The Coldcard Mk4 ($177.94) is a strong choice for security-focused Bitcoin holders who prioritize auditability over convenience. Dual secure elements (ATECC608A + DS28C36B), open-source reproducible firmware, and air-gapped signing via NFC or microSD set a high technical bar. Supports Bitcoin only, no iOS/Android, and the CLI-adjacent UX will alienate casual users.
The Coldcard Mk4 uses a dual secure element architecture: a Microchip ATECC608A and a Maxim DS28C36B. Neither chip has a published Common Criteria certification level — Coinkite's rationale is that dual independent chips create redundancy and reduce single-point-of-failure risk. This is a deliberate design philosophy, not an oversight, but it means the Mk4 lacks the EAL5+ or EAL6+ certification found on the ST33 used in Ledger's Nano X or the CC EAL6+ chip in Trezor Safe 3's Optiga Trust M.
Firmware is open source and supports reproducible builds, meaning anyone can compile the firmware and verify the binary matches what Coinkite distributes. This is a concrete, verifiable advantage over Ledger, whose firmware remains closed source. Firmware updates are delivered via USB or microSD and are verified by the device against Coinkite's signing keys.
Supply chain authenticity is addressed through a bag number system and a verifiable factory attestation stored on the DS28C36B chip. The device also ships in a tamper-evident bag with a unique serial number. Vendor claims the attestation is cryptographically verifiable — this process is documented publicly but independent third-party audits of the full attestation chain are not widely published.
Known attack surface: the Mk4 has no battery and no wireless radio (Bluetooth disabled by design), which eliminates entire classes of remote attacks. A 2023 Ledger Connect Kit supply chain incident had no equivalent on Coldcard due to its air-gap-capable design. The numeric keypad uses a randomized PIN entry layout to defeat shoulder-surfing and thermal imaging attacks.
SecurityKey Factor
The Coldcard Mk4 generates a 24-word BIP39 seed entirely on-device using the dual secure elements as entropy sources, supplemented by user-provided dice rolls if desired — a feature that lets you verify and augment the randomness source, which Trezor Model T also supports but Ledger Nano X does not expose to users.
Backup options are notably broad for a single-brand device:
Paper seed phrase: standard 24-word BIP39 write-down
Encrypted microSD backup: the device can export an AES-256 encrypted backup of the seed to a microSD card, protected by the device PIN
Seed XOR splitting: Coinkite's proprietary method splits the seed into 2 or 3 parts — a manual alternative to Shamir Secret Sharing (SLIP39), which the Mk4 does not support natively
BIP39 passphrase (25th word) is fully supported, enabling hidden wallets. The passphrase is never stored on the device, which is correct behavior.
Restoring on a new Coldcard or any BIP39-compatible device (Trezor, Sparrow, Electrum) requires only the 24-word seed and optional passphrase — standard process, no proprietary lock-in. The absence of Shamir Secret Sharing is a gap compared to Trezor Model T, which supports SLIP39 natively and allows M-of-Nrecovery without exposing the full seed to any single location. For users who want geographic seed distribution, the Seed XOR method is functional but less standardized than SLIP39.
Recovery & backups
Initial setup takes approximately 15–25 minutes for a user following the documentation, longer if using dice rolls for entropy. The process involves setting a PIN (split into two parts — prefix and suffix — a security feature that adds steps), generating the seed, and optionally writing an encrypted backup to microSD. There is no companion mobile app; setup is guided entirely by the 0.8-inch OLED screen and a numeric keypad.
The OLED display is small by current standards — the Trezor Model T uses a 2.4-inch color touchscreen and the Foundation Passport uses a larger color display. Text on the Mk4 is legible but dense; address verification requires scrolling through characters rather than viewing a full address at once. The keypad is physical and tactile, which is preferable to touchscreens for gloved or cold-environment use.
Daily sending workflow via USB requires Sparrow Wallet or Electrum on desktop — there is no official Coinkite companion app for routine transactions. Air-gap signing via microSD (PSBT files) is fully supported and is the recommended workflow for maximum security. NFC is available for tap-to-sign with compatible setups.
The learning curve is steep for non-technical users. Concepts like PSBT, air-gap signing, and the dual-PIN system require reading documentation. Ledger Live and Trezor Suite offer significantly more hand-holding for beginners. The Coldcard Mk4 is explicitly designed for Bitcoin-focused power users who prioritize security controls over ease of use — casual users will find it frustrating.
