Coinkite launched the Coldcard Mk5 in March 2026, the first hardware revision to the Mk line since the Mk4 arrived in 2022. It keeps everything that made the Mk4 the most security-hardened signing device you can buy, then fixes the part everyone complained about: the interface. At $167, this is the new one to buy.
Let's be clear about what the Mk5 is and is not. It is not a security leap. The dual Secure Elements, the air-gap, the open-source firmware: all carried over from the Mk4 unchanged. What it is, is the first Coldcard that does not feel like a punishment to operate. A bigger screen, real buttons you can actually press, and a body that finally looks designed rather than soldered together in a hurry. For a device class where the Mk4 already led on security, fixing the usability is exactly the upgrade that mattered.
Quick Verdict
Class-leading security, now materially nicer to use
| Category | Score | Notes |
|---|---|---|
| Security | 10/10 | Same dual Secure Elements, air-gap, duress wallet, brick-me PIN as the Mk4 |
| Ease of Use | 7/10 | Bigger Gorilla Glass screen and flush keys help a lot; still a number pad, still no app |
| Open Source | 9.5/10 | Same open firmware and published hardware schematics on GitHub |
| Features | 10/10 | BIP-85, dice entropy, countdown PIN, anti-phishing words, faster Push TX |
| Price / Value | 8.5/10 | $167 for the best-protected signing device, only $10 over the Mk4 |
| Overall | 9.5/10 | Same class-leading security, materially better to live with |
The Mk5 is the first hardware revision to the Mk line since 2022. Coinkite did not touch the security model. Instead they pulled the most useful ideas from the 2023 Coldcard Q and folded them into the smaller body. Five changes matter.
A bigger, tougher screen
The headline change. The Mk5 uses a 1.54-inch display, roughly 30 percent larger than the Mk4 panel, and it sits behind Gorilla Glass. Addresses and amounts are easier to verify, and the glass survives drops and pocket abuse far better than the old plastic. Verifying a receive address on the Mk4 squint-screen was always a chore. On the Mk5 it is just readable.
Flush tactile keys
The Mk4 keypad sat in recessed sockets that forced awkward finger positioning. The Mk5 buttons are redesigned nearly flush with the chassis, with proper tactile feedback. You can actually type a PIN at speed now. It sounds minor until you have entered a long PIN on a Mk4 in poor light.
USB-C on the bottom
The port moved from the side to the bottom edge. On a desk, the cable now runs down and out of the way instead of sticking out sideways. Combined with the more compact, unified rectangular body (the screen no longer protrudes above the keypad), the Mk5 simply sits better on a table while you work.
Faster NFC for Push TX
The Mk5 has an improved NFC antenna that makes the Push TX workflow (broadcasting a signed transaction to a phone by tapping) faster and more reliable. NFC is still short range, still optional, and still off by default. Air-gap purists can ignore it; people who use Push TX get a smoother experience.
A case in the box
The Mk5 ships with a slide-on half case that protects the screen and buttons and removes completely when you want to use the device. A small thing, but the Mk4 left protection as an afterthought. The Mk5 also comes in many finishes, from plain black to clear, gold-flake, and glow-in-the-dark.
| Secure Element | Dual chip from two vendors plus MCU (carried over from the Mk4) |
| Display | 1.54-inch screen, Gorilla Glass, about 30% larger than the Mk4 |
| Input | Redesigned flush tactile keypad |
| Connectivity | USB-C (bottom-mounted) + microSD air-gap (NFC optional, off by default) |
| OS Support | Windows, macOS, Linux |
| Companion App | None (use Sparrow Wallet or Electrum) |
| In the box | Slide-on half case; multiple color and finish options |
| Backups | Backwards-compatible with existing Coldcard backups |
| Price | $167 USD plus shipping from Coinkite |
| Launched | March 2026 |
| Made in | Canada |
The Coldcard Mk5 is a Bitcoin-only hardware wallet made by Coinkite, the Canadian company founded by Rodolfo Novak (NVK). The Coldcard line has been in production since 2018 and is the reference point for serious cold storage. The Mk5, launched in March 2026, is the latest version of the compact Mk series. It slots in above the Mk4 and below the larger Coldcard Q.
