CoolWallet is making waves by making our firmware source code publicly available for review! Transparency and security at its finest.
- 1. Introduction
- 2. The What, Why, and How of a Secure Element
- 3. Which Crypto Threats Does A Secure Element Protect You against?
- 4. Should I only use my MetaMask with a hardware wallet and secure element?
- 5. The Pros and Cons of Secure Elements
- 6. The Top 5 Risks of Cold Wallet Secure Elements
- 7. How To Compare Different Hardware Wallet Secure Elements
- 8. Understanding CC EAL and its importance
- 9. How Good is CoolWallet’s EAL6+ Secure Element?
- Addendum: Table: Comparing hardware wallet secure elements
Written by Werner Vermaak for CoolWallet
This article is for educational and entertainment purposes only and is not financial advice of any kind. All opinions are that of the author only. Do your own research when investing in a hardware wallet to best secure your crypto assets.
Markets might have been cold in 2022, but crypto hacks and scams certainly didn’t cool off last year. In fact, so many crypto custodians imploded with the funds of normal crypto investors that it has resulted in a witchhunt by regulators in 2023 and an industry-wide return to self-custody, where users manage their own crypto assets in non-custodial/private wallets.
Of course, not all private wallets are equal, and we’re not just talking about the differences between super-secure cold (offline) wallets, also known as hardware wallets, and hot private wallets, whose online connectivity makes them both more convenient and less safe to use.
Last year saw major security incidents that targeted hot wallet applications and their crypto and NFT assets that were exposed to the internet, with mobile wallets being particularly vulnerable. As a result, cold storage is now again considered the best way to protect your crypto assets from theft.
Hardware wallets share several common characteristics, like being a dedicated physical wallet device with no internet connectivity that in most cases requires users to verify transactions with a button push. However, there are also some key differences as you go up the food chain, most notably, the presence or lack of a secure element (SE).
In this deep dive, we’ll take a closer look at how secure elements work, the crypto-threats they protect you against, and the benefits (and even a few disadvantages) of using a hardware wallet with a secure element.
Plus, we’ll give you some key things to look for when checking out hardware wallets and explain what a secure element’s CC EAL rating is all about.
And if you’re curious about how CoolWallet’s EAL6+ secure element stacks up against the likes of Ledger, Trezor and dozens other cold wallets, we’ve got you covered, as we’ll be taking a look at the best secure elements in hardware wallets. Let’s dive in!
2. The What, Why, and How of a Secure Element
Before we can dive into the world of secure elements, let’s go over the basics.
What is a hardware wallet?
A hardware wallet with a secure element is a physical device that stores private keys in a secure chip to protect cryptocurrencies from unauthorized access. It’s considered one of the safest ways to hold and manage cryptocurrencies since it stores the keys offline, away from potential online threats. Hardware wallets like CoolWallet Pro typically use encryption, biometric verification measures and require the user to physically press a button or enter a PIN code to approve transactions, adding an extra layer of security.
What is a Secure Element?
A secure element (SE) is a dedicated microprocessor chip designed to securely store and process sensitive data and protect such as biometric and transactional information. They are commonly found in devices that hold important data like credit cards, SIM cards, and since the 2010s, hardware wallets.
The purpose of a secure element in a hardware wallet is to provide an additional layer of security that helps protect sensitive data, such as private keys, seed phrases, and other cryptographic information.
Why do the best hardware wallets have a secure element?
In the world of cryptocurrency, secure elements are used in hardware wallets as a critical component to securely offline store private keys, which are necessary to sign and verify transactions on the blockchain. They essentially create and then lock away the private key so that no-one, not even the wallet owner, can extract it. This is why storing your recovery seed, a set of words derived from the private key is so important.
Compared to traditional chips, secure elements provide significantly better protection against physical attacks. This is because they provide an extra layer of security that standard components lack, helping to make them tamper-proof and resistant to known hacking attempts.
Utilizing a secure element in a hardware wallet ensures a higher level of protection against various vulnerabilities that traditional chips may have. The secure element also includes built-in countermeasures against known attacks, further enhancing its resistance to tampering and hacking.
By providing a highly secure environment for cryptographic components, a hardware wallet with a secure element offers significant protection against unauthorized access and potential attacks.
