The ELLIPAL Titan 2.0 has a ton of absolutely amazing features that we would love to see other major manufactures implement, but severely drops the ball when it comes to our security and privacy analysis unfortunately.
Our ELLIPAL Titan 2 review has a number of worrying parts in it and we certainly don’t enjoy speaking negatively about products that companies have obviously put in a lot of hard work into. However we think it’s important to inform our readers of both the good and the bad parts of products as it makes it clear what users should look out for. We hope ELLIPAL can take our feedback gracefully and use it to build a better version in the future.
Introducing The ELLIPAL Titan 2.0 Cold Wallet
The ELLIPAL Titan 2.0 as said above is a bit of a mixed bag for us. The screen, general hardware design, look and feel are all fabulous and there’s even other features like its user interface that are leagues ahead of many of the other top brands out there.
However when it comes to the core components of generating and storing your all important private key there’s little to no information given on how this is done making us very nervous about the product as a whole.
ELLIPAL, headquartered in Hong Kong and founded in 2017, also seems to make a number of incorrect or false claims throughout their promotional material and even just general website and blog.
For example, their About Us page claims they “created the first air gapped cold wallet” in August 2019. However a quick search shows that Coinkite were already releasing firmware builds for their fully air gapped COLDCARD Mk1 product in September 2018.
Now it’s not uncommon for companies to make ridiculous advertising claims so we’re not too surprised here, but these types of claims and statements are so common that it again makes us question the product and company in general. It also undermines the trust we have in ELLIPAL, especially given all these claims are never backed up with the only thing that matters: the source code. But we’ll get to that later.
Titan Vs Titan 2.0
The Titan 2.0 is of course, the second iteration of their first Titan hardware wallet, so let’s quickly look at how the new Titan is different and whether you should consider upgrading if you already have the original Titan or Titan Mini.
- More Secure EAL 5+ Security Chip: While it had a secure element chip previously, it’s now a newer, more secure CC EAL 5+ certified security chip
- Upgraded Materials & HD Screen: The Titan 2 now has a sleeker, more luxurious feel constructed from aluminum alloy and has a higher resolution HD screen with 1280 × 720 pixels compared to 800 x 400 pixels before
- System Optimization & Speed Improvements: Improved responsiveness for a smoother user experience as well as a 10x faster firmware update process
- Support For 24-Word Seed Phrases: For increased security and peace of mind the Titan 2 now supports 24 word mnemonic sentence generation and storage
What’s In The Box?
What’s in the box:
- ELLIPAL Titan 2.0 Hardware Wallet
- Charging Dock (Called The ELLIPAL Security Adapter)
- 16 GB Generic Micro SD Card
- USB-C To USB-A Cable
- Seed Phrase Recovery Sheets
- Screen Protector
- User Manual
Quick ELLIPAL Titan 2.0 Review
Design & Hardware
Our initial impressions when first picking up the Titan 2 was that it’s a very nice, solid and premium looking piece of tech. While the bezels aren’t quite as slim as most smartphones, it’s leagues ahead of most other competitors out there. It’s clearly made up of premium materials and has a fantastic heft to it when you hold it.
The back is matte black and feels like a high grade plastic material, although ELLIPAL state that it’s a “fully metal sealed” design. The camera on the back is surrounded with a gold edge that also looks very nice.
Overall the look, feel and finish is fantastic and we’d love to see more hardware wallet makers put in this kind of effort when it comes to looks and materials used.
The Titan 2.0 is light, but not “empty” feeling light. It’s looks and feels basically like any modern day smartphone, but smaller as few phones have such small screens these days. While the gold trim around the camera on the back might not be your style, it will fit right in with any other high end tech you’ve got lying around.
One other instantly obvious thing that you’ll notice as soon as you pick it up is that the front screen is an absolute finger print magnet. While it’s easy to wipe clean and they even include a free screen protector that helps a bit, be warned.
The thing that struck us most though when seeing the device for the first time was definitely the screen. It’s big. It’s clear. It’s awesome. The user experience is almost identical to what you get on any modern day smart phone as the screen is a high resolution, 720p color IPS touch display that’s smooth and responsive.
No more fiddling around with weird button interfaces or trying to squint to see what’s written on the screen. It’s one thing that ELLIPAL gets very, very right and we wish all the other major hardware wallet manufacturers out there at the very least offered a device with a proper sized screen like this in their line ups.
