In the time when software is so complex and rapidly changing so, the users cannot trust their own computers and smartphones to protect their secrets from attackers, more and more solutions rely on hardware to be the last measure of protection. As a result, there are a number of manufacturers developing hardware wallets which are meant to protect cryptocurrency private keys. This talk presents a wide range of attacks, which can be successfully applied to most popular hardware wallets on the market, from app isolation bypass to fault injection attacks on the microcontroller. Additionally the talk presents secure design requirements and countermeasures making life of an attacker much more difficult, which are applicable to all kings of secure hardware devices.