Bitcoin hardware devices need to improve to handle complex transactions
Jameson Lopp, co-founder and CTO of Casa, a crypto custody firm has released a test result report on Bitcoin multi-signature hardware signing performance on the Casa blog on Sep. 13.
The result shows that hardware crypto wallet devices can handle small, simple transactions well. However, they have trouble performing once the transaction becomes complicated. Casa is said to be built upon geographically distributed multisig, dedicated hardware devices to secure keys, designed user experience, and client services.
Lopp pointed out that while the company has no control over the hardware devices, the goal is to support any device at the end of the day. Thus, he decided to conduct research and hoped to draw some conclusions and help multisig software providers better understand the limits of hardware and customize wallet software for better performance.
Casa is currently compatible with six hardware including Trezor, Ledger, Coinkite and Coldcard The test was done on all the supported hardware devices and also BitBox.
Lopp set up the test by leveraging Electrum's 4.0.2 appimage on Debian Linux and created a variety of P2WSH (native segwit) multisig wallets that use Bitcoin’s testnet and with the hardware devices plugged in via USB. In each wallet, there was a deposit of 100 UTXOs.
Lopp created a series of tests to determine these hardware wallet capabilities when signing multi-signature transactions of varying complexity. He repeated these tests and concluded that it’s better and more secure if hardware devices can show progress indicators for loading and signing. He added that:
“I came to really dislike hardware devices that don't show progress indicators for loading and signing. As such, I highly prefer Coldcard and Trezor in this respect. BitBox and Ledger are anxiety-inducing because you have no idea if anything is actually happening.”
When it comes to overcoming transaction size limitation and delay of transaction processing time, Lopp suggested that hardware wallets could try to break up a send into multiple smaller transactions that are below its limits.
When the transaction process takes too long, some devices will lock itself from inactivity. Lopp suggests that the least device manufacturers could do to avoid such inconvenience is to disable the screen lock timeout while the device is still working on the transaction.
According to Lopp, hardware devices should also support Partially signed Bitcoin transactions (PSBT) and all possible valid multisig transactions. He added that:
“I believe it's time for hardware manufacturers to start acting like platform providers and ensure that they are providing robust platforms that can be used to build a wide variety of solutions.”
There are two steps for hardware devices to follow when signing a Bitcoin transaction, according to Lopp:
“First, The transaction gets loaded onto the device, it parses the details and displays them on the screen for user confirmation. These details are generally the address(es) to which funds are being sent, the amount(s) being sent, and the fee being paid. Then, Upon user confirmation, the device signs each transaction input and then returns the signed transaction to the wallet software.”