Sure, some people prefer tiny, discrete devices that look like a USB stick or calculator we get it. But many others are also as blind as a bat and need a big screen so they can see what’s on it! Others don’t care about being covert while others still prefer big screens just because they’re easier to use and you don’t read your address or sending amounts wrong.
Big screens aren’t for everyone, but ELLIPAL nails it with the Titan 2.0 and it makes us want to see Coinkite, BitBox, Foundation Devices or Blockstrem etc start making one to compliment their other excellent hardware wallets.
ELLIPAL Cold Wallet Connectivity
When it comes to connectivity the Titan 2 is intentionally cut off. While “cold wallet” is generally referred to as being any device that stores your private key offline, it’s often mixed in with air gapped wallet too.
Many other hardware wallet vendors claim their device is “air gapped” when in fact they still have wired or wireless forms of data transfer such as the Keystone 3 Pro and its Bluetooth capabilities. According to Wikipedia:
An air gap is a network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an unsecured local area network. It means a computer or network has no network interface controllers connected to other networks, with a physical or conceptual air gap, analogous to the air gap used in plumbing to maintain water quality.Wikipedia
The new ELLIPAL Titan 2.0, like the Titan or Titan Mini before it, doesn’t have any networking capabilities at all. No cellular, no Bluetooth, no USB (data), no WiFi and no NFC connectivity hardware. The only way for data to be transferred in or out is by scanning a QR code.
While it does have a USB port on the security adapter dock, this is for charging only and there are no USB ports on the device itself, just its docking pins. It also has a microSD card reader, but again this is only on the dock and only for firmware upgrades nothing else.
We’ve discussed in the past about Airgap Wallets and whether or not they actually provide more security. All communication channels, from QR codes to USB to microSD to Bluetooth or WiFi can be compromised in various ways.
ELLIPAL’s marketing that claims things like it’s “more transparent” or is “fully protected from unauthorized access, cyber hacks, malware, and any online threats” isn’t entirely true. No security is 100% effective.
That being said, giving your hardware wallet full separation like how the Titan 2.0 is setup isn’t bad and is certainly far, far safer than storing your private key on an network connected computer!
The fact that it’s so cut off also means that the Titan 2 won’t show your wallet balance on its screen. Instead you have to pair it with their ELLIPAL APP on your phone to get this info which we’ll talk about later.
Anti-Disassembly & Anti-Tamper
Another impressive part of the Titan 2.0 design is that it’s a fully metal sealed device that is virtually impossible to disassemble or open up without totally destroying it. This is done to help protect against anyone else tampering with it and then passing it onto you as though it’s “brand new”.
This feature was also present on the previous Titan, but it’s a fantastic security feature for any hardware wallet to have as evil maid and supply chain attacks are real and need protecting against. It does mean self repair and troubleshooting is also impossible, but given the secure nature of these types of devices we think this is acceptable.
ELLIPAL Hardware Wallet Warranty
The ELLIPAL Titan 2 has a 1 year warranty as well as a 30 day quality control replacement or full refund policy. You can read the full details on their website.
Security & Privacy
Unlike most other hardware wallet vendors, ELLIPAL seems to be a bit more relaxed when it comes to how the Titan 2.0 deals with passwords and device access. Each account that you create must have its own password which is great. Inside each account, you can then add multiple different coin wallets.
You can also setup a pattern lock or gesture pin which is the same as Android phones where you use your finger to join the dots and create a pattern to unlock your phone.
While the password per account is mandatory, the secure with gesture pin is not. By default, if you turn the Titan 2.0 completely off, you can turn it back on and get to the home screen without entering in any password or pattern. If you enable the pattern lock screen then it will ask you for the pattern upon start up, but this to us seems a bit relaxed.
If you want to sign a transaction you’ll have to enter in the specific accounts password which is good, as it prevents third parties that get your Titan 2 from spending your funds. But we’d like to also see an option for the whole Titan 2.0 to be password protected like most others already have.
Pattern locks aren’t known to be very secure and allowing it to be turned on and viewed by default without either password or pattern lock could allow attackers to learn more about your holdings, even if they can’t steal your funds.
Another handy feature with the pattern is that you can have an alternative pattern. This alternate pattern will show alternate accounts so that if you’re under duress, you can use this secret secondary wallet option to only show up the accounts you want to.
