en
Back to the list

Bitcoin & Crypto Wallet Hygiene 101


cryptonews.com 20 November 2021 13:25, UTC
Reading time: ~8 m

So you’ve decided to buy some bitcoin (BTC), ethereum (ETH), or another cryptoasset, or maybe you already have some. One’s wallet is certainly one of those basics that a crypto user will need to get acquainted with right from the get-go. The problem more frequently than not is that acquainting comes down to the surface-level knowledge of how to get a wallet, any wallet, and how to get coins in it.

But as the industry players talking to Cryptonews.com illustrated – there is a lot more to it. While it may sound complicated to newcomers, and may seem daunting at times, taking the time to do your research, choosing a crypto wallet, and keeping your funds safe are all vital elements of this entire crypto journey. 

What does a wallet do?

At the very minimum, wallets must be able to allow the customer to send and receive crypto, buy and store it, and make online payments, as well as be able to turn crypto into fiat (through gift cards, debit cards, or directly) in order to make purchases online and in stores with a good conversation rate and low fees.

Furthermore, for power blockchain users, a wallet should support an array of options, not only with full-featured non-bank financial services.

“For the blockchain to be mainstream, wallets must be shared and offer multisig addresses to split payment authorization across multiple devices or trusted copayers. This makes wallets a usable alternative for families and businesses who share accounts,” Bill Zielke, Chief Marketing Officer of major crypto payments provider BitPay, told Cryptonews.com.

Hot or cold: major choice 1

This is pretty much the first thing you’ll come across when choosing a wallet. And each step towards getting and securing your funds is no less important than the previous one.

So you’ll be choosing between storing your crypto in a ‘hot’ or a ‘cold’ wallet, or perhaps a combination of the two.

  • The core of a hot wallet – be it a web-based, mobile, or desktop – is that it is connected to the internet. The benefit of that is that this wallet is often fast, while that connection makes it more convenient: trading and using crypto are easier. But – it’s also more vulnerable to attacks. A hacker can use that same connection to steal your funds.
  • Therefore, cold wallets are the exact opposite: they are typically not connected to the internet, which means that they are more secure, but at the same time somewhat less convenient. Most hardware wallets are cold wallets, so getting to them physically is already a step potential thieves would need to make.

Other cold wallet options also include paper wallets – which contain a public and a private key for making transactions, typically created with a key generator program and printed on paper as two strings of characters and two QR codes. That said, investing in a high-quality hardware wallet is likely the best option.

Additionally, many hot wallets are free, while high-quality cold storage options are not. That said, many people choose to combine hot and cold options in the way that suits their personal needs the best.

Whatever you choose, make sure not to keep large amounts of money in your hot wallet, only what you need for transactions.

Even crypto exchanges – those major and reputable ones at least – will keep some amount of money for users’ usage in a hot wallet, and the rest in cold wallets. But more on exchange wallets in the next part.

Custodial or non: major choice 2

Here’s a related choice to make – not so much a separate one, as a second part of the first one.

There is a massive difference between a custodial and a non-custodial wallet and it comes down to this:

  • With a custodial wallet, there is another party that controls the private keys; this requires trust, and commonly it means trusting the exchange that offers the custodial wallet. But these are often more convenient and require less personal responsibility.
  • With a non-custodial wallet, you control your own keys fully, which then enables you to prove that the money in that wallet is indeed yours. But, it also means that you and only you are responsible for whatever happens to your keys and your funds, and if you lose your password – or Satoshi forbid, your seed phrase – could turn out fatal for your crypto. More on this in the ‘security’ section.

As most web-based wallets are custodial wallets, it means that you’ll likely see your first crypto in the wallet of an exchange you bought it through. Make sure that you check that the exchange keeps the majority of customer funds in cold storage hardware wallets before your purchase. You then decide if you want to keep your crypto in that wallet, or move it to another one – be it a more secure custodial wallet, or to a non-custodial wallet.

The latter option commonly comes in the form of a hardware wallet, or a software installed on desktops or mobiles, or can even be browser-based. That said, a hardware wallet is likely once again the best option among these.

All industry players who talked to Cryptonews.com are staunch supporters of non-custodial wallets.

