Cryptnox Hardware Wallet technical specifications

Application characteristics: hardware wallet technical specifications

Phone Application Characteristics

Our mobile application supports both iOS and Android platforms, providing a seamless experience for managing your hardware wallet.

Supported Blockchain Networks

Bitcoin
Ethereum Virtual Machine (EVM) networks, including smart contracts.
ERC20 tokens can be manually added.

For a more detailed guide on how our hardware wallet integrates with Ethereum Read here

Signature Provider Functionalities (via Mobile App)

QR-based hardware wallet compatibility with Metamask QR code communication (EIP 4527)
Web3 Dapp connectivity via WalletConnect

Kiosk Mode

The application can be configured into a card “point-of-sale” terminal for secure transactions.

Card Initialization Options

Dual Card Init (default): Identical BIP32 seed generation via a secure channel (Diffie Hellmann & shared secret).
Single Card BIP39 Seed Injection: 12-24 word mnemonic support.
Internal Key Generation: Most secure option using a True Random Number Generator (TRNG), but note that the BIP32 seed cannot be extracted or backed up.

If you’re new to FIDO2 security cards, read our in-depth guide on how they enhance digital security.

Card Administration

Change PIN
Change PUK
Reset card

Number of Card Pairings

Supports up to 256 cards.

Desktop application hardware wallet technical specifications

Our desktop application is available for:

Windows, macOS, and Linux (Ubuntu Core)
Command Line Interface for advanced users

Card technical specifications

Authentication

PIN (4 to 9 digits) / PUK (12 characters). Card power cycle needed after 3 wrong PIN. Card locked after 12 wrong PIN (4×3). Can be unlocked with the PUK.
Slot NIST256 R1 signature authentication (mobile phone secure element or PIV) x 1
Slot RSA2048 (Windows Hello TPM) x 1
Slot for Webauthn/FIDO2 x 1
Option to set a dedicated derivation path which doesn’t require the PIN to sign.
Possibility to disable auth by PIN once a key slot is filled.

Secure channel

AES256 from Hash (ECDH, PairingKey)
With MAC
256 bits pairing key
Key in the card certificate tree

Custom user data

At initialisations : 20 + 60 bytes user data filed (email/name)
6 custom bytes provided at SELECT
3600 bytes private data buffer

Digital signature

ECDSA on “Koblitz Bitcoin” 256 k1 curve
ECDSA on NIST P256 r1 curve
BIP 340 “Schnorr” signature (256k1)
EOS 32 bytes loop option

Key deviation

BIP 32 key derivation function, with SLIP10 standard for NIST 256R1 curve. Max derivation depth is 8 levels.

Random number generation

True Random Number Generator (AIS31 compliant)

Encryption/ Decryption

ECIES using an EC key in the BIP32 tree. Based on DECipher from OpenPGP.

Authenticity

Dynamic card key authentication. Card is loaded with a unique card certificate signed by the factory root key.

Logging

Counter of number of signatures (4 bytes)
History of last 149 signed hash

Reset function

With PUK only

Communication Interfaces

ISO/IEC 14443 (NFC Contactless)
ISO/IEC 7816 (Contact)

Chipset and Base Operating System Certifications:

Common Criteria EAL 6+
FIPS 140-2
Where to Buy
If you’re looking to purchase a Cryptnox Hardware Wallet or FIDO2 security card, visit our official partner store here. Already own one? Check out our setup guide to maximize security and learn about hardware wallet technical specifications & more.

Cryptnox Hardware Wallet technical specifications

Application characteristics: hardware wallet technical specifications

Phone Application Characteristics

Supported Blockchain Networks

Signature Provider Functionalities (via Mobile App)

Kiosk Mode

Card Initialization Options

Card Administration

Number of Card Pairings

Desktop application hardware wallet technical specifications

Card technical specifications

Where to Buy

Online Store

Apple store

Google Play Store

Legal Notices

Contact

© 2025 CRYPTNOX SA – 36 Avenue Cardinal Mermillod 1227 Geneva, Switzerland IDE : CHE-432.952.622