Code Openness & Reproducibility
Any claims of being “secure” or “unbreakable” or even safe in general all need verification. Unlike some reviewers we do not just believe whatever some random company tells us as 100% true. In order to verify something we need to be able to see and audit all code and hardware related to the claims.
ELLIPAL doesn’t seem to believe in open source software at all based on their blog post about it here and we cannot find any publicly viewable code for the hardware wallet. As such, there is no way for us or anyone else to verify any of their claims. It’s literally just “trust me bro” which isn’t acceptable in our view.
ELLIPAL also doesn’t say much of anything publicly about how exactly they generate your seed or private key. After reaching out to them specifically on this point, they stated that:
[The Titan 2] generates a unique random number globally, which is then converted into a seed phrase using BIP-0039. We use a “CC EAL5+ Security Element” to enhance security and generate random numbers. This element ensures that the random number sources are secure and certified.ELLIPAL
So the unique random number is generated using the specialized True Random Number Generator (TRNG) hardware that’s on the secure element chip, this is quite standard and isn’t terrible, but it’s also not fantastic either.
The chip is once again closed source and ELLIPAL’s implementation of the TRNG as well as the secure element itself could both contain bugs making your key weaker than intended. It also doesn’t involve multiple sources of entropy or any real world source of randomness either.
As an example of excellent seed generation practices, the BitBox02 uses five different sources of randomness (aka entropy) to generate the wallet seed including passwords, multiple random number generators and other sources. This can all be verified as their code and hardware is open source.
With such little information available and no open source code to review, they could have any number of massive security flaws hidden within their device and no one would ever know. That is until a hacker steals all your funds of course.
Thankfully they still allow you to import a seed phrase, meaning you can securely generate your own via dice rolls or other more secure methods and not have to trust their seed generation process at all.
Once again no information is publicly given on where and how the seed phrase is stored. So after speaking with ELLIPAL again about this they informed us that the seed phrase isn’t stored at all on the Titan 2.
It’s generated on the Titan 2, displayed to the user once and then deleted permanently meaning if you don’t write it down properly you can’t request it again at a later date. It also means users can’t verify their seed phrase is still correct later on as part of a general wallet checkup procedure.
What ELLIPAL seems to be doing here is generating the Mnemonic Sentence (the seed phrase), then using it to generate what’s called the Master Extended Key. The Master Extended Key is what’s used to derive all future Master Node Keys (what most people generally refer to as a private key) which is how you can have separate wallets, child wallets etc.
This process is all totally normal, but they then throw away the original seed phrase and only keep the Master Extended Key.
They further noted that this Master Extended Key (what they simply refer to as the private key) is encrypted and then stored on their EAL5+ certified Secure Element chip which should keep it safe in most circumstances.
When we pushed for further technical details on how exactly the private key is encrypted and if it’s mixed with other things such as the users password, they said:
Due to security protocols and confidentiality, we cannot disclose the detailed architecture of our storage system.ELLIPAL
This isn’t too surprising given ELLIPAL don’t open source any of their code base or engineering designs, but it again means we have no way to verify that this is actually where the private keys are stored and just have to take ELLIPAL at their word.
Encryption is great, but means nothing if you don’t know who holds the decryption keys. Maybe ELLIPAL holds a master decryption key for all their customers, but we’ll never know and just have to trust them. For some this trusting is hard to accept.
Many other hardware wallet makers allow their devices to display back the seed phrase to the user if requested, so this is a decent departure from the norm. Not a bad one, just different and something for users to keep in mind.
Interface & Ease Of Use
The Titan 2 is very minimal in its interface which really helps to keep everything simple and easy to understand. Buttons are big and easy to select, text is also a good size and is easy to read. We would like to see bitcoin addresses get presented a bit bigger to the user, given just how big the screen is.
We also found the user experience in general near flawless while punching through menus, adding new accounts, sending and receiving funds and so on. We didn’t see stuttering or lag and the touch screen is excellent and responsive as promised.
The keyboard, whilst not used very often, looks rather old and bare bones but works well. There’s no swipe to type features and it doesn’t even go back to lower case mode once you’ve enabled shift and typed a letter. If you have quite large fingers it might be a bit tight to type on, but again this isn’t a huge issue and it’s still heaps better than other hardware wallets out there that are far smaller.
