The TAPSIGNER is one of the top card based, hardware bitcoin wallet options out there that provides an excellent middle ground between security and ease of use. The combination of having your private keys physically separate whilst at the same time having the simplicity of a small, NFC powered card is a great way to secure everyday funds.
Contents
Introducing The TAPSIGNER Hardware Wallet
TAPSIGNER is a bitcoin NFC card that works with either a desktop or mobile wallet to securely store your funds, whilst at the same time providing a simple and quick experience for the user.
If you’re simply using a hot wallet it’s terribly insecure. This is because your private key, the thing that gives you access to your bitcoin, is stored on the mobile or laptop. As these devices are usually connected to the internet, it exposes your wallet to hackers, malware and other social engineering attacks that can gain access to your funds.
Losing funds due to having a hot wallet hacked is one of the top ways people lose their bitcoin. TAPSIGNER fixes this by physically separating your private key from your device, storing it on the cards secure element chip so that your device never has any access or knowledge of it at all.
That way, even if someone gets full control over your phone, they can only see what funds you have, not actually spend or steal them. One downside of this setup is that any time you wish to spend your funds you have to physically tap the TAPSIGNER to the back of your phone. While this does slow things down, it’s only a few seconds and as said, provides a much more secure environment for your bitcoin wallet.
The TAPSIGNER is made by Coinkite, a Canadian company that has been a leader in Bitcoin only hardware wallets since the company started back in 2012.
How Does TAPSIGNER Work?
TAPSIGNER is used with a third party companion app and interacts using near field communication (NFC). It can be used on mobile wallets or desktops and once setup is a highly secure way of ensuring your private keys stay physically separate from your internet connected device.
Once initialized, you’ll need to tap it to the back of your phone any time you wish to authorize bitcoin transactions. This tap will sign the transaction using the private key that’s stored on the TAPSIGNER and then pass the signed transaction back to the phone wallet to broadcast it to the Bitcoin network.
Product Specifications
What’s In The Box?
- TAPSIGNER NFC Card
- Radio Frequency (RF) Blocking Card Sleeve
Quick TAPSIGNER Review
Design & Hardware
The TAPSIGNER is an incredibly simple and small card. There’s no screen. No battery. No buttons or anything else that most other hardware wallets have, it’s just a simple card. This has its pros and cons as well fully cover below, but it’s refreshing to see what a good quality wallet can be if you pair back almost everything.
Physical Design
Starting with the physical design it’s actually one of the most customizable and diverse hardware wallets we’ve ever seen. If you visit the Coinkite TAPSIGNER Store, there’s 11 different cover designs you can choose from.
One of those options is a custom design so you could theoretically get it with any image you wanted printed on the front. Beyond the art on the front, the rear is a simple white with a slew of various different PINs, passwords and IDs that we’ll also get to later on.
Size, Weight & Materials
Coming in at 85.6 x 53.98 x 1 mm (5 cm³) and weighing just 5 g / 0.18 oz, it’s exactly like a normal fiat credit card. While it’s not made out of any premium metals like some black tier credit cards, it’s a sturdy, thick plastic that should be fine provided you don’t expose it to anything too hot (temperature range is from -15℃ ~ 50℃).
(Non Existent) Display, Battery & Connectivity Options
While some other credit card form factor hardware wallets out there do still include a small display, the TAPSIGNER doesn’t. There’s no display, no internal battery, no buttons, nothing. There is of course the in built NFC chip which is how the card is intended to be used.
Whether you’re tapping it to your phone, a COLDCARD Mk4 or to a desktop card reader, this is the only way you can interact and actually sign transactions with this hardware wallet. There’s no USB, no microSD card, no QR codes. Just NFC.
As it doesn’t have a display, there’s no way for the hardware wallet to display secure information, such as a receive addresses, to the user for verification. This is one of our key security tests we check for all hardware wallet reviews and it’s a shame that the TAPSIGNER doesn’t have this capability.
For those not aware, it’s critical that a hardware wallet can display data on its own to a user as it helps them verify that their computer or phone hasn’t been compromised.
For example, if your phone has been hacked and you’re wanting to send some bitcoin to yourself that you just bought from an exchange, the attacker could alter the app to show you a bitcoin address that they control. You have no way to verify on your device that this address belongs to you, so you send the funds. As a result, your funds get stolen and sent to the attackers address!