Step by step: How a Cold Wallet’s Secure Element works
A secure element is a very sophisticated piece of technology, and with many of the best ones being closed-source, it can be hard to understand how they are used. Let’s dumb it down a bit and see step-by-step what happens when you conduct a transaction in a hardware wallet.
Hardware wallet setup: When setting up a hardware wallet, a private key is generated using a cryptographically secure random number generator. This private key is stored securely within the secure element, which is a tamper-resistant chip specifically designed to protect sensitive information.
Transaction request: When you want to send a transaction, you’ll input the recipient’s address and the amount you want to send through the hardware wallet’s interface.
Transaction creation: The wallet software creates an unsigned transaction containing the transaction details, such as the recipient’s address, the amount to be sent, and any required fees.
Verifying the transaction details and signing: The unsigned transaction is sent to the secure element, and the wallet displays the transaction details on its screen. You should verify that the recipient’s address and the amount to be sent are correct. If everything looks good, you can confirm the transaction on the hardware wallet. The secure element then uses the stored private key to digitally sign the transaction without exposing it. The signed transaction is returned to the wallet software.
Broadcasting the transaction: The wallet software broadcasts the signed transaction to the blockchain network, where nodes verify the transaction’s validity by checking the digital signature and other transaction details.
Transaction confirmation: Once the transaction is verified and included in a block by miners, it’s considered complete and the cryptocurrency is transferred to the recipient’s address.
3. Which Crypto Threats Does A Secure Element protect you against?
Secure elements are designed to protect you against an array of nefarious crypto attacks. Here are the worst offenders.
Fault attacks involve manipulating a device’s integrated circuit to induce errors and disable internal protection mechanisms, potentially allowing attackers to access sensitive information. Secure elements are specifically designed to counteract these attacks by detecting abnormalities in circuit features, such as voltage supply, and executing fake operations alongside normal ones to obfuscate sensitive data.
Secure elements effectively prevent fault attacks by employing built-in countermeasures that facilitate efficient fault detection and appropriate security responses. These features help ensure that the device remains safe from attackers who attempt to exploit its circuitry in order to gain unauthorized access or compromise its functionality.
Side-channel attacks like cold boot attacks exploit external indicators, such as power consumption or electromagnetic emissions, to glean information about a device’s internal mechanisms. Secure elements are designed to thwart these attacks by executing false operations in tandem with real ones, making it exceedingly difficult for attackers to decipher and decrypt private key data.
Secure elements incorporate complex countermeasures that mask electromagnetic radiation and power usage, safeguarding the device against eavesdropping and other forms of side-channel attacks. These measures ensure that secure elements maintain a high level of protection, even when physically accessed by an attacker.
Software attacks target a device’s software to expose, alter, disable, destroy, or steal information. By manipulating inputs, attackers can uncover vulnerabilities and exploit unexpected behaviors in the software. Secure elements help defend against these attacks by minimizing the attack surface and maintaining a simple system with limited interfaces.
By streamlining the system and reducing potential entry points for attackers, secure elements offer robust protection against software attacks. This proactive approach ensures that sensitive data remains secure, even when subjected to attempts to exploit software vulnerabilities or induce unintended behaviors.’
4. Should I only use my MetaMask with a hardware wallet and secure element?
A hardware wallet with a secure element is like Fort Knox for your crypto keys, keeping your keys away from sneaky hackers. In contrast, software wallets like MetaMask store your keys on your computer or phone, which is way riskier. Your defense is only as good as your phone’s security, and if you’re using a pattern to sign in, it just takes someone watching you closely to figure out how to log in.
But when you hook up your hardware wallet to MetaMask, the secure element really comes in handy. It uses your private key to sign transactions, and makes sure that key stays locked up tight inside the device.
Even if someone got their hands on your hardware wallet, it’s nearly impossible to penetrate the secure element. So if you want peace of mind when it comes to your digital assets, get yourself a hardware wallet with a secure element.
5. The Pros and Cons of Secure Elements
While most security experts agree that secure elements provide elite protection against crypto hackers, there is some contention on certain aspects, most notably, whether it should be open source or closed source. There are valid arguments on both sides.
