Technical Terms Glossary
Advanced Encryption Standard (AES) is a symmetric block cipher to protect classified information. AES is implemented in software and hardware throughout the world to encrypt sensitive data. It is essential for government computer security, cybersecurity and electronic data protection.
Any measure intended to prevent phishing (tricking someone into giving information that would help attackers). Most commonly attempted using email or the internet
A COLDCARD®'s anti-phishing words are unique to the device. No other COLDCARD will have the exact same anti-phishing words. If a user enters the first part of their PIN and does not see their usual anti-phishing words, they know the device is not trustworthy and not to continue the login process.
American Standard Code for Information Interchange: a character encoding for the English alphabet, numbers, and a few other common symbols.
This BIP describes a general structure of hierarchical deterministic wallet (HD wallet). In particular, it defines how to derive private and public keys of a wallet from a binary master seed and an ordered set of indices.
BIP-39 defined how to use a mnemonic phrase to store all the information needed for the recovery of a Bitcoin wallet. BIP-39 builds on BIP-32 and forms the basis of most modern Bitcoin wallets. By securing the seed words (mnemonic phrase), all future Bitcoin funds in a wallet can be protected and recovered. Also known as a seed phrase or recovery phrase.
BIP-32-based systems give special meaning to the layers in the BIP-32 tree structure. This allows the same seed to support multiple altcoins, multiple accounts, and so on.
BIP-85 introduced a process creating multiple unique seeds from the value of one set of seed words. The same original seed value can be used to recreate any derived seed.
COLDCARD's Derive Entropy function follows the BIP-85 standard.
Boot ROM security#
Boot ROM is a piece of code stored in a Read Only Memory (ROM). It is the very first code executed by the CPU when it is powered on. This code contains critical instructions to configure the system-on-chip (SoC) and allow the SoC to execute legitimate applications.
A brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing a combination correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found.
Cipher Block Chaining (CBC) is a mode of operation for a block cipher (one in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block). Cipher block chaining uses what is known as an initialization vector (IV) of a certain length and combines previous blocks with upcoming blocks.
A cryptocurrency wallet that cannot be compromised because it does not hold any private keys online. Sometimes confused with Signing Device (a.k.a.hardware wallet) and "offline wallet," a cold wallet improves security because it operates manually without access to the Internet. An example of the ultimate cold wallet is a "paper wallet" which exists only on paper form---the private keys are not in any electronic device at all.
A Cyclic Redundancy Check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data. Blocks of data entering these systems get a short check value attached based on the remainder of a polynomial division of their contents. On retrieval, the calculation is repeated and, in the event the check values do not match, corrective action can be taken against data corruption.
Defence in Depth#
Multiple layers of security controls (defence) are placed throughout an information technology (IT) system. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited that can cover aspects of personnel, procedural, technical and physical security for the duration of the system's life cycle.
We provide an optional "duress PIN code". If you enter that PIN code, instead of the "real" PIN code, nothing special is shown on the screen and everything operates as normal... However, the Bitcoin key generated is not the main key. It is effectively a completely separate wallet! To take best advantage of this feature, you should put some Bitcoin into the duress wallet. How much you are willing to lose or what you need to make it plausible, we don't know. The "duress" wallet will still be derived from the original BIP-39 words, so you don't need to back it up separately, but there will be no way to get from that wallet back to the original wallet with the real funds in it.
Electrostatic discharge (ESD) is the sudden flow of electricity between two electrically charged objects caused by contact, an electrical short, or dielectric breakdown. ESD can be fatal to unprotected electronics.
A File Allocation Table (FAT) is a file system developed for hard drives that originally used 12 or 16 bits for each cluster entry into the file allocation table in MS-DOS. It is used by the Operating System (OS) to manage files on hard drives and other computer systems, and is the defacto standard for organizing flash cards, USB flash drives, and other portable media.
(formerly known as "Hardware Wallet")
A device, such as the COLDCARD, which holds private keys and is able to sign transactions to allow their movement on the Bitcoin blockchain. Sometimes called a "signing device" or "keystore." It must be implemented as a specialized, standalone hardware device, and is not a general-purpose computer.