There’s also security problems if you wish to send bitcoin. You could enter address A into the app to send the funds to, but then the malicious app changes the sending address to one they own, address B, and gets your TAPSIGNER to sign the transaction with this new malicious address.
As the TAPSIGNER can’t show you what address it’s signing, you have no idea what’s going on under the hood and have to just blindly trust your phone and authorize the transaction. Again, the result is your funds are sent to a different address and get stolen.
The wallet you paired with the TAPSIGNER can ask the TAPSIGNER to sign any transaction. You can’t verify what you’re signing since the TAPSIGNER does not have a screen and, therefore, cannot display transaction information. We recommend the COLDCARD if this is a concern.
Coinkite
Coinkite do address and acknowledge this security issue as per above, and while we always prefer maximum security when it comes to a bitcoin wallet, we can see that it does make sense in the context of the TAPSIGNER card. It’s only meant to be used for small amounts of bitcoin.
Similar to your bank credit or debit card, it may carry a few hundred or even few thousands dollars, but not your life savings. It trades some security for simplicity and as long as you the user are fully aware of this, we think that’s OK.
Coinkite TAPSIGNER Warranty
As best we can tell from their website, Coinkite doesn’t offer any official warranty on the TAPSIGNER wallet.
We cannot and do not warrant that the Products will meet your requirements or expectations, will operate without interruptions, that they will be error-free, virus-free, that the results obtained from their use will be timely, accurate, reliable or current or that any or all deficiencies can be found or corrected.
While we’ve seen examples where they’ve done limited warranty repairs for defects (with COLDCARDs) and Coinkite has let us know that they do work with customers to ensure they’re satisfied, we’ve also seen other examples from random users online where they’ve been refused. We’d like to see them offer at least a 1 year or more warranty as this seems to be the norm among hardware wallet manufacturers.
Security & Privacy
TAPSIGNER scores decently highly in our security and privacy tests. This reflects the fact that the TAPSIGNER is a kind of middle ground between a completely insecure hot wallet and their other much more secure products like the COLDCARD Mk4 or COLDCARD Q.
Coinkite accept purchases using Bitcoin to help protect your real world identity and even give you a 5% discount too. Their website is also easily accessible via Tor, although we’d like to also see them support payments via the Lightning Network in the future as it’s just quicker and much easier if fees are high.
Code Openness & Reproducibility
The software used for the TAPSIGNER is publicly available, but not open source.
Their license for it, which you can view on their GitHub, starts out like an open source license, but then has a Commons Clause section at the end which limits things. It also contradicts itself a bit as in the first paragraph it states:
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software…
But then in the common clause section immediately below it revokes this “selling” right:
Without limiting other conditions in the License, the grant of rights under the License will not include, and the License does not grant to you, the right to Sell the Software.
The reason for this seems to be because their firmware was fully open source a few years ago, but then had this commons clause section added to it to protect their code from being copied and sold by other competitors.
Coinkite is of course in their full right to do this as it’s their code and their business. They’ve also ensured that their website is accurate, unlike many other vendors, and now states that their source code is “verifiable”.
We consider fully open source to be the gold standard, so the TAPSIGNER looses a point for this only having verifiable source code. That being said it’s still hugely ahead of most other hardware wallets that don’t even have any of their code available.
One small nit pick is that we’d also appreciate a bit more transparency from Coinkite regarding the hardware specs of the TAPSIGNER. While we searched a fair bit, we couldn’t find answers to things like what secure element chip set it uses, what’s inside the card itself, the Bill of Materials (BoM) etc.
Seed Generation
Paramount to a bitcoin wallets security is precisely how it generates your private keys as this is what everything is derived from. Reviewing the full process we can confirm that the private keys generated by a TAPSIGNER are secure and random.
The process as described by Coinkite is:
TAPSIGNER comes without a private key. The setup process combines your entropy (random bits) with secret entropy picked by the card.
Coinkite
As we’ll go through below, when setting up the TAPSIGNER for the first time you have to initialize it. This initialization involves providing entropy to the card which it then combines this with its own secret, automatically generated, entropy. Using the BIP-0032 standard it then finally generates your private key. This ensures excellent security for your new wallet as it involves multiple random sources of entropy.
Also of note, once the initialization process is completed and the chain code has been set it, like the private key, cannot be changed.
