After the Chang hard-fork, it becomes clear that many people misunderstand the use of hardware wallets. A lot of users rely on a combination of wallets that currently don’t support on-chain governance. These users are waiting for their light wallets to be ready for governance, but this wait is unnecessary. If you have a hardware wallet, you can safely use multiple light wallets. We’ll explore the details in the article.
How a Hardware Wallet Works
Let’s break down how hardware wallets work. Once you understand this, you’ll see that you can safely use multiple Cardano light wallets. This enables you to perform governance operations, such as delegating ADA to a DRep.
When you set up a hardware wallet, it generates a recovery seed (passphrase), which is a list of 12 to 24 words. This seed is crucial as it can be used to recover your wallet if the device is lost or damaged. You can use any wallet to restore your account, not the one you used before.
From this seed, a master private key is derived. This master private key is the root from which all other keys are generated.
Using the master private key, a master public key is derived. This public key can be used to generate multiple public addresses to receive funds. From this master private key, multiple private keys are derived for different blockchains like Bitcoin, Ethereum, Cardano, etc. This is done using specific derivation paths defined by various standards.
From these blockchain-specific private keys, multiple public keys are derived. To support a new blockchain with a hardware wallet, you simply need to derive new keys from the master private key according to the standard supported by that blockchain.
These public keys can be exported to light wallets.
As the name suggests, a public key is meant to be shared publicly. However, this doesn’t mean you should show it to everyone, as it could allow others to link your identity to your assets. Despite this, it’s important to note that assets cannot be stolen through public keys alone.
You can use the interface of a hardware wallet, which often functions as a light wallet for multiple blockchains. In this case, you don’t need a separate Cardano light wallet.
Another common approach is to use a hardware wallet in conjunction with a single light Cardano wallet, such as a combination of Trezor and Yoroi. In this case, it is necessary to import the public key into the light wallet.
Importing the Cardano public key into a wallet is a secure process. As we have explained, even if someone obtains your public key, they can only view your account details, not steal your assets.
Importing the Cardano public key is a process that can be repeated for multiple wallets. This means you can use Yoroi alongside other Cardano wallets simultaneously.
Public keys allow light wallets to derive addresses thus building transactions.
However, a light wallet with an imported public key cannot sign transactions. To do so, the private key stored in the hardware wallet must be used. Note that the same transaction can be constructed in any Cardano wallet.
A hardware wallet is a type of cold wallet. Being a cold wallet means it is offline and not connected to the internet, making it much harder for hackers to access. When you use a light wallet with a hardware wallet like Trezor or Ledger, you typically import the public key (or an extended public key) from the hardware wallet.
This allows the light wallet to generate addresses and view your balance and transaction history without needing access to your private keys. When you need to sign a transaction, the light wallet sends the transaction details to the hardware wallet.
The hardware wallet then signs the transaction internally and sends the signed transaction back to the light wallet, which broadcasts it to the network. Typically to a full node operated by the light wallet team.
If you only use a hardware wallet and no Cardano light wallets, the process remains similar. The transaction is constructed through the hardware wallet interface (either web or desktop application). The hardware wallet signs the transaction, and the interface sends it to the network, typically via the server of the hardware wallet vendor.
Both setups ensure that your private keys never leave the hardware wallet, maintaining a high level of security. The user only handles the seed (passphrase) once during the initial setup of the hardware wallet. After that, there’s no need to interact with it again.
You can use multiple Cardano wallets, including Daedalus (a full node wallet), simultaneously with a hardware wallet.
This allows you to leverage the unique features of each wallet. For example, one wallet might better display NFTs, while another enables you to perform governance transactions like DRep registration or delegation.
If your Cardano wallet doesn’t support governance operations, you can safely import the public key from one hardware wallet to multiple light wallets.
The new wallet will either support governance operations internally or allow you to connect to GovTools.
Be Careful With Passphrase
If you don’t use a hardware wallet, you likely wrote down the seed on paper when setting up a light wallet. In that case, you would need to manually enter the seed into another wallet using the restore wallet function.
However, this can be risky, as malicious software like keyloggers can capture the seed and pass it to a hacker. I don’t recommend doing this unless you are confident in your ability to do it safely.
Remember, a passphrase is a cryptographic secret that must be guarded carefully. Similarly, the master private key in hardware wallets requires the same level of protection. However, if someone steals your hardware wallet, extracting the private key from it may not be easy for them.
Conclusion
Governance actions are already accessible if you have a hardware wallet and can efficiently use it with multiple light wallets. Make the most of this capability.