EthVault: A Secure and Resource-Conscious FPGA-Based Ethereum Cold Wallet

TL;DR

EthVault introduces a complete hardware Ethereum cold wallet implemented on FPGA, integrating HD wallet functionality (BIP32/39/44) with a secure CKDF, a side-channel–resistant SECP256K1 engine, and a Keccak-based Ethereum address workflow. The design emphasizes resource efficiency, reusing cryptographic blocks, and mitigating power- and timing-based attacks through temporary registers and complete formulas, validated on Xilinx platforms with favorable area and throughput metrics. Key contributions include a unified HMAC-SHA-512/HKDF-like flow, a secure Montgomery ladder implementation, and an end-to-end hardware path from entropy to signed transactions, compliant with Ethereum standards. The results show EthVault uses a small fraction of FPGA resources, achieves practical signing and key-derivation throughputs, and demonstrates resilience to side-channel leakage, indicating strong potential for portable, tamper-resistant hardware wallets. Limitations and future work point to expanding to other blockchains, adding true randomness, mnemonic validation, and enhanced secure retention and fault-tolerance mechanisms.

Abstract

Cryptocurrency blockchain networks safeguard digital assets using cryptographic keys, with wallets playing a critical role in generating, storing, and managing these keys. Wallets, typically categorized as hot and cold, offer varying degrees of security and convenience. However, they are generally software-based applications running on microcontrollers. Consequently, they are vulnerable to malware and side-channel attacks, allowing perpetrators to extract private keys by targeting critical algorithms, such as ECC, which processes private keys to generate public keys and authorize transactions. To address these issues, this work presents EthVault, the first hardware architecture for an Ethereum hierarchically deterministic cold wallet, featuring hardware implementations of key algorithms for secure key generation. Also, an ECC architecture resilient to side-channel and timing attacks is proposed. Moreover, an architecture of the child key derivation function, a fundamental component of cryptocurrency wallets, is proposed. The design minimizes resource usage, meeting market demand for small, portable cryptocurrency wallets. FPGA implementation results validate the feasibility of the proposed approach. The ECC architecture exhibits uniform execution behavior across varying inputs, while the complete design utilizes only 27%, 7%, and 6% of LUTs, registers, and RAM blocks, respectively, on a Xilinx Zynq UltraScale+ FPGA

Figures (17)

• Figure 1: A cold cryptocurrency physical wallet. It manages keys offline and is indirectly connected to the blockchain network via a hot wallet to enhance the security of the keys.
• Figure 2: A high-level architecture of a wallet. The wallet can generate Ethereum cryptographic keys, addresses, and signatures.
• Figure 3: The wallet structure for a 3-level key derivation path (e.g $m/0'/0'/k'$) as outlined by the -32 standard, adapted from bip32.
• Figure 4: Execution flow of the Ethereum wallet, illustrating the sequential stages from entropy generation to transaction signing, along with the cryptographic algorithms applied at each stage. $n$ is the number of child keys needed by the user.
• Figure 5: (A) is the addition of two points ($\bm{P}$ and $\bm{Q}$) on the elliptic curve. (B) is the addition of a point $\bm{P}$ on the elliptic curve with itself. Adapted from kapoor2008elliptic.