The pitch is simple. Take the Mk4, the most security-hardened signing device on the market, and make it pleasant to use. The Mk5 keeps the things that earned the Mk4 a 9 out of 10 (dual Secure Elements, full air-gap via microSD, open-source firmware, duress wallets, brick-me PINs, dice entropy, BIP-85) and adds the screen, keys, and ergonomics that the Mk4 always lacked. Same security, far less friction.
What still sets a Coldcard apart from a Trezor or a BitBox02 is the combination of true air-gap operation and a feature set built for adversarial threat models. You never need to plug the Mk5 into a computer. Transactions move by microSD card, and your keys never touch a networked device.
Coinkite still sells the Coldcard Q ($219), a larger device with a full QWERTY keyboard, a 3.2-inch screen, a built-in QR scanner, and AAA battery power. The Q is the better choice if you type long passphrases or prefer QR signing. The Mk5 at $167 is the compact, better-value flagship, and it is the focus of this review.
The workflow is identical to the Mk4 and just as secure. It uses PSBT (Partially Signed Bitcoin Transactions) and a microSD card as the transfer medium. No USB data cable, no Bluetooth, no WiFi. The larger screen makes the verification step (the part that actually protects you) much easier to get right.
Build the transaction
In Sparrow Wallet (or Electrum), construct your transaction. Set the destination address, amount, and fee. Export the unsigned PSBT file to a microSD card.
Sign on the Mk5
Insert the microSD into your Mk5. Find the PSBT file in the menu. The Mk5 shows the destination address and amount on its larger Gorilla Glass screen for you to verify. Confirm and sign.
Broadcast from your computer
The signed PSBT is written back to the microSD card. Move it to your computer. Sparrow reads the signed transaction and broadcasts it to the Bitcoin network.
At no point does the Mk5 establish a data connection with your computer. Malware on your laptop cannot reach the signing device. The only data that moves is the PSBT file on the microSD card, and the Mk5 verifies every detail on-screen before signing.
The Foundation Passport achieves air-gapping through QR codes instead of microSD, and the Coldcard Q can use a built-in QR scanner too. The Mk5 sticks with microSD as its air-gap, with the optional NFC Push TX path layered on top. Different mediums, same goal: keep the keys off the network.
The Mk5 carries over the Mk4 design: two Secure Element chips from two different manufacturers, working alongside the main microcontroller. Most hardware wallets use a single Secure Element, or none at all in Trezor's case. Coldcard doubles up, and here is why that matters.
A Secure Element is a tamper-resistant chip designed to store cryptographic secrets. It resists physical probing, side-channel attacks, and fault injection. If someone tears apart your wallet, the Secure Element makes key extraction extremely difficult without lab-grade equipment.
But what if there is an undiscovered vulnerability in a specific Secure Element chip? It has happened before in other products. By running two chips from different vendors, the Coldcard creates redundancy. An attacker would need to defeat both chips at once. A flaw in one does not automatically expose your keys while the other still protects them.
For context: the Trezor Safe 3 uses a single Optiga Trust M chip. The Foundation Passport uses a single EAL6+ Secure Element. None of them double up. The Coldcard's dual-chip approach remains unique in the consumer market, and it is the reason the Mk5 scores a perfect 10 on security.
These features carry over from the Mk4 untouched. They are not gimmicks. They address real threat models that other wallet makers ignore, and the Mk5's bigger screen makes several of them easier to use.
Duress wallet
Set a secondary PIN that opens a decoy wallet with a small balance. Under physical coercion, you hand over the duress PIN. The attacker sees some Bitcoin, takes it, and walks away. Your real holdings stay hidden behind the primary PIN. No other major hardware wallet offers this.
Brick-me PIN
A special PIN that permanently destroys both Secure Elements when entered. If someone forces you to unlock the device, entering the brick-me PIN turns the Mk5 into a paperweight. Your funds are safe as long as your seed backup exists elsewhere. Extreme, but it exists for extreme situations.
Dice roll entropy
Do not trust the device's random number generator? Roll physical dice and enter the results manually. The Mk5 converts your rolls into entropy for seed generation. You control the randomness, and the larger screen makes entering a long string of rolls less painful than it was on the Mk4.
Countdown PIN
A login mode that starts a countdown timer (hours or days) before the device unlocks. Designed to slow down physical attacks. If someone steals your Mk5 and tries to brute-force it, the countdown buys you time to move funds using your seed backup.
