How Hardware Wallet Users Lose Their Bitcoin
Also: Why Self-Custody Is Important and Bitcoin As Self-Sovereign Wealth
Why It’s Important to Self-Custody Your Bitcoin:
If you're betting that Bitcoin will go to the moon, do you understand it would involve an economic revolution? Hopefully, it will not come to literal blood in the streets, but the dollar regime will not go down without a fight.
Bitcoin holdings in an ETF or exchange could be lost in a million ways as the legacy fiat regime desperately attempts to maintain the dollar's supremacy. We've seen how bank depositors in Greece and Cyprus had their savings confiscated -- that's the least you can expect.
Yes, delegating custody to someone else using existing financial rails is easy and lets you off the hook on studying self-custody and making hard choices on how to keep your stash safe for you and your family's future. But that is a bet against Bitcoin winning. If you truly expect a Bitcoin-based financial system, invest the time into studying how to take control of your wealth.
Bitcoin is Self-Sovereign Wealth
Bitcoin is self-sovereign wealth, which means:
1: Transactions are irreversible: Once a transaction is made, it becomes permanent. No one has the authority to undo it.
2: Transactions are unstoppable: No entity can prevent you from conducting transactions.
3: Transactions are voluntary: No one can compel you to execute a transaction.
While Bitcoin provides additional assurances, these core principles define what it means to possess self-sovereign wealth.
How Hardware Wallet Users Lose Their Bitcoin
Drawing from my experience assisting thousands of customers of WalletRecovery.info, I’ve identified the most frequent scenarios under which individuals lose their crypto stored in hardware wallets. (Related: How do hardware wallets work?)
Here’s a rundown of these scenarios, ranked by commonality:
Accidentally Backed Up Wrong Seed: A surprisingly common error where users initialize their wallet multiple times, writing down the first seed, but depositing their coins to the second. When they reset their wallet, the coins are lost forever. (This seems to be especially common with Ledger users.)Â
Lost Seed and Wiped Device: Users sometimes lose their seed phrase—the crucial backup key—and subsequently perform actions like resetting their device, and permanently lose access to their funds.
Wrote down seed words incorrectly: it’s possible to incorrectly write down some of the words or in the wrong order.  A wallet recovery service can find the correct words in nearly 100% of cases – but it will cost you, and you’ll have to trust a stranger with your Bitcoin.
Phishing Attacks:Â Falling victim to phishing schemes by entering their seed phrase into a malicious website, often masquerading as a security measure for their hardware wallet.
Fake Support Service:Â Scammers posing as customer support via Google ads deceive users into revealing their seed phrases under the guise of assistance.
Malicious And Incompetent Hardware Wallets Makers: Some hardware wallet brands (like John McAfee’s BitFi wallet below) should not be trusted — if it’s based on a mobile phone platform (touch screen, Internet connectivity, Android OS), I would stay away
Vengeful Ex and No PIN:Â Personal disputes leading to someone with access to the wallet (like a vengeful ex-partner) transferring funds when no PIN is set for additional security or the seed is stored out in the open.
Deceased + Lack of Estate Planning: The absence of arrangements for digital assets in estate planning can result in cryptocurrencies becoming inaccessible after the owner’s death.
Supply Chain Attack:Â Rare instances where devices are intercepted and a pre-generated seed is provided with malicious instructions, before reaching the customer.
Clipboard Hijacking Attacks: Malware that monitors and replaces copied cryptocurrency addresses on a user’s clipboard, diverting funds to the attacker’s address instead.
Notably Absent Risks:
Some risks that users might expect to see are notably absent from this list, underscoring their rarity or the effectiveness of existing safeguards against them:
Hacked/Modified Supply-Chain Attack:Â I am not aware of any attacks compromising the supply chain of reputable hardware wallet manufacturers. Because the firmware is downloaded and verified when setting up a new device, this attack is very unlikely to succeed.
Wallet Desktop Client Hacked: Direct theft or hacking of the PC does not affect wallet security. Attacks successfully breaching the security of desktop clients for wallets do not affect the security of the device, so they can’t be used to steal funds.
Malicious Firmware:Â The threat of a device being compromised by malicious firmware updates remains low, given the stringent verification processes used by manufacturers.
Stolen Wallet: A stolen wallet is usually safe because a PIN protects it — if you follow the instructions to set one. However, because Trezor One and Model T do not use a secure element, I recommend using a passphrase to protect against especially sophisticated adversaries. (Ledger wallets and the Trezor Safe 3 do include a secure element.)