Possible disadvantages of Hardware Wallets with Secure Elements
Is Closed Source good or bad?
The majority of secure elements built today are proprietary, making it difficult for anyone but the manufacturer to analyze and verify a chip’s security. This means that consumers must trust the vendor that there’s no possibility of the chip being compromised at production or any other point in the supply chain. This goes against the decentralized and transparent values of blockchain, where all data should be accessible.
However, the flipside argument can also be made that closed source actually offers additional security—without any detailed specifications of the chip, it becomes harder for attackers to identify and probe potential weaknesses in the design compared to an open-source chip.
Certified by who?
Most secure element vendors must rely on their reputation gained through achieving certification and passing security inspections to achieve trust among the community. Although many chip vendors have impeccable records, some consumers may still feel uncomfortable trusting a business with an over-emphasis on becoming certified as opposed to being secure, especially when the incentives of the certifying body may be skewed in favor of the vendors that pay them.
Overall though, secure elements in hardware wallets have successfully secured billions of dollars worth of crypto for many years. There are few publicly known examples of compromises, despite the concerted efforts of many security researchers around the world. Based on their track record, they can be considered very secure.
5 Benefits of Hardware Wallets with Best Secure Elements
If you’re using a software wallet like MetaMask to store your cryptocurrencies, you may be leaving yourself vulnerable to various forms of attacks, including phishing, malware, and keylogging. That’s because software wallets store your private keys in software on your device, which can be compromised by attackers if they manage to breach your phone or computer’s defenses.
That’s where hardware wallets come in. They store your private keys offline, away from any potential attackers, in a secure element – a tamper-resistant chip that is designed specifically for storing sensitive data. Here are some of the benefits.
- Enhanced Security:
Since the private keys are stored offline, they are never exposed to the internet or any other potential attack vectors. This makes hardware wallets much more secure than software wallets like MetaMask.
- Physical Confirmation
Most hardware wallets require physical confirmation of transactions, adding an extra layer of security to the process.
The secure element provides tamper-resistant storage for the private key, protecting it from physical attacks such as side-channel attacks or reverse engineering attempts.
DELIVERED EVERY WEEK
Subscribe to our Top Crypto News weekly newsletter
- Additional Authentication
The secure element may also implement additional security measures such as PIN or biometric authentication, which help prevent unauthorized access to the device and the private key.
- Peace of Mind
By using a hardware wallet with a secure element, you can have peace of mind knowing that your private keys are protected by state-of-the-art security measures.
6. The Top 5 Risks of Cold Wallet Secure Elements
While using a secure element in a hardware wallet really helps to keep your assets safe. there are still some risks and limitations to consider.
Here are the 5 biggest threats:
Although secure elements are designed to be very secure, they are not invincible. There is always a very small possibility of vulnerabilities being discovered in the secure element, which could be exploited by attackers. That’s why it’s important to make sure your SE is made by a huge reputable company, such as NXP (used in CoolWallet Pro), STMicroelectronics (used in Ledger), and Infineon.
- Supply Chain Attacks
Secure elements are usually produced by third-party vendors and integrated into hardware wallets. This means that there is a risk of supply chain attacks, where an attacker could tamper with the secure element during the manufacturing process. In 2020, Kraken’s security team accused Ledger of possible supply chain vulnerabilities, and while there is contention about this issue, one thing is certain- USB-form hardware wallets can be opened and often have space inside for malicious components to be integrated. Whether they work or not is another story of course.
CoolWallet Pro provides complete tamper-proof peace of mind here, thanks to its wafer-thin design and patented cold compression technology that completely seals all components and will reveal any tampering attempt immediately.
- User Error
Even if the secure element is functioning perfectly, there is still a risk of user error. For example, if the user loses their recovery phrase or passphrase, it could result in the loss of their cryptocurrency.
- Physical Damage
Secure elements are embedded into the hardware wallet, and any physical damage to the wallet could potentially damage the secure element, rendering it useless. CoolWallet again excels here, as our device is water-resistant with a laminated exterior and bendable to a 15 degree angle, keeping your secure element…well very secure!
- Limited Compatibility
Secure elements can only be used with certain types of hardware wallets, which means that users are limited in their choice of wallets. This can be a disadvantage for those who prefer a different type of hardware wallet.
