When choosing a hardware wallet (signing device) for your cold storage, it’s really important to find one from a manufacturer that has proven to be trustworthy, and the same goes for the software and the marketing team. You don’t want a setup that collects analytics on your activity, or one that stores your personal information on an insecure database that creates a very attractive honeypot.
The first one I ever used was called a KeepKey, launched in early 2015 by a company led by CEO Darin Stanchfield and CTO (this is his actual name, I shit you not) Ken Hodler. It was a slick-looking device about the size of an Apple TV remote that connected to your computer using a browser extension to view balances and broadcast transactions.
On Christmas Day in 2016, Darin was sim-swapped and hackers compromised his email account, as well as the company’s social media account, as well as its marketing database, exposing customer data.
In 2017, KeepKey was acquired by ShapeShift, an exchange run by Erik Voorhees, an early pioneer in bitcoin who has since pivoted to shitcoins. Within a short time, they began pushing new updates to KeepKey to turn it into a full “crypto” wallet, and replaced the original browser extension with a new website (that also doubled as an exchange) to manage the device.
By that point, I absolutely knew it was time to move on, and I opted for a new bitcoin-only device. Much to my surprise, when I first attempted to migrate from KeepKey to the new setup, I got an error saying that the transaction could not be broadcasted. I tried in a different browser, and on a different computer, with no luck. Before going into a panic, I sent an email to ShapeShift support. I got the following autoresponse from them:
“I’d like to apologize for the delay in response. As a crypto enthusiast, you must have noticed what a crazy time it has been in our industry! We’ve seen an all-time high in demand, and with it, needs for extra support.” 🤮
A few days later, a reply came, saying that there were “known issues” with the platform that affected certain legacy wallets (i.e., pre-acquisition) and that I should use the device directly with Electrum. I did some research, and after a few more days, was finally successful in getting off of this platform. It was a hair-raising moment that made me realize that even self custody has the potential to get rugged, even if you thought you were making the most informed decisions you could at the time.
Be careful out there!