Cobo Launches 2nd Gen Vault Hardware Wallet (Rebranded KeyStone, 2021)

During his Bitcoin Takeover Podcast interview, Cobo Vault creator Lixin Liu has hinted to the release of a new hardware wallet device which targets Western markets. Two months later, the entire device firmware has been open sourced for transparency and security purposes.

In the tweet which introduces the new product’s GitHub repository, Liu suggests that the launch date of the 2nd Generation Cobo Vault is April 28th 2020. He also explains that the Secure Element chip, which is known to be the most opaque part of a hardware wallet (at least in the Ledger design).

Therefore, the Cobo Vault joins the likes of Coldcard and BitBox02 in the quest to deliver a middle-ground between auditability and physical security. Meanwhile, two biggest actors on the hardware wallet market remain conservative about their values and represent the extremes of the spectrum: Trezor produces the simplest, most transparent and easiest to audit devices, while Ledger releases uncompromising security at the cost of sacrificing some transparency.

Not sure if ColdCard is our competitor because they service more advanced users. But in comparison with other products like Ledger/Trezor/BitBox02, I think our strengths are the transparency of the Secure Element, the verifiably air-gapped QR code data transmission which reduces the attack surface, the ease of use (touch screen, fingerprint sensor, detachable battery and AAA support), and other mechanisms such as self-destruction and web authentication. – Lixin Liu, Cobo Vault Creator (exclusively for Bitcoin Takeover)

What is special about the new Cobo Vault Gen 2?

First and foremost, the 2nd generation Cobo Vault hardware wallet is consumer-friendly and therefore much more affordable than the original. The first iteration of the device still costs $479 and is designed to satisfy the needs of Chinese bitcoin miners: aerospace aluminium is used for both the body and the glass, so the device fulfils the IP68 waterproof, IK09 impact resistant, and US Military MIL-STD-810G standards.

With the current price points we are trying to offer everyone in the community what we consider to be the most important security mechanisms. We also think we took some approaches to security that led to innovative features which will advance the industry – Lixin Liu, Cobo Vault Creator (exclusively for Bitcoin Takeover)

This type of resistance to harsh weather conditions and physical shocks is unnecessary to the average user, so the new Cobo Vault Essential and Cobo Vault Pro hardware wallets deliver the essentials:

  • Air-gapped communication through QR code scanning;
  • Secure Element chip whose open source software allows users to see how private keys are generated, how transactions are signed, and that the private keys never leave the Secure Element.
  • Firmware upgrading via SD card;
  • 4-inch touch screen;
  • the option to power up with common and affordable AAA batteries.

Since the 2nd generation Cobo Vault comes in two versions, we should take a look at the differences between them. From a functional point of view, they are pretty much the same. But the $50 difference that’s paid for the Pro model brings three extra features: a fingerprint scanner, a self-destruct mechanism, and a rechargeable battery.

For somebody who is travelling and needs to have extra security (so they don’t input PINs in front of everybody or fill luggage with extra AAA batteries) and protection against threats (if somebody wants to steal your bitcoins through physical extortion, you can simply destroy the hardware wallet and make the access impossible for them), it might be worth paying the extra $50.

But for someone who mostly uses the hardware wallet to HODL and occasionally transact at home or at the office, the Cobo Vault Essential should suffice.

The main pros of the new Cobo Vault

The ability to use cheap, general-purpose, common, and detachable AAA batteries is by far one of the most unique features, as it should increase the lifespan of the product. You don’t have to rely on a deteriorating Li-Ion battery and you don’t have to ask Cobo for a replacement after a few years. Just like the Gameboy that you can still pull out of your drawer to play Pokemon after all these years, the Cobo Vault is designed to last.

Also, the Cobo Vault doesn’t use USB cables, Wi-Fi, 4G internet connection, or bluetooth. The hardware wallet functions only by scanning QR codes

The main cons of the Cobo Vault

While the design is great, we still need to read more about security audits and ethical hacking attempts. When it comes to secure devices, the test of time is the best indicator of reliability and sturdiness. In the case of the Cobo Vault, we’re going to witness waves of attempts to break the security and extract information from the Secure Element chip.

Every new device that comes to the market needs to prove itself to the community of security experts. It’s a natural process, and this type of open-source scrutiny benefits the industry at large and makes every device safer.

Thankfully, any issues can be easily fixed with security updates that you install via SD card. Yet we can only hope that these won’t be necessary and the product is as robust as can be since day one.

Also, there are still features and integrations that you can find on other hardware wallets and won’t be Cobo Vault on launch day. Some of them will get added as part of the planned firmware updates, but there are still no mentions of advanced multisig functions.

Upcoming Cobo Vault Features

According to Cobo Vault creator Lixin Liu, there are still lots of features that will get added to the hardware wallets in the near future.

Within a month after the launch, a firmware update (v. 1.0.6) will get released to add Electrum compatibility to create watch-only wallets, a Bitcoin-only firmware version will get published for BTC HODLers who want to reduce the attack surface, and bigger transactions will become transmittable via Electrum by using a microSD card.

In the next 3 months, Cobo Vault hardware wallets will also receive a firmware update to become compatible with Wasabi Wallet and Electrum via PSBT (BIP 174, popularized by Coldcard). And speaking of the Coldcard, Cobo’s Vault will also allow users to create more randomness during the seed phrase generation process by rolling a dice.

To facilitate integration with other wallets, the Cobo Vault is also expected to support scanning of animated QR codes (used from open-source libraries). And for the users who dislike purchasing AAA batteries, there will be a dedicated stock of rechargeables that can be purchased separately.

In 3 to 6 months, users will be able to set their own anti-phishing words to better protect themselves against anti-maid attacks. And for those who want to build their own Cobo Vault hardware wallets, the device’s circuit diagram will also get open-sourced. Furthermore, users will be able to create their own whitelist of bitcoin addresses to which they can sign transactions.

In the long term, the Cobo Vault will add support for Taproot/Schnorr signatures. Also, a “cypherpunk” version of the device will get launched – this model allows users to upload their own firmware with open-source operating system layer code.

For more information, read Lixin Liu’s detailed op-ed in Hacker Noon.

Support Bitcoin Takeover

On Bitcoin Takeover you can read op-eds, find insightful podcasts, and sometimes even find exclusive in-depth news coverage like this one. However, the project is not currently sponsored, doesn’t feature ads, and has no monetization plan in sight. Therefore, it relies on donations.

So if you found this article useful, please send any amount to the address below. Alternatively, you can use the Lightning Network or your dirty fiat.


Also, if you have any exclusive news stories that you want to get covered, please send an e-mail to bitcointakeover [at] protonmail [dot] com. As long as the information is reasonable (read as “non-scammy”) and Bitcoin-centric, it’s likely for it to get published.

Don’t bother me with press releases though, I wouldn’t publish duplicate content which receives no critical input from me.

Vlad Costea

I'm here for the freedom, censorship-resistance, and unconfiscatability. What about you?

So, what do you think?

Follow Me