The question of how to keep cryptocurrencies as safe as possible is a complex one. We give some important tips on wallets.
Many users store cryptocurrencies such as Bitcoin or Ethereum directly on the respective trading venue after purchase. This is not a significant risk in the case of large and highly professional crypto exchanges. In the case of lesser-known crypto exchanges or those located in uncertain legal regions, caution should definitely be exercised. Many people have already lost large amounts of money on insecure exchanges that were hacked or disappeared with the users’ money. Irrespective of this, however, it is highly recommended that crypto assets above certain amounts be held in custody by the users themselves in order to maintain full and sole control over their own digital assets.
Crypto exchange or own wallet?
Although the most popular trading exchanges are now considered very secure, self-custody is an important part of dealing with cryptocurrencies. This is because numerous thefts and attacks on central trading exchanges, such as those that occurred at Mt.Gox back in the day, are still not uncommon today. The leading crypto exchanges are heavily specialized in fending off such attacks, but there is no such thing as 100% security. In the end, knowledge about the secure handling of wallets is necessary anyway if users want to participate in staking protocols or DeFi, for example.
One of the most important tips – whether for crypto exchanges or wallets: If possible, always activate two-factor authentication (2FA). Ideally, this should be done using dedicated applications such as Google Authenticator or Authy. SMS verifications should be avoided if possible due to security vulnerabilities. Basically, it is also very important to always use different passwords in each place and to keep them professionally. If the crypto exchange or wallet software offers increased security features (e.g. own password for withdrawals), these should also be used. With these simple behaviors, a great many potential attack vectors from hackers can already be significantly limited or completely eliminated.
Unlike fiat currencies, such as euros or dollars, cryptocurrencies can also manage themselves securely and independently of the actual amount due to the properties of the blockchain technology behind them by means of so-called private keys.
“Not your keys, not your coins.”
This is a very well-known saying from the crypto scene. Those who do not have control over their own private keys entrust their cryptocurrencies to a third party. In the case of purchases on crypto exchanges, they also manage the crypto assets and the associated private keys. There are also significant risks associated with having one’s own custody due to self-custody. If the private key is lost, access to one’s digital assets can be lost forever. The decentralized architecture of blockchain technology makes it necessary that no one can attack private keys from the outside. Conversely, this means that even the owner of the keys cannot recover them if they are lost.
Storage in a wallet
The term “wallet” is actually not quite correct in its meaning, because wallets do not store cryptocurrencies like Bitcoin, but only manage the private keys of them. Bitcoin exist in the decentralized network and it is the respective associated private key that grants access to them. Only private keys can be used to transfer Bitcoin. Private keys are used to generate public keys, which are used to create addresses that function similarly to bank accounts. Balances and transactions can be viewed publicly on addresses, while the identities of the people behind them are kept secret under a pseudonym. The private key must not be disclosed under any circumstances.
Seed phrase and the private key
A so-called root key is generated from the seed phrase. All required private and public keys are generated from this key. The seed phrase is the most important factor for the secure self-custody of cryptocurrencies. Whoever gains access to the seed phrase can access all private keys and perform transactions. In this way, crypto assets can be stolen. The seed phrase must not be shared under any circumstances. In the best case, it should not be typed into any computer/smartphone.
Secure storage of the seed phrase is therefore essential. If possible, physical storage in multiple locations should be considered. It should be avoided to store the seed phrase digitally or to ever type it on a digital device if a hardware wallet is available. A typical seed phrase usually consists of 12 or 24 specific words.
An example: “language vintage hour half deer finger wealth eyebrow able bunker chase globe balance chat half virtual easily trumpet divert distinguish mirror loan penalty beef”
These 24 words are easy to read and can be easily written down. The seed phrase also has some other synonyms: recovery phrase, mnemonic seed, mnemonic phrase, seed key, secret phrase, 12 words, 24 words, etc.
Software Wallets
Software wallets are inexpensive and usually simple ways to store and manage cryptocurrencies yourself. Software wallets exist in many different forms:
- Browser extensions
- Metamask
- Mobile Apps
- Trust Wallet
- Desktop Apps
- Electrum
- Exodus
- Online Wallets
- MyEtherWallet
However, these should only be used for smaller amounts. Since computers or smartphones are connected to the Internet, there is a risk that attackers can gain access to the private key via security holes or malicious software. However, some software wallets can be used in conjunction with a hardware wallet. This gives you the functionality of the application and the security of a hardware wallet (e.g. Metamask in conjunction with Ledger/Trezor).
Hardware Wallets
Hardware wallets are the best way to safely store and manage cryptocurrency itself. They offer very high security standards, but there is some cost involved in purchasing a device. Hardware wallets are physical devices that store the seed phrase in a secure storage element. Each transaction must be authorized with this device. Even if an attacker has compromised a connected computer, the private keys remain protected here. Under no circumstances should the seed phrase used with a hardware wallet be entered into another device. A backup should be kept secure and offline (e.g. written down on paper). Recommended hardware wallets:
- Ledger Nano
- Trezor
Typical attacks:
- Creation of fake accounts, which under false pretenses want to obtain the seed phrase or a private key.
- Creation of fake websites that ask to enter seed phrase or private key
- Hackers gain access to computers where credentials, private keys or seed phrases are stored
- SMS verification messages from two-factor authentication (2FA) on cell phones are intercepted
- Faulty mobile applications contain security vulnerabilities, backdoors or enable other attacks
Helpful links:
For detailed self-study on the correct handling of the respective selected custody method, we recommend the following links:
Trezor: https://trezor.io/
Trezor Security: https://wiki.trezor.io/Portal:Security
Ledger: https://www.ledger.com/
Ledger Academy: https://www.ledger.com/academy
Metamask: https://metamask.io/
Ethereum Wallets: https://ethereum.org/en/wallets/
Best Bitcoin Wallets: https://www.investopedia.com/best-bitcoin-wallets-5070283
Bitcoin wallets: A beginners guide to storing BTC: https://cointelegraph.com/bitcoin-for-beginners/bitcoin-wallets-a-beginners-guide-to-storing-btc
5 Ways Your Cryptocurrency May be Hacked: https://www.appknox.com/blog/5-ways-your-cryptocurrency-may-be-hacked