Supply Chain Attacks

Supply chain attacks target the manufacturing or distribution process of hardware wallets to introduce malicious components or firmware before the user receives the device. Attackers may intercept a shipment to modify the hardware, adding a chip that logs keys or transmits them over a hidden channel.

Alternatively, they may flash compromised firmware that appears legitimate but contains backdoors. Once the user sets up the device, the malicious software begins capturing the seed phrase or private keys.

These attacks are particularly dangerous because they bypass the security assumptions of the device itself. Users should only buy hardware wallets directly from the manufacturer and verify the integrity of the packaging upon arrival.

Some devices offer advanced features like secure boot and attestation to help detect unauthorized modifications. Being aware of these threats is crucial for maintaining the chain of trust in hardware-based self-custody.