Why isn’t there a hardware wallet that can be used independently?

[hoisel]

I have used many hardware wallets, such as OneKey, Trezor, Ledger, and so on, but none of these wallets completely meet my needs. I find that the user experience of the wallets currently available on the market is not very good. All the hardware wallets being sold require pairing with a mobile phone or computer, which is very inconvenient. I’ve always wondered if there could be a hardware wallet that can function independently without relying on other devices—essentially, a hardware wallet that can connect to the internet. That way, I could directly operate the wallet to send cryptocurrency, which would be extremely convenient.

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

[satscraper]

I have used many hardware wallets, such as OneKey, Trezor, Ledger, and so on, but none of these wallets completely meet my needs. I find that the user experience of the wallets currently available on the market is not very good. All the hardware wallets being sold require pairing with a mobile phone or computer, which is very inconvenient. I’ve always wondered if there could be a hardware wallet that can function independently without relying on other devices—essentially, a hardware wallet that can connect to the internet. That way, I could directly operate the wallet to send cryptocurrency, which would be extremely convenient.

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

Is this Fool's day joke? Glue you hardware wallet to your mobile mobile and get what you want.

Now quips aside, HW with active connection to Internet would mean that private keys were not isolated from potential outside threats. Don't think that isolated from network module that keeps mnemonic phrase and/or private keys, signs transactions and performs other sensitive operations could be a solution. Just remember that " "there’s a key for every lock."

Keeping private keys offline is the best practice which is proved itself for many years. Those HW that adopt an air-gapping policy by limiting connectivity to external devices add points to such practice.

[nc50lc]

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

I understand the idea and seem plausible.
Basically a hardware device and a basic mobile phone (has an SPV wallet and internet) combined in one device but not entirely integrated with each other,
Just some sort of secure offline connection for the the transfer of unsigned/signed transaction to/from the HW module.

I haven't seen one, probably because the cost will be comparable to mobile phones without the complete use-case of a mobile phone which will not be attractive to the mainstream.

The closest thing that I can think of is Samsung's Galaxy Phones with integrated "Samsung Blockchain Keystore" stored in a "Secure File Storage" that they claim to never connect to the internet and safe from malware,
That is famous when Bitcoin was in every news and articles (This isn't a recommendation though, so DYOR)

[hoisel]

I have used many hardware wallets, such as OneKey, Trezor, Ledger, and so on, but none of these wallets completely meet my needs. I find that the user experience of the wallets currently available on the market is not very good. All the hardware wallets being sold require pairing with a mobile phone or computer, which is very inconvenient. I’ve always wondered if there could be a hardware wallet that can function independently without relying on other devices—essentially, a hardware wallet that can connect to the internet. That way, I could directly operate the wallet to send cryptocurrency, which would be extremely convenient.

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

Is this Fool's day joke?  Glue you hardware wallet to your mobile mobile and get what you want.  

Now quips aside, HW with active connection to Internet would mean that private keys were not isolated from potential outside  threats. Don't think that isolated from network module that keeps mnemonic phrase and/or private keys, signs transactions and performs other sensitive operations could be a solution. Just remember that " "there’s a key for every lock."

Keeping private keys offline is the best practice which is proved itself for many years. Those HW that adopt an air-gapping policy by limiting connectivity to external devices  add points to such practice.

I am not an expert in security, so I don’t fully understand why there would be any threats. The hardware wallet I have in mind is like how you currently connect your phone to a Ledger via Bluetooth. Your phone can be connected to the Internet, and all I want is to combine the two into one device. Internally, they could connect via Bluetooth, NFC, or some other method.

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

I understand the idea and seem plausible.
Basically a hardware device and a basic mobile phone (has an SPV wallet and internet) combined in one device but not entirely integrated with each other,
Just some sort of secure offline connection for the the transfer of unsigned/signed transaction to/from the HW module.

I haven't seen one, probably because the cost will be comparable to mobile phones without the complete use-case of a mobile phone which will not be attractive to the mainstream.