It’s important to note that while these risks exist, using a hardware wallet with a secure element is still considered to be one of the most secure ways of storing your cryptocurrency. As long as you take the necessary precautions and follow best practices for crypto security, the risks can be minimized.
7. How To Compare The Best Hardware Wallet Secure Elements
A big question for pretty much all new cold wallet buyers is: What should I look for when reviewing a secure element of different hardware wallets?
Well, there are several important factors to consider:
1) What is the secure element’s EAL level?
The EAL (Evaluation Assurance Level) of a secure element is a measure of its security and is assigned based on a standardized evaluation process. Generally, the higher the EAL level, the more secure the secure element. When comparing different hardware wallets, look for those with a higher EAL level, and a minimum of 6+ to ensure better security.
2) Is the Secure Element brand trusted?
Different hardware wallets use different brands of secure elements. Some popular brands include STMicroelectronics (Ledger), Infineon, and NXP (CoolWallet). Look for a hardware wallet that uses a reputable brand of the secure element.
CoolWallet use NXP chips, which are as secure as you can get. NXP is the co-inventor of near field communication (NFC) technology along with Sony and Inside Secure and supplies NFC chip sets that enable mobile phones and other smart devices to be used to pay for goods, and store and exchange data securely.
3) Is it open source or closed source?
Some hardware wallets like Trezor are completely open source, meaning that anyone can view and audit the code. Other hardware wallets like CoolWallet and Ledger use a combination of open-source and closed-source components, which can provide a balance between transparency and protection against potential attackers.
4) How frequent are the hardware wallet’s firmware updates?
It’s important to consider how often the hardware wallet’s firmware is updated and whether these updates are delivered securely. Regular firmware updates are important for maintaining the security of the device and protecting against new vulnerabilities. CoolWallet constantly update both our devices’ firmware and CoolWallet App’s software to protect against new threats.
5) What is the hardware wallet’s overall reputation and track record?
Finally, it’s important to consider the overall reputation of the hardware wallet and the company behind it. Look for a company with a good track record of security and customer support, and be wary of hardware wallets that have had major security incidents or vulnerabilities in the past. CoolWallet has been around since 2014, is battle-tested and has a stellar resume of awards and accolades from industry leaders such as Litecoin’s Charlie Lee.
8. CC EAL and its importance for hardware wallet certification
All secure elements are rated according to something called CC EAL, or just EAL in short. Here’s what it means:
- Common Criteria (CC) is an international standard for evaluating the security of IT products, such as hardware and software.
- Evaluation Assurance Level (EAL) is a rating within the Common Criteria framework that indicates the depth and rigor of the security evaluation conducted on the product.
- There are 7 levels, from low security to the highest security assurance. They are:
|EAL Level||Security Assurance||Description||Evaluation|
|EAL1||Low||Checks the functionality of the product, generally not suitable for high-risk environments.||Conducted by the vendor.|
|EAL2||Medium-Low||Tests and verifies a product’s security functions, evaluated to meet security requirements.||Conducted by an independent third-party evaluator.|
|EAL3||Medium||Rigorous testing and verification of a product’s security functions, provides a moderate level of assurance.||Conducted by an independent third-party evaluator.|
|EAL4||Medium-High||Requires higher level of testing and verification of a product’s security functions. Suitable for moderate to high security requirements.||Conducted by an independent third-party evaluator.|
|EAL5||High||Requires extensive testing and verification of a product’s security functions, suitable for high-risk environments.||Conducted by an independent third-party evaluator.|
|EAL6||Very High||Requires a very high level of testing and verification, typically applied to products with strict security requirements.||Conducted by an independent third-party evaluator.|
|EAL7||Highest||Requires the most rigorous security testing and verification, usually for the most demanding security environments, such as military or government applications.||Conducted by an independent third-party evaluator.|
Let’s dumb it down a bit more:
|EAL Level||What it means|
|EAL1||Basic functionality, not suitable for high-risk environments|
|EAL2||Basic security features, some assurance of meeting requirements|
|EAL3||Moderate assurance, rigorous testing and verification|
|EAL4||Suitable for moderate to high-security requirements|
|EAL5||High assurance, extensive testing and verification|
|EAL6||Very high assurance, strict security requirements|
|EAL7||Highest assurance, most demanding security environments|
What’s the difference between EAL5+, EAL6+ and EAL7+?
