Most crypto loss happens online. Phishing, fake apps, smart-contract approvals, exchange failures. The kind of thing you read about every week. The other category, the one people think about less often, is what happens when someone has your wallet in their hands. That's a physical extraction attack. It's narrower, it's less common, but it's the scenario your hardware is supposed to be ready for.
The term gets used loosely. Here's the useful distinction: - Logical attacks while the device is in your possession: Someone phishes you, malware on your laptop swaps an address, a fake firmware update slips through. The device is fine. You were tricked. - Physical attacks while someone else has the device: They've taken it from your bag, your hotel safe, or your home. Now they're trying to get keys out of the chip itself. This post is about the second one.
The research community has been chipping away at hardware-wallet security for years. The notable categories worth knowing: Glitching attacks: A power, clock, or laser pulse delivered at the right microsecond can flip a bit and skip a security check. The wallet.fail research presented at 35C3 in 2018 demonstrated this against several consumer devices of that era. Modern secure elements include glitch detection in hardware specifically to make this much harder. Ryder One has their verification LED connected directly to the secure element for this very reason. Side-channel analysis: Power consumption, electromagnetic emissions, and even sound can leak information about what a chip is computing. With enough traces, an attacker can reconstruct keys. Defenses include constant-time operations and random masking inside the chip. Decapsulation and microprobing: This is the lab attack. The chip is dissolved out of its package and probed directly. It needs equipment, time, and skill. Anti-tamper meshes are designed to detect this and zeroize keys before useful data leaks. PIN brute-force: If a wallet doesn't enforce its PIN counter in hardware, a determined attacker can sometimes reset attempts and try again. A secure element with an internal counter and rate-limiting closes this off. Cold-boot from RAM: If sensitive data lives in volatile memory, freezing the chip can preserve it long enough to read out. Modern designs avoid keeping plaintext key material in general-purpose RAM.
A secure element isn't a regular microcontroller with a sticker on it. It's a chip designed and certified against a documented attack profile. The Common Criteria EAL6+ rating, which Ryder One's chip carries, sits near the top of that scale. The certification covers physical, side-channel, and logical attacks at a level meant for payment cards, passports, and ID documents. A general-purpose MCU running wallet code can do many things well, but it wasn't designed for an attacker with an oscilloscope and a microscope. That's the gap a secure element exists to close. No certification is bulletproof, and the lab community keeps publishing new techniques. But there's a real difference between "we've audited the hardware against published attack methods" and "the chip we picked is fast and cheap."
There's a habit in the self-custody world of treating a metal seed plate as the safest possible storage. Fireproof, waterproof, won't degrade. That part is true. What it doesn't fix is everything that comes after "someone finds it." A metal plate is a piece of metal with words on it. It has no PIN, no rate limit, no tamper detection. If a stranger reads the words, they have the wallet. If they photograph it, they have the wallet. The plate solves a specific problem (the seed surviving a house fire) but not the problem of physical compromise. That's a useful reframe: metal is a reasonable standard for written-seed storage, not the high water mark of self-custody security. The high water mark is not having a written seed for someone to find in the first place.
This is where TapSafe Recovery shifts the threat model. With Ryder One, recovery doesn't depend on a 12 or 24-word phrase you've written on something. It uses a Recovery Tag plus your phone, with optional Recovery Contacts adding a second human factor. In a physical-attack scenario, that means the surface an attacker has to compromise isn't a single object in your home. It's a combination of objects and people. Steal the wallet, you can't recover it without the tag. Steal the tag, you can't recover without the device and the phone. The pieces don't add up to a wallet on their own. This isn't unique to Ryder One as a concept (Shamir-style splits and social recovery exist elsewhere), but the integration matters. A recovery scheme that's easy to use is the one people use.
No amount of hardware fixes a few practices that quietly defeat it: - Don't photograph your seed phrase, your PIN, or your Recovery Tag - Don't store seed phrases in cloud-synced notes apps, even encrypted ones - Set a passphrase on your wallet so a stolen device alone doesn't expose your main balance - Keep a smaller balance on a hot wallet for daily use - Tell at least one person you trust how recovery works, in case something happens to you The last one matters more than people think. Inheritance planning is part of physical security too.
XKCD made the comic famous: the cheapest way to break encryption is to threaten the person who knows the key. No hardware design fully solves coercion. What you can do is reduce the prize: - A passphrase-protected hidden wallet means the attacker may walk away with a smaller decoy balance - Recovery Contacts mean the device alone doesn't unlock the funds - A documented inheritance plan means your family doesn't have to negotiate with anyone to recover assets if something happens to you Clear-eyed framing here: you can lower the expected payoff for an attacker, and you can avoid being the easiest target. You can't make crypto immune to a person with a wrench.
Ryder One is hardware wallet, audited by Halborn, built around the assumption that physical attacks are part of the threat model: - EAL6+ certified secure element from Infineon, evaluated against the attack categories above - No USB or Bluetooth, so the only physical interface is short-range NFC - TapSafe Recovery, so there's no written seed for someone to find - Optional passphrase and Recovery Contacts for stronger threat models None of this makes the device unattackable. It makes the cost of attacking it high enough that most attackers, most of the time, will go look for an easier target.
A short version you can run through: - Is your wallet's secure element certified, and to what level? - What's the recovery flow? Can it be completed with one stolen object? - Have you set a passphrase? - Where does your seed or recovery material live, and who else can find it? - Do you have an inheritance plan that doesn't require sharing your secrets while you're alive? If you can answer those five, you're ahead of most holders.
Can a hardware wallet be hacked physically? Given enough time, equipment, and skill, plenty of things can be hacked. The question is whether the cost to the attacker exceeds the value of what's stored. EAL6+ chips raise that cost considerably. Are EAL6+ chips really tamper-resistant? They're certified against documented physical and side-channel attacks at a level that takes specialized labs to defeat. They're not magic, but they're a different category from a stock microcontroller. What's the safest way to store crypto if someone breaks into my home? A wallet that doesn't keep a written seed lying around, a recovery flow that needs more than one object to complete, and a passphrase you've kept off-device. The hardware is one layer. The recovery model is the other.
The only crypto wallet you can install on a crowded subway.
Set it up in less than 60 seconds and just tap your phone to send, swap, and recover.
Share: