A Crypto Wallet is Not What it Seems

Wallets for cryptocurrencies work differently than traditional wallets, learn how to keep your assets safe.

Cryptocurrencies have reached new levels of mainstream adoption this year. However, the vast majority of people have never purchased any crypto and many have purchased some for the first time this year. Whether you are thinking of making your first cryptocurrency purchase or you have a decent start in the crypto world, the complexities of storing your coins should be well understood. Cryptocurrencies give financial power back to the individual, but with that power comes increased responsibility to manage our assets properly.

Not Your Keys, Not Your Coins

One of the most commonly repeated phrases in the cryptocurrency community is “not your keys, not your coins”, which means that if you have coins stored in an app but do not control your “private key” then you really don’t own the cryptocurrencies stored in that application at all. Many “wallets” are not particularly transparent about how this works and I’m guessing a significant number of people reading this don’t have a concrete understanding of what this phrase means. Let’s break it down.

Note: For simplicity I am going to talk specifically about Ethereum, but this information applies to most cryptocurrencies including Bitcoin.

What are “keys”?

When a friend sends you money on Venmo, they use your email address to find your account much like a bank transfer can be initiated to a specific account number. When someone sends you some Bitcoin they need your receiving address, which is your public key. This public key can be sent to anyone since it only allows others to send you coins, not take them.

Every Ethereum account has a public and private key pair that are generated when the account is created. The private key allows someone to access the funds associated with that account. So your private key is similar to the password to your Venmo or bank accounts; if someone were to gain access to your private key they could easily move all of your coins.

Luckily private keys are much harder to hack — hacking passwords is often just brute force guessing — than traditional passwords since they are a large random number that is incredibly unlikely to guess. In many estimates it would take longer than the current age of the universe to brute force guess an active Bitcoin address.

Where are Coins Actually Stored?

When you download your first wallet application you will have the option to import or generate your keys or seed phrase. If you generate new keys, you are creating a new Ethereum account and your keys point to your transactions on the blockchain. This account exists on the Ethereum blockchain and is wallet agnostic, meaning you can take your keys and import them to many other wallets and control your Ethereum from any of them. Just be sure that any wallet given access to your keys is well vetted and trusted; I will discuss some good wallet options at the end.

Wallets are applications built to help you interact with your various crypto accounts. A wallet doesn’t hold your coins, it holds the keys to your coins; your coins will always be “stored ” in their respective blockchain network. Technically, most blockchain networks simply keep a record of transactions and can calculate your “balance” at any given time by summing up your in/out transaction history. If you are unfamiliar with the way blockchain databases store data in a timeline, check out my Crypto 101 post.

Seed Phrases

Many wallets will generate a seed phrase rather than give you your private key right away. This seed phrase is not your private key. Instead it can be used to derive your private key should you lose access to your wallet. Say I drop my phone and it’s totally broken. Initially I panic because my preferred Ethereum wallet was only on my phone; but, because I have my seed phrase printed out and safely stored I can just get a new phone, download my preferred wallet app, and recover my private key using my seed phrase.

We started this post discussing the phrase “not your keys, not your coins”. So in what scenarios are we not in control of our keys?

Exchanges

When someone wants to buy some Ethereum for the first time they are likely to go to an exchange like Coinbase, Kraken, or Gemini. If I log into Coinbase and purchase $100 of Ethereum, it is automatically stored in my wallet built into the Coinbase app. But this isn’t a traditional wallet because when you make your Coinbase account they do not give you your keys; a wallet in Coinbase is custodial, meaning they control your keys and by association, your coins. This means that you are essentially only “accessing” your coins when you log into Coinbase.

I know, you’re probably thinking that I’m being paranoid; Coinbase is a massive publicly traded company, surely they will be responsible with my coins? While exchanges have grown considerably making them less vulnerable to failure, allowing an exchange to hold your coins defeats a core tenant of cryptocurrencies. The hallmark element of blockchain is decentralization; it is nearly impossible to hack any one individual because there is no central point of control to launch an attack on. However, when we consolidate funds into exchanges we are centralizing coins and creating targets for thieves.

In the past, exchanges have collapsed and been hacked. A famous example is Mt. Gox, which was a Bitcoin exchange that managed more than 70% of Bitcoin transactions in 2014. Mt. Gox was hacked and 850,000 Bitcoins — mostly owned by their customers — were stolen. They immediately shut down and the following years revealed a mix of mismanagement, fraud, and theft caused this loss of almost ten percent of the global bitcoin supply.

While today’s exchanges are much more robust and scrutinized than Mt. Gox was, they are still a central point of control that exposes them to the many problems Mt. Gox and traditional financial systems face. No company is immune to hacks or mismanagement.

Using an exchange also means that your coins are accessible via a username and password login, which exposes you to another avenue for attack. This is probably the most common way people will lose coins in the coming years; if you fail to secure your account properly it isn’t Coinbase’s fault, so using incredibly strong passwords on your exchange and email accounts is critical.

