One of the most fundamental dividing lines in hardware wallet design is whether to use a Secure Element (SE) chip. A Secure Element is a tamper-resistant integrated circuit designed specifically to protect sensitive data — the same technology used in bank cards, passports, and SIM cards. SEs include physical countermeasures against side-channel attacks, fault injection attacks, and physical probing.

The trade-off with Secure Elements is that they are typically proprietary and closed-source. The manufacturer's non-disclosure agreement requirements mean that a fully open-source hardware wallet cannot use most commercial SEs. Ledger uses certified SEs in its devices and keeps the SE firmware closed-source. Trezor takes the opposite approach: fully open-source hardware and firmware, but no dedicated SE chip (relying instead on general microcontrollers with additional physical protection measures like epoxy resin potting).

In 2026, the emergence of new open-source-compatible SE solutions — particularly the partnership between Ledger-alternative manufacturers and the open-source security community — has begun to bridge this gap. Some newer devices use Microchip's ATECC608 or similar chips that provide cryptographic acceleration without full SE-level proprietary firmware.

Ledger devices use a dual-chip architecture: a general-purpose MCU (STM32 family) that handles I/O, display, and user interaction, and an SE chip (ST33 series, Common Criteria EAL5+ or EAL6+ certified) that stores the seed phrase and performs private key operations. The partition of trust between these chips is critical: the SE never reveals the private keys, and all cryptographic operations happen inside it.

The Ledger OS running on the SE — BOLOS (Blockchain Open Ledger Operating System) — provides application isolation, ensuring that a compromised coin application cannot access keys used by another coin application. Coin-specific applications are sandboxed from each other and from the OS itself.

In 2023, Ledger introduced Ledger Recover — an optional subscription service that encrypts and shards your seed phrase, distributing the shards to identity verification providers for recovery purposes. The announcement generated intense controversy in the self-custody community.

The controversy revealed something architecturally important: Ledger's SE firmware is technically capable of extracting the seed phrase. Previously, many users had assumed this was architecturally impossible. The revelation did not mean Recover was insecure or that Ledger had acted maliciously — the feature is opt-in and the extraction only happens with user consent. But it demonstrated that the security guarantee of "the key never leaves the device" is contingent on firmware behavior, not hardware constraint.

For users who find this unacceptable, fully open-source alternatives where the firmware can be independently audited represent a stronger assurance model.

The Trezor Safe 5 (released 2024) represents SatoshiLabs' most advanced device. It includes a Secure Element chip — the EFR32MG24 from Silicon Labs — while maintaining open-source firmware. The SE in the Safe 5 is used for additional security rather than key storage, addressing some physical attack vectors while keeping key storage in the open-source MCU.

The passphrase feature in Trezor is particularly noteworthy for security-conscious users: an optional 25th word appended to the 24-word seed phrase creates a completely separate wallet. This passphrase is never stored on the device, providing protection against physical seizure — even if someone obtains your device and seed phrase, they cannot access funds protected by an undisclosed passphrase.

Coldcard, manufactured by Coinkite, occupies a unique position in the hardware wallet market: it is designed exclusively for Bitcoin, with a philosophy that prioritizes maximum security over convenience. Its feature set is the most extensive of any hardware wallet for advanced Bitcoin users.

The Mk4 and Q models use dual Secure Elements from Microchip (ATECC608B) with fully open-source firmware (MIT license). The dual-SE architecture provides defense in depth: both SEs must agree for sensitive operations to proceed. The PIN system includes a "duress PIN" (reveals a decoy wallet), a "brick me PIN" (destroys the device), and countdown timers that limit brute-force attacks.

Coldcard supports advanced Bitcoin features including PSBT (Partially Signed Bitcoin Transactions) for air-gapped signing, multi-signature coordination, custom derivation paths, and address whitelisting. It is the reference device for Bitcoin self-custody experts.

Foundation's Passport represents another philosophy: consumer-friendly design with open-source hardware and firmware, built specifically for air-gapped Bitcoin operation. The Passport uses a camera for QR code scanning, enabling fully air-gapped workflows without physical cables. It is powered by AAA batteries, eliminating USB power as an attack vector.

BitBox02 from Shift Crypto (Swiss) offers two variants: Bitcoin-only and multi-edition. It features a fully open-source software stack, microSD card backup system, and a minimal interface that reduces attack surface. The Swiss jurisdiction adds legal privacy protections relevant to the company's data handling.

SeedSigner is a completely stateless signing device built on Raspberry Pi Zero hardware. "Stateless" means it never stores your seed phrase — it loads the seed from a QR code scan, QR code air-gap, or manual entry, performs the required operation, and the seed is gone when the device powers down. This eliminates the risk of seed extraction through device compromise because there is nothing persistently stored to extract.

The full open-source design allows any user to inspect every line of code and every hardware component. The device costs approximately $50 in parts and can be assembled by anyone with basic electronics familiarity. Several community members have published independent security reviews of the firmware.

Keystone Pro uses a similar air-gap philosophy to SeedSigner but in a polished commercial form factor. It uses QR code scanning for all transaction signing, has a large touchscreen display, and supports a wide range of cryptocurrencies. The firmware is open source and the device has been independently audited.

An air-gapped signing device eliminates the following attack categories: remote network exploits, malware delivered through internet-connected software, remote key extraction, and remote firmware tampering. These represent the vast majority of the attack surface for hot wallet and software wallet compromises.

What air-gapping does not eliminate: supply chain attacks (malicious hardware or firmware before the device reaches you), physical compromise of the air-gapped device itself, compromised transaction construction on the internet-connected watch wallet, and side-channel attacks if a sophisticated adversary has physical access to the environment.

After removing wireless hardware, physically verify the air gap by scanning for wireless emissions using a mobile device's WiFi scanner and Bluetooth scanner. A properly air-gapped device should emit no detectable wireless signals. This test should be performed after each hardware modification and periodically thereafter.

USB ports represent a potential attack surface even on an air-gapped device. For maximum security, consider physically disabling unused USB ports with resin or specialized USB port locks, leaving only the port(s) needed for microSD card adaptors or other mediated transfer mechanisms.

The USB-less workflow using QR codes is the most robust version of this process. The watch-only Electrum instance exports the unsigned PSBT as a QR code displayed on screen. You scan this QR code with the air-gapped signing device (which has a camera). The signed PSBT is exported as a QR code from the signing device. You scan it back into the watch-only instance and broadcast.

This workflow ensures that no physical medium (microSD card, USB drive) moves between the internet-connected machine and the air-gapped machine, eliminating the malware vector that exists when physical media crosses the air gap boundary. The QR code data path is human-inspectable at each step.

Protocols like Miniscript (now available in Bitcoin Core and several hardware wallets) enable more expressive spending conditions than traditional multisig, including time-locked recovery conditions, combinations of hardware wallet and software key requirements, and decaying thresholds that change over time.

Unchained Capital, Nunchuk, and Sparrow Wallet (fully open-source) provide coordination infrastructure for multisig setups without requiring you to trust any single party with your keys. Sparrow Wallet, in particular, has become the reference tool for Bitcoin multisig setup and management among self-custody advocates due to its transparency and functionality.