How to Create a Cryptocurrency Hardware Wallet like Trezor?

Trezor is a hardware wallet designed to help users store their cryptocurrency within reach and in maximum security. It’s a small USB device that is connected to a computer and used to sign transactions without compromising private keys, as they never leave the internal part of the hardware wallet. Due to that, the Trezor hardware wallet can be used even on devices infected with malware.

Concurrently, Trezor is an open-source platform, – both its hardware and software parts. So if you want to create your own cryptocurrency hardware wallet, you may use Trezor’s open-source and technical documentation. In this article, we’ll tell you how to do that and how much the launch of such a project might cost.

Advantages of Trezor wallets

Reliably protects against hackers, viruses, keyloggers, and other cybersecurity threats. It can be used for both cold and hot coin storage (due to mobile connection). It has a simple and convenient backup and recovery system for all contents of the device in case of theft or loss of the wallet. It also has many other protection mechanisms.

Performs secure operations with cryptocurrency ensuring that malware or hackers don’t get access to users’ cryptocurrency assets and/or private keys. A hardware wallet creates a safe offline environment, which is completely isolated from the internet, external devices (computer, laptop, tablet) and dangers associated with them. This protects people from nightmares and endless worries that coin theft might cause. In addition, Trezor has an external screen for visual and manual confirmation of all actions.

It’s compatible with Windows, macOS, and Linux families of operating systems. Notably, the Trezor software platform provides its clients with everything necessary to use modern cryptography to the full extent to protect cryptocurrency assets. The device is provided with clear instructions and a USB cable to connect to both a computer and a smartphone, which makes the Trezor wallet not only as safe as possible but also as mobile as possible, – accessible protection always ready for use.

A compact and lightweight device with a size of 64x39x10mm and a weight of 15g (Trezor Model T). It’s ideal for carrying in a briefcase, backpack, bag, wallet, or pocket. The device is equipped with an embedded processor based on the ARM Cortex M3 core with a clock speed of 120 MHz, which works on a specially designed system and has a 240×240 pixel OLED screen that can be turned 90, 180, and 270 degrees. In a nutshell, Trezor is a small, light, and convenient wallet.

Hardware wallets’ operating principle

The basic idea of hardware wallets is to store and use private keys in such a way that they never leave the protected part of the wallet. Thanks to that, all operations for cryptographic signature are performed within the wallet and not on the computer or smartphone, which it’s connected to. For this reason, even if the user’s computer or smartphone is infected with viruses and/or hacked, the attackers can’t get the private keys.

Besides, hardware wallets have other protective measures; for instance, the device lock with a PIN code, backup, physical action confirmation (with a physical button or a touch screen), BIP39 support, etc. These considerations defined the most appropriate design of a form factor: this is usually a small device with a display and buttons that are used to enter a PIN code and a crypto transaction signature.

However, the internals of such devices usually vary. Ledger and Trezor, the leading suppliers of hardware wallets, use two different approaches to the construction of the hardware part of their devices.

Ledger’s approach

The base of the hardware part of Ledger devices is two key chips — a security module (ST31H320 in Ledger Nano S) and a microcontroller (STM32F042K). The first is meant for the safe storage of confidential crypto data. In particular, such chips are used in bank cards with a chip and a PIN code and smartphones compatible with Google Pay and Apple Pay.

The second module is a general-purpose microcontroller, which carries out peripheral tasks such as management of buttons, display, connection to a computer/smartphone and the like. Essentially, this microcontroller is a sort of a mediator between a security module and the rest of the world – computer, internet, operating system, and a user. For example, when the wallet user needs to confirm a cryptocurrency transaction, he turns to the general-purpose microcontroller and not to the security module.

Trezor’s approach

Trezor wallets are a little different. They don’t use a security model, one chip manages all processes in a wallet – a general-purpose microcontroller based on the 32-bit RISC architecture Advanced RISC Machine (ARM). This chip is responsible for crypto data processing and storage as well as the management of USB connection, buttons, display, and everything else.

