(Headline article below) An interesting interview of the Growth Lead at Ellipal, who make some interesting hardware wallets. But the company is based in Hong Kong, and their firmware is not opensource. So would you trust their unverifiable device to hold your crypto holdings in self-custody? And could China have forced a backdoor or other vulnerability? And below the interview, I put the ELLIPAL blog post about how opensource doesn’t mean security, but the lack of opensource does mean insecurity as you can’t verify they’re not doing anything that jeopardizes your funds. And they make a lot about early wallets being hacked, but it was only if you could get physical hold of those wallets before the industry moved to secure elements. And if you used a good passphrase, hacking the wallet wouldn’t get you the secret key or ability to steal funds. Consequently, the lack of confidence to release your source code makes me also question the rest of your security decisions, though they do seem to be popular with a lot of people who don’t understand opensource and why it’s important for a hardware wallet. Also, they say they’re working with VISA to make spending your Bitcoin easier, which if that comes to fruition, you have to wonder about tracking. And this comment from the Google Play store is scary, and I think goes along with another post where a guy accidentally made his ELLIPAL wallet hot on his phone and lost $3 million.
DANGEROUS! I’ve been using this for a year and a half and have had open requests with support for more than half that time. The app will frequently display amounts different than the chain data and if they don’t match you can’t transact. This year I have done numerous transactions without needing the hardware device! What’s the point of having a hardware wallet if it’s not needed when sending?! Don’t use this. It’s dangerous.
https://bitcoinnews.com/p/ellipal-self-custody-feel-normal
John Antes of ELLIPAL shares his Bitcoin journey, why self-custody matters, and how air-gapped wallets and better UX can make sovereignty feel normal.
By Conor Chepenik
John Antes, Growth Lead at ELLIPAL, did not come to Bitcoin through a marketing funnel or a whiteboard session. He came the same way many people did in 2017: a persistent friend, a bit of skepticism, and a decision to slow down and actually learn what Bitcoin was.
“My first contact with Bitcoin was back in 2017 during that first bubble,” John said. “I remember I had this friend, a real tech guy, always one step ahead of every trend. Week after week he kept asking me, ‘Do you know what Bitcoin is? Have you looked into Bitcoin yet?'”
When Bitcoin reached around $5,000, John finally bought in, but cautiously. “I decided to put a few hundred dollars on it. I’m cautious by nature. I’m not the guy who throws my life savings at something I don’t understand.”
So he did what many people skip. He went deep. “I started to dig in deeper, read the white paper, followed the technical discussions, dived into the blockchain architecture,” he said.
“That’s when everything changed for me. When I understood the true potential of decentralized systems and trustless transactions, that’s when I became very passionate about Bitcoin.”
Nearly eight years later, that same friend still reminds him who planted the seed. “Every time we get together, he tells me, ‘Thanks to me you’re in the industry now, you should buy me a drink.’ He’s not wrong.”
“Be Your Own Bank” Is Not a Slogan
For John, Bitcoin was never just about price. It was about what Bitcoin removes. “At its core, Bitcoin philosophy can be summed up with a single idea: be your own bank,” he said. “Satoshi Nakamoto built a system where individuals no longer have to place trust in banks, governments, or third parties to hold or move their assets.”
That idea runs straight into the reality most users face today. Self-custody is powerful, but it is unforgiving. “True sovereignty means giving people full control over their wealth without middlemen who can freeze accounts, inflate supply, or censor transactions,” John said. “But that also means full responsibility.”
There is no customer support line for Bitcoin. No undo button. No account recovery email. That reality is what pushed John toward hardware wallets, and eventually toward helping to build out ELLIPAL.
Why ELLIPAL Went Fully Air-Gapped
ELLIPAL’s defining design choice is simple and strict: the signing device never touches the internet. “Air gap means fully isolated,” John explained. “Your cold wallet is not connected to your phone, your laptop, or the internet. No Wi-Fi, no Bluetooth, no USB data transfer.”
The reason is straightforward. “The moment you connect a device to the internet, even indirectly, you introduce a potential vector of attack,” he said.
Every ELLIPAL wallet, from the Titan series to our newest X Card, follows that rule. Wallet creation, transaction signing, and security updates all happen offline. Communication with the phone app is handled through QR codes or, in newer products, NFC signing.
“This complete offline architecture ensures assets stay secure, easy to use, and truly self-custodial,” John said. “It’s fundamentally different from exchanges or banks where users trust intermediaries with their assets.”
Security Is Table Stakes. UX Is the Bottleneck.
John is clear about something many Bitcoiners quietly acknowledge: self-custody has been too hard for too long. “When I first bought a cold wallet, it felt like assembling a puzzle,” he said. “The technology was great, but the interface was confusing. I nearly gave up a couple of times, thinking, ‘Is this really worth the hassle?'”