Usability / UX
The Coldcard Mk4 supports Bitcoin only. There is no Ethereum, no ERC-20 tokens, no altcoins, and no NFT support — by design. This is the single most important fact for any prospective buyer: if you hold assets outside of Bitcoin, this device cannot manage them.
Within the Bitcoin ecosystem, third-party compatibility is extensive:
Sparrow Wallet: full PSBT and multisig support, the primary recommended desktop companion
Electrum: supported via USB and PSBT
Specter Desktop: multisig coordinator support
Bitcoin Core: compatible via PSBT workflow
BlueWallet: watch-only with air-gap signing via microSD
WalletConnect is not supported and is irrelevant given the Bitcoin-only scope. DeFi and NFT capability is zero. Compared to the Ledger Nano X, which supports 5,500+ assets and integrates with MetaMask and WalletConnect, the Mk4's scope is radically narrower. Compared to the Foundation Passport — also Bitcoin-only — the Mk4 has comparable third-party wallet support but adds NFC connectivity that Passport lacks. For multisig coordination, the Mk4's secure multisig setup with anti-tampering verification is among the most robust implementations available in consumer hardware wallets.
Ecosystem & integrations
The Coldcard Mk4 requires no account registration to purchase or use — Coinkite sells devices for Bitcoin with no mandatory KYC at the device level (though payment method for purchase may involve identity). The device itself collects zero telemetry; there is no phone-home mechanism, no analytics, and no network connectivity on the device hardware.
The Mk4 operates fully offline by design — it has no Wi-Fi, no Bluetooth, and no persistent internet connection. All transaction signing can be done via microSD air-gap, meaning the device never needs to touch a networked computer. This is a stronger privacy posture than the Ledger Nano X, which requires Ledger Live (a networked application) for most workflows and has historically raised concerns about data collection at the software layer.
CoinJoin support is available via Sparrow Wallet's Whirlpool integration when used as the signing device — a concrete privacy feature absent from most competitors including Trezor's native Suite interface.
Compared to the Foundation Passport, both devices are Bitcoin-only and air-gap capable with no telemetry. The Passport's open-source camera-based QR workflow avoids USB entirely, which some privacy researchers consider marginally superior to microSD for air-gap purity. Tor and VPN compatibility is fully supported since the device has no independent network stack — your companion software (Sparrow, Electrum) handles all network calls and can be routed through Tor natively.
Privacy
The Coldcard Mk4 is priced at $177.94 USD from Coinkite's official store, making it one of the most expensive single-device hardware wallets in the consumer segment.
Direct price comparisons:
Trezor Model T: ~$219 — more expensive, supports 1,000+ coins, touchscreen, but closed secure element and no reproducible builds
Ledger Nano X: ~$149 — cheaper, supports 5,500+ assets, but closed firmware and Bluetooth attack surface
Foundation Passport Batch 2: ~$199 — Bitcoin-only competitor, open source, QR air-gap, larger display, but no NFC and fewer multisig integrations
Trezor Safe 3: ~$79 — significantly cheaper, CC EAL6+ secure element, but supports only basic multisig and no microSD encrypted backup
At $177.94, the Mk4 delivers best value for Bitcoin-only holders who prioritize open-source firmware, reproducible builds, and advanced security features like dual secure elements, microSD encrypted backup, and air-gap signing. The price premium over a Trezor Safe 3 ($79) is justified only if you actively use features like PSBT air-gap workflows, Seed XOR splitting, or advanced multisig coordination.
Users holding ETH, altcoins, or NFTs should not buy this device at any price — it cannot serve those use cases. For a Bitcoin-first user who wants the most security-auditable device available, the $177.94 price point is competitive against the $199 Passport. For casual users or beginners, the Ledger Nano X at $149 or Trezor Safe 3 at $79 offer far better UX per dollar.
Price & value
The Coinkite Coldcard Mk4 is an exceptionally capable Bitcoin-only hardware wallet that earns its reputation among security-focused users, though its steep learning curve and single-asset focus make it a poor fit for casual or diversified crypto holders.
Buy this wallet if you are a Bitcoin maximalist who demands the highest available security architecture — dual secure elements (ATECC608A + DS28C36B), open-source reproducible firmware, and air-gapped signing via NFC or microSD represent a genuinely elite threat model.
Buy this wallet if you manage multisig setups or run advanced custody arrangements. The Coldcard Mk4's secure multisig implementation and deep PSBT support make it the go-to device for collaborative custody and institutional-grade self-custody workflows.
Buy this wallet if you are a power user comfortable with a CLI-adjacent experience who values features like coin control, encrypted microSD backups, and BIP39 passphrase support over a polished consumer interface.