A Hierarchical Deterministic wallet (HD Wallet) is a system that can generate a tree-like structure from a single seed to store multiple sets of keypairs (private and public keys). The advantage is that it can be easily backed up, transferred to other compatible devices (because only seed is needed), and hierarchical permission control. BIP-39 and BIP-32 define the technical means to achieve this.
A Hardware Security Module (HSM) is a specialized physical computing device that isolates, safeguards and manages digital keys, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions.
Initialization Vector is a fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom. Randomization is crucial for encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between segments of the encrypted message. For block ciphers, the use of an IV is described by the mode of operation.
Key stretching techniques are used to make a possibly weak key, typically a password or short passphrase, more secure against a brute-force attack by increasing the resources (time and possibly space) it takes to test each possible key.
Man in The Middle attacks may occur when attackers can secretly intercept communications and alter them in transit.
Normal Bitcoin transactions presume a single "owner" of the coins. With multisig transactions, there are up to 15 possible owners (signers) and between 1 to 15 of them are needed to approve any spending. This is called an M-of-N wallet or "Multisig P2SH" (pay to script hash) wallet. COLDCARD supports M-of-N wallets with up 15 co-signers. This is an optional, advanced, feature and does not affect normal "single-signer" operations. The transaction approval and signing process is not significantly different from single signer mode, but in multisig cases the "wallet" needs to be defined before use. A typical PSBT file does not carry enough information to encode all the details of the signatures required, and to properly secure change outputs the parameters of the multisig wallet should be established before the PSBT is examined.
Native Segwit is the address format required by SegWit transactions. Also known as bech32, it is the preferred way to use segwit and all new wallets should use this standard for all payment addresses.
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, emails, files, directories, and whole disk partitions and to increase the security of email communications.
Private Key (for Bitcoin)#
A secret number that allows Bitcoin to be spent. Every Bitcoin wallet contains one or more private keys which are saved in the wallet file or derived by BIP-32. The private keys are mathematically related to each Bitcoin addresses generated for the wallet. Because the private key is the "ticket" that allows someone to spend Bitcoin, it is important that these are kept secret and safe. Ideally, private keys themselves are never handled by the user, instead the user will typically be given a set of seed words that encodes the information needed to regenerate all private keys associated with the wallet.
Partially Signed Bitcoin Transactions are a data format that allows wallets and other tools to exchange information about an unsigned Bitcoin transaction and the signatures necessary to complete it. A PSBT can be created that identifies a set of UTXOs to spend and a set of outputs to receive that spent value.
PSBTs are described by BIP-174. COLDCARD is the first "PSBT Native" hardware wallet. It uses PSBT internally, and should be able to sign any PSBT files generated by conforming software. For completed transactions, we can output either a PSBT (with the new signatures added) or a finalized Bitcoin transaction, ready to send.
Bitcoin Core has recently added HWI which supports uploading unsigned PSBT files, and receiving signed PSBT files back from the COLDCARD. All the features of the COLDCARD, including message signing and showing of addresses are already supported in HWI. This is a great way to use your COLDCARD from the CLI over USB connection.
A public key is a very large number that is created using asymmetric-key encryption algorithms, from the corresponding private key. Together the public and private keys are sometimes called a "key pair" and they have a specific mathematical relationship determined by the secp256k1 curve. As the public key is made up of an rather long string of numbers, it is compressed and shortened to form the Bitcoin payment address by further hashing. If an owner loses their public key, it is easy to recreate it using the private key.
"Pay to Public Key Hash". This is the most common type of UTXO (payment) on the Bitcoin blockchain. To claim the value, the recipient must demonstrate use of the private key in a signature, and also reveal the full public key.
"Pay to Script Hash". Payments made to this type of Bitcoin address can be claimed by revealing a script that hashes the correct value, and evaluate (execute) correctly. The sender does not know any of the details of the script, merely its hash. P2SH is used for multi-signature wallets using a standard script that checks for M of N signatures are correct before accepting the transaction. There is almost no limit the complexity of the script that might be required to claim a P2SH UTXO.