Hypothetically, such an approach to the construction may simplify hacking the software part of the Trezor wallet, which in its turn will allow to get access to private keys that are hidden inside the microcontroller’s flash memory. However, as WALLET.FAIL experts confirmed, the SatoshiLabs engineers (Trezor wallet developers) did a great job strengthening the security of the firmware of their wallet, and to get data, which is hidden in it, it’s necessary to hack hardware and not software.

Three components of a hardware wallet

The development of such a cryptocurrency hardware wallet as Trezor implies the creation of a user interface, hardware, and the server side. Along with this, all three components have to be implemented as reliable and safe as possible. Here’s what you should create exactly:

User interface. This is a frontend component of a wallet, which is responsible for the interaction with users. With its help, cryptocurrency owners will create accounts, set the system, buy and sell cryptocurrency assets. When developing your Trezor wallet clone, you can copy its user interface design entirely or create your unique design tailored to the chosen niche and audience.

Trezor hardware wallets support three types of interfaces.

• Trezor Suite. This is desktop software to manage a hardware wallet via a computer or a laptop. There are versions for Windows, macOS, and Linux. After the installation of Suite, the system will ask the user to create or restore the old account and set up its operation.
• Browser extension. It’s another interface of the Trezor wallet implemented as extensions for the Chrome, Firefox, and Brave browsers. With its help, you can set a wallet, make transactions, and manage coins in your wallet. Other browsers aren’t supported.

There’s no mobile version of the Trezor wallet (not long ago, it was possible to download the TREZOR Manager app in Google Play, but it was a scam); however, the company promises to launch it in the near future. At least, in the roadmap, this project is in the «Ready for implementation» column. If users need to connect their Trezor wallets to their phones, they can use Mycelium, Electrum, Sentinel, WallETH, or other solutions. Here is the official instruction on this matter.

Hardware Security Module (HSM). The «hardware» part of the Trezor hardware wallet is a hardware security module (HSM) — an ultra-secure device of the read-only memory with the protection against unauthorized access. Usually, it’s used to store authentication data; for instance, private keys.

As Trezor is an open-source platform, during the development of your hardware wallet like Trezor, you can use its hardware and software solutions. You can find distribution and schemes on Github. Moreover, you can clone the hardware part fully and in this case, you need to implement only your user interface and a server side.

The server side of the product. This is a «heart» of a future system, which will be responsible for the processing, storage, and protection of data of the cryptocurrency wallet. You can implement backend on both your own local servers or on the cloud — Amazon Web Services, Google Cloud, or Microsoft Azure, which is much simpler, faster, and more economically feasible.

Main features of hardware wallets

Sign up, log in. In the case of a hardware wallet, the process of registration of a new user implies not only the creation or connection of a cryptocurrency address (account) but also the wallet settings: installation, security settings, PIN code selection, Seed phrase entering, etc. After the initial setting, you will log in much faster and simpler (wallet connection + PIN code).

Currency conversion rates. As with the help of your Trezor clone the users will manage their cryptocurrency assets, they should always know their value against the main fiat currencies and other cryptocurrencies. It’s also convenient that the users will be able to see not only a rate but also a graph of the change of the asset value in your wallet.

Cryptocurrency asset management. This hardware wallet module is responsible for the purchase and sale of cryptocurrency assets. It requires integration with a cryptocurrency exchange or a liquidity provider. Aside from that, the connection to payment systems (PayPal, Stripe, banks) will be necessary as well as the implementation of such features as transaction history, a list of selected addresses, QR payments and the like.

Administrative panel (interface). Using this panel, you and your employees will track the current state of the wallet (number of transactions and users, the work of the server side), manage users, monetization and content and help users solve their problems.

