Storage of Cryptoassets
Introduction
For centuries, banks have been the quintessential safe keeper of assets. With the meteoric rise of cryptoassets in the last decade, the traditional way of storing assets is no longer the norm. The implementation of blockchain technology that underlie these cryptoassets allow users to act as their own bank. With this technology, users are able to be in complete control of their cryptoassets, derived from a private key.
In other words, imagine a private key as being the key to a mailbox. Anyone can send you mail, but you are the sole owner and single party who has access to the contents inside. Of course this increased power comes with increased responsibility. The safety of the contents within the mailbox are only as safe as your protection over the key. Many third party storage solutions have made their way to the consumer forefront, the main differentiator being either hot or cold.
Hot Wallets
Hot wallets refer to any wallet connected to the internet. This has its advantages, including: they are typically free, accessible on-demand from a computer or smartphone, and are easy to use. Hot wallets may allow for one to be in control of their private key or seed, such as with the Electrum desktop wallet for storing Bitcoin. A standard Electrum wallet runs locally on one’s machine and uses the internet for broadcasting transactions to the Bitcoin network. While it is convenient to use such a wallet, one is only as safe as their machine running the application, and therefore may be vulnerable to attacks.
Another way to store cryptoassets is by using a third party’s wallet solution such as Coinbase or blockchain.info. The problem with this method is that the user’s cryptoassets are entirely in the hands of the centralized party. For those unfamiliar with this implication, in 2014, Mt. Gox – a Bitcoin exchange handling over 70% of bitcoin transactions worldwide – was hacked and approximately 850,000 bitcoin were stolen. At the time, this was over 7% of Bitcoin’s total supply, totaling around $450 million. Hundreds of users lost funds in what has been one of the largest hacks in the space’s history. Not having control of one’s own private key exposes them to large risks that could potentially lead to the loss of their assets.
There are other risks involved with using hot wallets as well. Since the wallet is connected to the internet, this opens the door to technical vulnerabilities that can be exploited. An example of this recently occurred when MyEtherWallet was hacked. The exploit involved the rerouting of all traffic to a clone site, enabling the hacker(s) to steal over $150,000 worth of Ether. To avoid exposure to these types of vulnerabilities, users should utilize cold storage techniques.
Cold Storage
Cold Storage refers to any wallet that is offline and never connected to the internet. This has the advantage of mitigating the risks associated with a hot wallet as outlined above. This added layer of security comes at a cost – assets stored in this nature are not as liquid.
Cold storage comes in various forms, such as paper or hardware wallets. Paper wallets generate a private and public key in which cryptoassets are transacted and stored. Paper wallets are nearly free and can be stored in multiple locations for safekeeping. Popular providers including BitAddress and MyEtherWallet enable users to generate paper wallets – either printed or handwritten – which must be stored in a safe environment. Climate changes and possible exposure to the internet are the largest vulnerabilities associated with paper wallets. A printer with an internet connection can lead to the leaking of one’s private key. This could lead to a bad actor stealing assets associated with that account.
Hardware wallets are a more secure alternative to paper wallets and involve a flash drive-esque device that plugs into a computer in order to transact cryptoassets. Two industry leading hardware wallets are Ledger and Trezor products, costing around $100 each. Hardware wallets generate a seed – entirely offline – which derives private keys and their respective public keys for transactions. This seed should be written down and stored similarly to paper wallets. The generated seed should be written down and stored securely as it allows users to recover assets on another device if need be.
Conclusion
The secure storage of one’s assets is one of the defining characteristics of blockchain and cryptoassets. Being in complete control of one’s assets is no easy task. The techniques explained above provide a high-level understanding of how hot wallets and cold storage differ, each with their own strengths and weaknesses. All things considered, cold storage is the most secure way of storing cryptoassets long term.