The best way to store your private keys
| – When you own cryptocurrencies, what you really own is a private key. Whoever has the knowledge of this key can spend the associated funds.|
– If you leave your crypto assets online, on an exchange for instance, you are basically not in charge: you are entrusting them with your private keys.
– Owning your private keys gives you much more power and control but it also means you have to take care of their security.
– Hardware wallet offer best in class security.
When you own cryptocurrencies, what you really own is a “private key”, a critical piece of information used to authorize outgoing transactions on the blockchain network. Whoever has the knowledge of this key can spend the associated funds.
If your private keys are stolen or misplaced, or if you store them on a device that crashes, there is no bank or institution to issue a backup or a replacement: you lose access to your crypto.
“Not your keys, not your bitcoins”
The way most individuals first get into cryptocurrency is by purchasing coins on an exchange platform, and leaving them there, especially if they have intentions to trade.
If you are keeping your crypto assets on an exchange, you are entrusting a third party with these private keys and mandating them to serve as a safeguard.
While exchanges provide some basic levels of security, the fact is that most trading platforms are not security companies, and you are entrusting them to keep your private keys protected with whatever measures they choose to implement. You’re also trusting the exchange platform not to have malicious usage of your assets. Your are basically not in charge, and hoping for the best.
With a series of high profile hacks on major crypto exchange platforms as well as a constant stream of headlines around individual crypto attacks, it’s more evident than ever before that security must be top of mind for every crypto investor no matter how large or small their assets.
With great power comes great responsibility
Owning your private keys gives you much more power and control, but it also comes with the needs of taking care of their security. Many tools are available to manage your keys, usually called “wallets”, but not all of them are secure. There are 4 different type of wallets you could use to manage your assets:
Online wallets are online services that enable you to access your crypto assets from any browser that’s connected to the internet. When you leave your crypto assets on a cryptocurrency exchange platform, you’re actually using the platform’s online wallet.
The biggest advantage of online wallets is that they are easily accessible from any computer or other device with an internet connection.
Being online is also their biggest disadvantage asthey can become targets for hackers. Moreover, in most of the cases, you do not keep control of your private keys: they are controlled by the wallet provider.
Software wallets are applications for managing cryptocurrencies that can be installed on your computer or smartphone.
You remain in control of your private keys which are not shared to nor controlled by a third-party.
Unfortunately, since a software wallet is installed on your PC or smartphone, it is still connected to the internet which exposes your private keys to hackers.
Vulnerabilities of modern PCs and smartphones are well known, and if you keep your private keys there it’s just a matter of time before you’ll get hacked and lose everything.
A paper wallet is an offline mechanism for storing crypto assets. As suggested by its name, the process simply involves printing the private keys and its corresponding addresses on a paper sheet.
This is a simple way to store your cryptocurrencies keys offline. It requires paying great attention and care to this paper.
If your paper wallet gets lost or destroyed, you will permanently lose the access to your crypto assets. Also, processing a transaction with a paper wallet can be tedious and unsafe: you will need to manually enter your keys in a transaction tool, typically by using your computer’s internet browser which could expose the keys to a cyber attack.
A Hardware wallet is an offline storage option for private keys. This is a physical device that allows you to store the private keys in an offline and secure storage, and generally also enables you to verify the transaction details on the device screen.
With a hardware wallet, even if a hacker succeeds in getting control of your computer, he will not be able to steal your private keys and access your crypto assets. Your private key is kept offline and limits the risk of hacking.
As a result, hardware wallets are widely considered to offer the most secure wallet option.
This is why hardware wallets are booming in popularity and becoming the new standard bearer for crypto security.
A closer look to hardware wallet security
Diving into the physical and software security components reveals some promising safeguards for hardware wallet users.
Hardware wallets offer a much more thorough level of protection, as these physical devices enable investors to take their private keys into their own hands and secure them into a harder-to-hack product.
First, hardware devices use encrypted chips for resisting sophisticated attacks and hosting numerous applications.
For example, in Ledger, we use Secure Element (SE) chips, cryptographically protected chips used in the likes of passports and SIM cards: your private keys stay safe and isolated inside the secure element. Additionally, our physical devices are independently certified by ANSSI, the French cybersecurity agency.
However, even hardware wallets are prone to attacks including physical attacks to abstract keys, fault attacks to disrupt a wallet’s chip causing faulty behavior or hacker access, and side channel attacks, which involves a hacker “listening” to the chip’s electric or electromagnetic signature to gain access to the device.
While the emergence of hardware wallets are providing critical new security solutions, most vendors are still vulnerable to various attacks.
That’s where Ledger comes in. We are pioneering hardware wallet technology that provides unprecedented levels of security for crypto asset through a secure element — a chip designed specifically to resist highly skilled attackers and a custom OS designed specifically to protect crypto assets.