Coinkite, a provider of cryptocurrency security hardware, has now announced the launch of the Coinkite Coldcard Mk3, the third generation of its ultra-secure bitcoin hardware wallet.
Mk3 comes with upgraded secure elements, 2.5x more RAM for more complex transactions, additional side-channel defenses, and more.
Coldcard Unique Features
- The device is BIP39 based, which means users can backup the secret words onto paper, and have sub-accounts and unlimited independent payment addresses. Since the Mk2 version, it comes with BIP39 passphrase support, unlocking up to 5.9e197 additional wallets from the same seed words.
- It knows how to understand transactions, so users can see what you are approving.
- The first “Partially Signed Bitcoin Transaction Format” – PSBT (BIP 174) native wallet which can be used completely offline for its entire lifecycle.
New Coldcard Mk3 Version
This hardware update replaces the chips used for both the secure element and also the main micro. The new ATECC608A secure element is being used to provide a powerful new security model for PIN attempts. The Mk3 will always brick after 13 failed PIN attempts, and that policy is enforced entirely by the secure element and cannot be bypassed by any code in the main micro.
The main micro has been upgraded to give Coinkite more memory to enable additional software features in the future. The team also managed to bump up the memory by 2.5x while keeping costs under control. This will allow the Coldcard firmware to sign more complex transactions, and more complex signature types that may be coming in the future.
The Coinkite team has also hardened the Coldcard Mk3 against side-channel attacks. In layman terms, this means the device is emitting less noise on the USB lines and across the EM spectrum. The device already had software mitigations during signings, and when showing seed words. These changes are built into the hardware and operate much better. The team does not know of any practical side-channel attacks at this time, but it wanted to get ahead of the game.
Future ideas for Coldcard include:
- Address explorer (for receiving)
- Shamir secret backup
- Tor remote signing service (HSM mode)
- Hot wallet co-signing firmware
- Message signing using bech32 or p2sh-p2wpkh addresses
- More complex P2SH script support
- Confidential transactions
“We don’t plan on stopping hardware iteration any time soon. We are pure Bitcoin all the way. So as long as you keep buying, we will keep making firmware upgrades, adding features, and improving our security measures. Mark2 is still supported in current firmware releases and we will try to support it with updates as long as practical.”
– The Coinkite Team
The first batch of pre-orders for Mk3 is now open, the first units are scheduled to ship in October 2019.