The closest thing that I can think of is Samsung's Galaxy Phones with integrated "Samsung Blockchain Keystore" stored in a "Secure File Storage" that they claim to never connect to the internet and safe from malware,
That is famous when Bitcoin was in every news and articles (This isn't a recommendation though, so DYOR)

If Samsung's Galaxy Phone truly keeps the private keys disconnected from the internet as they claim, then my idea could be realized. The interface of a hardware wallet after powering on should resemble a mobile wallet app, only including functions for managing cryptocurrencies. This way, it wouldn't be as bloated and complex as a mobile operating system, and I believe it would also be more secure. The appearance could be similar to the Keystone 3 Pro, which is priced at $149. If such a device existed, even if it cost $300 or more, I would find it acceptable, though I think it shouldn't add too much to the cost. The final price might end up being around $200.

[satscraper]

I have used many hardware wallets, such as OneKey, Trezor, Ledger, and so on, but none of these wallets completely meet my needs. I find that the user experience of the wallets currently available on the market is not very good. All the hardware wallets being sold require pairing with a mobile phone or computer, which is very inconvenient. I’ve always wondered if there could be a hardware wallet that can function independently without relying on other devices—essentially, a hardware wallet that can connect to the internet. That way, I could directly operate the wallet to send cryptocurrency, which would be extremely convenient.

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

Is this Fool's day joke?  Glue you hardware wallet to your mobile mobile and get what you want.  

Now quips aside, HW with active connection to Internet would mean that private keys were not isolated from potential outside  threats. Don't think that isolated from network module that keeps mnemonic phrase and/or private keys, signs transactions and performs other sensitive operations could be a solution. Just remember that " "there’s a key for every lock."

Keeping private keys offline is the best practice which is proved itself for many years. Those HW that adopt an air-gapping policy by limiting connectivity to external devices  add points to such practice.

I am not an expert in security, so I don’t fully understand why there would be any threats. The hardware wallet I have in mind is like how you currently connect your phone to a Ledger via Bluetooth. Your phone can be connected to the Internet, and all I want is to combine the two into one device. Internally, they could connect via Bluetooth, NFC, or some other method.

Look, to be fully functional device HW should not just be capable to connect to internet, it must have connectivity to either bitcoin network or 3rd party server that would provide such connectivity. Thus your hypothetical device must also combine either bitcoin node or relevant light-weight client. I think combining all these together with the isolated crypto-module would mean the complexity of the design. Adding to this the need for airtight communication between crypto-module and other parts that are facing Internet would be a challenging engineering task. Recollect Occam's razor principle which says “plurality should not be posited without necessity.”

[ABCbits]

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

At least for module that is being isolated from network/rest of device, most CPU today have TEE (Trusted Execution Environment) module. So it comes down to whether mobile or desktop Bitcoin wallet bother to use this module or not. Although AFAIK you still need to store the encrypted private key elsewhere.

[hoisel]

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

At least for module that is being isolated from network/rest of device, most CPU today have TEE (Trusted Execution Environment) module. So it comes down to whether mobile or desktop Bitcoin wallet bother to use this module or not. Although AFAIK you still need to store the encrypted private key elsewhere.

Yes, I believe cryptocurrency private keys should be stored separately because the environments of mobile phones and computers are too complex, which increases the attack surface. The system of an internet-connected hardware wallet should be kept as simple as possible. I’m not very sure about the security of TEE modules, but if their security is comparable to that of secure chips used in hardware wallets, then there are already existing solutions for this.

I have used many hardware wallets, such as OneKey, Trezor, Ledger, and so on, but none of these wallets completely meet my needs. I find that the user experience of the wallets currently available on the market is not very good. All the hardware wallets being sold require pairing with a mobile phone or computer, which is very inconvenient. I’ve always wondered if there could be a hardware wallet that can function independently without relying on other devices—essentially, a hardware wallet that can connect to the internet. That way, I could directly operate the wallet to send cryptocurrency, which would be extremely convenient.

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

Is this Fool's day joke?  Glue you hardware wallet to your mobile mobile and get what you want.  

Now quips aside, HW with active connection to Internet would mean that private keys were not isolated from potential outside  threats. Don't think that isolated from network module that keeps mnemonic phrase and/or private keys, signs transactions and performs other sensitive operations could be a solution. Just remember that " "there’s a key for every lock."

Keeping private keys offline is the best practice which is proved itself for many years. Those HW that adopt an air-gapping policy by limiting connectivity to external devices  add points to such practice.