"Pay to Witness Public Key Hash". This is the segwit version of P2PKH and operates in a similar manner, except the some of the data needed to validate the transaction (witness data) will not reside on the blockchain after confirmation. This conserves blockchain space and results in lower costs.
Random data that is used as an additional input to a one-way function that hashes data, a password or passphrase. The salt is generally public or shared. It increases the work for brute-force attempts, and prevents rainbow attacks, where large quantities of data is precomputed and applied to cracking passwords.
A list of words which store all the information needed to recover Bitcoin funds on-chain. COLDCARD or a software wallet will typically generate a list of seed words and instruct the user to write it down on paper. All private keys generated by a BIP-39 based wallet (like COLDCARD) are generated deterministically from the seed words alone. Knowledge of a wallet's seed words usually implies complete control over the funds it holds.
Also referred to as a recovery phrase, wallet backup phrase, seed mnemonic.
A protocol update to Bitcoin that makes Bitcoin transaction sizes smaller, which allows Bitcoin to handle more transactions at once (scalability) and reduce transaction costs. It achieves this by separating Bitcoin signature data from transaction data.
Secure Hash Algorithm 256-bit. A cryptographic hash algorithm which produces irreversible and unique 32-bytes from any length of input data. SHA-256 is a core technology used in Bitcoin.
Single Level Cell is the highest grade of NAND Flash currently available and is used for industrial Purposes. It has the highest noise immunity and reliability due to the physical design of the flash cell.
A software program which manages Bitcoin. Bitcoin is stored on the blockchain, and the wallet must provide new deposit addresses, and track wallet balance by detecting UTXO on the blockchain when funds are received. Every payment address, or UTXO, associated with a Bitcoin wallet, has a private key (secret number) corresponding. Software wallets facilitate the sending and receiving of Bitcoin and give ownership of the Bitcoin balance to the user, if they know the private key. The Bitcoin wallet comes in many forms. The four main types are desktop, mobile, web, and hardware. COLDCARDs are compatible with any PSBT-based software wallets.
Testnet refers to a blockchain that is established solely for testing purposes. Because testnets are built to experiment with new ideas without disturbing or breaking the main cryptocurrency software, its digital currency is worthless.
Tor, short for The Onion Router, is an open source privacy network that permits users to browse the web anonymously. Tor was initially developed and used by the US Navy the network was made available to the public.
True Random Number Generator (TRNG) is a device that generates random numbers from a physical process, rather than by means of an algorithm.
Any malware which misleads users of its true intent. It may look like the horse you were expecting, but it contains more than that.
Abbreviation for transaction.
The term UTXO refers to the quantity of Bitcoin stored on the blockchain. The letters stand for Unspent Transaction Output. Each Bitcoin transaction begins by consuming one or more UTXO and making new UTXO. Your balance in a Bitcoin wallet is the sum of the value of all UTXO you can control with your private keys.
A watch-only wallet does not hold the private keys needed to spend Bitcoin. Instead, it has knowledge of only the public keys involved. It can detect deposits on the blockchain, monitor the balance, and generate payment addresses for incoming payments. To work with COLDCARD, it must be able to construct a PSBT file for signing transactions which spend funds.
A list of people or things considered to be acceptable or trustworthy. Also called an allow list.
An extended private key is the combination of a private key and chain code and can be used to derive child private keys (and/or child public keys). An extended public key (XPUB) is a public key and chain code, which can be used to create child public keys.
Extended Public Key. It can be used to view the child wallet’s addresses, transactions, and balances. You can think of it as a read-only view of a wallet. Although the XPUB doesn’t give you spending abilities, only the possibility to view a wallet’s information, it’s risky to share the key with anyone, because it reveals all your transactions on the blockchain, past and present.
$5 Wrench Attack#
If someone finds out that you own a significant amount of coins, they can could physically attack you or threaten your loved ones, and demand you hand over your wallet's private key. A simple $5 wrench or other crude weapon could be used for this attack. This XKCD comic is the origin of this term.
Compressed archive files created with 7-Zip open-source software. These files are created using a compression method called LZMA, which is an algorithm for lossless data compression, and filenames and other metadata is also captured into this archive file format.