Balancing Security and convenience
The choice of cold wallets
When trading cryptocurrencies, digital security is paramount. As you may have heard, the recent history of crypto trading is already punctuated by high profile hacks and millions of dollars stolen. Just for the first quarter of 2018, US$670 million was identified in crypto hacks and scams.
To save their crypto holdings securely, traders often use cryptocurrency wallet. This digital wallet is used to store, send and receive various cryptocurrencies. Unlike real wallet that stores your money, this is software that stores private and public keys. Hence, the storage of crypto is most of the time decentralised from the exchange the assets are traded on.
When a user makes a transaction with cryptocurrencies (buying or selling), records of this operation are stored on the blockchain. When someone wants to send you money, he will use a public key, which is the address anyone can use to send you a certain amount of money. On the opposite, the private key is what you will use to send money to anyone else. The latter is supposed to be kept strictly confidential; otherwise malicious parties could make use of your holdings as they want.
The choice of cold wallets
Cuz you're hot and you're cold...
The main distinction to consider is the device’s direct connection to the Internet. Hot storage can be thought as the real-world wallet you have in your pocket every day. It is easy to carry and within range whenever you need it. Hot wallets are supposedly used more often and are particularly suitable for day-to-day- trading and spending situations. The quick access to funds they provide allows easy and quick transactions. That is why, when designing these storage solutions, producers are most often very attentive to the User Experience (UX) they provide.
Numerous devices support hot wallet with Internet connections. We can think of online wallets running on the cloud. They may be the easiest option, as users just have to create an online account on a crypto exchange service and access it from anywhere, anytime they want. However, private keys will be stored on a third-party server, hence easily hackable, as users have no control over their private keys.
Desktop and mobile wallets are also hot storage options where private keys are only accessible from the specific device where the wallet was downloaded. But, a virus can get its way to the device, and users face the risk of broking their device.
To improve hot wallet security and introduce some degree of governance, you may think of multi-signature wallets. This kind of wallet is convenient as one or more people can use it, such as in a company with numerous stakeholders. A multi-signature wallet needs multiple private keys to operate so you can issue three or more private keys and distribute them to multiple parties (e.g., one held by the company, one held by the user and one to another third and trustworthy person) or store these private keys on different storage devices. At the end of the day, it is still a hot wallet and the 2016 Bitfinex hack happened even with this multi-signature security. It resulted in over US$72 million worth of BTC stolen by a hacker. This cyber attack was so bad that the value of BTC fell 20% within a day.
You’ll have understood it; cyber crime and security risks are tightly linked to hot wallets. No later than January 2018, Coincheck had more than US$500 million-worth of customers’ funds stolen. The exchange admitted it didn’t use appropriate security measures, one of them being their cryptocurrency (XEM) funds were stored in a hot wallet online.
Since they are a favourite target of hackers, backing-up your wallet is also an essential step, and you certainly want to choose a safer option by opting for an offline cold wallet.
Cold Wallets: When Private Keys are Offline
Most cryptocurrencies holders understand the trade-off between security and convenience by using cold wallets. Cold wallets are usually thought for more advanced investors and long-term traders. As they are less user-friendly than their fellow hot solutions (i.e. not connected to the internet), transactions cannot be done in a simple click but must involve at least two steps: to get back your private keys and then process your operations. Usually, the whole transaction also takes longer and set-up a cold wallet can be intimidating for beginners. Regarding security, the only risk you encounter is to physically damage your device or lose it.
Two popular types cold wallets exist. The first one to mention is hardware wallet. Most often, it takes the shape of a USB stick. Hardware wallets can support different currencies and even if the UX is not as seamless as with hot storage, plugging in a USB key and entering a security PIN are simple steps to take before being able to easily transact.
The other solution is paper wallet. It might be the best choice offering both a high level of security and convenience. With paper wallets, public and private keys are printed out on a piece of paper such as QR codes and will be very likely known only by you when saved in a secure place. Quite simply, for all your transactions, you just need to scan these QR codes. Regarding the security risk, it is important that you don’t lose your private keys stored on the paper, as it would be then impossible to retrieve. But there is no possibility of the paper being hacked or attacked by a virus.
Additional thought can be given when it comes to chose a wallet. Beyond the hot/cold storage distinction, it is important to remember that the more security layers or steps you have, the better it will be. It can be multiple passwords, multi-factor authentication, or activating a PIN code whenever the wallet application is opened.
Once again, like the choice of your cryptocurrency exchange (see Amotion Labs article on the topic here), opting for one or another wallet is up to you and your trading purposes. In this sense, you may want to give a further look at what kind of cryptocurrency the wallet supports (single or multi-currency).
If you want to give you every chance to be secure, cold wallet should be your first choice. As picking the right solution to store your customer’s cryptocurrencies is one of the most critical things, Amotion Labs offer tailor-made hot and cold wallet solutions to fit your needs. We also work with exclusive partners for most secure cold storage solutions. Learn more about our wallets here or contact us directly.
About Amotion Labs
Amotion Labs is a fintech company specialised in blockchain consulting and cryptocurrencies consulting. We understand the broad variety of customers’ needs, which allows us to develop state-of-the-art cryptocurrencies exchanges. Create and launch the best white label platform that can accommodate all types of coins, from ERC20 ETH, Bitcoin, Stellar or Quora to Customised Token.