The Coldcard MK4 is a hardware wallet designed with Bitcoin security in mind. If you've ever wondered what makes a device truly dedicated to safeguarding your private keys, this wallet provides a robust example. In my experience, hardware wallets like the Coldcard prioritize self-custody by isolating keys offline, which is key for anyone serious about cold storage.
Unlike some multi-cryptocurrency wallets, the Coldcard MK4’s main focus is Bitcoin, making it especially interesting for Bitcoin maximalists or users who want a hardened, Bitcoin-only approach. What’s new in the MK4, compared to previous versions? Improved user interface, modern hardware inside, and more security-focused features — which I'll unpack in this review, based on extensive hands-on use.
For a detailed walkthrough of the setup process, you can also check out the Coldcard Setup Guide.
The Coldcard MK4 arrives in a simple, tamper-evident box emphasizing security from the very start—a feature that highlights the manufacturer’s commitment to supply chain integrity. The package includes the wallet itself, a USB-C cable, and a printed quick start guide. There’s no flashy packaging, which suits the wallet’s serious security-first philosophy.
Opening the device reveals a compact design with a physical numeric keypad and a high-resolution screen. The tactile keys are a standout for me; entering PINs and confirming transactions feels more secure than touchscreen-only wallets since it limits attack surfaces and reduces accidental presses.
The build quality is solid — the metal casing adds durability. That’s important because this device is meant to endure years of daily use in some cases.
Here’s a table covering the key specs of the MK4 based on firmware and hardware details current for 2025:
| Feature | Specification |
|---|---|
| Secure Element | ST33 Secure Element V2 |
| Screen | 240x240 pixel color LCD |
| Input | Physical numeric keypad |
| Connectivity | USB-C cable (no Bluetooth, no NFC) |
| Supported Crypto | Bitcoin only (including multi-signature) |
| Seed Phrase | 12 or 24 word BIP39, supports passphrase (25th) |
| Air-Gapped Transaction Signing | Supported via MicroSD card |
| Firmware | Regular updates with signed releases |
Unlike many wallets that offer Bluetooth and touchscreen input, the MK4 intentionally excludes those to minimize the attack surface. This is why I consider it an excellent choice if you want a wallet that’s straightforward and uncompromising about security.
Setting up the Coldcard MK4 is a bit more manual than some other wallets, but that’s part of what makes it secure. Here’s how it generally goes:
One thing I noticed in my testing is the slow-but-intentional pace of each step—designed to minimize errors. The LCD screen displays each word clearly, but since you input everything via physical keys, it can take a while, especially if you’re new. Patience here pays off.
For full step-by-step details with screenshots, see the dedicated Coldcard Setup Guide.
Now, the nuts and bolts: how does the MK4 safeguard your crypto?
Secure Element (SE): The Coldcard MK4 uses a dedicated ST33 secure element chip, which handles private keys and cryptographic operations inside a tamper-resistant environment. This keeps your keys safe even if the main processor is compromised.
Air-gapped Signing: You can sign transactions without connecting the wallet directly to an internet-enabled device by transferring unsigned transactions via a MicroSD card. This air-gapped mode shields your keys from potentially infected computers.
Physical PIN and Passphrase: The keypad is used to enter a PIN, which protects against unauthorized access. Additionally, users can set a passphrase — an optional secret input that adds another layer on top of the seed phrase, effectively creating a hidden wallet.
Supply Chain Verification: The packaging includes a tamper-evident seal and a cryptographic verification method to confirm device authenticity before first use. This was something I appreciated, as buying from unofficial sellers can be risky. You can learn about common errors like that in the Coldcard Common Mistakes guide.
One limitation: because the hardware wallet focuses on a strong security model, it doesn’t support wireless communication protocols. That excludes the convenience of Bluetooth or NFC but significantly lowers exposure to remote attacks. I like that trade-off, though I realize it's subjective.
For a deeper dive into these security features, the Coldcard Security Features page is a good bet.
The MK4 allows you to use either 12 or 24-word seed phrases, aligning with BIP-39 standards. Personally, I usually prefer 24 words in hardware wallets for extra entropy, but 12 words are adequate if you manage your backups carefully.
The optional passphrase feature (often called the 25th word) lets you create hidden wallets on the same device. Think of it as having multiple vaults under one roof — only you know which vault to open. That said, passphrases add complexity and risk: if you lose the passphrase, you lose access. I've found people often underestimate this risk.
Since the MK4 supports Shamir Backup (SLIP-39) only in a more advanced workflow (via third-party tools), it’s best to ensure safe, geographically distributed backups of your seed phrase.
Metal backup plates are highly recommended to protect your seed phrase from fire and water damage — a smart step for anyone serious about long-term cold storage.
Explore related topics at Coldcard Seed Phrase Management.
Keeping your Coldcard MK4 firmware up to date is essential. Firmware updates patch vulnerabilities, add features, and improve device stability. Unlike wallets that auto-update, Coldcard requires manual download and verification of update files via PGP signatures before applying.
This process might feel cumbersome but adds a layer of security— you avoid malicious or fake firmware being installed by mistake.
During my months of use, I watched the update notes closely at the official source and applied updates cautiously. I can say that consistent updates have fixed minor bugs and enhanced user experience without compromising security.
To understand the update steps and best practices, see Coldcard Firmware Updates.
The Coldcard MK4 connects solely via USB-C, omitting Bluetooth and NFC entirely. This decision markedly reduces remote attack surfaces.
The wallet can also operate in an air-gapped mode using a MicroSD card to transfer transactions for signing. This capability is rare and particularly reassuring when you want to keep your signing device physically isolated.
Some users might find the lack of wireless convenience a drawback. But from a security perspective, less connectivity means less exposure.
You can read more about these trade-offs on Coldcard Connectivity Methods.
The Coldcard MK4 targets Bitcoin holders who prioritize security above all else.
If your wallet collection is mostly beginner-friendly devices, the Coldcard represents a step toward more technical, security-first cold storage.
For multisig users, Coldcard supports multisignature wallets, but requires some setup complexity — check out Coldcard Multisignature for deeper info.
After using the Coldcard MK4 for several months, I can say it’s a device tailored for serious Bitcoin holders who want a hardware wallet engineered for strong security with few compromises. The manual setup and no-frills design might intimidate newcomers, but the security architecture — featuring a secure element, air-gapped signing, and physical input — is solid.
That said, the MK4’s singular focus on Bitcoin and lack of wireless connectivity won't suit everyone. Also, handling passphrases and manual firmware updates demand user discipline.
For a hands-on review that balances pros and cons, this device is worth considering if you lean heavily into self-custody and cold storage best practices.
If you want to compare Coldcard MK4 with other hardware wallets or explore detailed setup and security guides, feel free to browse here:
And remember: no hardware wallet is entirely hacker-proof if you don’t practice good seed phrase management and avoid scams. So whatever wallet you pick, keep those recovery phrases offline and secure. Happy hodling!