Seed Storage
A securely generated seed means nothing if it’s not managed and stored properly. Again the TAPSIGNER does this fantastically by leveraging its Secure Element chip to withstand physical attacks and tampering with.
Coinkite states that the private key is encrypted with AES-128-CTR using the 16-byte key that’s printed on the back of the card. This encrypted private key is then stored in the secure element in the card.
This encrypted file can also be passed through to the user via the interfacing app so they can store and, if they wish, decrypt it. Of note is that TAPSIGNER doesn’t use the common BIP-0039 standard seed phrase. Instead it uses BIP-0032 which simply gives the raw XPRIV private key.
All of this means that if anyone gets your TAPSIGNER or the key backup file they’ll need the “Backup Password” code that’s physically printed on the back of the card in order to decrypt it and see the raw private key data. This extra step of requiring a physical piece of data that’s not accessible by any app or computer means your private keys are protected excellently from hackers.
To decrypt and see in clear text what your xPriv data is, you can run the below command replacing the backup password and file parameters. Just be extremely careful as the output is your funds, so it’s best to do this only on a fully trusted system that’s offline.
openssl aes-128-ctr -iv 0 -K <BACKUP PASSWORD> -in <FILE>It’s recommended that you not only keep a copy of the encrypted private key file somewhere safe, but also keep an extra copy of the backup password too. This means that if you lose the TAPSIGNER card itself, your funds are still recoverable.
Interface & Ease Of Use
As the TAPSIGNER is simple a card with no display or buttons, it doesn’t technically have an “interface”. Usually with these types of card hardware wallets, the manufacturer will build a companion app to interact with it. This usually ends up being an annoying way to do things though, as it means the only way you can use your hardware wallet is via their single app.
If that company goes under or just simply takes the app in a direction you don’t like, your hardware wallet is essentially useless. Instead of building a walled garden app, they have built the Coinkite Tap Protocol using python code. This allows any third party to integrate it into their application or you personally can download it and use it to interact with the TAPSIGNER directly via command line.
For this review, we’re going to use Nunchuk as the “interface” as this is what most people are likely going to be using we think. You can also use Sparrow wallet and a desktop NFC reader, but for most we think a mobile is more likely.
Nunchuk does a great job at allowing you to control many advanced features like using your own node or seeing deep level details about your custodial setup, all while still presenting a clear and simple interface.
Setting Up TAPSIGNER
When you first turn it on there’s a super simple workflow that Nunchuk takes you through:
- Go through Nunchuk’s welcome screens and tap the Add Key “+” button
- Tap Add NFC Key -> Add TAPSIGNER, then click Continue
- Scan the TAPSIGNER to the back of your phone
- If the TAPSIGNER hasn’t been setup before, tap Yes to initialize it
- Pick how to generate your chain code (eg Automatic) and click Continue
- Setup your PIN Code and click Continue
- Hold the TAPSIGNER to the back of your phone while it writes your new PIN Code to it
- Save your encrypted backup file somewhere safe
- Give your TAPSIGNER key a name
- Create a new wallet and select the TAPSIGNER key to be its signing key
After your wallet is created you are dropped into the main area. From here you can see details on your wallet, your TAPSIGNER key, do health checks, send and receive bitcoin and more. If you’re not too technical you can just leave it at that and go use your newly generated wallet.
Receive And Sending Funds
Once your TAPSIGNER key and the wallet it’s used with is setup, it’s dead simple to receive and send your bitcoin. Just tap the wallet and a QR code along with the bitcoin address is shown to you front and center.
Once you’ve sent some bitcoin to the wallet, tap the send button to start creating a transaction. Enter the amount you want to send, enter in the receive address as well as the mining fee, review it on the final screen and then confirm and create the transaction.
At this point you have an unsigned transaction. In order to sign it with your private key, you have to enter in the CVC code you created during setup and then tap your TAPSIGNER to scan it. Now that your transaction is fully signed you can broadcast it to the Bitcoin Network.
Compatibility & Connectivity
While the TAPSIGNER uses the Coinkite Tap Protocol to interact with wallets, meaning that it can potentially work with any third party wallet, there are only two that currently support it. Nunchuk for Desktop, iOS and Android as well as Sparrow Wallet which is only available on Desktop.
This means that you don’t really have a great deal of choice and support. This could grow (or shrink) over time, but for now both Nunchuk and Sparrow are our top recommendations for bitcoin wallets anyway, so we don’t consider this a huge issue for users.