Skip this wallet if you hold altcoins or need multi-asset support. The Coldcard Mk4 supports Bitcoin exclusively — full stop. For a diversified portfolio, consider the Ledger Nano X ($149) or Trezor Model T ($219), both of which support thousands of assets.
Skip this wallet if you are a beginner or want a simple plug-and-play experience. The Coldcard's interface is dense and unforgiving for newcomers. The Foundation Passport ($199) or Blockstream Jade ($65) offer comparable Bitcoin-focused security with significantly friendlier onboarding.
Skip this wallet if budget is a primary concern. At $177.94, the Coldcard Mk4 is a premium investment. The Blockstream Jade delivers solid Bitcoin-only security at a fraction of the price for users who do not need the Coldcard's advanced feature set.
If choosing between the Coldcard Mk4 ($177.94) and the Foundation Passport ($199): the Passport wins on usability and QR-based air-gap workflow, while the Coldcard wins on raw security depth and advanced scripting features. If choosing between the Coldcard Mk4 and the Trezor Model T ($219): the Trezor is the clear choice for multi-asset holders, but the Coldcard's dual secure elements and open reproducible builds give it a decisive edge for Bitcoin-only security purists.
Refer to our detailed scoring above for a precise breakdown of how the Coldcard Mk4 was rated across security, usability, and value categories.
✓ Our Verdict
The Coinkite Coldcard Mk4 is an exceptionally capable Bitcoin-only hardware wallet that earns its reputation among security-focused users, though its steep learning curve and single-asset focus make it a poor fit for casual or diversified crypto holders.
Buy this wallet if you are a Bitcoin maximalist who demands the highest available security architecture — dual secure elements (ATECC608A + DS28C36B), open-source reproducible firmware, and air-gapped signing via NFC or microSD represent a genuinely elite threat model.
Buy this wallet if you manage multisig setups or run advanced custody arrangements. The Coldcard Mk4's secure multisig implementation and deep PSBT support make it the go-to device for collaborative custody and institutional-grade self-custody workflows.
Buy this wallet if you are a power user comfortable with a CLI-adjacent experience who values features like coin control, encrypted microSD backups, and BIP39 passphrase support over a polished consumer interface.
Skip this wallet if you hold altcoins or need multi-asset support. The Coldcard Mk4 supports Bitcoin exclusively — full stop. For a diversified portfolio, consider the Ledger Nano X ($149) or Trezor Model T ($219), both of which support thousands of assets.
Skip this wallet if you are a beginner or want a simple plug-and-play experience. The Coldcard's interface is dense and unforgiving for newcomers. The Foundation Passport ($199) or Blockstream Jade ($65) offer comparable Bitcoin-focused security with significantly friendlier onboarding.
Skip this wallet if budget is a primary concern. At $177.94, the Coldcard Mk4 is a premium investment. The Blockstream Jade delivers solid Bitcoin-only security at a fraction of the price for users who do not need the Coldcard's advanced feature set.
If choosing between the Coldcard Mk4 ($177.94) and the Foundation Passport ($199): the Passport wins on usability and QR-based air-gap workflow, while the Coldcard wins on raw security depth and advanced scripting features. If choosing between the Coldcard Mk4 and the Trezor Model T ($219): the Trezor is the clear choice for multi-asset holders, but the Coldcard's dual secure elements and open reproducible builds give it a decisive edge for Bitcoin-only security purists.
Refer to our detailed scoring above for a precise breakdown of how the Coldcard Mk4 was rated across security, usability, and value categories.
Ready to buyCoinkite Coldcard Mk4?
We may earn a commission if you purchase through our links. This doesn't affect our editorial independence.
Impermanent loss happens when asset prices in a liquidity pool diverge from external markets, reducing the value of liquidity providers' holdings compared to simply holding the assets.
Coldcard is an air-gapped hardware wallet for Bitcoin, made by Coinkite, that stores private keys offline and signs transactions without internet exposure.
EAL Certification (Evaluation Assurance Level) from Common Criteria rates the security of hardware components, like secure chips in crypto hardware wallets. Higher levels, such as EAL5+ or EAL6+, indicate stronger resistance to attacks.
Reproducible Builds refer to the process where the same source code consistently produces identical binary outputs, ensuring verifiable and trustworthy software in blockchain and crypto projects.
BIP39 is a standard for generating mnemonic seed phrases that are used to create deterministic wallets and securely back up cryptocurrency private keys.