That friction is what ELLIPAL sees as the biggest obstacle to wider adoption. “To attract new users who have never used a cold wallet, we need to provide the easiest and most intuitive experience possible without compromising security,” John said. “If I had to pinpoint where I see the greatest potential for innovation, it’s the user experience.”
Titan 2.0 and the X Card
ELLIPAL’s product lineup reflects that thinking. The Titan series is designed for long-term storage. “It’s a safe-at-home device,” John said. “Perfect for holding assets long-term rather than frequent transactions.”
Then came the X Card, which marked a shift in how ELLIPAL thinks about everyday use. “We wanted to bring self-custody closer to real-world behavior people already know,” John said. “Think about how you pay for coffee. You take your bank card, tap it, and the transaction is done.”
The X Card works the same way. Instead of scanning QR codes, users tap the card to their phone using NFC. “The phone reads the signed data instantly. Everything stays completely offline. The whole process takes about one second.” That small change made a big difference. “There’s no new ritual to learn,” John said. “It feels natural.”
Get your wwn air-gapped cold wallet at https://www.ellipal.com/
Spending Without Giving Up Custody
Looking forward, John described ELLIPAL’s roadmap as a progression. They started by helping users store assets securely with their titan series. Then they focused on making transactions easier with Xcard. The next step is enabling people to spend their assets in everyday life while staying aligned with Bitcoin’s self-custody ethos with stablecoin payments and a POS terminal.
“We want people to hold crypto and also be able to use it,” he said. “Spend in real life, but without giving up control.”
By making spending as easy and familiar as tapping a card, while keeping everything completely air-gapped and under the user’s control, ELLIPAL is removing that last big hurdle. It brings users one step closer to real mass adoption, where holding and using Bitcoin becomes second nature for millions more people, without forcing them to give up their sovereignty.
ELLIPAL is working with Visa to enable crypto payment solutions. “Our partnership right now is more focused on this kind of spend-with-crypto solution,” John said. The goal is to turn holding bitcoin into something users can actually spend while remaining fully decentralized and self-custodial.
Advice for Newcomers
John does not pretend there is a perfect path into Bitcoin. “Most people start on centralized exchanges. I did the same thing,” he said. “If you search ‘how to buy Bitcoin,’ the first result is usually Coinbase.”
The mistake is stopping there. “When you leave your bitcoin on an exchange, you recreate the same problem Bitcoin was designed to solve,” he said. “You put your assets back into a centralized third party.”
His advice is simple.
“Try to become as decentralized as possible, and as early as possible. Understand the ‘why’ first.”
For someone looking to contribute to the Bitcoin ecosystem, particularly in hardware security, John recommends getting clear on the fundamentals. “My advice is to deeply understand the why behind decentralization first,” he said.
“Why we need to be our own bank and how to achieve this through owning your private keys.” He added that the best contributors in the space are not just technically skilled but also philosophically aligned with Bitcoin’s core purpose.
A Question for Satoshi
If John could ask Satoshi Nakamoto one question, he admits the first one would be half-joking. “Why haven’t you moved your coins in 17 years?” he laughed. “Did you forget your seed phrase? If you forgot your seed phrase, just tell me. I can offer you some ELLIPAL plates for storing your seed phrase.”
But the deeper question matters more. “Did Satoshi leave self-custody complicated on purpose, thinking that the community would eventually make it super easy for everyone?” John asked. “Or if Satoshi saw us today, what advice would he give to teams trying to make it more simple?”
He wonders if those unmoved coins might be a quiet reminder. “Maybe those coins that never moved are kind of an answer,” John said. “Maybe he tried to say, okay, real freedom comes with real responsibility. So even with the risk of losing it all forever, we need to accept that decentralization means we are fully responsible.”
That responsibility is what ELLIPAL is trying to make more manageable. Not by removing it. Not by hiding it behind custodians. But by making self-custody feel normal.
If Bitcoin is going to reach the next wave of users, it will not be because people suddenly love private key management. It will be because tools like these let people hold value without permission, without intermediaries, and without needing to be engineers to do it safely.
https://www.ellipal.com/blogs/news/how-much-does-open-source-contribute-to-security-1
How Much Does Open-Source Contribute to Security?
May 23, 2023 Share
There is a debate that open/closed source of the crypto wallet will impact the security on the web. Here we will explain a bit about wallet security.
Open-source is indeed useful for users and experts to perform audits and do reviews. However, open-source doesn’t lead to safer solutions naturally.
Occasionally, open-source can be cracked easily by hackers because the resources, codes, and utilities are readily available. There are many vulnerabilities on open source products such as the Trezor, the most famous open-source hardware wallet. *Ref 1. Unfixable Seed Extraction on Trezor – A practical and reliable attack. **Ref 2. Crack Trezor in 15minutes.
In this article, we will explore the basics of evaluating a hardware wallet’s security and why open-source may not necessarily be related to security.
