Cobo Vault & Cobo Tablet: Unboxing + Setup + Review (Rebranded KeyStone, 2021)

While we were recording S4 E9 of the Bitcoin Takeover podcast, Lixin Liu told me that he was about to release a new hardware wallet under the Cobo brand. Basically, it would be a more consumer-friendly of the device which he was already selling to Chinese miners.

To accomplish this release and offer a new hardware wallet at a competitive price, he would have to get rid of the aerospace aluminium body, IP68 waterproof certification, and IK09 impact resistance. The new device would be made out of more common materials, but deliver the same amount of security for the coins.

I was honored to be one of the first podcasters to have Lixin on, and then I was also among the very few people who reported on the launch. I was also among the first people in the world to get their hands on the Cobo Vault Pro hardware wallet, but for reasons which are still a mystery even to myself, it took me a whole year to open the box. I can say that I’ve been busy writing and producing content, but inside the box I had yet another goldmine for content.

Anyhow, it’s good to finally get my hands on the Cobo Vault and figure out how it works and what’s so special about it. The hardware wallet fees a lot like an Android phone, but has all the features of a cold storage wallet. You can’t connect it directly to your computer or phone, uses QR code scanning to validate transactions, and also makes use of the PSBT standard via micro SD card (just like the Coldcard).

Here are some highlights of my experience with the Cobo Vault:

  • I really enjoyed the multi-step verification process involved in the packaging. The big box was covered in a plastic layer which once removed reveals a carton box that’s sealed on both sides. To open the box, you must tear off a line of carton that you just can’t stick back. And inside this big box you will find two smaller boxes which are sealed with holographic stickers that read “Cobo” on the front side and “VOID” on the back. The hardware wallet itself also has a sticker which covers the screen, so you can’t read the information that gets displayed without removing it. Basically, Cobo makes it very easy to identify supply chain attacks and their layered security proves that they take their craft very seriously.
  • The verification process goes even further, as the first time you start the device you must scan a QR code and input a unique identifier to make sure that nobody has registered the same hardware wallet before you. While this may seem a little excessive, it guarantees that your device is secure.
  • The Cobo Vault feels a lot like an Android phone – from the keyboard input to the user interface, it’s all pretty familiar and requires no learning curve. I was able to set up a HD wallet with BIP39 seed words in a matter of minutes, and also verify it faster than on any other device (including Ledger, Trezor, BitBox02). There’s a lot to be said about not having to adapt to a new input method (something that I can only say about the Trezor Model T).
  • It’s air-gapped, which means that everything that you do on the device stays on the device (including finger print, unlock pattern, PIN, seed phrase). You can still mess up when you connect the SD card to your computer or when you use a mobile app.
  • You can either use a removable Li-Ion battery (available only with the Cobo Vault Pro variant) or AAA batteries. Unlike other manufacturers which put batteries in their hardware wallets, you don’t have to rely on Cobo’s manufacturing of spare parts to power up your device.
  • The Pro version has a self-destruct mechanism.
  • There’s a Bitcoin-only firmware, but it’s not the default setting and you must install it separately.

Here are the parts that I don’t necessarily like about the Cobo Vault:

  • While the software is open source, the hardware is proprietary. Schematics for auditability can be found in Cobo’s public GitHub repository, but they only allow researchers to reproduce the device for verification purposes. Unlike the Trezor, you can’t build Cobos and sell them (which removes some incentives involved in verification). I’ve explained in this article why Bitcoin free open source software matters.
  • You rely on Cobo for the early verification process. While it’s nice that you get to check that the same device wasn’t registered by someone else, it would be nice if you could undergo the procedure using a general-purpose wallet like Electrum or Wasabi.
  • The mobile watch-only wallet doesn’t allow you to connect to your own full node and other trustless price oracles.
  • The secure element chip is comparable with the ATEC you find in the Coldcard, BitBox02 and Foundation Devices Passport. It’s not really open source, but it’s more open than the Ledger chip. It makes a compromise for the sake of offering more physical security, and this is why I have high hopes that the Tropic Square project will make these chips more transparent.
  • There are some minor design issues that can get fixed in future iterations: you can’t use the Cobo while the battery is charging, and the placement of the micro SD card port is a little awkward.

Cobo Tablet vs Billfodl

During the first and last part of my unboxing and setup video, you can also watch me play with the Cobo Tablet – yes, Lixin was nice enough to send me a couple of them. Call me ungrateful, but my first instinct was to compare the metal plates with the Billfodl I already had.

Personally, I prefer the Billfodl for the design (no need for a screwdriver, more organized way of inserting letters) and overall feel. But are the metal plates that much better that they justify the double price? Well, that’s a hard question to ask and it’s up to you to figure out what’s best for you. Both the Cobo Tablet and the Billfodl are metal plates to store your BIP 39 seed phrase (mnemonic) after all. They feature no electronic parts and they are extremely similar in build and design.

So if you don’t want to pay $99 for the Billfodl, you can go for the $40 Cobo Tablet. You won’t be able to tell the difference with your eyes closed, and the amount of effort that’s required to create both backups is nearly identical. This comes from a guy who regularly recommends Billfodl and has their referral link on his website.

Donate to Bitcoin Takeover!

If you enjoy my work, here are the ways in which you can support it.

Donate BTC: 3QgMuF9VHXAhAQBRoJS582AKYD2rSqCE1h

Donate BTC via Lightning: https://tippin.me/@TheVladCostea

Donate fiat via Patreon (recurrent payments) or PayPal (one-time payments).

If you want your donation to get acknowledged in the Hall of Patrons, then please send me an e-mail and I’ll make sure that you get the recognition you deserve.

Another important way to support my work is to sign up to the newsletter, subscribe to YouTube, follow Bitcoin Takeover on Twitter, and engage with the content.

Vlad Costea

I'm here for the freedom, censorship-resistance, and unconfiscatability. What about you?

So, what do you think?

Follow Me