The Cypherock X1 is a small hardware crypto wallet that claims it operates “without a seed phrase” (which isn’t true). However reviewing the Cypherock Wallet gave us a number of pleasant surprises. This crypto wallet uses quite a bespoke method to protect your coins, which comes with a number of legitimate benefits, as well as drawbacks.
Introduction To The Cypherock X1
For this review, we’re going to go into a fair bit of detail around how the Cypherock X1 stores your seed phrase (or private keys). This is critical information for anyone thinking about purchasing this device as there are certain trade offs this setup provides, so we heavily recommend not skipping this part.
While not a terrible solution, some of the claims that Cypherock makes on their website, such as there being “no single point of failure”, are not true so we want to ensure you’re fully aware of all the pros and cons of using it.
How Does It Work?
While the vast majority of single signature crypto wallets store your seed phrase on the device itself, the Cypherock Wallet is quite different. It uses a technique called Shamir’s Secret Sharing (SSS) to split this one seed phrase up into five separate parts or shards.
From here, it stores each one of those five parts on the various X1 Cards and the X1 Wallet which is the main device with the screen on it. In order to reconstruct the entire seed phrase, you need two of the five parts. This means that a user can loose up to three of the five parts and still be able to recover their seed.
Cypherock X1 decentralizes your private keys into five cryptographic parts using Shamir’s Secret Sharing, so losing one part does not mean losing funds.Cypherock
This is why they tout it as having no “need for a seed phrase backup”, because the cards are your backup. In addition, you can also put a PIN on top of this SSS setup so that if a criminal compromises two of your five parts, your funds still remain safe (unless they break that PIN of course).
While Cypherock would have you believe it’s setup is more secure than both Single Signature or Multisig setups, we’d disagree. Their SSS implementation does mean that you don’t have to manage a seed phrase backup on paper or steel, but it still has a few weaknesses you should be aware of. Let’s explore them:
- PIN Single Point Of Failure: If you chose to place a PIN on your wallet, you are creating a single point of failure. If you forget your PIN or misplace it, it doesn’t matter if you have all 5 shares, with no seed phrase backup card or knowledge of the PIN you’re locked out. While you might think you’ll never forget your PIN, you absolutely can. You may be in an accident or even die meaning a complete loss of funds. This can be mitigated by backing up the PIN, but this also adds further complexity
- Device Single Point Of Failure: As SSS relies on splitting a private key up into multiple shards, that key must exist on a single device at the time of splitting and then also later on whenever you need to spend funds or even generate a new receiving address in the Cypherock X1. If the device is compromised at either of these points in time (or in between), your funds can be stolen. For example, through a rouge employee, government coercion or other means Cypherock could push a malicious software update. There could also just be a flaw in the hardware or software of the device that’s exploited. The next time you bring 2 or more of your shards together to spend or receive funds, the device would reconstruct the single signature key and poof, no more funds. Multisig on the other hand protects against this as there are multiple, separate private keys and potentially even multiple separate devices from different manufacturers
- Increased Complexity: A number of other “custom SSS implementations” have suffered from major security vulnerabilities in the past due to the added complexity of implementing SSS, putting all users funds from that company at risk. For example, Armory’s Fragmented Backups feature which used SSS had a vulnerability found in it while the 3 of 5 HTC Exodus setup also ended up allowing for full key reconstruction if an attacker had just 1 of the keys. These both serve as valuable historic lessons showing that the added complexity of SSS compared to the straightforward creation of a Multisig wallet is not a preferred security practice
Is a Multisig setup perfect? No. Multisig is more complicated for users to manage. You have to backup not just more keys, but more configuration data in the form of a wallet descriptor file as well. If an attacker finds that wallet descriptor information they can see all the information about your wallet which can be a big breach of security and privacy. The transactions that are made using Multisig are bigger (in kilobytes) and so cost more in fees than Single Signature ones.
No security will ever be 100% perfect. Cypherock’s implementation also has other benefits over Multisig that we go into below, but for now we want to make it clear to potential buyers that their setup still does have a few issues to be aware of.
What’s In The Box?
- X1 Wallet
- X1 Cards (4)
- X1 Card Protectors (4)
- USB-A to UBS-C Cable
- USB-A to USB-C Connector
- Webcam Cover
- Stickers (2)
- User Manual
- Warranty & Refund Policy
- Welcome Card
Quick Cypherock X1 Review
Design & Hardware
Build Quality & Durability
The X1 comes with five main parts, the X1 Wallet, which is the main device with screen and joystick, and four X1 Cards. The X1 Wallet is small, solid and won’t draw any attention. The joystick, while a great input experience, does seem like it could potentially get caught on something and break, but is otherwise also quite sturdy.
The front face of it is a total fingerprint magnet and there’s no colors available except black. The main X1 Wallet weighs a tiny 17 grams, while each of the four cards come in at an even lighter 5 grams bringing the total weight to just 37 grams. While the unit is made from plastic, it seems to be decently durable.
