Skip to content

KeepKey Review

Updated 09/08/2019


Pros


- Passphrase Support

- On-screen QR Code

- Device Size

- Affordably Priced
- Open Source

Cons


- Limited Coin Capacity

- No Multi-Signature Support
- Lead to Submit KYC
- Difficult Firmware Installation
- 12 word seed makes splitting unsafe

Who Should Buy a KeepKey

Crypto investors who want the largest hardware wallet

Crypto investors who want the QR code on the device screen

Crypto investors who want an inexpensive wallet

Why Buy a Hardware Wallet?

Hardware wallets make  'cold storage' of cryptocurrency both secure and easy.


Cold storage keeps private keys safe from contact with the internet, where they can easily be compromised. 


The use of other cold storage methods such as paper wallets are hard to set up and manage. These eventually led to more user-friendly ones, most notably the development of hardware wallets.


Hardware wallets are generally accepted as a reliable storage and transaction tool for novice, intermediate and advanced users.


These devices are readily available and provide sufficient security while also being easy enough for new users to effectively manage their coins.


KeepKey Basics

The KeepKey made its way onto the hardware wallet scene around 2016.
It competes with a handful of other similar multi-currency hardware wallets, with native support for 8 cryptocurrencies and over 20 ERC-20 tokens.

Designed to be compatible with the Hierarchical Deterministic (HD) Wallet structure, the KeepKey is flexible and easy to back up.

For maximum security, of course you should make your seed phrase immune to fire, flood, fading or other forms of destruction by using a Billfodl
The KeepKey stores your private keys offline. It can also be integrated with the third-party wallet MyEtherWallet (but not MyCrypto) to manage ERC-20 tokens.

Integration with ShapeShift

Since its introduction, KeepKey has been acquired by Shapeshift.io and prominently features its integration with their cryptocurrency exchange. 


All marketing and business-related URLs now redirect to the ShapeShift domain, although the existing Chrome Browser plugin can still be used to access your KeepKey without creating any account or providing any information to ShapeShift.

Price

Of all the big three hardware wallet companies (the other two being Trezor and Ledger), KeepKey is competes quite well in terms of price. 

The cost has come down significantly since being introduced to the market. It currently retails for $79 USD (sometimes also with a checkout discount) on ShapeShift.io. 

This puts the KeepKey among the most affordable hardware wallets, but the least expensive is still the Ledger Nano S.

The price includes free shipping within the continental United States as well.

Take a look at how the KeepKey compares to the other hardware wallets:

Comparison with Competitors

The KeepKey is quite similar to the hardware wallets offered by Trezor and Ledger


Specific differences include the size and shape of the device, of which the KeepKey is unique in its sleek and pleasing simplicity. 


The devices echoes that of the monolith in the film 2001: A Space Odyssey, albeit rotated 90 degrees. It has no moving pieces aside from the button on the upper right side of the top edge.


Functionally, the KeepKey is most similar to Ledger's Nano S wallet. Both have a limited capacity to manage coins and require connection via USB cable to a computer (or other power source).


The display screen is where the Nano X and KeepKey are the most similar as both provide more information than the Nano S.


Overall, the Ledger Nano X is a higher quality device:


The Nano X can connect via bluetooth

The Nano X supports more coins

The KeepKey and the Nano X are sturdier and more substantial than the Nano S. The KeepKey has no bluetooth support, which is one of its differentiating factors from the Nano X.


The KeepKey may appeal to your security preferences, however. 


Bluetooth capabilities has been called into question as a security loophole than an advantage, so it's your choice to determine if the added convenience of bluetooth is acceptable. Ledger has made claims this is not a legitimate risk, however.

Opening the Box

Managing your digital assets continually presents a high degree of risk and due diligence starts before even opening the package.


The KeepKey logo and a distinctive tamper-proof sticker are visible on the outer box which itself is shrink-wrapped in plastic. If either of these indicators shows something may have been opened, you should assume the device to have been compromised and not use it.



Never buy a hardware wallet used or from any party other than the manufacturer or an official reseller.


The box contains:

A Nylon-braided USB-C Cable

Recovery Phrase Backup Card

Warranty and Regulatory Information

The cardboard box is worthy of storing the device and cable in a tidy fashion.


In addition to the clarification about the security seal, three cards for your seed word backup are provided along with instructions to continue on to:

www.keepkey.com/get-started to set up the device for use.

KeepKey Description

The KeepKey measures just under 4 inches at its widest dimension making it  the largest of the available hardware wallets. If you have bigger hands or just prefer a device that's less likely to be lost, the KeepKey's size could be an important factor in making your choice.

There is one simple button on the upper righthand edge which is nearly silent and easy to press repeatedly.

The chassis consists of a rear aluminum panel and a plastic front cover which houses and OLED display. It's clear that it should not be travelled with as you could definitely crack the screen if it were left in a back pocket or kept somewhere other than the box it ships in. 
The KeepKey is notably more heavy as a result which can be a good thing. It did dent the wooden surface of my desk when I dropped it during this review, however.