As you can see from the above comparison, anything less than EAL5 is not really secure enough for use in a crypto cold storage device. Most hardware wallets with secure elements have either EAL5+, 6+, and some even claim to have 7+.
So what does that + mean? EAL5+, EAL6+, and EAL7+ are not actually distinct levels but rather represent additional security requirements that are added on top of the standard EAL5, EAL6, and EAL7 evaluations.
- EAL5+ typically means that the product has been evaluated to meet additional requirements beyond the standard EAL5 level. These additional requirements might include specific protection against side-channel attacks or other advanced attack vectors.
- EAL6+ typically represents an even higher level of evaluation, with more extensive testing and verification of the product’s security functions.
- EAL7 represents the highest level of evaluation, with the most rigorous testing and verification of the product’s security functions. Products with an EAL7 rating are suitable for use in the most demanding security environments, such as military or government applications.
However, it’s important to note that there are very few products that have actually achieved an EAL7 rating, as the requirements are extremely strict and difficult to meet, and assessments can be very subjective (see Ledger’s Reddit thread here), and when they do, there is usually a big trade-off in terms of convenience and functionality.
9. How Good is CoolWallet’s EAL6+ Secure Element?
Now that you understand the different EAL levels, let’s try to compare CoolWallet’s EAL6+ SE with that of its major competitors. Keep in mind that each hardware wallet firm puts a lot of thought into picking a level that fits in with their product’s design.
CoolWallet’s EAL6+ SE vs Ledger’s EAL5+
Both CoolWallet and Ledger started their businesses way back in 2014, and are considered proper “OGs” in blockchain security. While Ledger is the undisputed current market leader and has built a very strong catalog of excellent hardware wallets, these are USB-form factor, while CoolWallet launched the world’s first Bluetooth-connected hardware wallet in 2016, with its iconic wafer-thin and tamperproof smart card design that makes it perfect for everyday use no matter where you are, and protects it against threats like supply-chain attacks because it can’t be opened.
When comparing their SEs it can become a case of apples and oranges, as their closed-source software has been designed to meet very specific needs. However, let’s go by the industry standards.
CoolWallet uses CC EAL6+ Secure Element Chip, while Ledger uses CC EAL 5+ (even with their future STAX). What difference does it make for users?
When comparing the security of CoolWallet’s CC EAL6+ Secure Element Chip with Ledger’s CC EAL 5+ chip, the primary difference for users lies in the level of security assurance provided by each chip.
As both CoolWallet and Ledger’s secure element technology is closed-source to help protect against hackers gaining too much knowledge on the chips, we can only compare them based on what these different EAL levels of assessment represent.
When comparing the security of CoolWallet’s CC EAL6+ Secure Element Chip to Ledger’s CC EAL5+ chip, the difference for users is in the level of security assurance provided by each chip. However, users should always take strong measures such as using strong passwords, enabling two-factor authentication, and keeping their devices updated with the latest security patches.
CoolWallet’s Secure Element vs Trezor
Awkward… Trezor, the first hardware wallet ever, does not have a secure element.
Why doesn’t Trezor have a secure element?
Trezor has defended its lack of a secure element countless times in the past, attributing it to various reasons such as the $5 Wrench attack (ie: the threat of physical violence trumps any wallet security measure), its open-source software, and greater flexibility.
Trezor uses a different approach to securing its hardware wallet. Rather than relying solely on a secure element, Trezor uses open-source firmware and advanced cryptography that are constantly audited and updated by a community of developers. This approach is designed to ensure that any vulnerabilities or weaknesses are quickly identified and addressed. Additionally, Trezor’s firmware is designed to run on a variety of devices, including those without a secure element, making it more versatile and accessible to a wider range of users.
Ledger very publicly disagrees with this assessment, even publicly attacking Trezor’s security flaws in 2019, and maintains that a secure element is an essential component for a hardware wallet to provide the highest level of security.