Cypherock claims that the X1 Cards are made from a “long lasting material” with a 20+ year data retention. They look and feel decently premium, but nothing more so than a typical credit card. It would have been a nice touch to see them made from metal like luxury credit cards, but they’re still absolutely fit for purpose.
Screen Size & Type
With a 0.96″, 128 x 64 pixel, non touch, black and white OLED display text is clear, but a bit on the smaller side. If you have a hard time reading tiny text, then we’d advise going for something with a bigger display like the Foundation Passport or COLDCARD Q1.
The Cypherock X1 Wallet has a single USB-C port and interacts with the X1 Cards via NFC. They’ve done an excellent job of guiding the user on how and when to tap the various cards to the back of the X1 Wallet device.
The interface is clear on which card you need to tap, when you need to tap them and for how long too. The included cable is USB-A to USB-C, but they also give you a USB-A to USB-C connector meaning you can plug into either port type on your computer which is handy.
Other Hardware Features
The X1 has no other hardware features besides the built in ATECC608 Secure Element (SE) chip along with its STM32L4 Microcontroler Unit (MCU). There’s no internal battery and upgrading of the firmware requires you to plug it into a computer that’s running their cySync wallet software.
Security & Privacy
Code Openness & Reproducibility
No true analysis of security or privacy can be done unless we can independently review everything, specifically the firmware that is run on the device. The firmware for the X1 is not only available, but it’s also Free and Open Source Software (FOSS) as covered by it’s MIT license. You can view the GitHub for it here.
The Crypherock X1 scores absolute top marks in this section as everything, from the wallet firmware to the cySync companion app is free, open, transparent and reproducible. This is amazing work and is the gold standard for hardware crypto wallets as far as we’re concerned.
Also paramount to a crypto wallets security is precisely how it generates your private keys as this is what everything is derived from. At the root of this is a good source of entropy as this is what allows for your seed to be truly random and thus, secure. As per Cypherock’s help articles:
Cypherock X1 generates 256-bit entropy by utilising True Random Number Generators (TRNG) which are FIPS compliant. The TRNG is built into the secure element of the device, as well as the MCU. For further clarification, Cypherock uses the following secure element and MCU respectively: ATECC608 and STM32L4. The secure element, alongside the MCU each generate 32 bytes (256 bits) of entropy which are then combined using the XOR method. The XOR method is a fail-safe designed to ensure that even if either of the components, the MCU or the secure element has a backdoor in their random number generation, the seed phrase generated will still be random, hence avoiding the single point of failure here as well.Cypherock
You can also create your own seed from any secure third party seed creation method such as dice rolls and import that seed via their Recover Wallet function. This, together with the multiple unpredictable physical processes used to generate the seed ensures excellent security for your new wallet.
A securely generated seed means nothing if it’s not managed and stored securely. Here once again the X1 is rather unique as it breaks up your seed into five separate parts as explained earlier. The X1 Wallet has its own Secure Element chip while the X1 Cards are tamper-proof passive cards that have a security rating of EAL6+.
The 256 bits of entropy are split into 5 cryptographic parts which are stored in the X1 Vault and the 4 X1 cards. A threshold of 2/5 is applied, meaning that any two – X1 card and X1 Vault, or 2 X1 cards – can be used in conjunction to reveal the secret, which in this case would be the seed phrase.Cypherock
This is quite a unique way to protect a users seed and regardless of whether you lose the X1 Wallet or an X1 Card, you can still recover the wallet provided you have two of any type. Cypherock also goes into a good amount of detail on all this in their support questions, which is great to see with this type of different backup method.
Some of the key benefits of using Cypherocks unique SSS setup over Multisig include:
- Blockchain Agnostic: The SSS protection can be used for altcoins that don’t support multisg
- Increased Privacy: As there are no wallet descriptor files, your wallet info cannot be leaked
- Lower Transaction Fees: Since the transactions are still just single sig, fees are lower
We still see multisig as the ultimate level of wallet protection as it protects against additional things as described above. That being said, Cypherock’s setup is an acceptable way to store your seed. It offers a different take on a single signature wallet, but does come at the expense of increasing complexity which could be an issue later on.
Interface & Ease Of Use
The interface of the Cypherock X1 Wallet is simple and straightforward. The text that appears on its tiny screen is helpful and clearly explains everything that is going on at all times. When you turn it on for the first time it prompts you to download and install their companion app cySync. This is a software wallet that also manages the X1.
The cySync app is also excellently built. It has tool tips and support buttons everywhere, you can hide sensitive info like your balances, view all transactions and filter everything by account, wallet or coin type. You can also search through your accounts, transactions and it even has a full set of YouTube videos built right in to help. Unfortunately though there isn’t any option to connect it to your own Full Bitcoin Node.