User Interface & Speed
One of the big changes between the Titan and Titan 2.0 is the substantial increase in speed. Both the general user interface is now faster and smoother plus things like software updates take 2-3 minutes now versus 20-30 minutes.
The interface overall is exactly what you’d expect for a modern, smartphone like device and at no point were we confused about what was happening or what certain buttons did. ELLIPAL use very standard and sensible icons and gives you excellent feedback on what’s happening every step of the way.
Two very small nit picks were that that top left hand corner of the screen which is used for the Settings menu and back button sometimes didn’t register our finger touches. This could be a software problem or an issue with our particular unit.
The other slightly annoying point was when we tried to rename an account. The interface for it isn’t very intuitive and selecting specific text isn’t very easy to do. This could easily be addressed in a future software update though and isn’t something you do frequently anyway.
One note for those that do buy the ELLIPAL cold wallet is that there’s no actual menu setting anywhere if you want to restore factory settings. However it’s still possible if you simply enter in a wrong password 6 times intentionally. This will cause the Titan 2 to wipe all data and revert back to its original state.
What Crypto Is Supported By ELLIPAL Titan 2.0?
The Titan 2 can manages NFTs and support over 10,000 coins and tokens meaning that if you did ever want to use it for other cryptocurrencies beyond Bitcoin you can. This is all done through their ELLIPAL app and although we absolutely don’t support anything but Bitcoin around here, we know many people still use other coins.
While many mainstream sites and customers see this type of broad crypto assets support as a benefit, we just see the hugely increased attack surface area that all this extra software enables. Software security is hard enough with just Bitcoin, but trying to maintain it with an ever bloated code base is essentially impossible.
While ELLIPAL likes to boast that it’ll “redefine your crypto security” or is “simple and secure”, we very much doubt its the case given all the extra code required to support thousands and thousands of different cryptos, NFTs, blockchains and more. At a bare minimum it’s opening up significant security holes and putting your funds at greater risk than other Bitcoin only wallets.
Their official ELLIPAL Crypto Bitcoin Wallet companion app is available for Android and iOS. It doesn’t have a desktop version for any operating system so we’d definitely like to see this be expanded in the future.
That being said, it seems to be a straightforward and very minimal wallet application that pairs well with the Titan 2.0. We definitely wouldn’t recommend it for anyone though, as it heavily encourages trading and speculation of thousands of different altcoins as well as lending, swapping and more.
It also doesn’t allow you to connect it to your own full Bitcoin node or even route traffic via Tor meaning all your financial transactions, wallet balances, addresses and more is broadcast to and through ELLIPAL servers. Not great from a privacy and security point of view.
We will say that it’s quite well rounded in that it seems to have many different options such as being able to buy bitcoin directly to your ELLIPAL Titan cold wallet as well as being able to sign transactions easily using your phones camera to scan QR codes back and forth.
Compatibility & Connectivity
The shortcomings of the ELLIPAL app lead well into compatibility with other third party wallets. Unfortunately there’s not really much to say here as we couldn’t get it to work with any other software wallet out there.
While there is a button to “link” the Titan 2, this is only for their own proprietary ELLIPAL mobile app. The QR code that’s generated is encoded with the below format:
As you can see, this isn’t a standard xPub format at all so other wallets like Sparrow or BlueWallet can’t recognize it. There appears to be some structure to it, but there doesn’t seem to be any way to export the xPub from the Titan 2.0 meaning the only way is to enter your seed phrase into another wallet. Obviously you should never do this as the whole point of a cold wallet is to keep your private key offline!
With a full firmware update tutorial specifically for the Titan 2 on their website, ELLIPAL gives excellent documentation on how to go about updating your Titan 2.
One slight mistake in their instructions is that the light on the Secure Adapter dock seems to only turn blue to indicate it’s reading the microSD card when the Titan 2 is in the dock. Besides this everything went smoothly during our update to the latest version that took around 3 minutes.
Unfortunately it doesn’t show the firmware hash to the user before updating which is critical to know that what you’re updating the Titan 2 with is legitimate.
When you turn on the Titan 2 and go through the setup process, you get a choice of 9 different languages which is fantastic to see. Far too many manufacturers act like everyone in the entire world speaks and reads fluent English and only offer that for their products.
