You’re a savvy cryptocurrency enthusiast. You’ve worked hard in life and saved your money. You did your research and you bought into cryptocurrency, whether it was Bitcoin, Ethereum, XRP, Litecoin, EOS, Tron, XLM, NEO, Monero, ZCash, etc. But you’re worried as heck because you keep reading about all of these exchange hacks or people phishing innocent crypto-enthusiasts like yourself.
An excellent solution to this problem is a cold wallet for storing your crypto. What is a cold wallet? I’ve got it all explained right here within the next five minutes! So keep reading.
Cryptocurrencies have many features that make them valuable. One of the features is that it is a bearer asset, an asset in which physical possession implies ownership, not assignment (such as with vehicle ownership). This is achieved through public-private key pairs. The person(s) who have possession/knowledge of the private key(s) are considered the owners.
That is why it is so important to keep your private key private and protect it appropriately. Some people will store their cryptocurrency on an exchange, in which case you really do not have true possession of the private keys as it is stored on the exchanges cold wallet or hot wallet (or both), not your own cold wallet.
Some people prefer to keep their cryptocurrency on their personal hot wallet. Others prefer to keep their cryptocurrency on a cold wallet. I would recommend keeping your cryptocurrency on a cold wallet. As you can see from the image above, online hot wallets allow for greater ease of use, whereas offline cold wallets allow for greater security, but are more difficult to access. Ideal for a HODLer.
But What Is A Cold Wallet?
A cold wallet is how you keep your Bitcoin or cryptocurrency private keys offline, protected from hackers that might try to gain entry on a hot wallet (online wallet or on a device connected to the internet). You do not need to have access to your wallet in order to receive cryptocurrency. The sender only needs to have your address (much like an email address, just alphanumeric) and they can send cryptocurrency to your wallet all year long without you even accessing it.
However, in order for you to send cryptocurrency, you need to have access to your private keys, because the private keys are what sign the transaction which verifies that you own the keys and can send the cryptocurrency. If you have a hot wallet then your private keys are stored on a device that is connected to the Internet and its easy to send cryptocurrency. However, you are at higher risk of being hacked and having the private keys stolen due to the fact that the hot wallet constantly sits on a device connected to the Internet, so 24/7 any software virus/malware can potentially steal your private keys.
Crypto cold wallets, on the other hand, store your private keys offline. This makes it significantly more difficult for a person or malware to try to steal, making your cryptocurrency safer. However, it also requires a little more work if you want to send your cryptocurrency anywhere. This is because the cold wallet signs the transaction with the private keys in an “offline environment”. The cold wallet device typically must be temporarily connected to an online device (i.e. a laptop or mobile phone) and the transaction information is sent to the cold wallet, which then signs it with the private keys offline, the transaction is verified and the network is updated, all without exposing your highly valuable private keys to the Internet.
Crypto cold wallets are generally understood as a USB key specially designed to keep the private keys safe on a separate chip (hardware wallet); however, there are other various forms of cold wallets, all having one thing in common: they are offline.
Also when we refer to the private keys for human usage, it is the seed word list. The seed word list is composed of 12 to 24 randomly generated words that when inputted in the correct order de-crypts and gives you access to the private keys to send the cryptocurrency. The actual private key is a long alpha-numeric case sensitive line of text that would be near impossible for humans to remember and increases error chances in transcribing it. Whereas the seed word list is more palatable to our human brains, is possible to remember for safe keeping (not recommended) and much less error-prone to transcribe. That being said, however, there are sites where you can generate Bitcoin private keys for your Bitcoin and print it out as an alphanumeric code and QR code, instead of as a seed word list.
- Handwritten on paper (plain or laminated) or engraved/etched on metal
- Pros: it is offline and not on an electronic device, so it is not subject to digital vulnerabilities such as viral software or tampering. The metal engraved seed word list is durable, heat resistant, waterproof.
- Cons: anyone who can see it can read it and thus compromise its security. Paper degrades, can’t get wet and is susceptible to being eaten by insects or rodents. Introduces human error in writing down the words, or illegible penmanship.
- Printed on paper
- Pros: legible, offline, not on any digital device (except the printer).
- Cons: must trust the printer (some printers are connected to the internet and/or have a memory of what was printed and could be hacked). Some types of ink bleed/smudge. Anyone who physically views the paper may steal your private keys.
- Digitally stored on CDs
- Pros: unreadable to a person looking at the physical CD.
- Cons: susceptible to damage (scratches, breakage, heat exposure/melting, smoke exposure, moisture), disabled by magnetic waves. Old technology. Difficult to then use to send cryptocurrency.
- Physical Bitcoin (or cryptocurrency) model coin
- Pros: physically hides the private key in a tamper-proof seal. Can be made of plastic or metal, with the actual private key seed word on paper, plastic or metal inside the physical coin model.
- Cons: must trust the manufacturer that they have legitimate key generation procedure. Must trust the manufactures operational security (i.e. is the computer used to generate the keys online? Did they keep a copy of private key? Is their printer connected to the internet or storing the private keys in a memory cache?). You must trust that the tamper-proof seal is truly tamper-proof (some “tamper-proof” seals have been shown to not be truly tamper-proof).
- USB/Flash drive
- Pros: hides the private key from visual view. Small, easy to transport. More durable than CDs and paper.
- Cons: must stay dry. Can break or be damaged by smoke or heat or water.
- Pros: No one can see it, no viral software can hack it. Environmental damage is not a concern.
- Cons: depending on your memory, which may incorrectly remember the seed word list or forget a word. You may die or become incapacitated.
- Specially designed Hardware Wallets (recommended)
- Similar to a USB, but the technology is specifically designed to store cryptocurrency private keys, which offer a few advantages.
- Pros: a physically separate area of the USB that holds the private keys, making it immune to software viruses. Protected by PIN access. Has seed word list back up for recovery, which can also be protected by a passphrase.
- Cons: can be damaged (water, heat, physical breakage) – this is mitigated by the fact that you have a recovery seed word list.
As I said earlier, the most commonly referred to crypto cold wallet is the specially designed hardware wallet. You’ve heard of these as Ledger Nano S, Ledger Nano X, Trezor One, Trezor T, Digital BitBox, KeepKey, and CoolWallet.
I will have a specially dedicated post for Hardware Wallets. Basically, all hardware wallets are cold wallets. But not all cold wallets are hardware wallets.
Hardware wallets are the most recommended and likely the most secure cold wallets. They protect your private keys offline and allow you to back them up with a seed word list, as well as potentially a passphrase. In order to access the hardware wallet, you need a private PIN.
In order to steal from the hardware wallet someone would need both the seed word list and passphrase to retrieve/access the private keys before sending them anywhere or to back them up should the actual device be compromised or damaged.
The gold standard for cryptocurrency protection, for the average user, is the use of a cold wallet. Also, the bare minimum security for a cryptocurrency exchange is to keep >90% of the cryptocurrency assets offline in cold storage. If you or an organization has very large sums of cryptocurrency, there is another level of protection called deep cold storage, but we can talk about that in another post.
I hope that this post on what is a cold wallet was helpful/insightful. Please comment on anything you want to add or to ask questions!