Anti-phishing words
After entering your PIN prefix, the Mk5 shows words unique to your device and seed. They prove you are using your genuine Coldcard, not a lookalike substitute. Supply chain attacks rely on swapping devices. Anti-phishing words catch that, and they are clearer to read on the new screen.
BIP-85 derived wallets
Generate multiple independent child wallets from your single master seed. Each child wallet has its own seed phrase. Compromise one, the others stay safe. Useful for separating funds across hot wallets, lightning nodes, or multiple cold storage setups without juggling a pile of seed backups.
Yes. The Mk5 runs the same open-source firmware as the rest of the Coldcard line. Every line lives on GitHub. Anyone can read it, audit it, and verify the device does exactly what Coinkite claims. Independent researchers review the code regularly, and bugs get found and patched in public.
Coinkite also publishes the hardware schematics, so you can see the board layout and confirm which chips are used. The transparent case options make this literal: you can look through the shell and inspect the internals for tamper or hardware implants. On boot, a status LED shows green for “Genuine” or red for “Caution” firmware. This puts the Mk5 in the small club of wallets where both software and hardware are auditable. Ledger, by contrast, keeps its firmware closed.
You can also build the firmware from source and flash it to your Mk5 yourself. Most people will not. But the fact that you can is the point. Verifiability over trust. That is the Bitcoin ethos, and the Coldcard lives it.
Yes, noticeably. This is the whole reason the Mk5 exists. The Mk4 was a brilliant security tool wrapped in an interface that felt like a 2004 Nokia. The Mk5 fixes the two worst offenders: the cramped screen and the recessed buttons. The 1.54-inch Gorilla Glass display is brighter and roughly 30 percent larger, so reading an address line by line is no longer a strain. The flush tactile keys mean PIN entry and menu navigation feel deliberate instead of fiddly.
Be honest about the limits, though. The Mk5 still uses a number pad, not a full keyboard. Typing a long BIP39 passphrase is still slow, because each letter takes multiple presses. If you enter passphrases constantly, the Coldcard Q's QWERTY keyboard is worth the jump to $219. For most people who set a passphrase once and rarely touch it, the Mk5 number pad is fine.
There is still no companion app. No Envoy equivalent, no Ledger Live. You pair the Mk5 with third-party wallet software like Sparrow or Electrum, and you set that up yourself. The official documentation is thorough and community guides are plentiful, but you are reading docs, not tapping “Next” on a wizard.
Bottom line: the Mk5 moves the usability needle from “painful” to “reasonable”. It is still a power tool that rewards people who take the time to learn it. It is just no longer actively unpleasant, and for a device you trust with serious money, that matters more than it sounds.
Sparrow Wallet is the standard pairing for any Coldcard, and the Mk5 is no exception. It is open source, supports full air-gapped PSBT workflows, gives you coin control and custom fee selection, and runs on Windows, Mac, and Linux. If you own a Mk5, you should probably be using Sparrow.
Setup starts by exporting your Mk5's public key information to a microSD card, then importing that file into Sparrow. This creates a watch-only wallet: Sparrow can see your addresses and balances but cannot sign anything. The signing keys stay on the Mk5, physically isolated.
To send Bitcoin, you build the transaction in Sparrow, export the unsigned PSBT to microSD, sign it on the Mk5, and bring the signed file back. The round trip takes about 60 seconds once you have done it a few times. With the larger screen, confirming the destination address on-device is quicker and less error-prone than it was on the Mk4.
Sparrow also supports USB if you prefer convenience over air-gap purity. Plug the Mk5 in via USB-C and sign directly. You lose the air-gap benefit but gain speed. For advanced users, Coinkite still provides ckcc, a command-line tool for scripting PSBT signing, key extraction, and multisig management.
The Mk5 ships with a better NFC antenna than the Mk4, aimed at the Push TX feature: tap the device against a phone to broadcast a signed transaction. This reopened the old debate. An air-gapped wallet with a wireless radio sounds contradictory. Here is the full picture.
NFC on the Mk5 is off by default. You opt in deliberately, and many security-focused owners never do. It operates only at very short range, a few centimeters, unlike Bluetooth or WiFi which reach tens of meters. That short range is a meaningful security property: an attacker cannot interact with the antenna from across a room.
If you want zero wireless capability at the hardware level, the NFC antenna can be physically disabled by scratching a specific wire on the board. After that, no software setting can bring it back. This is the kind of hardware-level control that defines the Coldcard approach: the option exists, and you decide.