Offering different languages isn’t trivial, but most vendors are big enough now that it’s really not acceptable to only offer English. Top marks to ELLIPAL for this.
ELLIPAL Titan 2 Alternatives
Who Is This Wallet For?
- Users who want a premium look and feel crypto wallet
- Users who want to hold both Bitcoin and Altcoins
- Users who don’t mind being locked into using ELLIPAL’s Crypto App
- Users who want a big, sharp color screen with easily readable text
- Users who don’t care about using open source software or hardware
- Users who don’t need Multisig wallets in the future
ELLIPAL Titan 2 Competitors
Whether you’re wanting to spend the same amount of money on a hardware wallet, more money or even far less money there’s plenty of other better options available that offer far greater security. That being said, most of these far more secure options don’t have anywhere near as nice a screen or user interface. So it depends on what your priorities are.
The Blockstream Jade is a third of the price, but has a tiny non-touch screen. For a tiny bit more money than the Titan 2 you can get the Foundation Passport which is one of our most highly recommended wallets. It has an equally premium look and feel and also has a good sized screen on it with a simple and excellent user interface too.
There’s also the COLDCARD Mk4 that is much more secure, but again is Bitcoin only and has the tiniest screen of them all. Finally there’s also the Trezor Model T or newer Safe 3 that also score very well and have moderately big screens too as well as Altcoin support.
Should You Buy The ELLIPAL Titan 2.0 Hardware Wallet?
No. While we love a ton of things about the Titan 2 such as it’s huge, crisp touch screen, its simple interface, its multi language support, its speed and smoothness, its anti-disassembly & anti-tamper features and the super premium design and build quality, at the end of the day it doesn’t really mean much if the product can’t do the core task of generating and keeping your private key safe.
While ELLIPAL says all the right things and has all the right certifications and the Titan 2.0 seems like a safe and secure product from the outside, it’s a black box that no one’s allowed to look into and actually verify what they’re saying is true.
The complete lack of openness with respect to their code base coupled with there being very little information on how they generate or store your private keys is a huge red flag to us. The lack of features like Multisig, microSD card backups or even an option to set a password lock for turning it on is also poor given the price tag.
We truly hope that ELLIPAL reverses their stance on open source as the Titan 2 could be a great wallet and an absolute top performer if they would just let others confirm what they say is true. We’d also like to see them incorporate multiple unpredictable physical processes to make generating the users seed extra secure and roll out support for multisig wallets too in the future.
Is ELLIPAL Better Than Ledger?
Although the Ledger Nano X and Ledger Stax both rate slightly higher on our list of Crypto Wallets, we can’t recommend either one as both lack key security and privacy features that we require when officially recommend one brand over another. We instead would recommend other, far more secure brands such as BitBox, Foundation Devices, Coinkite, Blockstream or SeedSigner.
What Country Is ELLIPAL From?
ELLIPAL is headquartered in Hong Kong, however the packaging notes that their products are made in China.
Can You Sell Crypto From ELLIPAL?
ELLIPAL devices such as the Titan 2 allow you to send cryptocurrencies such as Bitcoin and other coins to any valid address. Their companion ELLIPAL Mobile APP also allows you to buy and swap many different altcoins all while being linked to your cold wallet.
How Many Coins Does ELLIPAL Support?
ELLIPAL supports over 10,000 Coins and Tokens as well as NFTs that can all be stored on multiple different accounts with pin and numeric passwords support.
How Secure Is Ellipal Titan 2?
Unknown. While ELLIPAL make many claims such as that their seed is generated and stored on a secure element EAL5+ security chip, none of the software or hardware is publicly viewable meaning it cannot be verified by anyone. As such, users must simply “trust” ELLIPAL at their word which historically hasn’t turned out too well.
Is ELLIPAL A Hot Wallet?
No. ELLIPAL makes multiple different hardware wallets that store your private key offline on hardware that is never connected to any network, which is also referred to as being air gapped. This means it’s not a hot wallet and is thus, far safer for your funds.
What Should I Do To Recover My Assets If My Device Is Lost Or Damaged?
If you loose or damage your Titan 2, you can still recover your bitcoin by using your seed phrase, which is also called a Mnemonic Sentence. Simply enter these 12 or 24 words and your passphrase if you have one into any other wallets that use the BIP-39 standard.