The cySync setup wizard has clear, helpful instructions and just works. It instructs you to connect the X1 Wallet and then authenticates it. Once authenticated it helps you pair and setup all four X1 Cards by tapping them on the back of the X1 Wallet. After this it checks for and updates your devices firmware if needed.
After the wizard is finished you’re dropped into the cySync home screen and told to “import a wallet”. At this point you need to go back to the X1 Wallet and setup your new wallet. You give your new wallet a name, enter a PIN if you want to and then wait while the X1 generates a 24 word seed phrase for you. You tap each of the four X1 Cards to the back of it to distribute the various shards and you’re done.
Back on the cySync app you import the wallet and then add as many assets as you want. This can be Bitcoin (only legacy and SegWit is supported not Taproot) or a number of other altcoins such as Ethereum, Dash or Doge.
User Interface & Speed
We were never confused about what state the wallet was in, what was required of us next or other important things like how long you need to hold the X1 Cards to the back of the X1 Wallet.
The 5 way joystick is also easy to use and there are a few handy options under the Settings menu such as Restore wallets from cards, Check Card Health, Rotate display, Enable logs, Enable Passphrase, Factory reset and more.
When confirming information on the X1 Wallets screen it can be a bit small to see. If you have a hard time seeing smaller text we wouldn’t recommend the X1 for you simply because of this reason. It should also be noted that to generate a new address to receive funds, you must have one of the X1 Cards available. You’ll also need two cards available if you want to perform a factory reset. Updating the firmware was also a breeze.
Unfortunately the firmware and all user guides are only available in English with no other languages supported. While multi language support is no small task, we feel that there’s a huge void with crypto wallets when it comes to supporting multiple languages and it’d be great to see Cypherock take the lead on this one .
Compatibility & Connectivity
Another area where the X1 falls down is compatibility with other wallets. As best we can tell, you must use the X1 with their cySync app and nothing else. While many other hardware crypto wallets have companion apps such as the Blockstream Jade and its Green app, they are also compatible with other third party wallets. This isn’t the case with the X1.
The device does allows you view your seed phrase and thus, move it to another software or hardware crypto wallet… but this still means the X1 is nothing more than a paper weight afterwards. The cySync app does have excellent compatibility as it’s available for Windows, Mac and Linux, but we’d still like to see Cypherock expand this support to some of the leading third party wallets in the future as well.
Moving beyond the general interface the X1 also has full support for BIP-0039 Passphrases and Bitcoin Multisig support is coming soon according to their road map. As the X1 doesn’t have a microSD card slot, it doesn’t support plain text or encrypted backups. It also doesn’t support Brick PIN (where an entered PIN will permanently destroy the crypto wallet) however it does support a standard PIN.
Another handy feature is that it can also be used as a seed phrase backup for other wallets. Users can import up to four seed phrases into the Cypherock X1 allowing you to easily migrate over your older wallets.
Cypherock X1 Warranty
The Cypherock X1 comes with a 1 year warranty with very fair and clear terms and conditions outlined on their website. In order to make a warranty claim you’ll need to email their support and provide proof that you purchased and posses the device.
Cypherock X1 Alternatives
Who Is This Wallet For?
- Users who want to store both Bitcoin and Altcoins
- Users who want a high level of privacy and security
- Users who insist on using FOSS hardware and firmware
- Users who don’t mind being locked into using Cypherock’s cySync app
- Users who don’t mind relatively small text
Cypherock X1 Competitors
Competing with the X1 are a number of other very highly ranked crypto wallets. While other crypto wallets such as the BitBox02 offer more features at a reduced price, they don’t use the same setup as the X1 that splits your keys up into five different shards.
This unique key sharding is really what separates the X1 from its competitors. As said, this technique is not without its own flaws, but it is something we can see appealing to those that are not quite ready to use Multisig.
If you’re wanting something with a bigger screen then the Foundation Passport would be another excellent choice for those that are Bitcoin only. If you also wish to store altcoins then something like the Trezor Model T or OneKey Touch are good options too.
Is The Cypherock X1 Safe & Should You Use It?
For both beginners and experts that are looking to safely store bitcoin the X1 is a very good option. It ticks many excellent qualities such as:
- Can be used on all major desktop operating systems
- Offers distributed key storage and protection
- No need for a paper seed phrase backup
- Source code for both the X1 Wallet and the cySync app is fully open source
- Source Code is also fully reproducible
- Seed generation and storage is done well
On the other side it does have its downsides such as:
- No third party software wallet support
- No current iPhone or Android wallet support (coming soon)
- No multisig support (coming soon)
- No PSBT support
- Underlying issues with SSS as discussed at the beginning of this review
- Smaller screen with text that could be hard for some to read
While we might not make such an issue of some of these things, its high price puts it up against many very top notch competitors meaning we have to bring it up. As the device matures over time and more software features roll out its offering will no doubt become more compelling, but for now we’d only recommend it if you really want the capability to distribute your key shards and are happy with the trade offs this method brings.