coinkite

Coinkite / COLDCARD

• Name: Coinkite / COLDCARD
• URL: https://coinkite.com/
• Category: bitcoin hardware-wallet infrastructure / reproducible-firmware signing stack / self-custody security hardware / bearer-bitcoin device ecosystem
• Tags: bitcoin-ecosystem
• Summary: Coinkite is still the cleanest Bitcoin hardware-signer anchor in this branch. The real note is not just COLDCARD as a device, but the whole signer stack around reproducible firmware, internal security docs, hardware schematics, airgapped PSBT flows, and adjacent bearer-bitcoin tools like OPENDIME, SATSCARD, and TAPSIGNER. That makes Coinkite better cataloged as Bitcoin self-custody security hardware infrastructure than as a mere wallet vendor.
• What it does:
  • Builds the COLDCARD Q and Mk5 Bitcoin signing devices with airgapped transaction-signing flows and Bitcoin-only scope
  • Publishes open-source COLDCARD firmware and a simulator, with reproducible-build instructions for users who want to verify shipped binaries
  • Maintains internal technical docs covering PIN-entry design, backup-file formats, Electrum and Bitcoin Core usage, Seed XOR, developer access, and documented limitations
  • Shares hardware schematics and bills of materials for multiple COLDCARD revisions for security research and testing
  • Sells adjacent Bitcoin-native hardware and bearer instruments including OPENDIME, SATSCARD, TAPSIGNER, SEEDPLATE, and BLOCKCLOCK products
  • Operates CKBunker, a Coldcard-attached HSM-control program for unattended signing workflows
• Key claims:
  • Coinkite’s main site positions the company as a broader Bitcoin security-and-hardware maker, not just the steward of one wallet SKU, which matters for categorization
  • The COLDCARD homepage says the device is Bitcoin-only, stores seeds in dual secure elements from different vendors, and is designed for fully airgapped use via MicroSD, NFC, and QR transfer paths
  • The firmware repo emphasizes reproducible builds with exact-byte verification against released binaries, which is one of the strongest first-party signals for the project’s security posture
  • The internal-docs repo surface is unusually rich for a hardware-wallet vendor because it openly documents PIN-entry architecture, encrypted backups, Seed XOR, Bitcoin Core and Electrum workflows, and policy limitations
  • The hardware repo is also notable because Coinkite publishes schematics and BOM files for several device revisions, explicitly to aid security researchers, even while restricting commercial reuse
  • Coinkite’s broader product line matters for classification: OPENDIME, SATSCARD, TAPSIGNER, and CKBunker show the company is building a family of Bitcoin custody, bearer-instrument, and signing tools rather than only a standalone wallet
  • The public research and verification surfaces make Coinkite look more like Bitcoin self-custody infrastructure than a closed hardware gadget vendor
• Whitepaper: No canonical Coinkite or COLDCARD whitepaper/litepaper surfaced in this pass. The clearest current sources of truth are the official company site, COLDCARD docs/homepage, and the public firmware / docs / hardware repositories; see ../whitepapers/coinkite-primary-sources-2026-05-01.md.
• Sources:
  • https://coinkite.com/
  • https://coldcard.com/
  • https://coldcard.com/docs/
  • https://github.com/Coldcard/firmware
  • https://github.com/Coldcard/firmware/blob/master/docs/README.md
  • https://github.com/Coldcard/firmware/blob/master/hardware/README.md
  • https://ckbunker.com/

Internal linkages

• Strongest comparison points: foundation-devices and bitkey.

• Useful whenever a hardware wallet is really a signer stack where firmware provenance, backup discipline, and operating model matter more than app polish.

• Last reviewed: 2026-05-29 UTC