, they could send it their own receive address, and trick you into sending your funds to the wrong address. A Hardware Wallet should be able to display critical information to the user on its own secure screen so that you can verify the details of things like receive addresses match before signing the transaction.
- 2 Points: Awarded if the Hardware Wallet can display information such as a receive address to the user for verification
- 0 Points: Awarded if the Hardware Wallet cannot display information such as a receive address to the user for verification
Airgap (2 Points)
An air gapped device is one which has no network interface controllers that are connected to other networks. The point of this is to create a literal air gap cutting off the low secure area (your PC) from the high secure area (your Hardware Wallet). Best practice for this is to also ensure the high secure area where the Hardware Wallet resides is in a different, much more locked down secure location. This way your private key can have increased protection from things like physical theft, shoulder surfing or even spying via TEMPEST attacks.
In order for a Hardware Wallet to be classified by us as being air gapped, it must be usable from start to finish in a separate location to the software wallet and computer it resides on. For example imagine the Hardware Wallet is locked in a safe and can never leave. This usability includes being able to perform its initial setup, create/import/restore a wallet, display receive addresses, sign transactions and upgrade its firmware all without ever leaving the high secure area.
If the device supports connecting via a cellular network, Wi-Fi, Bluetooth, USB, or NFC that’s OK as it gives the user different options if they so choose, but it must be turned off by default and full air gapped use as described above must be functional without their use.
- 2 Points: Awarded if the Hardware Wallet meets the above description of being air gapped
- 0 Points: Awarded if the Hardware Wallet does not meet the above description of being air gapped
Bitcoin Only Firmware (1 Point)
Hardware Wallets that only support Bitcoin allow for simpler source code, which reduces their attack surface area.
- 1 Points: Awarded if the Hardware Wallet can be programmed with a Bitcoin only firmware
- 0 Points: Awarded if the Hardware Wallet cannot be programmed with a Bitcoin only firmware
Can Buy With Bitcoin (1 Point)
Hardware Wallets should never be purchased with a link to your real world identity. This is because it’s possible for the vendor to be hacked and your personal details be leaked to hackers and scammers, for example this Ledger hack. When a Hardware Wallet can be purchased using Bitcoin, it means you are able to buy it without this link, ensuring life long security and privacy.
- 1 Points: Awarded if the Hardware Wallet can be purchased with Bitcoin
- 0 Points: Awarded if the Hardware Wallet can only be purchased using legacy fiat purchase options
Features (25 Points Total)
Ease Of Use (7 Points)
The score for Ease Of Use is calculated by adding up the following:
- +2 Points: Awarded if the Hardware Wallet has a user interface that is easy and intuitive to navigate and use
- +2 Points: Awarded if the Hardware Wallet displays characters that are easy to see and read
- +1 Points: Awarded if the Hardware Wallet has detailed user guides available
- +1 Point: Awarded if the Hardware Wallet physical buttons are durable and easy to interact with
- +1 Point: Awarded if the Hardware Wallet comes with everything needed to start immediately
Multisig (4 Points)
- 4 Points: Awarded if the Hardware Wallet supports Multisig wallets
- 0 Points: Awarded if the Hardware Wallet does not support Multisig wallets
3rd Party Wallet Support (4 Points)
- 4 Points: Awarded if the Hardware Wallet supports other third party software wallets via open standards
- 0 Points: Awarded if the Hardware Wallet only supports the software wallet provided by the manufacturer
Passphrase (2 Points)
- 2 Points: Awarded if the Hardware Wallet supports Passphrases (BIP-0039)
- 0 Points: Awarded if the Hardware Wallet does not support Passphrases (BIP-0039)
Warranty (2 Points)
- 2 Points: Awarded if the Hardware Wallet company offers warranty support for more than 1 year
- 1 Points: Awarded if the Hardware Wallet company offers warranty support for 1 year or less
- 0 Points: Awarded if the Hardware Wallet company offers no warranty support
MicroSD Backup (2 Points)
- 2 Points: Awarded if the Hardware Wallet seed can be backed up to / restored from a microSD card
- 0 Points: Awarded if the Hardware Wallet seed cannot be backup to / restored from a microSD card
USB (1 Points)
- 1 Points: Awarded if the Hardware Wallet supports signing transactions using USB
- 0 Points: Awarded if the Hardware Wallet does not support signing transactions using USB
MicroSD (1 Points)
- 1 Points: Awarded if the Hardware Wallet supports signing transactions using microSD card
- 0 Points: Awarded if the Hardware Wallet does not support signing transactions using microSD card
QR Scanner (1 Points)
- 1 Points: Awarded if the Hardware Wallet supports signing transactions using a QR scanner
- 0 Points: Awarded if the Hardware Wallet does not support signing transactions using a QR scanner
NFC (1 Points)
- 1 Points: Awarded if the Hardware Wallet supports signing transactions using NFC
- 0 Points: Awarded if the Hardware Wallet does not support signing transactions using NFC
Do you want to provide feedback? Contact us at contact@athena-alpha.com