KeepKey is a hardware wallet used to store private keys for cryptocurrencies and digital tokens. The project was founded in 2014 by entrepreneur Darin Stanchfield, established in Seattle. The wallet is currently a part of the ShapeShift cryptocurrency exchange. It is highly regarded as a secure piece of hardware, as well as enables crypto-to-crypto exchanges. The cost of a KeepKey wallet is currently about $49 US, which is well below other competing models.
The essence of a hardware wallet is to store one’s cryptocurrency. To access cryptocurrency, one needs encrypted private keys. Hardware wallets do not literally store cryptocurrency, as it is only every digital. Instead, they hold private keys which unlock the encryption to access the cryptocurrency on the corresponding blockchain. Hardware wallets keep private keys stored offline, where they are very difficult (nearly impossible) for others to steal. They also protect against computer failures and viruses.
KeepKey has been praised for its excellent design. The wallet is 4 inches long, made of metal, and has a 256×64 3.12 OLED display. It is one of the larger hardware wallets on the market. It relies on open source code, which means users can access all software updates and review any issues that come up. The device is compatible with Windows, Mac, and Linux.
Many are the size of a USB, such as Ledger or Trezor wallets, which are reasonably small. However, KeepKey is larger than most because it has an OLED (Organic Light Emitting Diode) screen. The larger screen means that users can see an entire cryptocurrency address without scrolling back and forth.
While there is quite a bit written on the device’s physical size, it is irrelevant to its security. The design is a choice of the creators to provide an OLED display that is easy to see. However, a larger size might be a security measure, it is harder to lose. Once a hardware wallet is lost, so are all of the cryptocurrency private keys stored on it. Therefore, for those prone to losing things, the larger size has an advantage.
The wallet supports over 40 cryptocurrencies. Other models such as Trezor support 1649 coins and tokens, and Ledger supports 1150 cryptocurrencies. In addition, Trezor and Ledger support ERC20 tokens for Ethereum’s blockchain-based cryptocurrencies/tokens. (ERC20 tokens are different from Ether (ETH), Ethereum’s native token).
The wallet arrives in a tamper-proof package. The package arrives in tamper-proof shrink wrap, with a thick holographic seal on the package. If the box has been tampered with, it is evident because the seal will have been torn/broken. If this is the case, be sure to contact ShapeShift.
Inside the package is:
KeepKey supports 40+ cryptocurrencies and digital tokens, including top currencies:
KeepKey works with the cryptocurrency wallet software on a computer to manage private key generation. As mentioned, cryptocurrencies are never literally stored within the hardware wallet itself. Instead, cryptocurrencies always remain on their respective blockchain—a hardware wallet keeps private keys.
A personal private key unlocks the address on the blockchain where one’s assets are. Since networks and nodes keep the blockchain, a hardware wallet enables the ownership and use of tokens.
Like many hardware wallets, KeepKey generates a private key with its hardware-based random number generator. The private key is then combined with randomness provided by your computer. The process of computing the key is known as entropy. Entropy is the randomness collected by an operating system and is applied in cryptography (or cryptocurrency) which relies on random data.
At the initialization time, the user is given a ONE-TIME opportunity to learn and write down a backup phrase. Then, if the wallet passkey needs to be reset, the owner needs the twelve-word recovery sentence.
IF YOU LOSE YOUR BACKUP PHRASE, YOU WILL LOSE ACCESS TO THE CRYPTOCURRENCY IT STORES.
This warning can never be made clear enough.
KeepKey was acquired by ShapeShift, a cryptocurrency exchange. As such, the wallet itself enables the user to convert tokens directly within the KeepKey. That means that coins are traded or swapped without needing to create an exchange account.
ShapeShift is a non-custodial cryptocurrency exchange established in 2014. Non-custodial exchanges give the user complete control of their assets. Conversely, custodial exchanges hold funds, much as traditional banks do. That means that ShapeShift does not require personal information from its users.
NOTE: Once an account is added, it cannot be deleted from the wallet.
NOTE: KeepKey does not need to be connected to receive cryptocurrency. It is possible to save one or more addresses to use later without connecting the KeepKey.
