Supply Chain Attack

How It Works

Supply chain attacks target the path between manufacturer and user. For hardware wallets, this could mean intercepting a device during shipping and modifying its firmware to generate weak keys or exfiltrate seed phrases. For software wallets, attackers may compromise a developer's machine, inject malicious code into dependencies, or publish fake versions of legitimate apps on download sites and app stores.

The Bitcoin hardware wallet industry has developed multiple defenses. Secure elements store keys in tamper-resistant chips. Secure boot verifies that only authorized firmware runs on the device. Anti-tamper packaging with holographic seals indicates if a device was opened during transit. Some devices, like the Coldcard, allow you to verify firmware signatures before use and feature a clear case so you can visually inspect the hardware.

Users must also do their part. Buy hardware wallets only from the manufacturer's official store — never from Amazon, eBay, or third-party resellers. Verify the integrity of software downloads using PGP signatures. Check that wallet software has reproducible builds, meaning anyone can compile the source code and get an identical binary. Trust but verify is not enough — verify, then verify again.

Key Points

• Buy hardware wallets exclusively from manufacturers' official stores, never third-party resellers
• Inspect anti-tamper seals and packaging before setting up any hardware wallet
• Verify software downloads using PGP signatures from multiple independent sources
• Reproducible builds let you confirm that compiled software matches the published source code
• Open-source firmware and hardware designs allow community auditing of the entire stack