Cryptocurrencies are digital assets stored on the blockchain, and they do not have any physical aspects to them – so you will need a basic technical understanding of how they work to store them securely.
We will walk you through different wallet types and general security practices to keep your crypto safe.
Custodial wallets
We want to start with custodial wallets – or simply exchange wallets – as people tend to use them the most when starting their crypto journey. Most newcomers in the cryptocurrency market tend to buy their first Bitcoin or Ethereum through an exchange – be it Binance, Coinbase or any other – and leave it in the exchange wallet.
But like any online entity, exchanges are susceptible to exploits, especially given the amount of assets they hold and transact daily. Numerous examples of exchanges being hacked or funds being stolen due to mistakes made by personnel – MtGox lost 750,000 BTC in 2014, NiceHash was exploited in 2017, Kucoin’s exploit for $275M in 2020, etc.
Another point to be noted is that crypto exchanges are centralised – meaning that you do not own private keys to your wallet. That means that your funds can be frozen or taken from you at any time – and that’s another risk to remember and be cautious about.
Hot wallets
Hot wallets are the simplest self-custody option on the cryptocurrency market. Essentially, it is an online wallet you can access instantly via a browser extension or application on a desktop or mobile. However, they are still susceptible to exploits due to their nature – malware, software failure, a remote takeover of your computer, hijacking, losing access and so on. We do not recommend storing a large amount of funds on hot wallets due to mentioned vulnerabilities – it’s the same as carrying a large amount of cash in your pocket.
Cold wallets
Cold (offline) crypto storage is the most secure solution to keep your crypto safe. In this case, private keys are stored offline, either on a device not connected to the internet, written on a piece of paper or just memorised. While paper wallet or memorisation is obvious enough, offline devices vary – it can be a designated computer not connected to the internet, or a specific offline wallet (e.g. Ledger, Trezor). It is worth mentioning that while cold wallets are considered one of the safest options out there, they also downgrade the user experience and make interaction with your funds more complicated and time-inefficient.
Security fundamentals
It does not matter which wallet you decide to use – there are a handful of general security practices to keep your crypto safe. Let’s dive in:
- First and foremost – do not share your private keys or account passwords with anyone. It sounds easy but a lot of people fell victim to accidentally sharing their keys by pasting them from device cash (so always double-check if your cntrl-v has the info you actually want to share);
- Be cautious when online or any online service – any device connected to the internet is vulnerable and can be exploited via different means;
- Use strong passwords! Do not reuse the same passwords for different accounts – the stronger and more unique they are, the harder it will be for someone to hack you;
- When possible – use the cold wallet, especially if you want to store significant amount of money;
- Regular backups are a must! The same goes for regular application and OS updates – they usually come with bug fixes and improved security, so do not forget to schedule them at least once a month;
- Generate, write down and hide your mnemonic seed phrase – it will help restore a wallet if you lose the device. Be wary – as with private keys, you should not share it with third parties;
- Use multi-signature solutions (e.g. Gnosis Safe) where your funds are secured and controlled by multiple wallets acting as guardians. Your funds will remain safe even if one of your addresses is compromised;
- Be aware of scams! Double-check addresses, contracts and websites you interact with – money is usually followed by phishing and hijacking, with hackers tricking you into sending funds to third parties or allowing them to control your wallet.
- Monitor protocols you actively use – it usually comes with allowances to spend particular tokens from your wallet (and money in the protocol itself). You can use platforms such as Apostro to monitor activity across protocols you use, act fast and withdraw money in case of any malicious or suspicious activity.
