How much cash do you feel comfortable carrying around in your pocket? Most folks probably feel safe carrying around a modest sum, but perhaps not hundreds of dollars—if someone mugged you, or you lost your wallet, that’s all gone and likely for good. The idea of carrying around thousands of dollars or, hell, an entire saving account’s worth of cash in a tote bag or back pocket seems even wilder; it’s just too risky.
And yet, this is pretty much what a couple upcoming “blockchain-powered” (Pusha T voice: YEUCH!) smartphones will allow users to do. While these phones—the Finney by Sirin Labs and HTC’s Exodus, both still in the works and aiming for an end-of-year release—claim to offer more security for digital coins than any other mobile device on the market, they may also put the onus on users to be responsible to a fault.
What is a blockchain phone?
The Exodus can act as a transaction-confirming light node for an undisclosed blockchain, which should theoretically further decentralize that network. An HTC spokesperson declined to clarify which cryptocurrency’s blockchain(s) the Exodus can act as a light node for, but a website advertising the phone mentions Bitcoin and Ethereum. The Finney will allow users to share computational resources over a distributed ledger based on the cryptocurrency IOTA, which uses a controversial directed acyclic graph (DAG) architecture different from a blockchain. A Sirin Labs spokesperson declined to comment on criticisms of IOTA’s architecture.
These bells and whistles are all well and good, but most notably both phones come with the ability to store private keys—random-looking strings of characters, the owner of which controls some associated digital coins on a particular ledger—offline. This technique is known as “cold storage,” and it might be more trouble than it’s worth on a smartphone.
What is cold storage?
The cardinal rule of cryptocurrency is that you are in direct control of your money via your private keys—if you lose your keys, you lose your money.
There are two kinds of cryptocurrency wallets, security-wise: “hot” wallets and “cold” storage. Both kinds of wallets store cryptographic private keys, but hot wallets are online (and thus more easily hackable) and cold wallets are kept offline except for a brief window when funds need to be sent. A hot wallet might be an app, and a cold wallet may take the form of a USB drive or dedicated hardware device like the Trezor or Ledger Nano. It is generally understood that the majority of one’s funds—a virtual savings account, basically—should ideally be kept in cold storage for extra security.
Cold storage is no joke, and people go to great lengths to secure their devices. Some cryptocurrency enthusiasts, taking the “be your own bank” ethos of the technology to heart, have even turned to firearms to protect their hardware stash, which itself may be stored in a safe. Losing a hardware wallet—or even worse, losing the “seed phrase” that can recover a lost wallet—can be disastrous. Experts recommend storing this seed phrase in a fireproof vault as well.
Too much responsibility?
Cold storage is a high-security method for storing private keys that control the majority of one’s digital funds. You could use cold storage for small purchases and daily use, but it’s more cumbersome than using a hot wallet and exposes it to the open internet more often than is necessary—better to treat it as a mini Fort Knox for your virtual wealth that is rarely touched. Security-conscious cryptocurrency owners often use a hot wallet for purchases and put the majority of their funds in cold storage.
But phones are meant for daily use. While the Exodus and the Finney presumably make it easier to spend from cold storage than if you used a USB stick or a hardware wallet, it still requires some extra steps. For example, the cold storage in the Finney phone is cordoned off from the rest of the device and spending cryptocurrency from the phone requires the user to flip out an entire second screen that activates that part of the phone.
So, it’s clunky, but cold storage still has the benefit of letting you feel safer in storing more funds than you would in a hot wallet, right? Not really, because now there’s the added risk of losing your cold storage if you misplace your phone and seed phrase, or if they are destroyed or stolen. And so users are left back at square one: only putting as much cryptocurrency in their wallet as they’re willing to lose, or incur a headache getting back, on any day they leave the house. Arguably, losing your phone or seed phrase is a more realistic daily threat than a hack. A Sirin Labs spokesperson confirmed that if a Finney user loses their phone and their seed phrase, they permanently lose access to their keys in cold storage, as is the industry standard.
HTC promises that the Exodus will have some kind of wallet recovery feature, although it’s unclear how this will be implemented. HTC spokespeople declined to go into detail.
“We believe the mobile phone is the right device to secure keys,” an HTC spokesperson told me in an email. “HTC is a world-class smartphone manufacturer. We bring decades of experience to this new ecosystem. Our goal is to provide the best hardware, in the most transparent way possible, to secure private keys, encrypt data, and sign transactions.”
At this point, it’s still not entirely clear why anyone, even a heavy cryptocurrency user, would want a blockchain-based smartphone. But hey, at least the Exodus will ship with CryptoKitties. By the way, a Ledger Nano S hardware wallet for cold storage costs around $100; both the Finney and the Exodus will run you roughly $1,000.
Get six of our favorite Motherboard stories every day by signing up for our newsletter .