ZachXBT Calls Hardware Wallets Garbage, Backs iPhone

ZachXBT Calls Hardware Wallets “Complete Garbage,” Backs Dedicated iPhone

Last Updated:
ZachXBT Calls Hardware Wallets Garbage, Backs iPhone
  • ZachXBT says a crypto-only iPhone may offer better control for high-value storage.
  • Trezor argues that hardware wallets provide safer signing through isolated screens and keys.
  • Recent wallet losses largely involved fake apps and social engineering, not device breaches.

On-chain investigator ZachXBT reopened the self-custody debate after calling existing hardware wallets “complete garbage” in a Telegram post circulated on July 16. He advised users against relying on them for high-value storage or critical transaction signing, instead backing a separate iPhone used only for cryptocurrency activity.

“All hardware wallets are complete garbage and l do not advise using them for important tasks like signing transactions or storing funds,” ZachXBT wrote. “Much better to have a separate iPhone with its only purpose being to use as your hardware wallet.”

His criticism focused mainly on Ledger and frequent software updates. He said updates often change interfaces and sometimes interrupt basic functions. However, ZachXBT identified no new Ledger breach and presented no evidence that private keys had recently been compromised.

Recent Scams Expose the Human Risks Behind Wallet Security

Ledger recently renamed Ledger Live as Ledger Wallet, while version 4.8.0 was released on June 11 with security improvements, interface changes, and bug fixes. The company continues to promote hardware-based transaction signing, as it keeps private keys isolated from internet-connected computers and smartphones.

By contrast, ZachXBT proposed using a dedicated iPhone exclusively for crypto transactions. Such a device would avoid browsing, messaging, and unrelated applications, potentially reducing its exposure to malicious links and compromised software compared with an everyday smartphone.

However, recent losses involving hardware wallet owners resulted from deception rather than physical device failures. In many cases, attackers have used fake applications and seed-phrase requests to bypass user protections.

In April, for instance, a fraudulent Ledger Live clone on the App Store drained about $9.5 million. Musician G. Love was among the victims, losing 5.92 BTC after entering his recovery phrase into the application.

Similarly, another victim lost $282 million in Bitcoin and Litecoin during a January social-engineering scam involving a hardware wallet. The incident further demonstrated that even secure devices cannot protect users who are manipulated into revealing sensitive information or approving fraudulent transactions.

Trezor Defends Isolated Signing Against Smartphone Threats

Meanwhile, Danny, a Trezor representative on X, challenged ZachXBT’s claim that an isolated smartphone could improve security over an everyday hot wallet. He argued that an iPhone remains a general-purpose device with a broader attack surface.

He also warned that one phone would display and approve transactions within a single trust domain. Therefore, a compromise could remove independent verification of addresses and amounts.

By comparison, purpose-built hardware wallets provide separate screens and signing environments. Danny said this structure helps users confirm transaction details before approving transfers.

He further raised concerns about generating recovery phrases on smartphones. Cloud backups, synchronized screenshots, clipboard access, and other connected services could expose sensitive information, particularly when users store or handle seed phrases incorrectly.

Moreover, he criticized the closed-source nature of iOS, arguing that users cannot independently inspect much of the operating system. Long-term storage could also introduce hardware problems, including battery degradation or swelling, while device restoration may depend on Apple accounts and activation infrastructure.

However, Danny acknowledged that the hardware wallet industry must continue improving usability. He also rejected treating every manufacturer like Ledger, saying different companies follow different approaches to software updates and architectural stability. In his view, dedicated hardware remains the safest option for protecting private keys.

Related: ZachXBT Sets Strict Rules for Accepting Crypto Theft Investigations

Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.