Our take is unchanged from the Mk4: if you bought a Coldcard for maximum air-gap security, leave NFC off and use microSD. Push TX is a genuine convenience for people who want it, and the faster antenna makes it pleasant. But it is an option, not the default, and that is exactly how it should be.
Side by side, the differences are all about ergonomics. The security column is identical, which is the point.
| Feature | Coldcard Mk5 ($167) | Coldcard Mk4 ($157) |
|---|---|---|
| Screen | 1.54" Gorilla Glass (about 30% larger) | Smaller monochrome screen |
| Buttons | Flush tactile keypad | Recessed number pad |
| USB-C port | Bottom-mounted | Side-mounted |
| NFC | Improved Push TX antenna (off by default) | First-gen NFC (off by default) |
| Case included | Yes (slide-on half case) | Sold separately |
| Secure Elements | Dual, two vendors | Dual, two vendors |
| Air-gap (microSD) | Yes | Yes |
| Firmware | Open-source, Bitcoin-only | Open-source, Bitcoin-only |
| Backups | Compatible with Mk4 backups | Compatible with Mk5 backups |
| Best pick if | You are buying new in 2026 | You want the cheapest current Coldcard |
Both share the exact same dual Secure Element security model. The choice is about input method, screen, and form factor, not safety.
| Feature | Coldcard Mk5 ($167) | Coldcard Q ($219) |
|---|---|---|
| Keyboard | Number pad | Full QWERTY |
| Screen | 1.54" Gorilla Glass | 3.2" LCD |
| QR scanner | No | Yes (built-in camera) |
| microSD slots | One | Two |
| Power | USB-C or battery pack | 3x AAA batteries |
| Form factor | Compact | Larger |
| Security model | Dual SE, two vendors | Dual SE, two vendors |
| Best for | Best value air-gap | Heavy passphrase and QR users |
The Mk5 is for the Bitcoiner who wants the most security-hardened signing device available but never loved the Mk4's interface. If you hold enough Bitcoin that air-gapped storage is worth the setup time, and you want a device you can actually read and operate without squinting, this is the one to buy new in 2026.
Bitcoin-only maximalists will feel at home. No altcoin firmware, no Ethereum integration eating development resources, every line of code serving one purpose: securing Bitcoin. The attack surface stays small because there is less code to audit.
Multisig builders should consider the Mk5 as one key in a quorum. Pair it with a Passport and a BitBox02 in a 2-of-3 setup coordinated through Sparrow. Three manufacturers, three firmware codebases, three chip vendors, no single point of failure. That is how serious cold storage works.
If you have never owned a hardware wallet, skip it for now. A Trezor Safe 3 at $79 or a BitBox02 at $149 will teach you seed phrases, address verification, and PSBT workflows with far less friction. Learn on those, then come back to the Coldcard when you understand why air-gapping matters.
If you already own a Coldcard Mk4 that works and rarely leaves your safe, there is no security reason to upgrade. The Mk5 is nicer to use, not safer. Spend the money only if the Mk4's ergonomics genuinely bother you.
And if you type long passphrases constantly or strongly prefer QR signing, skip straight to the Coldcard Q. Its QWERTY keyboard and built-in scanner are worth the extra $52 for that specific workflow.
The Coldcard Mk5 earns a 9.5 out of 10. It keeps the dual Secure Elements, full air-gap, open-source firmware, and adversarial feature set that made the Mk4 the most security-hardened consumer Bitcoin wallet, then it fixes the one thing holding the Mk4 back: the interface. A larger Gorilla Glass screen, flush tactile keys, and a more sensible body turn a brilliant security tool into one you do not dread using.
It earns half a point more than the Mk4 because the upgrade lands exactly where it was needed. It does not earn a perfect 10 because the friction is reduced, not eliminated: still a number pad, still no companion app, still a learning curve that will frustrate newcomers. Those are deliberate trade-offs, and serious users will accept them happily.
At $167, the Mk5 is the Coldcard to buy new in 2026. Get a Trezor or BitBox02 to learn the fundamentals. Choose the Coldcard Q if you live in the passphrase field. For everyone else who wants maximum security without the old misery, the Mk5 is the answer.
$167 from Coinkite. Ships from Canada with open-source firmware, full air-gap via microSD, and a slide-on case in the box.
