- Exclusive details about Coinkite’s upcoming hardware wallets are revealed.
- A new version of Coinkite’s Bitcoin hardware wallet from Canada that improves on the popular COLDCARD Mk3.
The new model’s main features include a USB-C connector, no limits on Bitcoin transaction size, increased security with an extra secure element, NFC integration, a slide cover, a USB virtual disc mode, and extensive “Trick PIN” flexibility.
COMMUNICATION IN THE NEAR-FUTURE (NFC)
In terms of connectivity, the user can use NFC with the Mk4 by enabling it in the device’s settings, as the feature is disabled by default. When enabled, NFC allows the COLDCARD to approach a compatible device and sign a transaction or message, co-sign in a multisig setup, or share information from the device’s MicroSD card, such as a payment address or an extended public key, a partially-signed Bitcoin transaction (PSBT), a text file, or a transaction file.
NVK, the founder of Coinkite, told that the goal of NFC is to reduce costs, improve user experience, and increase adoption.
“Imagine hardware wallets that can simply tap-to-pay,” he said.
Although QR codes have recently gained popularity in some hardware wallets, according to NVK, they have yet to be adopted in the larger payment industries because they have extremely low data bandwidth, are more complex and not human readable, and require more expensive hardware.
“This feature was added to improve phone-wallet UX because all modern phones have free, unused NFC,” NVK explained. “NFC will be available for all COLDCARD functions that allow us to send or receive data, just like an SD card or a USB cable.”
In addition to requiring NFC to be enabled for use, NVK stated that the Mk4 will allow users to permanently disable the feature by scratching a PCB trace exposed on the MicroSD opening.
AN ADDED SECURITY ELEMENT
Previously, the COLDCARD had a single secure element (SE), but Mk4 adds a second SE to create a more robust security model for the user’s private keys and eliminate potential single points of failure. Furthermore, because the second SE is from a different vendor, the user is protected from any unexpected bugs or issues with a specific SE design.
Because the device now distributes the encryption key among the three components, an attacker would need to fully compromise the two secure elements and the main microcontroller (MCU) before being able to extract seed words from the COLDCARD Mk4. Furthermore, even if all three components are compromised, the device’s PIN code remains required.
‘TRICK PINS’ AND OTHER IMPROVEMENTS
Mk4 also lets the user create multiple “Trick PINs.” While the actual PIN unlocks the device and enables wallet functions, Trick PIN codes can unlock a duress wallet, cause a long login delay, or brick or blank the COLDCARD.
These PINs are useful in a variety of situations, but they are especially useful in physical attacks where the user is coerced into unlocking their COLDCARD. For example, for plausible deniability, the user can simply use a Trick PIN to unlock a duress wallet. In a more extreme case, the user can enter a Trick PIN that wipes the COLDCARD clean and then bricks it, rendering it unusable.
Faster booting; a 120 Mhz CPU, up from 80 Mhz; more setting space now 512 KB, up from 4 KB; more multisig wallet possibilities; firmware upgrade now takes 15 seconds, down from two minutes; 216 bytes of new secure storage alongside main seed phrase; a flashing light indicating when the USB connection is in use; a USB disc emulation for simple use with web browsers and other PSBT sources; and a doubled flask
Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.