Additional opportunities. To make your Trezor clone popular, apart from the basic functionality, you also need to implement additional opportunities, which improve the user experience. Here’s what it can be:

• notifications — they will inform users of important things;
• Lightning transactions — almost instant and cheap transactions;
• e-commerce transactions — purchase of goods and services in shops for cryptocurrency;
• support of several languages — this may increase the reach of the audience;
• multiple listing — support of a big number of cryptocurrencies;
• NFC support — the main trend of the cryptocurrency market;
• VIP support — 24-hour support seven days a week.

Security measures of the Trezor wallet

The next thing to focus on when developing a hardware wallet like Trezor is guaranteeing the maximum protection of the users’ money and data. Here’s what you can do for it besides standard things like PIN code, multisignature, backup, U2F, and the IP check.

• Firmware verification. The bootloader always verifies the firmware signature. The firmware only runs if correctly signed by SatoshiLabs. Otherwise, a warning is shown.
• Ultrasound hardware seal. Trezor hardware case is ultrasonically welded, making it difficult to be restored after breakage.
• Secure update procedure. The Trezor bootloader erases and updates the cryptocurrency wallet’s memory if the firmware signature is invalid while integrating the software update.
• Additional passphrase support. Trezor supports BIP39 passphrases, which are never stored or remembered on the device.
• Protected bootloader. The bootloader is write-protected as the JTAG is disabled.

Architecture and a tech stack

Architecture. It visualizes the logic of a hardware wallet, its main elements, and the interaction among them. Here is an example:

Tech stack of the server side for the development of a Trezor clone:

• Smart contracts: virtual machine Ethereum or BSC.
• SQL databases: MySQL, PostgreSQL, MariaDB, MS SQL, Oracle.
• DevOps: GitLab CI, TeamCity, GoCD Jenkins, WS CodeBuild, Terraform.
• NoSQL databases: MongoDB, Cassandra, DynamoDB.
• Search systems: Apache Solr, Elasticsearch.
• Programming languages: Java, PHP, Python.
• Frameworks: Spring, Symphony, Flask.
• Cache: Redis, Memcached.

Tech stack of a frontend component of a Trezor clone:

• Programming languages for web: Angular.JS, React.JS, and Vue.JS.
• Programming languages for App: Java, Kotlin for Android and Swift for iOS.
• Architecture: MVVM for Android and MVC, MVP, MVVM and VIPER for iOS.
• IDE: Android Studio and Xcode for iOS.
• SDK: Android SDK and iOS SDK.

Process of development of a Trezor clone

You should create a hardware wallet like Trezor only with the use of custom development because it’s the only way you can provide an adequate security level – the main value proposition of such devices. It’s especially important if your project will be an open-source solution just like Trezor because otherwise, any hacker will be able to check its code to find flaws in it and steal the money and confidential data of the platform users.

Here’s the process of the custom development of a Trezor clone.

1. Defining objectives. Analysis of business and technical aspects of a future product to understand its business goals and tasks. Analysis of the niche and target audience, competitors’ strengths and weaknesses. Determination of technical requirements for the product. Development process planning.
2. UI/UX design development. Creation of the information and system architecture of a Trezor clone. Formation of the platform style. User flow optimization. Development of interactive prototypes of the user interface of the future wallet.
3. Program code writing. Implementation of a server side and a user interface in a code. Smart contract development. Integration with external services and apps.
4. Product testing. Testing functionality, usability, security, and performance of the created software. Internal and external (independent) audit of smart contracts.
5. Deployment, release. Move of the created product from the work environment to the production one. If a mobile app (a Trezor clone) is created, it gets added to the App Store and Google Play online marketplaces.
6. Product support. Staff training. Support service organization. Feedback collection. Troubleshooting and wallet improvement.

Cost of the creation of a Trezor clone

Development of software of such a hardware wallet as Trezor will cost $25 thous. to $72 thous. depending on the location of the development company. The production cost of USB devices depends on the device complexity, production location, and logistics. Usually, it’s $5 to $20 a piece. You can order the development and production of them on Utimaco, Gemalto, Microsoft, Amazon, Thales, IBM, and from other HSM solution suppliers.