According to Ledger, Trezor’s lack of a secure element means that sensitive information can be more easily accessed by hackers or malware, making the hardware wallet less secure overall.
There is merit in both arguments. Ultimately, the choice between an open-source and closed-source hardware wallet comes down to your personal preference and the specific security features that each individual values most. You know which camp CoolWallet users are in.
How our EAL6+ Secure Element Keeps CoolWallet Pro Ultra-Secure
- Unmatched Security Assurance:
Choose CoolWallet and enjoy peace of mind knowing your private keys are safeguarded by a CC EAL6+ Secure Element Chip, providing a higher level of security assurance compared to the EAL5+ found in other leading hardware wallets.
- Resilient Against Advanced Threats: Our EAL6+ certification ensures that CoolWallet is designed to withstand sophisticated and resourceful attackers, keeping your crypto assets safe in the face of high attack potential.
- Rigorous Testing and Analysis: CoolWallet’s CC EAL6+ Secure Element Chip undergoes comprehensive independent testing, including extensive penetration testing and a formal, mathematically-based security analysis, ensuring a robust and reliable security architecture.
Why we love CoolWallet’s EAL6+ Secure Element
- Enhanced security
The CC EAL6+ chip has undergone by definition a more rigorous evaluation process, offering a higher level of security assurance than the CC EAL5+ chip.
- Advanced protection against threats
This potentially results in better protection for users’ sensitive data and private keys, and advanced protection against a wider range of security threats.
- Higher development and evaluation costs
Achieving a higher EAL level typically involves higher development and evaluation costs, which may impact the product price or quality.
It’s important to note that, while the EAL rating provides an indication of the security assurance level of a product, it doesn’t guarantee absolute security. Users should still practice good security hygiene.
We hope you found this guide valuable. In conclusion, when it comes to choosing a hardware wallet, understanding the security measures employed by the device is critical to ensuring the safety of your digital assets.
EAL levels can provide a useful framework for comparing different secure element chips, and anything from EAL5+ and up are exceptionally good, but it’s important to note that they don’t guarantee absolute security. Practicing good security hygiene, such as using strong passwords and enabling two-factor authentication, is still essential.
CoolWallet Pro boasts a CC EAL6+ rating, which is the highest level of security assurance for commercial products. This means that the CoolWallet Pro’s secure element chip has undergone a more rigorous evaluation process and is designed to better protect against a wider range of security threats.
So if you’re looking for a hardware wallet that prioritizes top-notch security, a high EAL6+ rating like the one on the CoolWallet Pro is definitely worth considering.
Addendum: Table: Comparing hardware wallet secure elements
Here is a Bitcointalk table made by user @SFR10 in 2020that summarizes the information on the current state of Secure Elements in hardware wallets (information might not all be accurate):
|Name||Open Source||Secure Element||SE Model + Microcontroller||Evaluation Assurance Level|
|Keepkey||YES||NO||N/A + STM32||N/A|
|Ledger Nano X||NO||YES||ST33J2M0 + STM32WB55||EAL5+|
|ColdCard Mk4||NO||YES||ATECC608B+Maxim DS28C36B + STM32L4S5VIT6||N/A|
|Bitbox02||YES||YES||ATECC608B + ATSAMD51J20A||N/A|
|Passport||YES||YES||ATECC608A + STM32H753||outdated chip|
|Ledger Nano S||NO||YES||ST31H320 + STM32F042K6||EAL5+|
|CoolWallet S||NO||YES||NXP P5CD081||EAL5+|
|Ledger Nano S Plus||NO||YES||ST33K1M5C + STM32…||EAL5+|
|Ledger Stax||NO||YES||ST33K1M5 + ?||EAL5+|
|Safepal S1||NO||YES||Unknown chip||EAL5+|
|Kasse HK-1000||NO||YES||ST31H320 A03||EAL5+|
|Keevo||NO||YES||Infineon Optiga Trust-P||EAL5+|
|Secux||NO||YES||Infineon CC ?||EAL5+|
|Tangem||NO||YES||Samsung SecureCore microchip ?||EAL6+|
|ImKey||NO||YES||Military-grade CC security chip ?||EAL6+|
|Opolo||NO||YES||NXP ? + ARM Cortex M4||EAL6+|