What appears to have been a highly sophisticated attack at NiceHash several days ago, cost BTC owners more than $70 Million, and perhaps equally as harmful extended the delta of trust between many in society and the potential of the blockchain and cryptocurrencies. One essential step any cryptocurrency owner could do to insulate themselves from large-scale exchange breaches like the hack that happened this week needs to be discussed as widely as possible, It's Simple, and it's one step, and that is:
You NEED a cold wallet. Here’s How:
Why store cryptocurrency you are holding (not actively trading or spending) in a cold wallet?
The number of novice traders of Cryptocurrency is exploding at such a rate that the average person deciding to join an exchange and purchase some coins doesn't understand the correct, and frankly essential, steps of how to manage their coins after they are buying them. As a result, you have thousands of people losing thousands of dollars, and cursing the idea of cryptocurrency as a result. No one likes losing money, and it's up to the crypto community to make sure novices understand how to protect themselves. If we don't, the rate of adoption will not grow at the rate at which we would all like to see. For every one person who gets burned with hot wallets (no pun intended), there will be ten others they tell their story to who will be hesitant to invest.
The argument for cold wallets is strong. All of the significant BTC hacks that have occurred have happened at online exchanges. All the holds of coins on these exchanges could have been spared the loss if they created cold wallets instead of holding the funds online in hot wallets.
Any wallets I don't need to have connected to the internet, aren't.
To create one, follow these steps. My video above goes trough the process of creating the paper wallet.
1. First, you need to understand "hot" wallets, "cold" wallets, and how to create one.
- A wallet is your public and private key together in one place.
- Hot wallets are accessible via any network connection (this includes your laptop and phone).
- Cold wallets are not connected to any network.
2. Next, create a cold wallet and send money from your hot wallet, to your cold wallet.
Create a new paper wallet, send funds to it, print that public address with the private key and save that print out how you see fit. If you want, you can still stay digital by saving this image somewhere with encrypted services like AWS, Backblaze, or LastPass, but the ultimate security is a paper in a safe.
Either watch my video above for an example of how to do this, or for the step by step, BlockGeeks did an excellent job here. Scroll down to where it shows screenshot
3. For practicality, have a transaction wallet used for trading or payments which is hot, and all the rest, stay cold.
The worst case hack scenario is that the funds in your hot wallet will be stolen as they sit online somewhere. For the rest of your funds, the cold wallets (pieces of paper for example) would need to be found. Of course, this is possible but not very likely.
Protecting Paper or the like doesn't need explanation, but it goes without saying that you are now prone to things like fire and flooding instead. Pick your battles; I prefer protecting a waterproof safe from natural disaster than keeping up with hackers around the globe.
What about Hardware Wallets?
Yes, If you don't like printing your wallet information and want somewhere in between, you can try a cold wallet that is offline but on a piece of electronic hardware. This is fine, and wallets like the Trezor are very advanced, secure, and convenient, but, to be fair, they are still not as reliable as paper and involve electronics and software that in theory could be compromised in ways paper still cannot.
The main elements of blockchain tech disrupting the world are decentralization, transparency, and security in mathematical accuracy. This can and will achieve great things in the world, but it requires us, the users, to understand our responsibilities and roles as well. One of the rules is to properly protect your digital currency, and the only real way to do that is to take it offline - with a cold wallet.
Disagree? Feel free to comment below or tweet me @jesseseaver.