Transactions: Each transaction must be manually approved with KeepKey’s confirmation button.
KeepKey’s firmware is entirely open source. The source code is open and available for anyone to view. Open source makes it possible to know how the software works and what upgrades and problems have occurred. Open source is common in the world of defi (decentralized finance), and it is an effort to increase transparency. Transparency is vital when it comes to products and entities that manage money, such as hardware wallets.
More importantly, open source allows organizations to be sure there are no undesired or hidden functions. An example of such malware is software that secretly collects personal data.
Additionally, KeepKey is PIN-protected. In order to access the wallet, one must enter the PIN. If it is lost or stolen, it is much harder to access the private key.
The private key is stored securely on the KeepKey device, so it never leaves the device.
Typically, once a USB drive is inserted into a computer, the computer accesses everything stored on it. This is not so with the KeepKey wallet. When plugged into a computer, the wallet only communicates using a limited protocol. This level of privacy is to ensure that the wallet never reveals the private key to the computer, where it can be compromised.
Users can back up the condense of their wallets with their 12-word recovery phrase. With KeepKey, 12 words are the default setting. However, users can choose an 18 and 24 seed phrase if they want one.
The seed is generated offline on the KeepKey devise. It is then displayed on the device’s screen. That means that the seed is never displayed on an internet-connected device, which is crucial to maintaining the recovery seed’s security.
If the device is lost and the user does not have multiple accounts, they can recover their digital assets on any wallet that is BIP39 compatible. For more than one account, they can recover them with any wallet that is BIP44 compatible.
Here is a list of BIP44 compatible wallets:
The wallet also uses RNG (Random Number Generator). The RNG randomly determines the placement of the numbers on the device screen. This helps ensure that if the computer the KeepKey is working on is ever compromised, the PIN is not. Malware might try to mirror the number choice but can only do so using a keypad that is ordered sequentially.
There have been two major security issues recently for KeepKey.
First, to combat this, the Chrome app has been retired because there were too many scams designed to hack wallet accounts. KeepKey now only works with the ShapeShift web platform.
Secondly, ShapeShift issued a firmware update in February 2021. Users must connect their devices to the desktop app to download the update.
To begin with, for a hack to work, a thief must get hold of the actual device. The hack does not work remotely. Most people who hold crypto are generally careful and the fact that you need the actual device to hack into it is a huge plus and makes it quite safe.
However, if the device is ever stolen, hackers can use electrons to measure the voltage emitted from PIN entries. There is a subtle difference between correct and incorrect PIN entries in terms of voltage. With enough data, the thief can use this catalog of voltage measurements to guess the PIN and unlock the KeepKey wallet.
Donjon researchers found they could monitor voltage output changes as the chip received PIN inputs to determine the PIN itself. However, they first need to take thousands of measurements of the PIN processor’s voltage output for each value of known PINs for the hack to succeed. Once identified the voltage outputs of each PIN phase, an attacker can locate the PIN of a wallet.
For the hack to succeed, the thief needs:
The ShapeShift firmware update makes it more challenging to collect a reliable catalog of power consumption outputs, making mapping PIN values more difficult.
KeepKey is a very functional and straightforward hardware wallet. ShapeShift is committed to autonomy and maintaining security. No single piece of technology is perfect. However, given the price point and functionality, KeepKey is a good choice for many cryptocurrency holders.
This device is a great way to keep cryptocurrency secure and get a functional piece of hardware for an affordable price. However, the device has limited cryptocurrency compatibly. Therefore, it may be best for those who only use a moderate number of popular cryptocurrencies.
Shipping: Orders ship within 5 business days of the order. Facilities are open Monday–Friday, 9 am–5 pm.
Carriers: USPS, DHL
Order Tracking: If a tracking number is provided, the buyer will be updated with the tracking information once it is received.
Shipping Rates: Rates charged for shipping are a flat rate based on shipping speed.
Customs and VAT: International orders are typically subject to local import duties and taxes (VAT). The buyer is responsible for all such fees, which are determined upon arrival.