Security & Design

Not much can be said of the KeepKey's security when compared to those in the Ledger product line, which are the only fully-certified hardware wallets available. 

Having undergone ANSSI  (a French cybersecurity agency) certification, only Ledger can boast this high level of vetting. The KeepKey, however, is open-source and can be scrutinized on Github.

PIN Protection

When first setting up the KeepKey, you'll create a PIN code to secure the device itself. 

The KeepKey does not use the device button for entering the PIN, and instead shuffles a 9x9 grid of the digits which you then match on the computer you have connected it to by selecting the corresponding locations using the cursor.
This PIN unlocks the device, so it is the first line of defense for your wallet. 

A maximum of 9 possible digits can be used to create your PIN, so using all 9 is recommended!

If the PIN is incorrectly input more than a handful of times, it begins with a 4-second delay until another attempt may be made. If this is also an incorrect number, it doubles the delay each time another incorrect PIN is input

This prevents attackers from trying to brute force your PIN and gain access to your coins.

Recovery Seed Words (BIP39)

As with the Ledger Nano S and Nano X, your wallet is created with a backup from the very beginning. It uses a standard known as BIP39 and is an excellent way to enable cold storage of your bitcoin with a hardware wallet.

To read a much more in-depth breakdown of BIP39 take a look at our other blog entry. Needless to say, your private key is conveniently restored by using human-readable words instead of a long string of seemingly random characters. 

The burden of securing these words is on you: the user!

If the KeepKey is ever destroyed, stolen or you cannot input the correct PIN — all is not lost. The wallet can simply be restored if you input this series of words into another hardware or software wallet and you regain control once more.

The KeepKey, like other hardware wallets, comes with a recovery card.

However, paper is far from a suitable medium for storing such vital information. If this card gets wet or catches on fire, it's gone forever.

A straightforward solution is to store your seed words into a Billfodl, made from several pieces of stainless steel!
Avoid the retelling of horror stories like losing $1,000,000 in Bitcoin due to a small fire or flooding incident.

Keep your backup words secure from the elements with metal, not paper.  

The "25th Seed Word" aka Passphrase

The KeepKey supports an additional security measure known as the passphrase. It allows the user to add an additional word to their 24 series of words used to backup and recover the wallet. 

There are a couple of purposes to using the passphrase feature:
1. It will add extra security over the recovery phrase in the event someone finds your 24 seed word backup.

It's essential to know that anyone with these specific 24 words will have the ability to restore your wallet and move the funds. Adding another word of your own choice effectively puts a password on the seed phrase!

2. To implement a "dummy account" on the device which holds a smaller amount of funds. Using this creates plausible deniability against the "$5 Wrench Attack".
How a $5 wrench attack works
You can tell the attackers about your dummy account alone and they may be satisfied to abandon the theft.

Multi-signature Security

Some advanced users like the extra security that using more than one hardware wallet to sign transactions provides. This requires the use of one or more more multi-signature capable devices like the Ledger Nano S and Nano X

The KeepKey does not support multi-signature capabilities at this time and it is unclear if this will ever be the case. With the current association KeepKey has with ShapeShift, however, this could be a possibility if their user base demanded it.


KeepKey Setup & Activation

There is a prominent URL (keepkey.com/get-started) on the inside of the box's top flap. This is an effective way of directing you to first set up the device. 


As noted above, KeepKey has been acquired by ShapeShift, a cryptocurrency trading service. So, the URL from the box now redirects to keepkey.shapeshift.com/get-started and unfortunately this is where the most frustrating aspects of using the KeepKey begin.


Like the Ledger product line, KeepKey first utilized Google Chrome Browser plugins to manage their device. Ledger has since introduced its own native software and no longer directs users to use the earlier Chrome plugins.


The URL on the inside of the KeepKey packaging at one time would have directed you to instructions for installing the driver and Chrome plugin. This earlier iteration has been deprecated. 


It now instead points you toward ShapeShift's website.


Before you begin to pair the device with ShapeShift, you must first create and confirm an account via email and log in. No other option is suggested and users are also directed toward fully registering with ShapeShift to use their trading service which requires submitting to KYC practices.


This immediately raised flags as there is absolutely no need to create an account or supply identifying personal information to use a cryptocurrency wallet of any kind. 


This process was abandoned and an attempt was made to proceed without it.


The frustrations continued. Installing the latest firmware using ShapeShift's site required multiple attempts, browsers and even operating systems until it finally was able to be set up.

Imagine cycling through these screens a dozen times, wondering why it won't complete.

Finally, after the firmware installed, the ShapeShift route was abandoned. 


Using the original Chrome plugin designed for the KeepKey, the wallet was able to be set up.


Now it was time to restore the wallet from a previous seed phrase (alternately you could set up a new one from scratch).



This wallet had already been backed up with a Billfodl, a stainless steel device designed to survive catastrophe.

Remember: the seed is crucial to backing up and restoring your wallet. 