I am not an expert in security, so I don’t fully understand why there would be any threats. The hardware wallet I have in mind is like how you currently connect your phone to a Ledger via Bluetooth. Your phone can be connected to the Internet, and all I want is to combine the two into one device. Internally, they could connect via Bluetooth, NFC, or some other method.

Look, to be fully functional device HW should not just be capable to connect to internet, it must have connectivity to either bitcoin network or 3rd party server that would provide such connectivity. Thus you hypothetical device must also combine either bitcoin node or relevant light-weight client. I think combining all these together with the isolated crypto-module  would mean the complexity of the design. Adding to this the need for  airtight communication between crypto-module and other parts that are facing Internet would be a challenging engineering task. Recollect Occam's razor principle  which says “plurality should not be posited without necessity.”

I suddenly thought of a possibility. Suppose there is an internet-connected hardware wallet, and its mnemonic phrase is absolutely secure and completely isolated from the network. Could a hacker still attack you by tampering with your transaction details? For example, you intend to send Bitcoin to the address bc1q....1111, and the hardware wallet's signature also shows that you are sending it to this address. However, the hacker alters the actual destination address, changing it to bc1q....2222, ultimately resulting in the loss of Bitcoin. Is such a scenario possible?

[Lucius]

I suddenly thought of a possibility. Suppose there is an internet-connected hardware wallet, and its mnemonic phrase is absolutely secure and completely isolated from the network. Could a hacker still attack you by tampering with your transaction details? For example, you intend to send Bitcoin to the address bc1q....1111, and the hardware wallet's signature also shows that you are sending it to this address. However, the hacker alters the actual destination address, changing it to bc1q....2222, ultimately resulting in the loss of Bitcoin. Is such a scenario possible?

If the interface you use with the hardware wallet is on a device that is infected with clipboard malware, then theoretically the address in that interface can be changed, but if you are careful and always compare addresses, you will certainly not send coins to the wrong address. In other words, if you have a reliable air-gapped device and use a wallet that is open source and whose file you can verify before installation, and if you check each transaction parameter several times, then you are 99% sure that no one will hack you.

That 1% is due to the fact that we can never know if there is any undetected vulnerability either in the hardware wallet itself, the user interface or the computer/smartphone we use.

[satscraper]

I have used many hardware wallets, such as OneKey, Trezor, Ledger, and so on, but none of these wallets completely meet my needs. I find that the user experience of the wallets currently available on the market is not very good. All the hardware wallets being sold require pairing with a mobile phone or computer, which is very inconvenient. I’ve always wondered if there could be a hardware wallet that can function independently without relying on other devices—essentially, a hardware wallet that can connect to the internet. That way, I could directly operate the wallet to send cryptocurrency, which would be extremely convenient.

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

Is this Fool's day joke?  Glue you hardware wallet to your mobile mobile and get what you want.  

Now quips aside, HW with active connection to Internet would mean that private keys were not isolated from potential outside  threats. Don't think that isolated from network module that keeps mnemonic phrase and/or private keys, signs transactions and performs other sensitive operations could be a solution. Just remember that " "there’s a key for every lock."

Keeping private keys offline is the best practice which is proved itself for many years. Those HW that adopt an air-gapping policy by limiting connectivity to external devices  add points to such practice.

I am not an expert in security, so I don’t fully understand why there would be any threats. The hardware wallet I have in mind is like how you currently connect your phone to a Ledger via Bluetooth. Your phone can be connected to the Internet, and all I want is to combine the two into one device. Internally, they could connect via Bluetooth, NFC, or some other method.

Look, to be fully functional device HW should not just be capable to connect to internet, it must have connectivity to either bitcoin network or 3rd party server that would provide such connectivity. Thus you hypothetical device must also combine either bitcoin node or relevant light-weight client. I think combining all these together with the isolated crypto-module  would mean the complexity of the design. Adding to this the need for  airtight communication between crypto-module and other parts that are facing Internet would be a challenging engineering task. Recollect Occam's razor principle  which says “plurality should not be posited without necessity.”

