Crypto wallets: hot and cold wallets
There are exchanges that provide the private keys and/or the passphrases, but there are also some that do not. There are also some that offer to store the Bitcoin in a so-called “cold storage.” That means that the private keys are not stored on a system that actively connected to the internet. These kinds of crypto wallets are a bit like a concierge service that can give you a spare key, just in case.
Hot crypto wallets
That would make it to some extent a “hot wallet,” because any employee could take the key at any time, if he finds out, for example, on Facebook, that the owner is on holiday. Technically, an employee with malicious intent could get into the client’s house at any time or copy the key at any time and give it to his colleagues who can then strip the house bare. The same is true of hot wallets—they are simply very risky.
Cold storage of an exchange would be achieved in this analogy if the boss of the concierge service would receive the key personally and then keep it off-site in another completely independent safe deposit box; for example, in a bank or in a separate safe.
This is exactly how cold storage works in a crypto-exchange. The private keys are deleted by appropriate staff from the online system and kept on a computer that is not connected to the internet.
Of course, one has to also consider that everyone who has access to the offline computer can potentially use the keys. You can never protect yourself from that possibility if you give your private keys to another person. That also applies to a family member, a friend, or an employee of an organization, such as a reputable exchange. The risk always exists and, therefore, you should give careful thought to how much money you keep in an exchange.
No deposit protection for crypto wallets
In contrast with the savings bank, exchanges do not generally have deposit guarantees or similar. On the other hand, you have to acknowledge that in some cases where a customer’s exchange crypto-asset was stolen, the exchanges have replaced the losses from their own assets. So, if you don’t want to trust anyone, and in addition, you want to protect yourself against hackers and other bad people, what is the alternative? The alternatives, if a little cumbersome, are the real cold crypto wallets. First and foremost, there is a medium that the Chinese were already using 2000 years ago. It was called papyrus.
Everything on paper
The private key is basically just a long number that you can write down on a piece of paper at any time. The same applies to the passphrase. You should definitely do that. The challenge is more in how you generate the private key or passphrase. As has been described, you should never just create and use this yourself, “randomly.” As humans, we are just not capable of removing ourselves far enough from our own psychology to ensure the key is truly random. So, a private key generator is needed.
Such things exist on the internet. Typically, the mouse is moved back and forth over a field until a one-hundred percent random code is created. This takes one to two minutes, during which a private key, address, and the corresponding QR code are generated. You can now send Bitcoins to this address and transfer them with the associated private key. The private key is kept as a paper copy; it can then be photocopied and the paper and its copy kept in separate places. It should ideally be kept in at least two separate locations so that the two papers are not lost together; for example, in a fire. An unfortunate case was reported of someone who lost $50,000 by not observing this rule. Read more about that in my book.
So, paper document or paper wallet?
In terms of crypto wallets, you can use a paper wallet under one definite condition: if the computer that generated this paper wallet is not online and will not be connected online for as long as this paper wallet is in use. Why? Because the website or the computer that generated this paper wallet can be hacked and interfered with. You would not even notice if this happened. Even if a secure connection is shown, software could be running in the background that sends the private keys generated to a third party. This third party then collects these and one sunny day uses them all at once and quickly empties all accounts. Most people would not even notice this because the assets in a paper wallet are usually stored for a long period—you only find out that the paper wallet has been emptied when you try to transfer some Bitcoin.
This is a rare case when a hot wallet would be better.
In such a horror scenario, even a hot wallet would be more suitable because the exchange will notify you when the money is gone. This is not a joke. It has happened.
Bitcoin and blockchain places people, for the first time in history, in the position of being their own bank. They have their own assets available so that they cannot be controlled or manipulated by others. When you have Bitcoin, you are your own bank. This provides a level of freedom that has never been known before, but with this freedom comes increased responsibility. This responsibility is not easy, and you will have to go to some effort. Freedom always has its price. But enough scaremongering—we will now follow this up with a description of a safe alternative.
This a short story out of my book
Bitcoin, Blockchain & Co.
The Truth, and Nothing but the Truth