How a $3 Million XRP Heist on Ellipal Unmasked Hidden Hardware-Wallet Risks

First the facts: 

Our heart goes out to Brandon. We thank him for sharing his story so that others can learn and properly secure their crypto investments.

What cold wallet was Brandon using? Ellipal

Where did he purchase the wallet? Not known if it was through a third party or straight from the manufacturer.

Is the Ellipal a cold or hot wallet? Both! And this was the security gap Brandon was unaware of that jeopardized his investment.  Ellipal has a hot wallet (always connected to the internet) that uses an orange background to distinguish the user interface, while the cold wallet (physical device) uses a blue background.

Do most cold wallets have both hot wallets and cold wallets? NO! This is an unusual approach to self-custody and a huge security gap. With the Ellipal, you do not need the physical wallet to validate transactions.

Brandon didn’t realize he’d loaded his private keys into Ellipal’s in-app hot account, leaving them online and unprotected. The keys that control his XRP never touched the air-gapped cold wallet, so no hardware confirmation was required for the thief to move the funds.

The 6-Step Hardware-Wallet Safety Checklist

#1 - Do not hold all your crypto behind one seed phrase/cold wallet. Diversify = Risk Mitigation.

#2 - Do not trust all your crypto to one brand of wallet. Hackers will often focus on one brand to exploit a flaw or gap in security. Diversify = Risk Mitigation.

#3 - Choose a wallet (i.e. Trezor, Tangem, D'Cent) that requires any "send" transaction to be approved by the physical device/cold wallet. 

#4 - Calculate your risk and buy multiple cold storage wallets accordingly. For example, if you have $1M worth of XRP and you'd be ok if $100,000 was hacked then divide $1M/100,000 = 10 cold wallets. That's how many cold wallets and seed phrases you should own to manage and mitigate risk. As the value grows, buy more cold wallets. Remember, for now, you are the ONLY gatekeeper to your fortune.

#5 - This is big...Choose a wallet that allows for a passphrase like Trezor (backup that passphrase and store it in a separate location from the seed phrase). Second best option, choose a wallet that allows for a 25th word to be added to the seed like D'Cent. Store that 25th word separate (like a passphrase) from the seed phrase. Any cold wallet device should have a strong minimum 8-digit passcode as the first layer of defense.

Note: Black Seed Ink manufactures both steel seed phrase and passphrase wallets. These solutions protect these critical words against fire, water and corrosion damage. Why is passphrase backup important? Because the second layer of security provided by the passphrase or 25th word means that if your seed phrase is stollen, the crook needs the passphrase to access your funds on the Trezor. If your seed phrase is stollen on the D'Cent wallet, they need that 25th word to setup a new D'Cent wallet to approve the "send" transaction. 

#6 - This goes without saying, NEVER EVER store a seed phrase or passphrase in a digital file, including an encrypted file.

HARDWARE WALLET LITMUS TEST: If a transaction can leave your wallet without you physically confirming it on the dedicated device (your phone doesn’t count), think twice. Brandon’s error (still sorting through what happened) may have been relying on ELLIPAL’s in-app hot wallet instead of its truly air-gapped cold wallet; only the cold side demands a device-in-hand signature.

*The information in this post is provided strictly for educational and informational purposes and does not constitute financial, investment, or legal advice. Cryptocurrency involves substantial risk; always perform your own research and consult a qualified professional before acting on any material presented here. The author and publisher accept no liability for losses or damages arising from reliance on this content.