Bill Zielke notes that a non-custodial wallet offers private key encryption, PINs, and biometric authentication for enhanced security. They put the consumer in charge where they hold both keys and own the multiple word password phrase – and where the wallet provider does not have access.

Josef Tětek, Brand Ambassador at SatoshiLabs, the maker of the Trezorhardware wallet, argued that “users should always go for a non-custodial wallet,” where they are the sole owners of private keys. “One exception may be for small amounts on Bitcoin’s Lightning Network, where custodial wallets like the Wallet of Satoshi do a good job of introducing users to a world of instant micropayments via Bitcoin’s second layer,” he said.

Among some potentially good choices, Tětek named on-chain wallet Green and on-chain and Lightning wallet Muun for smaller amounts. But for higher amounts, the best option in his opinion is going straight for an open source hardware wallet.

Meanwhile, Business Development Manager at the Mycelium wallet, Alexei Omni, stressed that “most people do not realize they don't really own their coins.” Per the project Wallet Scrutiny and Mycelium’s proprietary research, only about 8% of bitcoin owners are estimated to keep their coins in complete safety and privacy, he said.

Meanwhile, there are hundreds of bitcoin wallet apps with most wallets being custodial, “therefore — not secure, not private, and not independent.”

Where you keep your money “is very important because once the USD hyperinflation starts (which is inevitable by now), many providers will prefer to grab bitcoins and run,” said Omni.

While hyperinflation still might spare developed economies this time, inflation rates are now picking up across the globe.

Who’s in control?

So, this all comes down to control as your crypto journey starting point: how much of it do you wish to preserve, and how much are you willing to give away in exchange for less responsibility?

Or as Tětek says: “The single most important thing is who owns the keys to the coins stored in a wallet.” 

For him, there is no doubt that ‘non-custodial’ is the answer.

Similarly, Zielke says that it’s BitPay’s belief that crypto wallets must allow the owner to have control over their digital assets.

“Wallets should also let users check the price, store, secure, and spend crypto – without compromising on security or usability – and enable users to take control of their crypto through everyday spending, safer storage, and managing funds across platforms,” Zielke said.

Per Omni, a good wallet is never a custodian of its users' funds, but merely an emotionless vault. Unlike “regular pseudo crypto-wallets and traditional banks,” the funds in real non-custodial wallets are available whenever the user needs them – at any time when the internet is available.

Security, security, and security

“Security is key. Make sure to save the recovery words and never share your password,” Zielke emphasized.

For Tětek too, “securely storing the recovery seed is crucial.” He advises users to never keep their seed words on a phone or a computer – not as a text, photo, email, or in any other format. Instead, write down your recovery seed on a piece of paper or stamp/engrave the words into a seed plate, he says. For an extra layer of protection, he suggests using the Shamir Backup - a method of splitting the seed into multiple unique shares that need to be combined to recreate the wallet and cannot be misused individually.

Omni told Cryptonews.com that almost all Mycelium support inquiries come from people who “do not get the concept that owners of the money MUST generate and protect their cryptographic keys by themselves.”

Just because the wallet is non-custodial, it doesn’t automatically mean it is secure. “Only reproducible wallets are completely secure,” he said.

Furthermore, as Zielke noted, users must always keep in mind that websites and exchanges get hacked. It has happened, and it’s bound to happen again. 

If you are regularly stacking or holding for longer time frames, Tětek opined that you may find that your holdings are now worth a considerable amount.

For holdings of more than USD 1,000, “there is no good reason to leave those coins in a software wallet - or, heavens forbid - on an exchange.”

The safer option, he says, is to invest in a hardware wallet, set it up yourself, and use a strong passphrase.

At the same time, Omni adds, don’t overestimate the power of hardware wallets and underestimate the power of single address accounts, as many careful users do. Per him, many devices run on basic microcontrollers, which are vulnerable to low-budget physical attacks.

BitPay’s Zielke added that additional relevant aspects here include transparency and trust. Wallet providers from their side need to listen to customer feedback, as well as understand and react to contributions and bug reports from users and engineers around the world.


   Source
Back to the list