A backup in cryptocurrency is a secure copy of a wallet's seed phrase or private keys. It enables recovery of funds if the original wallet is lost or damaged.
PIN Protection is a security feature that requires a personal identification number (PIN) to access a cryptocurrency wallet or device, preventing unauthorized access.
Shamir Secret Sharing (SSS) divides a secret, like a crypto wallet seed, into multiple shares. A threshold number of shares reconstructs it, enhancing security as in SLIP-39 backups.
A passphrase is an additional security layer for cryptocurrency wallets, acting as a 25th word in the BIP39 seed phrase, protecting access to hidden wallets.
Electrum is a lightweight Bitcoin wallet that allows users to store, send, and receive Bitcoin securely. It is known for its speed and low resource usage.
Multisig (multi-signature) is a security feature that requires multiple private keys to authorize a transaction, enhancing protection against unauthorized access in blockchain networks.
Recovery is the process of restoring access to a cryptocurrency wallet using its seed phrase or mnemonic backup if the original wallet is lost or inaccessible.
Address Verification confirms the receiving address shown on a hardware wallet's screen matches the one on the computer or app, preventing malware from altering it.
A companion app is a software application used to manage and interact with cryptocurrency wallets or blockchain networks, typically offering features like transactions and security controls.
PSBT (Partially Signed Bitcoin Transaction) is a Bitcoin transaction format that allows multiple parties to sign a transaction incrementally before finalizing it.
NFC Connectivity in cryptocurrency enables contactless transactions using near-field communication, allowing users to sign or authorize actions by tapping their device to a reader.
Ledger Live is a software application that manages cryptocurrency assets and interacts with Ledger hardware wallets for secure transactions and portfolio management.
Bitcoin (BTC) is the first decentralized cryptocurrency, launched in 2009. It uses blockchain technology for secure, peer-to-peer digital transactions without intermediaries.
Ethereum is a decentralized blockchain platform that enables smart contracts and decentralized applications (dApps). Its native cryptocurrency is Ether (ETH).
An NFT (Non-Fungible Token) is a unique digital asset stored on a blockchain, representing ownership of a specific item, such as artwork, music, or virtual goods.
HODL is cryptocurrency slang for holding assets long-term despite price volatility, rather than selling. It originated from a 2013 forum post misspelling 'hold' as 'I AM HODLING.'
Specter is a Bitcoin hardware wallet solution designed for advanced users, offering secure storage through a customizable, self-hosted setup with options like Specter Desktop and Specter DIY.
BlueWallet is a mobile Bitcoin wallet that allows users to securely store, send, and receive Bitcoin. It offers features like Lightning Network support and multi-sig capabilities.
WalletConnect is a protocol that enables secure communication between decentralized applications (dApps) and mobile wallets through QR code scanning or deep linking.
DeFi (Decentralized Finance) refers to a set of financial services, such as lending and trading, built on blockchain technology without traditional intermediaries like banks.
KYC (Know Your Customer) is the regulatory process where cryptocurrency exchanges verify users' identities using documents like ID or proof of address to prevent fraud and money laundering.
Telemetry in cryptocurrency and blockchain refers to the automatic collection and transmission of anonymous usage data, metrics, and error reports from wallets or nodes to improve software.
CoinJoin is a privacy technique in cryptocurrency where multiple users combine their transactions, making it harder to trace individual senders and receivers.
Cryptocurrency is a digital or virtual currency secured by cryptography, operating on decentralized blockchain networks to enable secure, peer-to-peer transactions.
Offline Signing refers to signing cryptocurrency transactions on a device that is not connected to the internet, ensuring private keys remain secure from online threats.
Self-custody means users control their own private keys to manage cryptocurrency assets directly, without third-party custodians. It embodies 'not your keys, not your coins.'
Coin Control is a feature that allows users to manually select which unspent transaction outputs (UTXOs) to use in a transaction, giving more control over privacy and fees.
Jade is a hardware wallet from Blockstream, designed to securely store Bitcoin private keys offline, ensuring safe transactions and protection from online threats.
Coinkite Coldcard Mk4 uses a certified Secure Element chip to store private keys in tamper-resistant hardware. Even if the device's software were compromised, the Secure Element isolates your keys from extraction. The firmware is open-source, meaning security researchers worldwide can audit the code for vulnerabilities. The device has been independently security audited.
What if Coinkite goes out of business?
Coinkite's firmware is open-source — even if the company disappears, the community can maintain the software. Your seed phrase works with any BIP39-compatible wallet, so your funds are always recoverable.
What if I lose my Coinkite Coldcard Mk4?
