Wallets and Cryptocurrency wallet security

So you made the decision to finally get some Bitcoin or another cryptocurrency of choice. Now what? You must choose a cryptocurrency wallet that supports your coin of choice. Cryptocurrency wallets can be specific to one currency or may support multiple cryptos. When you create your wallet, a Private Key is generated and acts as your digital signature behind the scenes to authorize your transactions. You must never disclose your private key to anyone. as they will then possess the ability to drain your entire account of your funds.

Your wallet also generates a Public Address (also known as the public key). You share the public key with others in order for them to send money to your account.

Again, we must emphasize that you NEVER share your private key, ONLY your Public Address / Key. The public Address is a long string of characters that can often times take the form of a QR code. To send money, you need the recipient’s public key and use it in your wallet’s “send” functionality.

To send money between wallets or exchanges, you simply use the address of your other wallet as the recipient. We recommend to always copy & paste public addresses / keys because as you will learn, if you attempt to type and accidentally misspell the address and send funds, there is a high chance that they will be gone forever.

Exercise Extreme Caution When Sending Cryptocurrencies

With traditional fiat currencies, you have banks and other institutions that can insure and protect your transactions in the event of an error – purposeful or otherwise. This is not the case with cryptos. There exist certain characteristics that are integral to blockchain technology and in order to guarantee that every transaction is in fact unique and authentic, you must understand the following fundamentals:

  • Every currency has its own blockchain network, and thus its own type of public address. When sending funds, be absolutely sure that you are transferring to an address within the same currency, otherwise the transaction will be unverifiable by the different network and the funds will be permanently lost. For example, you must send Bitcoin to a Bitcoin wallet, Ether to an Ethereum wallet and so on.
  • If the recipient address is simply incorrect due to a missing or adjusted character, the transaction will be unverifiable on its own network and the funds will be permanently lost.
  • Once crypto is sent, it is impossible to reverse or cancel the transaction. Any “reversals” must be in the form of a new transaction sent from the party who received the original transaction.

Cryptocurrency wallet Best Practices

It is important to adopt and use best practices when storing and transferring cryptocurrencies. Here are the minimum best practices that we strongly recommend:

When accessing your wallets…

  1. Use passphrases (instead of passwords) for logging in where possible. Passphrases are significantly harder to guess (and remember) so it is best to secure them in writing and offline (cold storage).
  2. Use two factor or three factor authentication with all wallets and exchanges to add additional layers of security. Examples of this are when a wallet sends you a text or email confirmation before it allows you to login. A great addition to your multi-factor system is to use the Google Authenticator or Authy apps which generate a unique code every 30 seconds or so. Most popular wallet providers will have the option to configure your security options so that the website or app requests this code every time you login or initiate a transfer.

When transferring funds…

  1. When transferring crypto, use the wallet’s QR code function or copy and paste the recipient’s public key to reduce the risk of human error. Do not manually type the addresses when possible;
  2. When you paste or type the recipient address, compare it against the address provided by the recipient wallet owner to ensure you copied the full string of characters and numbers; and
  3. Double check to make sure your withdrawal is in the same currency specified by the recipient before you send it.

Creating backups of local and offline wallets…

  1. Desktop (local) wallets and hardware wallets require that you create a seed passphrase when creating the account. This passphrase is the only way to recover your private keys in case your physical piece of hardware is damaged or lost and can be used to create backups. It is essential to write this passphrase down and store it with the same care as your most critical personal information.
  2. Every hardware wallet may function differently so be sure to read the manual and configure each wallet appropriately.

Your Cryptocurrency Wallet Options

Mobile wallets are accessed through apps and may control your private keys while providing you with public keys so that you can send and receive currencies on the go. Mobile wallets retain lightweight characteristics of a coin’s blockchain and rely on other nodes on that network to fully conduct your transactions.

Desktop wallets are also known as local wallets and require you to store the wallet software on your computer as well as maintain an up to date state of the blockchain. You are responsible for ensuring the security of your system and the integrity of the hardware that stores your private and public keys.

Custodial wallets are any form of wallet where you only need to log in to the app or website to conduct transactions. Custodial wallets ultimately authorize transactions on your behalf because they store your public keys. This provides convenience due to a simplified user experience, however the service may bare a greater amount of risk because you cannot hide your private keys offline. Many popular mobile wallets and exchange wallets serve as custodial wallets.

Hardware wallets are sometimes referred to as cold storage and resemble a USB stick or a small external drive. A hardware wallet allows you to keep your private keys offline when you do not plan on transferring money out. This greatly reduces (but does not eliminate) the risk of your public key being compromised from an online attack since you must connect your hardware wallet to your computer to make a transaction. If your hardware wallet breaks or is lost you can recover your funds by inputting the seed passphrase you create when setting up your original hardware wallet onto a new hardware wallet of the same currency.

Ledger Cryptocurrency wallet
Ledger Cryptocurrency wallet

Multi-Signature wallets are created when a group of people want to share a mutual wallet. Rules are put in place such as a requirement that all designated people use their private keys to perform and transaction from that wallet. Each person must keep their private keys secure because a withdraw is not possible without all keys presented.

Choosing Your First Wallet

Congratulations, you now know enough to safely open your first cryptocurrency wallet. It can be a daunting process to pick a wallet that will best suit your needs and one that is compatible with your cryptocurrency of choice. For those wanting to get into cryptocurrency, an example of wallets used by some of our team at CryptoAnswers include:

  • Coinbase is one of the world’s most popular bitcoin, ethereum, and litecoin wallet. They make it easy to securely buy, use, store, and accept bitcoin, ethereum, and litecoin.
  • Ledger Nano is a Bitcoin wallet on a smartcard device, small format and low weight. Comfortable and simple to use, you connect it directly to a USB port to manage your account, protect your bitcoins and make safe payments.