When you own Bitcoin or other Cryptocurrencies, they are stored in a "wallet" which has a private key and a public key (or public address). To keep things simple, the private key is like a bank vault that holds all of your Bitcoins or other Cryptos. As long as you, and only you, have access to that key, then you have safe access to your Bitcoins. Your public key (or public address) is what you give out to people looking to send coins to your wallet.
There are various wallets out there in which you can store your investment. They can be stored in an online wallet or an offline wallet. Online wallets are great and convenient if you are making transactions often. However, as we all know, anything that is online or stored electronically is vulnerable to being hacked. While these online wallets and exchanges take many security precautions, having your Bitcoins or other Cryptos hacked is a very real possibility.
When storing your Bitcoin and Cryptos on an online wallet or exchange, there also comes a level of trust with that company. When you store your investment with an online wallet/exchange like Coinbase,
they also store your private key. If something goes wrong on their end you could lose temporary access to your coins or even worse, lose them for good. With the explosion in popularity of Bitcoin and other Cryptocurrencies, we can't forget the dreaded story of Mt. Gox
(where $460 million dollars of coin went missing).
How should we store the bulk of our digital assets? Storing them offline, though not as convenient, is a safer and more secure way of protecting your coins. This is called cold storage, or having a cold wallet. There are a number of ways to do this:
Cold Storage Options For Your Bitcoin
Paper wallets are free to make. They contain the private key and public key printed on a piece of paper. The keys are generated in an offline environment so they are secure. When you print these, you should also be directly connected to your printer and make sure it is offline as well. Your private key is visible to anyone who can see or has access to the paper wallet. Paper, while cheap, is not very durable and can be damaged easily or rot overtime. You can create your paper wallet here
With a USB you can store your coins and keys easily. Like the paper wallet, anyone in possession of it then has access to your coins. You should take an extra precaution and encrypt your USB for extra security. However if you lose this, your Bitcoin or other Cryptocurrency is gone forever. Lastly, hardware failure can and does happen with USB drives so you may want to consider storing you your private key(s) on two USB drives.
A desktop wallet is software you can download that will work offline on your computer. You can export encrypted keys all offline. However, when you are making a transaction with a desktop wallet whether sending or recieving you are then online thus vulnerable to hacking and malware. Since these wallets only exist on your computer it is possible then to lose your investment if your computer succumbs to issues. Some popular desktop options include Exodus
Hardware wallets are becoming one of the most popular options for cold storage. They are one of the safest and most secure ways of storing your Bitcoin and have a few other Cryptocurrency compatibility. While these are generally touted as one of the safest options they still have their risks. Bictoinwiki
sheds light on possible ways these devices could be compromised.
- Malware swaps recipient Bitcoin addresses: a hardware wallet won't protect you from being tricked into sending Bitcoin to the wrong address. For example, malware on a PC could monitor for high value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker. When the stakes are high, multi factor (e.g., over the phone) confirmation of a recipient's Bitcoin address is recommended.
- Insecure RNG (Random Number Generator): hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG may create wallet keys that can later be recreated by an attacker, by generating psuedo-randomness that would seem statistically indistinguishable from true randomness yet still be predictable to an advanced attacker. An RNG may become insecure as a result of malicious weakening or an unintentional mistake. This failure mode is common to any wallet generation procedure in which the true randomness of the source of entropy being used can not be verified.
- Imperfect implementation: the security of all computing devices relies on the quality of their implementation. Hardware wallets are no exception. Bugs at the software, firmware or hardware level may allow attackers to break into a hardware wallet and gain unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very hard, mostly unsolved problem. To date, no wallet in existence is implemented using provably correct software.
- Compromised production process: even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product. The introduction of hardware backdoors is a real concern for high risk financial and military applications.
- Compromised shipping process: a compromised fulfillment process may substitute or modify secure devices for superficially identical but insecure replacements. Government programs that intercept hardware and modify them in route to insert backdoors are known to exist.
It's like having a paper wallet, but only better. Crypto Cards by Slimtech Gear Co. are constructed from flame resistant materials and are also waterproof. Unlike paper wallets, Crypto Cards can be rewritten so you can change out your public address for different coins. You can also use Crypto Cards as cold storage and keep them in a safe or other secure location.