Your cryptocurrency is stored on the blockchain, not on the device. If you lose your Coinkite Coldcard Mk4, you can recover full access using your seed phrase on any compatible wallet.
How long will Coinkite Coldcard Mk4 receive security updates?
Coinkite provides long-term firmware support for Coinkite Coldcard Mk4. The last security patch was released Oct 2025.
Is Coinkite Coldcard Mk4 safe?
The Coldcard Mk4 is widely regarded as one of the most secure Bitcoin hardware wallets available. It features dual secure elements (ATECC608A by Microchip and DS28C36B by Maxim), secure boot, and fully open-source, reproducible firmware. The device supports air-gapped operation via NFC or microSD, meaning it never needs to connect to a computer. It also includes a PIN-based brick mechanism and duress wallet features. For serious Bitcoin holders, the security architecture is best-in-class among consumer hardware wallets.
Coinkite Coldcard Mk4 vs Trezor Model T: which is better?
The choice depends on your priorities:
Coldcard Mk4 uses dual secure elements, supports air-gapped signing, and has reproducible open-source firmware — making it the stronger choice for security-focused Bitcoin-only users.
Trezor Model T supports hundreds of cryptocurrencies, has a touchscreen, and is more beginner-friendly, but lacks a dedicated secure element.
If you hold only Bitcoin and prioritize maximum security and auditability, the Coldcard Mk4 is the better option. If you need multi-coin support and ease of use, Trezor may suit you better.
What cryptocurrencies does the Coinkite Coldcard Mk4 support?
The Coldcard Mk4 is a Bitcoin-only hardware wallet. It does not support Ethereum, altcoins, or any other cryptocurrency. This is a deliberate design choice by Coinkite — a narrower focus allows for a smaller, more auditable codebase and reduces the attack surface. If you need to store multiple cryptocurrencies, you will need a different device. For users whose holdings are exclusively in Bitcoin, this limitation is irrelevant and is often seen as a feature rather than a drawback.
Is the Coinkite Coldcard Mk4 worth the price?
At $177.94, the Coldcard Mk4 is priced higher than many competitors, but the premium reflects its advanced security features: dual secure elements, air-gapped NFC and microSD signing, open-source reproducible firmware, and coin control. For casual users or those holding small amounts, the price may feel steep. For Bitcoin holders who prioritize self-custody security and want the most auditable wallet on the market, the Coldcard Mk4 delivers strong value for the investment.
Are there any known vulnerabilities or concerns with the Coinkite Coldcard Mk4?
No critical vulnerabilities have been publicly disclosed for the Mk4 as of its release. However, a few considerations apply:
The device has a steep learning curve compared to consumer-friendly wallets.
Physical supply-chain attacks are a theoretical concern with any hardware wallet — Coinkite mitigates this with a tamper-evident bag and genuine-check features.
Being Bitcoin-only means it cannot serve users with diversified crypto portfolios.
Coinkite has a long track record in the Bitcoin security community, and the open-source firmware allows independent auditing, which reduces trust assumptions significantly.
How do I set up and use the Coinkite Coldcard Mk4?
Setup requires a microSD card and either a USB-C cable or NFC-capable device. Key steps include:
Set a PIN (split into two parts for added security)
Generate or import a 24-word BIP39 seed phrase
Optionally add a BIP39 passphrase for an additional layer of protection
Connect to compatible software wallets (Sparrow, Electrum, Specter) on Windows, macOS, or Linux
The Coldcard Mk4 supports fully air-gapped signing via microSD or NFC, so a USB connection is optional. The interface is text-based and keyboard-driven, which requires some familiarity but offers precise control.
Does the Coinkite Coldcard Mk4 support multisig wallets?
Yes. The Coldcard Mk4 offers secure multisig support, allowing you to participate in multi-signature Bitcoin setups (e.g., 2-of-3 or 3-of-5). It is compatible with popular multisig coordinators like Sparrow Wallet and Specter Desktop. The device can store and verify multisig wallet configurations on the secure element, protecting against address substitution attacks. Combined with air-gapped signing via microSD, the Coldcard Mk4 is a popular choice for high-security multisig cold storage setups.
Some links on this page are affiliate links. If you purchase through them, I may earn a commission at no additional cost to you. This helps support the site and allows me to continue creating detailed, independent reviews.
Our testing methodology is evolving. Ratings and assessments will be refined as we improve our scoring framework to reflect the most accurate results.
Ready to get Coinkite Coldcard Mk4?
Long-term support • Secure Element • Security audited • NFC • Open source
