Tangem Wallet 2.0: Low Cost, Simple, Mobile Cryptocurrency Hardware Wallet (Unbox, Setup & Review)
Вставка
- Опубліковано 30 тра 2024
- Buy Tangem Wallet with 10% discount!
tangem.com/pricing/?promocode...
Hardware wallet comparison
cryptoguide.tips/hardware-wal...
An unboxing, Setup and Review of the Tangem Cryptocurrency Hardware Wallet.
00:00 - Introduction
00:53 - Unboxing
01:17 - Notes on the Physical Cards, EAL 6+Certification, Flipper Test...
02:32 - Initial Device Setup
03:04 - Security Note Concerning On-Card vs Off-Card (Seed Based) Setup for Tangem Wallets
04:58 - Note regarding Seed mode on Tangem 2.0 devices
07:31 - Recieving Bitcoin with the Tangem
08:03 - Sending Bitcoin
08:35 - Recieving Ethereum with the Tangem
08:50 - In-App Token Swaps
09:10 - Sending Ethereum
09:36 - Wallet Settings: Coin Support
09:46 - Wallet Settings: Add Custom Token
10:27 - Wallet Settings Overview
11:25 - Using Cards with a Second Phone
11:38 - Access Code Reset
13:14 - Testing Forgotten/Incorrect Access Code
13:40 - Notes on Source code and Third Party Software
14:36 - Summary and Conclusion - Наука та технологія
this was a substantial review with useful information. I love the ease of use of the tangem and that it needs no batteries and can be stored longterm without any hassle. I still think it's not a good option to offer the 2 card sets. 3 cards is a must if you don't use the seed option. I love the seed option but to type the seed in on the phone is not optimal. I wish they would offer an optional offline device just to load the cards with a own seed.
Yea it's certainly something that will meet the needs of some users. I was going over the SDK when I was putting this together and it seems to me that they could actually provide a workflow that allowed a user to basically start an the app, verify the authenticity of the apps, then take it offline for the seed generation and backup step. (I didn't notice the line that calls home to their servers during the backup step until earlier today)
This would definitively be an improvement and a good suggestion for Tangem. I was a bit disappointed that I had to go online during the card setup. As you mentioned - it’s comprehensible for the verification step but seed phrase and backup should be possible offline.
.
No reason to not go by the list near the end of this video. Bitcoin exclusive, air gapped... Cold card and keystone and really why choose anything else?
If you choose a seed phrase I don't see a good reason to use tangem
If you don't want to deal with a seed phrase then like you said three cards is the only option, and I think really the only thing to do with tangem... Their original intent. A seed phrase on your phone is ridiculous. Defeats the whole purpose. Should only be generated offline.
Larger amounts of crypto should have higher security, not tangem, but no seed phrase for anybody to access is a great advantage... But now you have to trust three cards indefinitely... And should certainly check a few of them periodically. Let one of them sit in your bank.
At least they were smart enough to have an option for seed phrase versions having no recovery ability with two cards. Would be pretty stupid to have a seed phrase version and be compromised by two cards anyway just like their original 1.0.
Yea it really does seem that the seed compatibility being added was mostly an afterthought for marketing sake, with a fairly insecure implementation to boot...
Hi I had a question regarding cold card mk4, so I have macbook air, for me to plug in my microsd card to my mac I need an adaptor, is it safe for me to use an microsd adaptor, do adaptors store any of the microsd card info and collect data?
Any microSD adapter will be fine. :)
can you see the seed phrase again and again after setup your new wallet ?? thanks
No
Hi, I got my coldcard mk4 and the number on the packing doesn't match the one inside the coldcard device, I emailed coinkide and I got told that it should be fine, it's just a packaging problem and was told just to update to latest firmware, which I did, is there any other way to check if it's been tampered with?
Not really, but if this accepting the official firmware then at least the code on the main MCU is official
@@CryptoGuide should I return it or use it?
It's your call, but they may not accept the return from the sound of it. (Though they do advertise it as part of their security they offer, so I don't think it's unreasonable to expect/require them to actually deliver...)
If we initialized the Tangem Card on a phone, then lost that phone, will the card still work on a replacement phone?
Yep, once the initial setup has happened you can use any of the cards with any phone and it will "just work"
Will you be including the Ngrave Zero to your Hardware Wallet list?
Probably not, it's extremely overpriced and doesn't offer anything at all to justify the cost...
Thanks for the review. So, basically, if anyone has access to the cards, they can have access to the crypto by resetting the activation code. This is scary, though. They could have implemented writing the seed phrases to recover the activation code.
