The Coldcard Mk4 is the gold standard in Bitcoin hardware security — dual secure elements, air-gapped microSD signing, duress PIN, and Bitcoin-only firmware. Full 2026 review.
The Coldcard Mk4 is the most security-focused consumer Bitcoin hardware wallet available. Made by Coinkite in Canada, it's Bitcoin-only, air-gapped by default, and runs on two separate secure elements. If your threat model requires the highest security short of building your own signing device, the Mk4 is the answer.
The tradeoff: it's not beginner-friendly. The numeric keypad interface and PSBT-based signing workflow require more engagement than Ledger or Trezor. But for Bitcoin holders who prioritize security over convenience, this is the standard everything else is measured against.
Coldcard is made by Coinkite, a Toronto-based company founded by Bitcoiner Rodolfo Novak (NVK). They've been making hardware security products for Bitcoin since 2012 — long before most competitors existed.
The Mk4 is the fourth generation of the Coldcard lineup (following Mk1, Mk2, Mk3). It's the "classic" Coldcard — the standard, compact, keypad-and-screen form factor that has defined Bitcoin security hardware for a decade. The newer Coldcard Q adds a larger screen and QR code scanning; the Mk4 is the stripped-down, battle-hardened original.
| Feature | Coldcard Mk4 |
|---|---|
| Secure elements | ATECC608A + SE050 (two separate chips) |
| Display | 128×64 OLED |
| Input | Numeric keypad (0–9 + special keys) |
| Connection | USB-C (disconnectable) |
| MicroSD | Yes (PSBT air-gapped signing) |
| NFC | Yes (disabled by default) |
| Battery | None (USB-powered only) |
| Firmware | Open source (COLDCARD OS) |
| Supported assets | Bitcoin only |
| Price | ~$150 |
| Origin | Canada |
Mk4 uses two separate secure chips — an Atmel ATECC608A and an NXP SE050 — in a novel configuration:
This is unique in the consumer hardware wallet market. Every other major hardware wallet uses a single secure element. The dual-chip design means compromising the Mk4 requires simultaneously exploiting two separate chips from two different manufacturers — a fundamentally higher bar.
Coldcard Mk4 is designed for airgap signing — the practice of signing Bitcoin transactions without the signing device ever connecting to an internet-connected computer.
The workflow:
This means even if your computer is completely compromised by malware, the attacker cannot exfiltrate your private key — it never left the Coldcard. The transaction the malware might tamper with would be visible on the Coldcard's screen before signing.
USB connection is optional: You can use the Coldcard entirely via microSD, never plugging in USB. The USB port can be used for power (plugging into any USB power adapter, not a computer) while operating in air-gapped mode.
Mk4 includes an NFC chip — a significant addition over Mk3 — but it's disabled by default. This is deliberate: Coinkite wanted the capability available for specific use cases (tap-to-verify, tap-to-sign) without making it an attack surface for users who don't need it.
When enabled, NFC allows:
For most users, NFC stays disabled and the microSD workflow is the primary signing method.
PIN with duress support:
BrickMe code: A specific input sequence that immediately destroys all secrets on the device — useful as a last resort under extreme duress.
Countdown PIN: A PIN that, when entered, displays a countdown timer — forcing anyone watching to wait before funds can be accessed. Provides time to escape or alert others.
Seed XOR: Split your seed phrase into multiple parts (XOR shares) stored separately. Neither part alone reveals the seed. Simpler than Shamir's Secret Sharing, no external software required.
Seed vaults: Store up to 8 different wallet seeds on one device, each accessible with its own PIN.
Passphrase (BIP-39): Full passphrase support for hidden wallet functionality. See our Bitcoin Passphrase BIP-39 Guide.
PSBT verification: Every transaction detail is displayed on screen before signing — inputs, outputs, fees, change addresses. Nothing is auto-approved.
Software wallets (coordinator):
Standards supported:
For multisig setup using Coldcard Mk4 with Sparrow, see our Bitcoin Multisig Wallet Comparison guide.
| Feature | Coldcard Mk4 | Coldcard Q |
|---|---|---|
| Price | ~$150 | ~$249 |
| Screen | 128×64 OLED | Large LCD |
| Keyboard | Numeric keypad | Full QWERTY |
| QR code scanning | No (microSD only) | Yes (built-in camera) |
| Air-gapped | Yes (microSD) | Yes (microSD + QR) |
| Form factor | Compact | Larger |
| Best for | Compact, minimalist setup | QR-based workflow, larger display |
The Mk4 is the right choice if you want the proven, compact form factor and don't need QR code scanning. The Q is better if you want a richer display experience or prefer QR-based PSBT exchange over microSD.
| Feature | Coldcard Mk4 | Trezor Safe 5 | BitBox02 |
|---|---|---|---|
| Air-gapped option | Yes (microSD) | No | No |
| Secure elements | Two (dual) | One | One |
| Bitcoin-only | Yes | No | Yes (edition) |
| Open source | Firmware | Firmware + hardware | Both |
| Price | ~$150 | ~$169 | ~$149 |
| Beginner-friendly | No | Yes | Medium |
For the comprehensive comparison, see our Coldcard vs Trezor vs BitBox guide.
Ideal for:
Look elsewhere if:
Do I need a computer to use Coldcard? For signing transactions, no — you can operate entirely via microSD. You need a computer to generate the PSBT, but that computer doesn't need to connect to the Coldcard.
What if I forget my PIN? You can restore from your seed phrase on a new device. There is no PIN recovery — Coinkite doesn't have your PIN, and neither does anyone else.
Can I update firmware without USB? No — firmware updates require USB connection. Verify you're downloading from coldcard.com and check the signature.
Is the Mk4 still sold now that the Q exists? Yes. Coinkite continues selling both. The Mk4 remains popular for its compact form factor and lower price.
Does Coldcard support Lightning? Indirectly — you can open Lightning channels using a wallet that supports Coldcard as a signing device (e.g., Electrum). On-device Lightning is not supported.
The Coldcard Mk4 remains the gold standard in Bitcoin security hardware in 2026. The dual secure element design, air-gapped microSD signing, and comprehensive duress features set it apart from every competitor. No other consumer device offers this combination of security depth.
The price of admission: you need to engage with the technology. The Coldcard rewards knowledge and patience with genuinely superior security. For Bitcoin holders serious about protecting significant holdings, it's worth the learning curve.
See also: SeedSigner Review 2026 | Bitcoin Cold Storage Complete Guide | How to Move Bitcoin to Cold Storage
Get our free Beginners Guide to Buying Bitcoin plus weekly insights for long-term holders.
GridPlus Lattice1 is a desktop hardware wallet with Wi-Fi, a 5" touchscreen, and SafeCards that physically isolate private keys. Most capable hardware wallet available in 2026. Full review with SafeCard system, security analysis, and comparison.
D'CENT Biometric Wallet uses a fingerprint sensor and EAL5+ certified ST33 Secure Element to protect your Bitcoin. Review covers biometric authentication, security architecture, Bitcoin features, and comparison vs Ledger Nano X.
Ellipal Titan has no USB, no Bluetooth, no NFC — QR codes are the only way data moves between the wallet and your phone. Here's how it works, who it's best for, and how it compares to Coldcard and Foundation Passport.