I suddenly thought of a possibility. Suppose there is an internet-connected hardware wallet, and its mnemonic phrase is absolutely secure and completely isolated from the network. Could a hacker still attack you by tampering with your transaction details? For example, you intend to send Bitcoin to the address bc1q....1111, and the hardware wallet's signature also shows that you are sending it to this address. However, the hacker alters the actual destination address, changing it to bc1q....2222, ultimately resulting in the loss of Bitcoin. Is such a scenario possible?

It is possible unless you prevent it by checking on the HW screen what are you signing. This means your potential device must have airtight display controller that refuses not authorized communications.

[hoisel]

I have used many hardware wallets, such as OneKey, Trezor, Ledger, and so on, but none of these wallets completely meet my needs. I find that the user experience of the wallets currently available on the market is not very good. All the hardware wallets being sold require pairing with a mobile phone or computer, which is very inconvenient. I’ve always wondered if there could be a hardware wallet that can function independently without relying on other devices—essentially, a hardware wallet that can connect to the internet. That way, I could directly operate the wallet to send cryptocurrency, which would be extremely convenient.

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

Is this Fool's day joke?  Glue you hardware wallet to your mobile mobile and get what you want.  

Now quips aside, HW with active connection to Internet would mean that private keys were not isolated from potential outside  threats. Don't think that isolated from network module that keeps mnemonic phrase and/or private keys, signs transactions and performs other sensitive operations could be a solution. Just remember that " "there’s a key for every lock."

Keeping private keys offline is the best practice which is proved itself for many years. Those HW that adopt an air-gapping policy by limiting connectivity to external devices  add points to such practice.

I am not an expert in security, so I don’t fully understand why there would be any threats. The hardware wallet I have in mind is like how you currently connect your phone to a Ledger via Bluetooth. Your phone can be connected to the Internet, and all I want is to combine the two into one device. Internally, they could connect via Bluetooth, NFC, or some other method.

Look, to be fully functional device HW should not just be capable to connect to internet, it must have connectivity to either bitcoin network or 3rd party server that would provide such connectivity. Thus you hypothetical device must also combine either bitcoin node or relevant light-weight client. I think combining all these together with the isolated crypto-module  would mean the complexity of the design. Adding to this the need for  airtight communication between crypto-module and other parts that are facing Internet would be a challenging engineering task. Recollect Occam's razor principle  which says “plurality should not be posited without necessity.”

I suddenly thought of a possibility. Suppose there is an internet-connected hardware wallet, and its mnemonic phrase is absolutely secure and completely isolated from the network. Could a hacker still attack you by tampering with your transaction details? For example, you intend to send Bitcoin to the address bc1q....1111, and the hardware wallet's signature also shows that you are sending it to this address. However, the hacker alters the actual destination address, changing it to bc1q....2222, ultimately resulting in the loss of Bitcoin. Is such a scenario possible?

It is possible unless you prevent it by checking on the HW screen what are you signing. This means your potential device must have airtight  display controller  that refuses not authorized communications.

Maybe a hardware wallet that can connect to the internet should come with two screens, just like a foldable phone, hahaha.

[nc50lc]

-snip-

Maybe a hardware wallet that can connect to the internet should come with two screens, just like a foldable phone, hahaha.

That could be a million dollar idea.
It fully visualizes that the Hardware Wallet module and the Wallet Module are separate, just like a HW that's permanently plugged in a phone. (being open-source is a plus)
More if it has something like a "disconnect switch".

But the market for that type of HW would be niche IMO.
Plus (as I've noted) the price wouldn't be cheap and the size will not be as compact as a common hardware wallet due to the additional hardware required for the wallet client module.
Its competitors are small-and-cheap but secure hardware wallets that are ready to be used with existing phone or PC. (everyone has a phone in this age)
If I were to choose, I'd still get the latter.

[thebitcoinhole]

If you buy a hardware wallet and connect it to their official companion software, you are trusting 100% in a single company. Instead, you can improve your security, and reduce your trust in a single company by using a third-party open-source wallet instead of the official one.
So, having a single device, as you suggest, is a very bad idea. You would be trusting 100% in a vendor.