Affiliate Disclosure: Bitcoin.diy may earn a commission if you buy through our links. This does not affect our ratings.
Five things, all about usability rather than security. The Mk5 gets a 1.54-inch screen (about 30 percent larger than the Mk4) protected by Gorilla Glass, a redesigned keypad with flush tactile keys instead of the Mk4's recessed buttons, a USB-C port relocated to the bottom of the device, a faster and more reliable NFC antenna for Push TX, and a more compact unified body that ships with a slide-on half case. The security architecture (dual Secure Elements, air-gap, open-source Bitcoin-only firmware) is unchanged.
No, and Coinkite does not claim it is. The Mk5 uses the same two Secure Elements from two different vendors, the same air-gapped microSD workflow, and the same audited open-source firmware as the Mk4. The Mk5 is a usability upgrade, not a security upgrade. Both devices sit at the top of the security rankings. The Mk5 is simply easier to live with day to day.
Only if the ergonomics bother you. If your Mk4 works and you rarely touch it (which is the point of cold storage), there is no security reason to upgrade. The Mk5 is worth it if you interact with the device often, struggle with the small screen, or find the recessed Mk4 buttons frustrating. Your existing backups are compatible, so migrating is straightforward if you decide to do it.
The Mk5 is $167 plus shipping, direct from Coinkite. That is $10 more than the Mk4 at $157. For the larger Gorilla Glass screen, the redesigned keypad, and the included slide-on case, the small premium is easy to justify. The Coldcard Q, with its full QWERTY keyboard and QR scanner, remains the premium option at $219.
The Q has a full QWERTY keyboard, a 3.2-inch LCD, a built-in QR scanner, dual microSD slots, and runs on AAA batteries. It is the better choice if you type long BIP39 passphrases often or prefer QR signing. The Mk5 is more compact, cheaper at $167, and powered by USB-C or a battery pack. Both share the exact same dual Secure Element security model. Pick the Q for the keyboard and QR scanner; pick the Mk5 for value and a smaller form factor.
Yes. The Mk5 remains 100 percent air-gapped. You sign transactions by passing PSBT files on a microSD card, and your private keys never need a USB data connection to a computer. The improved NFC adds an optional wireless path (Push TX), but it is off by default and the microSD workflow is unchanged. Air-gap purists can ignore NFC entirely.
NFC is off by default and operates only at very short range (centimeters), unlike Bluetooth or WiFi which reach tens of meters. If you never enable it, the antenna stays inert. For people who want zero wireless capability at the hardware level, the antenna can be physically disabled by scratching a specific wire on the board. If maximum air-gap is your reason for buying a Coldcard, leave NFC off and use microSD.
Yes. The Mk5 is backwards-compatible with existing Coldcard backups. If you are coming from a Mk4 or restoring a seed, the standard 24-word seed and Coldcard backup files work as expected. Your derivation paths and multisig configurations carry over, so moving to a Mk5 does not require rebuilding your wallet from scratch.
No. Like every Coldcard, the Mk5 has no official companion app. You pair it with third-party wallet software, and Sparrow Wallet is the standard choice. Electrum also works. This is deliberate: Coinkite focuses on the signing device and leaves wallet coordination to mature open-source software. It does mean the Mk5 is not a tap-through-a-wizard experience.
Yes on both counts. The Mk5 runs the same Bitcoin-only firmware as the Mk4, with no altcoin support by design, which keeps the attack surface small. The firmware is fully open source on GitHub and the hardware schematics are published, so independent researchers can audit both the code and the board. You can also build the firmware from source and flash it yourself.
It is friendlier than the Mk4 thanks to the bigger screen and better keys, but it is still not a beginner device. There is no guided app, you need to set up Sparrow yourself, and the air-gapped microSD workflow takes practice. If you have never owned a hardware wallet, start with a Trezor Safe 3 or a BitBox02, learn the fundamentals, then move to the Coldcard when you understand why air-gapping matters.
The previous flagship, still excellent and now the cheaper current Coldcard
Air-gapped QR signing with premium build quality and the Envoy companion app
The most beginner-friendly open-source hardware wallet at $79
Swiss-made, fully open-source firmware and hardware with anti-klepto signing
How to set up long-term Bitcoin storage with hardware wallets and multisig
Comprehensive guide to protecting your Bitcoin from theft and loss