When we consider the security of a cryptocurrency wallet, there are four layers of security issues that may fundamentally impact whether you will lose your crypto assets:
1) Randomness and safety of key/seed generation.
2) Security and protection of private key/seed.
3) Avoid breaches during the spending process or signing of transactions using the private key.
4) Social engineering protection. For example, the product should have powerful methods to avoid exposing PIN.
Following are example use cases of the four security layers:
1. Key/Seed generation
Everyone should have heard a famous phrase by Andreas Antonopoulos: “Not your keys, Not your bitcoin.” What is a key, or more precisely, what is a private key? The private key is a significant random number of 256bits. If the Key generation has a bug or backdoor, your crypto can easily be stolen by the person who created that backdoor.
Users can explicitly check an open-source code of an open-source wallet to see whether the wallet generates trustworthy keys.
However, the ELLIPAL Titan has a special solution that other closed-source wallets do not have. Users can import their private keys or seeds (Via mnemonic words) that they generated using software they trust. Users do not need to trust the wallet because the keys are generated somewhere else. It is trustless trust.
“ELLIPAL allows Private keys import to overcome any worries originating from being closed source.”
Additional info for new users: in a full-function crypto wallet, there will be many child private keys for various coins calculated from a seed. This was defined as HD wallet by BIP32, BIP39, and BIP44. When you lose your wallet, the mnemonic words can recover your seed, then recreate your private keys of all your coins into a new wallet. So, keep in mind “mnemonic words” is another form of your private keys. Please do NOT give it to anyone; otherwise, you lose your assets.
2) Key/Seed protection
The basis of private keys protection is isolation and formatted access. A SE (Secure Element) chip is a common choice for engineers to use when trying to protect private keys inside a hardware wallet. Another alternative that is also very effective is to isolate the hardware wallet from any outside connections, in other words, keeping it air-gapped.
As no connections are allowed for an air-gapped wallet, wallets like the ELLIPAL Titan uses QR codes as a communication interface instead of USB or Bluetooth. During a QR code scan, the data becomes visible, and the user has to scan the code manually. The format is open, documented, and contents can be easily verified that no data is leaked. In contrast to open-source wallets, the QR code’s open data format of the ELLIPAL is easier and more natural to check.
“ELLIPAL’s open data format QR code is even more easy to verify than open-source code.”
Besides protecting the private keys using software against tampering and attacks, engineers can upgrade the hardware to grant even more protection. For example: Anti-Tampering and Anti-Disassembling features have been added to the ELLIPAL Titan’s hardware to protect against supply chain attack and evil-maid attack.
Considering a close-sourced hardware wallet with robust software and hardware protection, hackers will need years to break the system. On the other hand, it is easy for hackers to re-compile and knows the attack points of an open-sourced wallet.
“For a well protected closed-source wallet like the ELLIPAL Titan, hackers may take years to break the system compared to opened-source wallets where the code is readily available to be exploited.”
3) Spending process
The crypto spending process (transaction) is usually forgotten by users when talked about private keys protection. During spending, the attack point is focused on the online part, which is the APP. Due to the APP’s online nature, it is easy to be attacked by hackers. A fake transaction can send your coins to hacker’s address instead of yours.
A simple function that can protect the user is to show the receiver’s address by decoding the full transaction data. It does not matter if your wallet is closed or opened source; If it cannot clearly show you every part of your transaction data, it is not safe.
“ELLIPAL Titan shows every transaction data clearly on its large screen and on the APP for users to verify before submitting.”
4) Social engineering
Regardless of how technically secure a wallet may be, many people lose their assets because they are victims of social engineering attacks. Peeping PIN code or a scammer imposing as customer support, social engineering attack is mainly the reason people lose their coins.
A product with well security design should help users to avoid this kind of problems. These are not related to the wallet being opened or closed source. If you use simple digits as PIN and make yourself vulnerable to peeping, opened-source cannot help you. If a wallet has 2-factor protection like the ELLIPAL Titan, it is harder to peep and more secure than open-source.
“ELLIPAL Titan is designed to protect your cryptocurrency from the most simple yet unimaginable attacks.”
—————-
We discussed in essence about wallet security and open-source. It can be concluded that they are not necessarily related.
From another point of view, open-source provides the whole community the chance to improve the product in terms of software features and security. Nonetheless, this is limited to the software part only. How the hardware and application are designed still cannot be controlled. It is always crucial for users to understand security and cryptocurrency to use hardware wallets at their highest security potential.
reference
1) https://donjon.ledger.com/Unfixable-Key-Extraction-Attack-on-Trezor/
3) https://github.com/ELLIPAL/js-ellipal
4) https://github.com/ELLIPAL/air-gapped_qrcode_data_format
5) https://github.com/ELLIPAL/upgrade-file-verification-tool