The secure setup is:
* Create the transaction in an open source thirdparty software wallet
* Send the transaction to your Hardware Wallet, in an airgapped medium, like QR or sdcard
* Review and sign the transaction on the Hardware Wallet
* Send back the transaction (now signed) to the software wallet (with QR or sdcard)
* Broadcast the transaction

[satscraper]

I have used many hardware wallets, such as OneKey, Trezor, Ledger, and so on, but none of these wallets completely meet my needs. I find that the user experience of the wallets currently available on the market is not very good. All the hardware wallets being sold require pairing with a mobile phone or computer, which is very inconvenient. I’ve always wondered if there could be a hardware wallet that can function independently without relying on other devices—essentially, a hardware wallet that can connect to the internet. That way, I could directly operate the wallet to send cryptocurrency, which would be extremely convenient.

I understand that being connected to the internet may mean less security, so the module that manages the mnemonic phrase would need to be isolated from the network. I think this should not be too difficult to achieve, sort of like combining a "phone + hardware wallet" into a single device. I really hope a device like this exists, because using a wallet like this would be so much more convenient.

Is this Fool's day joke?  Glue you hardware wallet to your mobile mobile and get what you want.  

Now quips aside, HW with active connection to Internet would mean that private keys were not isolated from potential outside  threats. Don't think that isolated from network module that keeps mnemonic phrase and/or private keys, signs transactions and performs other sensitive operations could be a solution. Just remember that " "there’s a key for every lock."

Keeping private keys offline is the best practice which is proved itself for many years. Those HW that adopt an air-gapping policy by limiting connectivity to external devices  add points to such practice.

I am not an expert in security, so I don’t fully understand why there would be any threats. The hardware wallet I have in mind is like how you currently connect your phone to a Ledger via Bluetooth. Your phone can be connected to the Internet, and all I want is to combine the two into one device. Internally, they could connect via Bluetooth, NFC, or some other method.

Look, to be fully functional device HW should not just be capable to connect to internet, it must have connectivity to either bitcoin network or 3rd party server that would provide such connectivity. Thus you hypothetical device must also combine either bitcoin node or relevant light-weight client. I think combining all these together with the isolated crypto-module  would mean the complexity of the design. Adding to this the need for  airtight communication between crypto-module and other parts that are facing Internet would be a challenging engineering task. Recollect Occam's razor principle  which says “plurality should not be posited without necessity.”

I suddenly thought of a possibility. Suppose there is an internet-connected hardware wallet, and its mnemonic phrase is absolutely secure and completely isolated from the network. Could a hacker still attack you by tampering with your transaction details? For example, you intend to send Bitcoin to the address bc1q....1111, and the hardware wallet's signature also shows that you are sending it to this address. However, the hacker alters the actual destination address, changing it to bc1q....2222, ultimately resulting in the loss of Bitcoin. Is such a scenario possible?

It is possible unless you prevent it by checking on the HW screen what are you signing. This means your potential device must have airtight  display controller  that refuses not authorized communications.

Maybe a hardware wallet that can connect to the internet should come with two screens, just like a foldable phone, hahaha.

Maybe, but before such device appears ^{in which I strongly doubt} you could try AirGap Vault and AirGap Wallet installing them "on your every-day phone and profit from added security through application sandboxing and app switching for communication." I think this would be off-the-shelf solution which is closest to your dream.

[ABCbits]

--snip--
At least for module that is being isolated from network/rest of device, most CPU today have TEE (Trusted Execution Environment) module. So it comes down to whether mobile or desktop Bitcoin wallet bother to use this module or not. Although AFAIK you still need to store the encrypted private key elsewhere.

Yes, I believe cryptocurrency private keys should be stored separately because the environments of mobile phones and computers are too complex, which increases the attack surface. The system of an internet-connected hardware wallet should be kept as simple as possible.

It's hard to keep things simple, when are there so many type and version technology involved just to able to connect to internet with acceptable support. For example, SSL/TLS, 802.11, IPv4/IPv6 and protocol support (in order to connect full node or 3rd party server that used to obtain TX data and broadcast your TX).

I’m not very sure about the security of TEE modules, but if their security is comparable to that of secure chips used in hardware wallets, then there are already existing solutions for this.

I don't know whether it's security is comparable, since there are all kinds of TEE (ARM CPU usually have TrustZone) and secure element. But AFAIK it's best option, if lots of R&D isn't desirable.

