The table below lists what devices and features are supported for each device.
✓
- supported by the firmware and implemented in HWI✗
- supported by the firmware and not implemented in HWI―
- not supported by the firmware
Feature \ Device | Ledger Nano X | Ledger Nano S | Trezor One | Trezor Model T | BitBox01 | BitBox02 | KeepKey | Coldcard |
---|---|---|---|---|---|---|---|---|
Support Planned | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Implemented | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
xpub retrieval | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Message Signing | ✓ | ✓ | ✓ | ✓ | ✓ | ― | ✓ | ✓ |
Device Setup | ― | ― | ✓ | ✓ | ✓ | ✓ | ✓ | ― |
Device Wipe | ― | ― | ✓ | ✓ | ✓ | ✓ | ✓ | ― |
Device Recovery | ― | ― | ✓ | ✓ | ― | ✓ | ✓ | ― |
Device Backup | ― | ― | ― | ― | ✓ | ✓ | ― | ✓ |
P2PKH Inputs | ✓ | ✓ | ✓ | ✓ | ✓ | ― | ✓ | ✓ |
P2SH-P2WPKH Inputs | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
P2WPKH Inputs | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
P2SH Multisig Inputs | ✓ | ✓ | ✓ | ✓ | ✓ | ― | ✓ | ✓ |
P2SH-P2WSH Multisig Inputs | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
P2WSH Multisig Inputs | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Bare Multisig Inputs | ✓ | ✓ | ― | ― | ✓ | ― | ― | ― |
Arbitrary scriptPubKey Inputs | ✓ | ✓ | ― | ― | ✓ | ― | ― | ― |
Arbitrary redeemScript Inputs | ✓ | ✓ | ― | ― | ✓ | ― | ― | ― |
Arbitrary witnessScript Inputs | ✓ | ✓ | ― | ― | ✓ | ― | ― | ― |
Non-wallet inputs | ✓ | ✓ | ✓ | ✓ | ✓ | ― | ✓ | ✓ |
Mixed Segwit and Non-Segwit Inputs | ― | ― | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Display on device screen | ✓ | ✓ | ✓ | ✓ | ― | ✓ | ✓ | ✓ |
For a device to be supported by HWI, it must:
- Use open source firmware as much as possible
- Entirely closed source devices will be rejected
- Devices may have closed source firmware components if required to under a NDA (e.g. a secure element with NDA)
- Publicly documented communication protocol
- It is preferred to both document the protocol and provide a Python library for using it
- The library, with its own documentation, can suffice as "publicly documented"
- Either (but preferably both):
- A simulator/emulator is available for automated tests to be run
- A promise to maintain and support from the vendor:
Device support may be dropped:
- If promised vendor maintenance and support disappears
- If there are continuous issues with the device and the vendor has failed to provide support and updates
- If the device no longer receives security devices and there are known vulnerabilities and issues
hwilib.devices.ledger
hwilib.devices.trezor
hwilib.devices.digitalbitbox
hwilib.devices.bitbox02
hwilib.devices.keepkey
hwilib.devices.coldcard