Episode 19 – How to protect your crypto goodies?
“In Episode 17 we talked about the myriad different ways scammers can try to relieve you of your crypto. And even once you’ve got your tokens ‘safe’ in an online wallet – you probably shouldn’t take that safety for granted.
So what’s a right minded individual to do? Stash your tokens in a fortified military bunker under a Swiss mountain? Or is there another way? A faster, cheaper, better way that gives you FORT KNOX in your POCKET. Or anywhere else for that matter. Of course there is. Welcome to School of Block.
Let’s start with the whole concept of SELF CUSTODY. What does it mean? Simply, you are responsible for the storage and management of your own crypto tokens. There is no bank. There is no third party. Just a blockchain, and your assets on it. This is one of the fundamental principles of crypto.
Your tokens are stored at a PUBLIC ADDRESS, and your ability to access them requires a PRIVATE KEY. This private key is a sophisticated form of cryptography, usually taking the form of a long series of alphanumeric characters, or occasionally a series of 18 or 24 seed words.
This PRIVATE KEY is what you need to keep safe in order to protect your assets, so the usual advice is to write it down offline and store it somewhere secure in the real world. OWNERSHIP in crypto is regarded as being in possession of the PRIVATE KEY. So never give your private keys to anyone else, no matter the reason. It’s the same as literally handing over your tokens.
But before you get to the land of public addresses and private keys you have to start somewhere. And for most of us, most of the time – that’s an EXCHANGE. Here you can trade your real world money – or fiat – for crypto. And if you like, you can just leave your crypto there.
There are some good reasons why you might do that.
The big exchanges out there really do care about security these days – and massive heists like we saw with Mt Gox back in 2014 are now increasingly unlikely. They have a name to protect, and your assets are insured. If you’re new to the crypto game and aren’t familiar with self custody, then perhaps you might find leaving your assets there whilst you learn about the space productive.
But it’s worth being aware of some limitations of exchanges. Firstly, SECURITY. Whilst the exchanges themselves may be secure, YOU might not be. If you lose your mobile number or your phone, hackers can then hack into your email, and then into your exchange account through your lost number. Mt Gox type attacks are now rare but stories like this have been all too common in the years since.
Also, using TWO FACTOR AUTHENTICATION for your exchange account is absolutely essential. If you don’t, you make it ORDERS OF MAGNITUDE easier for outrageous online outlaws to rob you blind.
SECONDLY, you need to be aware that you give up freedom and ownership of your tokens on an exchange – as they are literally just ALLOCATED to you, rather than actually being yours.
There is the risk of sudden regulation impacting your ability to withdraw them, and you are relying on – and trusting – a CENTRALISED ENTITY with your wealth. Also – ever tried logging into your exchange when the market is on fire – in either direction? No chance of moving your crypto at the times you might need to the most. One other, critical factor for many users is the fact your ability to access dApps, DeFi and NFTs are also compromised, or nil, on an exchange.
So this is really just where the journey starts, and where SOFTWARE WALLETS come in.
Your public address can be accessed by a DIGITAL SOFTWARE WALLET, often known as a HOT WALLET, into which you input your private key to access your tokens. What’s great about them? Well, first up they provide an ease of use that’s key to crypto adoption, and they also enable you to access dApps, DeFi and store NFTs. As well as actually OWNING your tokens. However they’re not the most secure places to hold your crypto. The online servers that host them can be vulnerable to HACKING and you might be the victim of malicious SOFTWARE, FRAUD or PHISHING. Yes, that’s phishing with a P. Where unscrupulous interweb bandits record your keystrokes when you log in, and can then log in for themselves and snaffle all your stuff.
So, if SOFTWARE WALLETS and EXCHANGES are both compromised from a security point of view, and you can’t afford the Swiss military bunker – what’s a freedom minded individual such as yourself to do? Well, exactly what the majority of the SMART MONEY out there does. COLD STORAGE. First of all though – you’ve just bought your tokens. There they are on the exchange. How do you even get them out into this frosty refuge of which I speak?
So, the coins have been withdrawn… and here they are, viewable on the blockchain. This process is the same whether you’re transferring to a software wallet, or into cold storage.
So what is this COLD STORAGE? It’s also known as a HARD WALLET – which is stored on a platform not connected to the internet. Whilst the tokens might be viewable on the blockchain, the wallet that holds them is a physical device that isn’t actually plugged into anything. Unless you want it to be.
SOFTWARE WALLETS, and indeed anything that’s constantly connected to the internet, are at risk of hacking and phishing attacks. But HARDWARE WALLETS aren’t, because the part of the process that uses the private key – transaction signing – happens in an OFFLINE ENVIRONMENT. Of course, you still have to keep your 24 word SEED PHRASE safe – and there are of course many ways to do that. Certainly don’t leave it pasted to your front window with a copy of the public address. Whether it’s in a safe, or under your mattress, it’s not too difficult to hide bits of paper. But choose somewhere you most certainly WON’T FORGET. And don’t save it as a file on your computer, because then, well, you might as well have put it on your front window again.
One slight downside of HARD WALLETS, or COLD STORAGE, is that the process of managing and transferring crypto is a bit more cumbersome than with SOFTWARE WALLETS, and that can dissuade people from using them. But why isn’t it possible to have the convenience of SOFTWARE WALLETS with the security of HARD WALLETS you wonder?
Well, funny you should ask, because YES YOU CAN. It starts with Ledger Live. Basically a gateway to all crypto services. Imagine the app store for the iPhone, and you’re not far off.
On Ledger Live you can buy, sell, exchange, lend and stake tokens, as well as accessing decentralised exchanges via Paraswap or lending protocols like Compound, all within the security of the hardware wallet. It’s pretty damn cool. But if you want more, you can also import your Ethereum account in Ledger Live to Metamask, giving you even more options whilst the Ledger HARD WALLET secures the Metamask SOFTWARE WALLET. Let’s take a look at how it works.
So there you have it, the world of crypto storage – from self custody, to exchanges, software and hardware wallets – there’s really just one rule of thumb… Do it once, do it right – and just like me – sleep like a baby.
You’ve been watching School of Block, presented by Ledger and the Defiant, demystifying decentralisation, one block at a time. Don’t forget to subscribe, drop us a like if that’s what you’re into, and as always – here’s to your financial freedom.”