Wallets & Storage
Ensuring the safe and secure storage of your digital coins/assets is a top priority in cryptoasset investing. You can spend all the time you need doing research to find the perfect asset to invest in, and you can go through the process of funding an exchange and buying the asset, but if you can't store your asset safely, you may end up wasting your time and money. There are an incredible number of scams online, and the risk of being hacked is also significant. Right now, there are probably people all over the world who are trying to hack into your computer, to see if you have any crypto that they can steal. It sounds far-fetched, but it is very true!
As a precaution, ensure that you read through all the information in the Security section of this website before you actually set up a wallet. It is also important to remember that sending any crypto to a wallet designed for a different type of crypto will result in a loss of your assets, without any warnings. Protect your money. You are your own bank.
In this section of the website, we will explore the two categories of storage (hot vs. cold) and we will start to gain an understanding of various types of wallets (desktop, mobile, hardware, paper). As mentioned, no matter what type of wallet you decide to use, you need to protect your private keys, and make sure that nobody has access to them.
Cold Storage vs Hot Storage
Cold storage refers to a wallet of any type (be it physical, software, or paper) that is not connected to the internet. Having a cold storage wallet is the ultimate protection against online hacking. If your assets are not connected online, a thief cannot steal them unless he steals the actual physical wallet or gets a copy of your private key(s). Hot storage refers to a wallet of any type that is connected to the internet. A hot wallet implies a higher risk of theft. A remote hacker may be able to penetrate your internet connection, your computer, and your security protocols, and then gain access to your assets.
Cold storage may be the safest option, but it is not convenient, especially if you actually want to use your cryptocurrencies. Cold wallets are still useful as they can always be used to receive funds. This can be done by anyone around the world if they know the public address for your wallet, or your public key. However, the removal of coins from a cold wallet by anybody, including the owner, requires knowing the private key for the wallet. This is why you should NEVER share your private key(s) with anybody, for any reason.
Hot storage is riskier, but with proper precautions to avoid being scammed or hacked, the risks can be minimized. Hot storage is more functional if you intend to use your cryptocurrencies. A common strategy is to store the majority of your assets securely in some type of cold storage while also storing small amounts of cryptocurrencies in a separate hot wallet (mobile or desktop wallets) for day-to-day use. This would be similar to the approach that many people have used historically with their fiat currencies. Most of their money is stored relatively safely in a bank account, with some cash available in a purse or wallet for daily spending purposes.
Exchange Wallets
With an account on a cryptoasset exchange, you'll be given wallets on the exchange for every single cryptoasset that is traded on the exchange. Often, this happens automatically and won't cost you anything. Some exchanges automatically assign you a wallet for each currency, while others will only assign you wallets for the specific assets that you are holding or trading. In the latter case, the exchange will automatically create a wallet for you when you buy some of that particular crypto. In a case where you're importing an asset to an exchange from an external wallet, you may have to click a "generate wallet" button so that the exchange will know that you need a new public address for that particular type of crypto. Most exchanges will let you create a new wallet address at any time, which is useful if you don't want to re-use a specific wallet address that you have already been using. After all, the number of wallet addresses available for most cryptocurrencies is much greater than the number of grains of sand on all the beaches on our planet, so they'll never run out of possible unique wallet addresses.
On an exchange, the public address for your wallet is sometimes displayed on the screen when you click on a price quote or the information page for any asset or security. In other cases, you may have to click on a "wallet information" tab to find your public address.
Individual wallet addresses on every exchange (and most other types of wallets too) are designed ONLY to hold one specific type of cryptoasset. Is this the third time that we've said this? Yes, but that's because we can't emphasize this strongly enough. A lot of people forget this restriction and accidentally send coins to the wrong type of wallet, and lose their crypto. If you have an account on an exchange, and you have some Bitcoin and some Litecoin in your account, they will NEVER be stored in the same wallet. Instead, you will have a Bitcoin wallet with one address and a separate Litecoin wallet with a different address. This is extremely important. Inexperienced users often try to send one type of cryptocurrency to a wallet designed for a different type of crypto. When this happens, the sent funds are lost and cannot be recovered.
Having said that, certain wallets occasionally have the capacity to accept multiple currencies. This usually occurs with "platform" cryptoassets and their associated utility tokens. For example, Ethereum is a platform cryptoasset. It functions as a cryptocurrency, but it also acts as a platform or framework upon which developers can create other blockchain projects, which can then have their own tokens. An example of this is the Golem Network (GNT) on the Ethereum platform. Wallets designed specifically for a cryptoasset platform can usually hold both the platform coin (Ether, which has the symbol ETH) and any of the utility tokens associated with that platform. Sometimes, this process is very simple and seamless, and other times, certain information has to be added manually in order for the token to be recognized in the wallet. There is a type of wallet called "My Ether Wallet" (often abbreviated as MEW) which is an example of this. A single MEW wallet can simultaneously hold ETH, GNT, and numerous other Ethereum-based tokens. This can be useful, but before you go rushing off to set up a MEW wallet, make sure that you are on the legitimate site. There are imposter sites out there which are scams. If you accidentally use a wallet from a scam site, you will lose your funds.
