This article explains the concept of air-gapped signing mechanism, how it is different to other signing mechanisms, and how it is utilized as an important security feature on the SafePal S1 hardware wallet.
The article covers the following topics:
- Understanding the working mechanism of a hardware wallet
- What is the air-gapped signing mechanism?
- How does SafePal S1 utilize the Air-gapped signing technology?
- Can I view the balance on the SafePal S1 hardware wallet?
- Can I use the SafePal S1 hardware wallet ONLY, without using the App?
Understanding the working mechanism of a hardware wallet
A hardware wallet is a type of hardware device to keep the seed phrase in an offline and isolated environment. This means that a hardware wallet cannot access the internet, pull data from the blockchain, or automatically update the balance.
In order to execute a transaction, a hardware wallet needs a secure way to interact with the external environment so that it can sign and approve a transaction and transfer the signature to the blockchain. Furthermore, users also need a user-friendly interface to view the most updated balance and manage crypto assets.
To realize these purposes, a lot of hardware wallets are connected with special external software for crypto management purposes. Some use desktop applications, some use web clients, and some use mobile Apps.
With the help of external software, a hardware wallet is able to receive an unsigned transaction from the software, sign the transaction, and then transmit the signature to the external software, so that the software can broadcast to the blockchains.
There are different ways to communicate between the hardware wallet and the software end, such as Bluetooth, NFC, USB connection, QRcode, etc. Radio-frequencies and USB connections are often considered not secure enough because they still potentially expose the connection with the hardware wallet to an internet-accessible environment. Air-gapped signing mechanism becomes a new option for a hardware wallet to communicate with the external environment without exposing the seed to any online environment.
What is the air-gapped signing mechanism?
The Air-gapped signing mechanism is a technology to enable crypto transaction signing without using any radio frequencies or physical connection. This type of signing is usually done through QRcode communication, which uses image recognition technology and thus does not rely on any internet or external signal.
How does SafePal S1 utilize the Air-gapped signing technology?
SafePal S1 Hardware Wallet adopts an air-gapped signing mechanism for better security. During a transfer, the S1 hardware wallet communicates with the SafePal App via encrypted QR codes. There are no radio frequencies, antenna, or USB involved, which keeps the S1 device 100% offline and safely protected against remote attacks or online attacks.
For example, when you want to send crypto using a SafePal S1 Hardware Wallet, here is what happens:
- Firstly you will create a new transaction on the SafePal App first, with the transfer details (address, amount, etc) entered. By this time, the transfer is not signed yet.
- The App will generate a QR code that contains the transfer details, so that the S1 device can scan it via its camera.
- By scanning the QRcode on the App, the S1 can fetch the transfer details and display them on its 1.3' IPS screen for verification purposes. Then you can sign the transfer on the S1 device
- When you've signed the transfer on the S1 device, the S1 device will compose the signature into a set of dynamic QR codes, so that the SafePa App can scan the QR codes and get the final signature
- At the last step, the SafePal App will broadcast the transfer to the blockchain
A detailed article showing the complete process can be found in 'How to send crypto using a SafePal S1 hardware wallet'.
By enabling the air-gapped signing mechanism in the S1 device, the S1 hardware wallet remains offline through every step of the signing process. This is one of the core technologies of the SafePal S1 hardware wallet security.
Can I view the balance on the SafePal S1 hardware wallet?
You don't need to. Since the SafePal S1 hardware wallet is 100% offline, it cannot detect if your wallet balance changes. When you want to view the balance of the wallet, simply pair your SafePal S1 with the SafePal App, and the App will update all of the on-chain assets (balance, addresses, etc) of the wallet. Here is a tutorial on how to pair a SafePal S1 hardware wallet with the SafePal App.
Can I use the SafePal S1 hardware wallet ONLY, without using the App?
If you are keeping the crypto assets for a long time and don't want to move them frequently, then it's ok that you don't pair the S1 hardware wallet with the SafePal App. Actually, in this case, a SafePal Cypher might be a better fit for this scenario. (Learn what is SafePal Cypher).
If you want to manage the crypto on a regular basis and may want to move your funds in and out of the wallet, then SafePal App is a must-have for simple and secure crypto management. Since the S1 hardware wallet is 100% offline, it cannot automatically update, display the asset details. In this case, pairing the S1 device with the SafePal App will allow you to view and manage the crypto assets without compromising the wallet security. Learn how to pair the S1 device with the SafePal App from this tutorial.