[m2017]

I am not an expert in security, so I don’t fully understand why there would be any threats. The hardware wallet I have in mind is like how you currently connect your phone to a Ledger via Bluetooth. Your phone can be connected to the Internet, and all I want is to combine the two into one device. Internally, they could connect via Bluetooth, NFC, or some other method.

Ideally, then hardware wallet should consist of two parts:
device 1 - the device itself, in the typical and familiar form for us now.
device 2 - a device similar to a smartphone, but with limited minimum functionality (minimum amount of required memory, inability to install third-party apps), but with the ability to access the Internet via Wi-Fi or mobile Internet. That is, remove all those functions that may be a vulnerability. This will reduce the cost of the device, but in any case, the presence of a second device will require additional costs.

A conditional scheme may look like this:

device 1  + device 2 with Internet access =  form a kind of hybrid of hardware wallet and smartphone in the bundle.

There is a certain benefit here:
- no need to have a PC or smartphone
- improved security
- an additional line of defense is created (in the event that both of these devices are linked to each other), then having acquired one device, there will be no access to the wallet (although this also creates additional problems in case of breakage or loss, but I think this could be solved with backups).

But unfortunately, there is nothing like this on the market yet, and the above is just a figment of my imagination.

[Forsyth Jones]

What you want isn't always the most secure for your digital security. Whenever you want more convenience, you will either have less security or privacy. Currently, all devices I know require a host device to read the public keys and a offline signing device (which in this case is the hardware wallet).

The air-gapped approach aims to not connect the device with access to seed/private keys, which is considered the most secure method for long-term coin storage, but convenience is sacrificed. People are preferring air-gapped signing devices over those that connect via USB cable to the computer or Bluetooth.

Even if such a device exists in the future, this hypothetical device will need to prove itself over time as being just as secure as traditional and air-gapped HWs.

~~~~~~

It's even possible to create devices with this purpose and approach, one being completely offline and the other minimally connected to the internet. As you said, with limited features. The point is that there hasn't been demand for that yet. Besides, this isn't much different from an air-gapped wallet like the Passport Batch2/Core/Prime and an online computer that carries the public keys.

Probably if this type of HW existed, a second device (computer) would be more viable, so I don't see any sense in it. Because what can a second online device like a computer get besides the public key? What it shouldn't get is the private key, which shouldn't leave the signing device.

[Saint-loup]

That's a pretty good idea, even if it would only be able to connect internet by wifi it would interest many people I think. But unfortunately most people wouldn't trust it I guess because it would be very difficult to check it doesn't send the seed elsewhere by its own. In addition it implies to have to enter long recipient addresses without being able to copy/paste them when you want to send funds. Except maybe if it also has a camera being able to read QR codes.

[NotATether]

The closest thing that I can think of is Samsung's Galaxy Phones with integrated "Samsung Blockchain Keystore" stored in a "Secure File Storage" that they claim to never connect to the internet and safe from malware,

Nothing will convince me to enable the Samsung Blockchain Keystore on an internet-connected phone. It's just so counter-intuitive.

If you want an true airgapped setup with hardware wallets, that doesn't really exist, but you can use your phone without any sort of internet, bluetooth, or ultrawideband by installing the "Airgap Vault" apk on it (assuming you load it onto an SD card or USB-C flash drive beforehand), which functions as your keystore, and on any other phone, you install "Airgap Wallet" and communicate with the other device with QR codes.

[Forsyth Jones]

Nothing will convince me to enable the Samsung Blockchain Keystore on an internet-connected phone. It's just so counter-intuitive.

If you want an true airgapped setup with hardware wallets, that doesn't really exist, but you can use your phone without any sort of internet, bluetooth, or ultrawideband by installing the "Airgap Vault" apk on it (assuming you load it onto an SD card or USB-C flash drive beforehand), which functions as your keystore, and on any other phone, you install "Airgap Wallet" and communicate with the other device with QR codes.

Although I've tested AirGap Vault a few times, I haven't found a better solution that fits what the OP is looking for.

If I'm not mistaken, it's also possible to install Krux on an offline phone, which would function as a hardware wallet. In that case, you'd just need a second device to read the public keys and broadcast the transactions/PSBTs.

The phone responsible for signing transactions should never be connected to a network again and the information should be transferred between devices via SD card, QR code, etc.

I'm increasingly convinced that a DIY air-gapped hardware wallet is the best way to go.