Some exchanges offer multiple types of wallets. A "trading" wallet is the most common default, even if it isn't named as such. "Margin" wallets are possible when an account is authorized to do margin trading (high risk, not recommended for anyone except professional traders). "Vault" wallets are sometimes offered for longer-term security. These Vault wallets are intentionally designed to make it difficult to retrieve your coins, which helps to minimize the risk of being hacked. Removing coins from a vault wallet often involves passing additional security tests and undergoing a wait period of 24 hours. If an attacker begins the process of trying to remove coins from your vault, you will be notified. Hopefully you'll have lots of time to notify the exchange and let them know to prevent the illegitimate withdrawal.
Cryptoasset exchanges usually have highly competent IT staff who are dedicated to protecting the security of your assets. Infosec (information security) is a high priority for exchanges. However, some exchanges have failed to protect their assets adequately. Cryptoasset exchanges are targeted relentlessly by hackers due to the staggering amounts of money that they hold or control. Because they are such obvious targets, it is risky to keep your money or store your crypto assets on an exchange. In recent years, there have been a series of high profile exchange hacks resulting in the bankruptcy of a few exchanges and losses of hundreds of millions of dollars to account holders. We recommend that you DO NOT hold your assets on an exchange. After all, you don't control your private keys for an exchange wallet. And if you don't own your private keys, you don't own your crypto.
Unfortunately, holding assets in your own wallets also presents significant risks from hacking, scams, and even from user error. If you are not comfortable using technology and computers, if you're only storing very small amounts of crypto, or if you are worried that your internet connection and/or computer could be compromised by hackers or malware, leaving your assets on an exchange may be an acceptable risk. You should always read through the Exchange Security and the Scams sections of this website before you make that decision.
Desktop Wallets
Desktop wallets are software programs written for any of the major operating systems (Windows, Mac, Linux) which allow you to store your crypto on your personal computer. Typically, these wallets never transmit your private keys over the internet, which implies a low hacking risk. Unfortunately, there are forms of malware (such as keylogger malware) which can record your private key when you enter it into your computer, and then transmit that information to a hacker in another part of the world. As such, if you don't have a clean and uninfected computer, there is still a risk that you could lose your private keys.
It is also possible for hackers to break into your WiFi connection and see the contents of your computer. If you keep your private keys on your computer, especially if they are stored in any common type of unencrypted text file, you are at risk of being hacked. That is why it is important to have a secure internet connection, and why you shouldn't store your private keys on your computer. If you absolutely must store your keys on your laptop, it is important that you keep them in an encrypted file. A common password-protected Microsoft Office file is better than plaintext, but it is still risky. Your best bet is to learn how to use free encryption software such as GPG.
To mitigate the risks of desktop wallet or home computer hacks, remember that a secure internet connection is the first line of defense. The second line of defense is a computer that is not compromised. Windows machines and iOS machines are both more vulnerable to hacking than Linux machines, although even Linux systems can be susceptible to some malicious actions.
If you're using a desktop software wallet, always make sure you are using the wallet software that is recommended by the developers of your cryptocurrency. Never use any third-party wallets that are not endorsed by cryptoasset developers. We know of dozens of compromised or malicious wallet software programs which have caused users to lose their investments.
Mobile Wallets
Mobile wallets are software apps written for any of the major mobile platforms (Android, iOS, Windows) which allow you to store your coins on your mobile device, including both phones and tablets. These wallets are especially convenient for day-to-day shopping and transactions. Your mobile device can easily display a QR code on the screen which represents the public address of your wallet. Another user can scan that QR code and send coins directly to you from their own mobile device. Your mobile device can scan QR codes at stores and send crypto to those addresses. There are various "tap and pay" apps available now which allow your device to scan public wallet addresses and then send crypto to those addresses using near-field technology. Every week, more crypto-related apps are being developed and deployed. Cryptocurrency use is predicted to explode between 2020 and 2024.
It is important to note that mobile devices are generally less secure than desktop devices in terms of overall security from hacking, but also due to the risk of losing your phone. For this reason, most people do not store significant amounts of cryptocurrency in mobile wallets. Wise crypto enthusiasts are likely to put major investments into long term cold storage, moderate amounts into desktop wallets, and small amounts into their mobile wallet (which they can replenish periodically) for everyday use. The widespread public adoption of cryptocurrencies has already started in a few countries, and real-world cryptocurrency usage is growing rapidly around the globe.
When using a mobile wallet application, ensure that it is one which has been recommended by the developers of your cryptocurrency. Never use any third-party wallet apps that are not endorsed by the official development team for your cryptoasset, and always check that you are installing the correct app, rather than an imitation. Never store significant amounts of coins on your mobile apps. There have already been a large number of malicious wallet apps which have caused users to lose their investments.
