If you invest in cryptocurrency, you need a digital wallet to secure your assets. Exchanges like Coinbase offer their own wallets, which gives their users the convenience of securing their coins, tokens and NFTs right on the same platform where they buy, sell and trade them.
But the most convenient option is not necessarily the safest.
There’s an alternative option called a cold wallet, which provides an extra layer of security that standard digital wallets can’t match. When used correctly, the best cold wallets are virtually unhackable, which is why veteran crypto traders swear by them. There’s more than one kind sold by more than one company, so research is key.
If you’re considering securing your digital holdings with a cold wallet — which you should if you invest in crypto — here’s what you need to know.
What Is a Cryptocurrency Cold Wallet?
A cryptocurrency cold wallet — sometimes called a hardware wallet or cold storage — is a small physical device that secures digital assets like NFTs and crypto safely offline when not in use. They offer an alternative to traditional digital “hot” wallets, which are also known as software wallets, online wallets or hosted wallets. Hot wallets are online 100% of the time and their owners must be online to access them.
The best hot wallets utilize several layers of enterprise-level security features that can repel all but the most sophisticated hackers. But because they exist entirely in the online space, they are still susceptible to attacks from online criminals, some of whom have proven able to bypass those measures and steal assets from digital wallets. As crypto pushes farther into the mainstream, these kinds of attacks are becoming both more frequent and severe.
According to Appdome, online criminals stole $1.9 billion worth of crypto in the first seven months of 2022 alone, an increase of more than 60% over the year before. One user lost $600,000 worth of bitcoin after downloading a so-called Trojan app that bypasses verification systems and initiates transfers that the user can not control or stop.
That’s just one example. Hackers can also infiltrate digital wallets by:
- Stealing locally stored private keys and passphrases
- Maliciously using Android Debug Bridge (ADB) ports and so-called dynamic instrumentation attacks
- Launching “man in the middle” (MiTM) attacks on crypto applications
- The use of malicious instrumenting
- Harvesting private keys and passphrases
None of these kinds of attacks would be able to compromise the integrity of a “cold” hardware wallet.
Is a Cold Wallet Really Necessary?
A cold wallet is not necessary. You can buy, sell, trade, stake and store cryptocurrency, invest in NFTs or participate in any other facet of a blockchain ecosystem without investing in a hardware wallet. In fact, most crypto investors still rely on hot wallets, which predate hardware wallets — and it’s not hard to understand why.
Hot wallets are easy to set up, easy to use, they don’t require you to own any physical hardware and, best of all, they’re typically free.
Before you decide, it’s important to understand the basic functions that all crypto wallets perform.
Neither hot nor cold wallets “store” cryptocurrencies, as many people mistakenly believe. All cryptocurrencies are stored in the blockchains where they were created.
Wallets — both cold and hot — are software applications that you can download to any device. They serve two main functions:
- To provide a graphical user interface that allows you to interact with the blockchain.
- To provide a keychain that stores the keys that grant you access to your digital assets.
Wallets generate seed phrases, also called recovery seeds, which typically contain 12-24 randomly generated words that serve as a password that you enter to access your holdings from any wallet.
This framework is the same for both “hot” software wallets and “cold” hardware wallets, and you can secure crypto with either. But there’s a reason that experienced veteran crypto traders prefer cold storage over hot wallets.
Are Cold Wallets Better?
Cold wallets are better in that they provide the exact same functionality, access and ease of use as digital wallets. But they add an extra layer of security and protection that you can’t get with a hot wallet that exists purely online in the digital space.
As the name implies, hardware wallets are physical devices that have the necessary software embedded inside them. An easy analogy is to think of it as a USB thumb drive vs. online cloud storage. Both let you access your data whenever you want, but when you unplug a thumb drive, the data it contains unplugs, too. When not in use, hardware wallets, like thumb drives, take their contents offline and out of the reach of hackers.
On the other hand, hot wallets and all their contents remain online and accessible to hackers at all times.
Software Wallets vs. Online Wallets
People commonly use the term “software wallet” to describe any digital wallet that doesn’t provide cold storage.
