Mt. Gox was the world’s largest bitcoin exchange until its bankruptcy in February 2014, when approximately 850,000 bitcoins were stolen, accounting for roughly 6 percent of all bitcoins in circulation at the time. QuadrigaCX’s founder died, but since he alone held the private key, clients could not access their digital currency (and later, investigators revealed that QuadrigaCX was running a Ponzi scheme). Cryptopia was breached, and hackers stole all the client funds (pooled in a catch-all wallet). These events proved a universally accepted truth in cryptocurrency: “not your keys, not your crypto.”
Cryptocurrency hacking events provide a vital lesson about relying on exchanges to store cryptocurrencies. If cryptocurrency doesn’t sit in your wallet(s), you do not own the units and are vulnerable to theft. Hopefully, the exchange you pick offers insurance or compensation for events beyond your control. You can keep your money secure and under your control by having your own wallet. Your private keys will be yours and under your control, which should be kept somewhere secure (or semi-safe) from prying eyes. Anything that happens to them is your responsibility.
There are two ways to store cryptocurrency: hot and cold wallets.
But before I tell you about wallets, you need to learn about private and public keys.
Private Key, Public Key, Public Addresses
A private key is sometimes called a secret key or secret number. It’s a cryptographic term that refers to the unique combination of numbers and letters authorizing an operation. A private key mathematically “signs” a transaction. Cracking a private key’s encryption is impossible, so you don’t need to worry about reverse engineering.
A public key is used to receive money, and it generates a public address, a hashed (“shorter”) version of your public key. Some wallet software and exchange platforms won’t allow the same public address to be used multiple times.
How are keys created? The public key comes from the private key. You can create your private key by using a mnemonic seed phrase, and your private key can be re-generated if the phrase is known. Therefore, when you’ve created a wallet, you should keep two pieces of data secret: the private key and the seed word phrase. Don’t ever lose them—once they’re gone, you lose access to your cryptocurrency funds.
Now you know how keys work and why your private key should be kept safe. Let’s move on to the two types of wallets you can use to secure and manage your money.
Hot Wallets: Connected to the Internet
A hot wallet is a wallet that can access the internet or can digitally sign transactions online. There are three kinds of hot wallets: desktop, mobile, and online. Desktop and mobile wallets store your keys on the device, usually in a program. Online wallet platforms store your keys on their server and may be accessed using a username and password. A wallet is “hot” if digital signatures happen on an internet server; it’s easier to use and offers convenience. But it can be less safe. If someone hacks your username/password or gets access to the device, they could steal your funds.
Cold Wallets: Disconnected from the Internet
A cold wallet is inaccessible to the internet. They typically come in physical forms such as USB, CD, and even paper, but electronic cold wallets exist. You can store your private key, public key, and public address in files and keep them on a storage medium. You must copy paper records, files, and QR code outputs numerous times for backup; file encryptions are necessary to make data unreadable if the medium is stolen. When digital signatures occur offline, a wallet is also called “cold.”
Hard Wallets: Combination of Both
Hard wallets have characteristics of hot and cold wallets. The private key stays offline, but the public key can be stored or generated in PC or mobile phone software. This solution combines the advantages of hot wallets with the safety of cold wallets.
So, which is better: hot wallets or cold wallets? A cold wallet is a secure alternative to an online-accessible device if you’re concerned about hackers stealing it. A desktop or mobile hot wallet is ideal if your internet-connected device is highly secure and convenience is essential. Custodial web wallets have the same vulnerability as keeping money on an exchange—a hacker may breach the site and steal personal keys. A cryptocurrency exchange may offer premium wallet storage and insurance services. It’s worth considering these since you’ll be able to use the web wallets for sending, receiving, trading, and currency conversion (you usually can’t buy and sell cryptocurrency from your device wallet, but recent innovations are making this possible).
Go forth and keep your cryptocurrency secured!