Paper Wallets
A paper wallet is probably the safest type of cold storage, as long as nobody knows or gains access to your private key. To create a paper wallet, you download software which will generate the wallet. Never generate a paper wallet online, or directly from a website. Legitimate resources will recommend that you download their software and use it while offline.
Unfortunately, it is still possible for a hacker to create a website and software that creates an offline wallet, but then stores a copy of your private key somewhere in the system and sends it to the hacker at a later time. Therefore, never use any paper wallet generator websites/programs that are not endorsed by the official development team for your cryptoasset. Also, be aware of imitation websites that look similar to legitimate websites, which try to lure in unsuspecting users. Knowing the correct address for a website, and typing that directly into the URL line on your browser, is always much safer than doing a search and clicking on a link. Some malicious websites can show up in advertisements at the top of search results on major search engines such as Google or Bing.
You may wonder how a paper wallet can store assets? And what happens if the paper wallet catches on fire? Well, the assets are not stored in or on the piece of paper. The piece of paper is just a symbolic printout which tells you the public address that is used when you or other people deposit funds to the wallet, and the private key that you need to remove or transfer funds out of the wallet. Once you know the information from the piece of paper, you can destroy it. Of course, that's very risky, because there is almost no chance that you'll be able to successfully memorize your private key. Most people will therefore store a copy of their paper wallet in a safe in their house, or in a safety deposit box. It's probably best to store the document in at least two locations, in case your house burns down. However, if you have too many copies, and some of them are in locations which are not secure, there is a higher risk that someone can get a copy of your private key and empty your wallet.
Some people also turn their paper wallet into a PDF and store it on their computer. This is very risky. If your computer becomes compromised, hackers will be able to read your private key from that document. It is even risky to print a paper wallet from any sort of WiFi-connected or networked printer, because the printer will temporarily store a copy of the document in its storage memory. It might be possible for someone to steal the printer, tear it apart, remove the storage media, and recover previously printed documents, long after you've printed your paper wallet. It is even more likely that someone might be able to hack into your networked printer remotely, and scan through the document cache. Sigh. There are so many risks.
We believe that paper wallets ARE the safest type of long term storage, but that you should take certain security precautions to minimize risks. Rather than printing out copies of your paper wallet, it may be more prudent to copy the public and private key information onto a couple of USB keys or portable flash drives, and then to encrypt those entire drives using a password that nobody but you knows, then to store those keys in two separate hidden and secure locations. Ultimately, the absolutely safest approach, for the super-paranoid, would be this: Create your paper wallets on an air-gapped computer (one that isn't connected to the internet), using a Linux operating system, then encrypt and store your keys as we just described. This should improve the security of your assets from "piggy bank" levels to "Fort Knox" levels. About the only way to improve your security beyond that would be to find and use an air-gapped computer that hasn't been connected to the internet since before 2009, before crypto was created (and therefore before malware was created to target crypto users).
Hardware Wallets
Various types of hardware wallets exist. Many of these wallets can store multiple unrelated cryptocurrencies, although to be clear, this is only possible because the device (the hardware wallet) has room to store several different software wallets on it. Your various cryptoassets will not be stored within a single wallet on the device. A hardware wallet may look similar to a USB key, or it may perhaps be a small mobile device with a screen, similar to a small music player. Some of the main hardware wallet providers at the current time are Ledger, Trezor, and KeepKey. Some of these companies offer multiple types of devices.
If you are going to buy a hardware wallet, ALWAYS buy it directly from the manufacturer. No matter how impatient you are with backlogged orders at the manufacturers, and no matter how much of a price discount you might find from an alternate supplier, you should never buy a hardware wallet from eBay, CraigsList, Amazon, or any other source. To be fair, there are a few authorized third-party resellers who use these sites legitimately, but there are also a LOT of compromised wallets being sold through various eCommerce platforms, and a lot of users have lost their investments by putting them into an insecure wallet. The basic methodology for this scam is that the person selling you the wallet (often repackaged to look like it has never been opened) now knows the private key to the wallet, so once you deposit your cryptoassets into the wallet, the scammer can steal your coins. This has happened to a huge number of unsuspecting victims! Protect yourself by buying directly from the manufacturer.
A hardware wallet can function in different ways. Even if it is connected to a computer which is online, you can consider it to be cold storage. Private keys are maintained in a secure offline environment on the hardware wallet, and they are fully protected even if the device is plugged into a malware-infected computer. If you generate and store your private keys offline, using a hardware wallet, hackers should have no way of getting at your cryptoassets. Hackers would have to steal the hardware wallet itself to do that, but even then, it can be protected with a PIN code. You don't necessarily need to worry about your hardware wallet getting stolen, lost or damaged either. You can create a secret backup code, which can be used to retrieve your cryptoassets. Of course, that secret backup code can be a weak link in your security protocols, because it needs to be kept just as secure as a private key.
Not all cryptoasset project coins or tokens can be stored on hardware wallets. Typically, only a few dozen of the most well-known cryptos are supported. However, despite the price, a hardware wallet is a very good option to protect your investments.