According to CoinLedger, software wallets — which come from independent providers like MetaMask and Kraken — are safer than online wallets, which are operated by crypto exchanges like Coinbase. The reason is that software wallets give users full control over their keys and therefore their crypto. Online wallets, which are hosted by the exchanges that provide them, do not.
However, both online and software wallets are hot wallets that exist purely in the digital space and are, therefore, prone to hacking and other attacks. In terms of security, hardware wallets that go offline when not in use are better than both of the hot storage options.
It’s important to note, however, that “better” is a subjective term that, for most people, includes the all-important factor of cost. The best cold wallets, which you’ll learn about in a moment, cost hundreds of dollars. Most online and software wallets, on the other hand, are free.
Which is the Best Cold Wallet For Crypto?
Trezor Model T
At $250, the Model T is one of the more expensive hardware wallets on the market. It’s an upgrade to the Trezor One, which launched the cold storage industry when it debuted as the world’s first hardware wallet in 2014.
It doesn’t support iOS, but its full-color touchscreen interface is leaps and bounds above the monochrome screens with two-button controls found on most cold wallets. It supports more than 1,200 tokens, can store NFTs and is known for vault-like security that continues to frustrate hackers.
Leger Nano X
The Model T’s primary competitor is the Ledger Nano X, which boasts the same level of military-grade security that renders the Model T virtually impenetrable. It costs $100 less, but users have to navigate it using the standard dual-button controls and monochrome screen instead of the brilliant touchscreen display found on the Model T. Unlike the Model T, it is iOS-compatible.
For Your Consideration
There’s a newer wallet making waves in the industry called the NGRAVE Zero, which claims to use “the highest security certified OS in the world (EAL7).” It functions completely offline without Bluetooth or a USB port by using one-way QR code communication. Billing itself as “the coldest wallet” it offers a large and stunning full-color touchscreen display.
It has earned exceedingly high marks and stellar reviews from trusted sources like Coin Bureau and TrustPilot, but it — and its exciting new security technologies — are not as familiar as the Model T and Nano X, which remain the industry gold standard. Also, it costs more than $400, putting it out of reach for many crypto players.
Can a Cold Wallet Be Hacked?
In 2020, Ledger’s own research revealed that highly sophisticated hackers could have gotten the pins that protect cold wallets made by ShapeShift and Coinkite. According to Wired, the companies quickly fixed the vulnerabilities that the Ledger demonstration revealed.
Those attacks were purely hypothetical and never played out in real life, but in 2022, Ledger reiterated that lesser cold wallets are still vulnerable to three different kinds of attacks:
- Physical attacks like power glitching
- Side-channel attacks
- Software attacks
Thanks to the military-grade security features employed by both Trezor and Ledger, none of these attacks would work on the Model T or Nano X, both of which — when used and secured correctly — are essentially impregnable and unhackable.
With Crypto Storage, Colder is Better
Most credible experts recommend that both novice and veteran crypto players secure their holdings with the highest level of security, which can be found only in a hardware wallet.
There are less expensive options than the ones discussed here, but you should stick with reputable, proven and trusted brands, even if their devices cost more. Price is, of course, a consideration, but by going for an inferior cold wallet with a lower price tag, you could wind up spending much more in the long run in the form of assets lost if the cheaper device proves vulnerable.
Editorial Note: This content is not provided by any entity covered in this article. Any opinions, analyses, reviews, ratings or recommendations expressed in this article are those of the author alone and have not been reviewed, approved or otherwise endorsed by any entity named in this article.
Our in-house research team and on-site financial experts work together to create content that’s accurate, impartial, and up to date. We fact-check every single statistic, quote and fact using trusted primary resources to make sure the information we provide is correct. You can learn more about GOBankingRates’ processes and standards in our editorial policy.
- Ledger Academy. 2022. "How to Hack a Hardware Wallet."
- Coinbase. "What is a recovery phrase?"
- CoinLedger. 2022. "9 Best Crypto Wallets (Software and Hardware) in 2022."
- Coin Bureau. 2022. "NGRAVE ZERO Review: Is This Hardware Wallet the Future of Crypto Storage?"
- Trustpilot. "NGRAVE."
- CoinMarketCap. "Software Wallet."
- Appdome. 2022. "Top 5 Cyber Attacks Aimed at Crypto Wallet Apps."