That's exactly right and I don't think they have nearly enough warnings about it. (I have been lurking in their subreddit and Telegram groups and many users are totally unaware of how this works)
That said, you can disable the access code recovery for specific cards now with the v2, so that is very good. (So you could leave it on for some backup that is in a very secure place and leave it off for others, etc)
Recovery seed backup makes the card based recovery less important, but the challenge with their screen less approach means that the seed based method is less secure for reasons outlined in the video)
Hi when are you going to do a review of bc vault?
No plans at this stage, it doesn't follow standards...
do you buy it for life time or you have to subscribe every month to be able to use it
It's just a one time purchase
I think you can get around that 2 card access code reset security flaw by just disabling Access Code Recovery on 2 of the 3 cards, because it takes 2 cards to reset it. Just means you're stuffed if you forget your access code.
Only on the 2.0 cards
@@CryptoGuide ah right, I have a 2.0 card, it does say 2.0 in the title, now I am confused. Anyways. Nice video. I'm happy with my decision so far to use one.
Yea as long as you are aware of the shortcomings these are fine for small/medium amounts of funds.
@@CryptoGuide I guess you'd have to define both small and medium, and why not large? If you're confident in your ability to keep your cards safe and secure, then why not larger amounts? Again, speaking on the 2.0 3 card set.
It's a blind signer, so that on its own makes it unsuitable for larger amounts. (Anything over 10k USD)
Edit: That backup scheme is also a problem in that if you want actual cold wallet security, you need to use the on-card backup method, for which you are unable to make additional replacement cards as they fail over time. (So basically you would need to check your backups annually and then manually move all funds to a new set if any cards fail)
Can it be used for Multisig?
No, it's only an extremely basic device.
Why doesn't your hardware comparison chart list Bitfi the most secure wallet?
Because it almost certainly isn't the most secure ;)
The main reason is that there are plenty of obscure wallets out there, including a few that I own that aren't on the table, but I have never struck someone using the bitfi...
@@CryptoGuide The keys are not on the BITFI 2 wallet which makes it uncrackable. You cannot say it isn't the most secure if you haven't bothered to try it. May be your reluctance is because Bitfi doesn't offer incentives to UA-camrs?
It's not a actually a cold device, so isn't really in the same security category as proper hardware wallets. Their previous device has all sorts of vulnerabilities, so hopefully they learned from that. The key issue seems to be that they are doing something proprietary for backups, rather than following established standards, and the links to the recovery tools don't work... Certainly doesn't inspire confidence...
I cover plenty of DIY stuff which has zero incentive (and costs me money) and also have videos (like this tangem one) that are seen as some as quite negative... So if you want to think it's about a lack of incentive then nothing will change your mind...
@@CryptoGuide Have you bought and tried Bitfi?
Nope, but the information on their website makes it pretty clear that it is a good device to avoid. (Especially when you consider how much of a disaster their first device was)
If I end up with a consultation or support session where someone is using one, I might consider it, but haven't seen any one actually using these in the wild...
My access code is lost but I have two cards
If they are just v1 cards (or you didn't disable the access code recovery for v2 cards) you can just do the access code recovery process.
Doesn't support Cardano unfortunately.
It's only an very basic device, so looks like you can store cardano but not stake it or anything.
12:40
Yanks might gets stuck and misunderstand at this point. I figured you said stuffed.
Define stuffed:
INFORMAL•BRITISH
defeat heavily in sport.
"Town got stuffed every week"
:)
@@CryptoGuide
We Yanks have upgraded our English from Old School Britannia to better coordinate our crypto communications 😘 now go buy one of those really cool Perth mint kangaroo gold coins... Or Bitcoin 😘
I'll stick with Bitcoin ;)
hello, this is old tangem classic card, please very careful mentioning it as tangem wallet 2.0!!! this is not the new tangem card. are they?
They are identical except for the ability to initialise with seed (Which is implemented in an unsafe way for 2.0 cards) and the ability to disable the access code recovery feature for some cards.
no way. then please hack my tangem 2.0.which i have with me. give a try@@CryptoGuide
Basically it's still vulnerable in a few ways. Basically if you used the seed based method, then the seed is how hot and is only as secure as the device you used.
For the actual operation of the app itself, it's all blind signing, so a single piece of malicious software on the system you are using with it could take your funds.
Tangem is fine for small/medium amounts, but for anything more, you will want a proper hardware wallet.
i have 25000$ and please take just 1 $ out of it. talk is cheap, show me practically
That isn't how this works, but also doesn't mean anything with regards to be being secure... (You would probably be no worse off just using TrustWallet)
Do you understand what the difference is between a hot wallet and a cold wallet? Do you understand what it means that the Tangem cards just blind sign?
The best place to start is to have a look at my older video on malware vs hardware wallet. The Ledger prevents the malware from being able to send funds to a scammer, a Tangem would have just sent them no questions asked...