Is using an old iPhone safer than a crypto hardware wallet? ZachXBT thinks so
ZachXBT just lately argued that a devoted iPhone presents higher safety than a hardware wallet, a line of reasoning that already splits crypto’s safety group.
Both gadgets are basically signing gadgets, and the true vulnerability crypto has spent a decade constructing round lives in what a legitimate signature will get to do as soon as it exists.
Hardware wallets tackle the second when malware would possibly extract a non-public key straight from an internet-connected laptop, offering actual and efficient isolation.
Crypto’s largest current losses occurred at a totally different level in the identical chain: the second a consumer approves the transaction.
When the important thing stays secure and the cash strikes
Attackers stole roughly $1.5 billion from Bybit by manipulating what the signers noticed on their screens, gathering authentic signatures for a transaction the signers believed was routine.
The hardware wallets concerned could not show sufficient of the transaction’s that means for anybody to catch the swap earlier than approving it.
Radiant Capital misplaced roughly $50 million in the same way months earlier, when builders using hardware wallets signed a malicious transaction throughout a workflow that seemed fully regular on their screens.

In each circumstances, the failure sat in what these signatures approved.
Chainalysis counted roughly 158,000 particular person pockets compromises in 2025, affecting 80,000 victims and totaling $713 million in losses, a mixture of assault varieties spanning much more than any single machine class.
The scale remains to be huge sufficient to point out that key isolation covers solely a part of the self-custody drawback.
Where the iPhone argument will get difficult
A devoted iPhone brings a hardened working system, app sandboxing, biometric locks, and a display massive sufficient to point out extra than a hardware pockets’s tiny show.
It may also function fully independently of the e-mail, messaging, and browser extensions operating on somebody’s important machine.
A purpose-built hardware pockets nonetheless isolates its key via silicon designed for that job. Apple’s Secure Enclave indicators with NIST P-256 keys, whereas Bitcoin and Ethereum use a separate normal, secp256k1.
That hole means a typical BTC or ETH pockets app tends to make use of the Secure Enclave to protect entry to encrypted pockets materials, with the blockchain signature generated elsewhere within the software program stack, relying on how every pockets is constructed.
Apple’s overview course of nonetheless lets dangerous pockets software program via often. A faux Ledger software that bypassed the Mac App Store’s overview was linked to over $9.5 million in thefts from over 50 victims in April 2026 on Mac, as ZachXBT discovered.
| Security mannequin | What it protects nicely | Where it nonetheless fails | Best use case |
|---|---|---|---|
| Hardware pockets | Keeps non-public keys remoted from internet-connected computer systems | Small screens and restricted transaction context could make complicated signing arduous to confirm | Cold storage, easy transfers, long-term Bitcoin custody |
| Dedicated iPhone | Cleaner atmosphere, sturdy OS sandboxing, biometrics, bigger show | Wallet implementation issues; dangerous apps and software program compromise stay attainable | Active pockets with restricted funds and readable transaction flows |
| Clear signing | Makes contract calls simpler to grasp earlier than approval | Still relies on the consumer noticing hazard and refusing | DeFi, token approvals, complicated smart-contract interactions |
| Policy pockets | Limits what legitimate signatures can authorize | Adds smart-contract and governance complexity | Treasuries, protocol multisigs, high-value lively wallets |
| Vault + working pockets break up | Separates massive balances from every day exercise | Requires self-discipline and setup complexity | Serious self-custody with capped lively threat |
Clear signing fixes the show drawback
The business’s present reply is ERC-7730, which lets protocols provide machine-readable directions that translate a uncooked contract name into plain language, changing an opaque hash with the property, permissions, and intent behind a transaction.
Ledger helped construct the usual and has now handed its governance to the Ethereum Foundation, aiming to make it a normal the entire pockets business shares.
Trail of Bits has proposed extending the fix to a second stage, constructing restrictions straight into sensible contract wallets so that a captured or mistaken signature strikes solely what the pockets’s personal guidelines enable.
The proposed toolkit consists of every day spending limits, allowlisted locations, withdrawal delays on massive transfers, separate keys for on a regular basis spending versus coverage adjustments, and an emergency window to cancel a transaction earlier than it finalizes.
Chainalysis’s Hexagate product pushes the same idea for organizations, operating pre-signing simulations that flag transactions in opposition to a firm’s personal coverage earlier than anybody indicators.
A coverage pockets that caps every day transfers at $100,000 to authorised addresses reduces failures, and including a 24-hour delay to something above that cap can convey the lifelike loss near zero if the try is caught in time.
This nonetheless leaves actual gaps, and Bitcoin safety specialist Jameson Lopp continues to suggest dedicated hardware for cold storage, since pulling a key off any internet-connected machine closes off a large vary of distant assaults.
For easy Bitcoin storage with occasional transfers, that menace mannequin stays about as clear as safety will get.
Cold storage and lively transaction signing have develop into two totally different issues now, every needing its personal reply.

Constrained keys meet actual attackers
If policy-enforcing wallets develop into normal for severe balances, sensible accounts, spending caps, and pre-signing checks flip a legitimate signature into one thing in need of limitless authority.
Self-custody is wanting like a programmable threat system, with theft capped by deliberate design.
If attackers adapt their phishing, faux apps, and social-engineering flows to the brand new interfaces, customers find yourself approving clearer, better-labeled transactions which can be nonetheless harmful.
That final result would show that exhibiting folks extra info solves much less than proscribing what a legitimate key can do.
Pure self-custody meant a legitimate key might transfer every part on command. The wallets constructed subsequent could commerce a few of that instantaneous management for a solution to include a mistake earlier than it turns into a whole loss.
The put up Is using an old iPhone safer than a crypto hardware wallet? ZachXBT thinks so appeared first on CryptoSlate.