Setting up the wallet using the recovery option on the KeepKey was much quicker than anticipated. 


A continually changing cipher makes letter selection secure and once a few characters are input, nonsensical letter combinations or words that don't match the official BIP39 word list do not appear.

Main Interface

Once the KeepKey is set up using the Chrome plugin, operation is smooth and seamless. The plugin launches into its own window, is very responsive and sports a clean user interface.


Unfortunately, there are several redirects to return to ShapeShift. The claim that the client there is "better" is misleading. 

It's also unclear how long it will remain an option, which is even more troubling:

"While it's available..."

A third attempt to redirect you to ShapeShift occurs when the browser plugin and the device connect. The URL says keepkey.com which is, in actuality shapeshift.io/keepkey.

This seems deliberately misleading and is unnecessary as you're already connected and able to operate the device at this point.

Wallets & Accounts

Using the interface is straightforward and effective. Navigation is intuitive and sub-menus are never more than 3 screens away. Settings, refresh, wallet list, add account and trade (only when integrated with ShapeShift) are all you need.

Setting up wallets for specific coins and creating addresses is simple.

You can name and re-name your accounts as you like without issue.


Transactions

To send or receive coins, simply select an account.



Both the device's screen and the plugin enable QR codes for receiving payments. 


This is the one major advantage that the KeepKey has over either the Ledger Nano S or Nano X. The QR feature allows accepting funds with only the physical device out in the open for the code to be scanned.

Creating new addresses under a specific "account" is quite simple in this interface. You can continue to generate new ones by clicking the right-facing arrow at the bottom of the page. 


Regardless, the dangers of address reuse (which reduces privacy) are unlikely known to new users. The "account" layout may encourage them to use the same addresses over and over. 


There's an opportunity for education in the wallet here which was missed.


Once a transaction has been completed, the details can be viewed and copied from a popup screen. Links to a block explorer are available along with the date and time.


One limitation in sending transactions is having to choose between only three fee levels: fast, medium and slow. The lowest possible fees available were around 10-15 sat/byte.

The device itself does not log out after any amount of time, but entering the PIN is required for sending funds.

Account Balance & History

Unlike the Ledger Nano X, the top menu does not aggregates all your wallets into one countervalue. Each account lists its own sum in that coin only. 


Neither is there any way to export your transaction history, you would have to copy and select the text and/or screenshot it, which would become cumbersome if you are frequently trading or using the KeepKey to collect and disperse payments. 

Supported Cryptocurrencies

In addition to Bitcoin, the KeepKey natively supports 7 coins which is significantly fewer than the Ledger Nano X.

  • Bitcoin Cash
  • Bitcoin Gold
  • DASH
  • Litecoin
  • Dogecoin
  • Ethereum
  • DigiByte

Hardware & Operating System Compatibility

  • Android

  • iOS

  • OS X

  • Windows

  • Linux


The KeepKey's Screen

The KeepKey allows you to air-gap your wallet by generating your keys, signing transactions and confirming addresses completely offline. This means you need to have the ability to visually confirm the address before you make a transaction.

Without a screen, this is impossible.

The KeepKey also has the added benefit of featuring a large enough screen to display a QR code for receiving payments, something it has as an advantage over the Ledger Nano S and Nano X.

Private Use of the KeepKey

To create a higher level of privacy while using the KeepKey, you can opt to use it as only a signing device and forego the use of either the Chrome app or the ShapeShift access method.

By using your own node by pairing your wallet with the Electrum Personal Server, you can ensure a greater level of security.

This is, however, quite an advanced way to go about managing your wallet and not recommended for new users.


Summary

The KeepKey is a comparable device when matched against the Ledger Nano S and Nano X. It competes fairly on price and basic utility, yet differs in subtle ways.


The most obvious drawback is the ease of setup and ambiguity around the software it can be used with. Installing the firmware was definitely more painful than it needed to be, although this may be the result of some temporary bug on ShapeShift's side. 


As indicated above, the Chrome plugin is snappy and easy to use — once you realize it exists. The only concern here is not knowing how much longer it will be available.


The ability to display a QR code on the device's screen is also a novel differentiating factor which might make it appealing to merchants who do face-to-face transactions with their customers.


For a straightforward long-term HODLer who wants to provide cold storage for their Bitcoin over the coarse of a couple of years, the KeepKey would be an adequate hardware wallet choice.


Storing your keys offline is a great first step toward security, however choosing to add a Billfodl for storing the seed words makes it far safer. Should the unthinkable happen, you'll be certain your wallet can be recovered without issue.


Pro vs Con

Pros

  • User friendly
  • Reasonably Priced
  • Device must be connected for all operations
  • Passphrase Support
  • QR Code Supported on Device's Display
  • Open-Source


Cons

  • Limited App Capacity
  • Device Does Not Time Out Automatically
  • No Multi-Signature Capabilities
  • No Validation of Change Addresses on the Device
  • No Way to Export Transaction History
  • Indirect Encouragement of Address Re-use

x