Robinhood

I separate Robinhood from the crypto exchanges because it is, in my opinion, one of the worst places to buy cryptocurrencies. Robinhood doesn’t actually give you your coins when you buy them. You are simply gaining exposure to Ethereum’s price and you cannot withdrawal or transact with it. Robinhood treats your crypto like a stock and any you buy can only ever be held and sold back later. But cryptocurrencies aren’t stocks, they are currencies that have more utility than a simple investment. For some coins, like Cardano or Ethereum, that offer staking Robinhood will also drastically limit your ability to participate. Overall, I would personally rather use Coinbase Pro along with a free software wallet that I will discuss below.

Software or Hardware

When you choose your wallet there are two main categories to choose from: Software or Hardware. A software wallet is an app you can install on your phone or computer, while a hardware wallet is a physical device that you connect to you phone/computer to use.

It is very secure to store your keys/coins on a physical object that can be kept offline. When you want to make a transaction, you can securely connect to your hardware wallet and use its application to manage your coins. It is widely agreed upon that hardware wallets are much more secure than software wallets since they are offline by default. If you lose your hardware wallet you can still use your seed phrase to recover your assets on a new one; and if someone finds your lost wallet, it will wipe itself if they don’t know your pin/password.

Hardware wallets cost anywhere from $60 to $120, so if you own a decent amount of crypto, it is probably worth the cost of getting a hardware wallet.

Good Software Wallets

You will often hear software wallets referred to as “hot wallets”. This naming scheme comes from databases, where “hot” storage is data you need to use often and “cold” storage is data that can sit on discs for long periods of time without moving. Since software wallets are very convenient, many people use them as their hot wallet to store crypto they actively move around and have recently acquired.

Both Exodus and Atomic Wallet are well designed and intuitive wallets that can hold many coins. They can also be used to exchange one coin for another, which can be quite useful. The downside of these heavier duty software wallets is that they are not open source, which can bring security concerns; that being said, both wallets are incredibly popular and are non-custodial. When you create either wallet, you will be given a seed phrase that can be used to recover your wallet if you lose access to the application.

I use Exodus as my preferred hot wallet, and I like that it also uses FaceID to add an additional level of security.

Good Hardware Wallets

Note: It is important to always purchase a hardware wallet directly from the manufacturer. Even though Ledger sells on Amazon, it is recommended to always buy from Ledger’s website directly.

The Ledger Nano X is the gold standard of hardware wallets currently. The Nano X can wirelessly connect to your phone or be plugged in directly to your computer to access the application and your coins. You can store pretty much any mainstream or semi-mainstream coin on the Nano X. Ledger also has it own exchange built into its app that lets you exchange coins. The Nano X is fairly pricey at $120, but it is the most well featured and easy to use hardware wallet available.

The Ledger Nano S was the predecessor to the Nano X. It can only be connected via a cable and does not have Bluetooth. It also has less internal storage, which limits the number of different coins you can keep on it; Ledger downloads a separate dedicated wallet app for each coin, so the Nano S can only download a few different apps a time. You can uninstall an app and it won’t get rid of your coins, though. The Nano is half the price of its big brother at $60, which makes it an affordable option for storing the bulk of your coins offline. Many people keep the bulk of their Ethereum and Bitcoin on a Nano S and then keep the coins they move around in a software wallet.

Trezor is one of the only competitors to Ledger. They offer two hardware wallets at $60 and $180. Their cheaper option, the Trezor One is quite similar to the Nano S. The biggest difference between the two is that Trezor’s software is open source. Open source software is enough of a reason to win over many crypto enthusiasts, which is why I included Trezor in the list. Personally I still prefer Ledger wallets because I like their app and the style of the hardware better than Trezor.

A wallet is simply an application to access your coins

• MEW, Atomic, Trust, Exodus, etc. are all software wallets that aren’t “wallets” as much as they are wallet applications.
• They are a quick way to access your coins, NFT’s, or other blockchain assets.
• Your coins are always stored in their respective blockchain networks and are accessed via your keys.

Example

1. You download the MEW app on your phone to store some Ethereum
2. You generate a private key when setting it up
3. This same private key can be imported into another wallet application, like Trust or Atomic
4. Your ETH will be available on every wallet you import your keys to since the wallet is an interface

Hopefully this post helps to clarify how cryptocurrencies are stored and provides you with some practical advise to storing your coins more securely. Cryptocurrencies are still very much in their infancy, and storing your holdings safely is incredibly important if you intend to hold onto them long term. Remember that whatever wallet you end up using, be sure to safely store your seed phrase on paper in multiple safe locations.

Source: https://willmnorris.medium.com/a-crypto-wallet-is-not-what-it-seems-daf4557ad566?source=rss——-8—————–cryptocurrency