Supported Coins
The TAPSIGNER, like all of Coinkite’s products, only supports bitcoin. This is one key thing we fully support them on as they have precisely zero chill for altcoins. Even ignoring all the scams and complete nonsense that 99.99% of altcoins represent, supporting them requires extra code which increases attack vectors and reduces the security of the hardware wallet.
If you’re wanting support for other crypto holdings, you can stop reading this review right now as Coinkite never has and never will support them. We’d probably suggest the BitBox02 Multi or Keystone 3 Pro instead.
Multisig Wallets
The TAPSIGNER can also be used as part of a Multisig setup. This can be useful for securing larger amounts of funds or helping to build inheritance planning into your setup. That being said, as there’s no screen or buttons on the TAPSIGNER we’d probably advise against this as stated earlier.
Multisig wallets are (usually) only used for securing large amounts of bitcoin. As such, it would make more sense to use something like the COLDCARD Mk4, COLDCARD Q or Foundation Passport as these give you much more control and information during their use.
Recovery & Backup Password
If you ever need to recover the TAPSIGNER private key, you’ll need to decrypt the data by entering in the “Backup Password” which is located on the back of the TAPSIGNER card. Curiously, this password is written on the back twice, once under the “Backup Password” heading and then again right at the bottom of the card.
If we had to guess, this is likely to ensure that if it gets damaged or rubbed off some how in one spot, there’s a backup of the backup password in that second location. That being said, both of the passwords are virtually illegible to the naked eye.
They are written so small, with the letters so close together and in such light a color that we couldn’t read it without taking a photo of it and zooming in. This isn’t recommended as you’re then exposing the password to a computer which is likely also online and possibly compromised.
We get that it shouldn’t be in size 1000 font for all the world to see, but we feel it could be just a bit bigger, in a darker and more spaced font.
TAPSIGNER Alternatives
Who Is This Wallet For?
- Users who want a higher level of security than a phone hot wallet
- Users who want a Bitcoin only wallet
- Users who insist on using publicly available software
- Users who want a simple, small and light hardware wallet
- Users who want a cheap, quick and easy hardware wallet
TAPSIGNER Competitors
When it comes to competitors to the TAPSIGNER there’s a few other card based hardware wallets that you might want to consider. One that ranks very similarly is the Satochip which is FOSS and boasts a lifetime warranty.
Other options include the SafePal S1 that has a very small display, but doesn’t have its source code publicly available at all meaning we wouldn’t recommend it. There’s also the Tangem which is FOSS, but doesn’t use multiple unpredictable physical processes to generate the seed phrase, also meaning we wouldn’t recommend it.
If you’re looking for a cheaper device, the price point of the TAPSIGNER is admittedly hard to beat, but there are other ones that get close such as the Blockstream Jade or Trezor Safe 3.
Should You Buy The TAPSIGNER Hardware Wallet?
Yes, but with a caveat. The TAPSIGNER should be thought of as a medium ground between full security that’s required for long term savings or investments, and some totally insecure hot wallet that you’d only ever keep a few dollars in at most just to make a payment.
If you’re wanting something to secure a few hundred, to few thousand dollars (“savings account” levels) then the TAPSIGNER is a great option. It’s cheap, quick and simple to use whilst also physically separating your private keys from your malware infested phone or computer which hugely increases your bitcoin security.
However if you’re wanting something to store your full stack on, we’d recommend looking else where, specifically something with a screen and that’s more feature rich such as the other devices Coinkite carries. This could be their excellent COLDCARD Mk4 or another brand entirely like the BitBox02 or Keystone 3 Pro.
With that caveat out of the way the only other slight modifications we’d like to see Coinkite make is for them to give the TAPSIGNER a proper warranty and to also fix up the virtually illegible text on the back on the card. It doesn’t need to be font size 1000, but it should be much clearer than what it is.
Finally we’d also like to see more mobile and desktop wallets support TAPSIGNER so that users can have a bit more choice between just Nunchuk and Sparrow. Perhaps Coinkite could put some effort into seeking out and working with other wallet companies? For now though both those choices are excellent options and being able to get your own design on the front is a great touch for what is a fantastic product.
Why You Can Trust Us
Our comprehensive review process rigorously researches and tests all aspects of the products we review. If you buy through our links, we may get a commission, but opinions are always our own. Review our full Crypto Wallet Rating Methodology.
