Coinkite, the wallet manufacturer bitcoin-only Coldcard recently announced that it has carried out an update to its firmware for the Mk4 model and the Q model. Among other improvements, Coinkite wallets increased the signature speed for sending bitcoin by 15% on average compared to the previous version of the firmware.
According to Coinkite:
“The improvement is 15% in overall signing speed, as signatures are only one part of the process (UTXO validation and change checks take time).”
Coinkite, creators of the Coldcard wallet.
Before signing a transaction, the user must wait for the chain to verify that the funds have not been previously spent. Then, wait for confirmations from nodes that validate the transaction multiple times within the network. These phases of the process of sending bitcoin are not affected by the update Coinkite’s blockchains rely on the Bitcoin protocol, so the update only improves the signature process.
The firmware of the wallets was updated to the latest version (0.5.0) of libsecp256k1a library that uses elliptic curve digital signature algorithms (ECDSA), used for the development of signatures and operations with public/secret keys. This is an essential domain for the secure and self-custody operation of hardware wallets.
Another addition to the update is to increase Coldcard security against side-channel attacks. This would make it difficult to deduce reliable information about the physical functioning of the device.
Side-channel attacks are attacks capable of revealing encryption keys and other sensitive information by deducing it from execution times and other physical variables, such as electromagnetic field radiation or internal heat sources of the device.
Other Coldcards improvements
The hardware wallet upgrade now allows for “restoring geographically distributed SeedXOR, without physically joining the parties.” The reunion of the parties will be possible from a seed vault accessible through the wallet.
The XOR seeds are a security method that allows a seed phrase to be split into two or more parts. Both parts, which remain compatible with the BIP-39 standardcan be funded with cryptocurrencies that cannot be spent unless the original key is recovered or restored.
Coinkite also enabled the option to scan and restore encrypted SeedXOR seeds instead of writing them down by hand.
An important addition is that now It is possible to create a multi-signature wallet offline by being the owner of a Coldcardusing BBQRs (Bitcoin QR codes) or MicroSD cards.
Some other additions in the update are disabling deterministic public key ordering (BIP-67) and importing JSON-wrapped files for USB and NFC imports without a file name.
Coldcard sees several bugs fixed
In total, there were six bugs fixed with this firmware update:
- “Bug fix: Does not allow multi-signature wallet import when the same keys are shuffled.
- Bugfix: Don’t read full PSBT into memory when writing finished transaction (performance).
- Bug Fix: Prevent user from restoring Seed XOR when the number of parts is less than 2.
- Bug Fix: Fixed the seed vault menu screen alignment.
- Bug Fix: Handle null data correctly in OP_RETURN
- Fix: Do not allow side scrolling in Address Explorer when only one address is displayed in the custom route.”
Coinkite, creators of the Coldcard wallet.
As CriptoNoticias reported in a review of hardware wallets, the Coldcard is one of the favorite physical wallets among developers and cypherpunks because it is open source and has been on the market for some time.
Among other security measures, Coldcard has two secure element microprocessors from two different manufacturers. This prevents the internal security of the microprocessor from being dependent on just one of them.
