This boils down to:
"I want my friend, who might be trustworthy (so it seems) to hold onto my assets. I give them full access to do as they like to it and I have no control. I will have little recourse if my friend decides to leave. This is because I might mess up if I hold onto my assets myself."
Makes no sense. You have so little trust in yourself that you're willing to trust a third-party service?
Topic: Concerned About Human Error and Liability with Wallet (Read 242 times)
If human error is your biggest concern, then that is most easily addressed by thoroughly reading and familiarizing yourself with Trezor's documentation and help pages before using your device: https://wiki.trezor.io/User_manual
Your failsafe is always your 24 word seed. If you lose your device, or the device fails, or you forget your PIN, or your house burns down, or any of your other hypothetical situations, provided you have your 24 word seed stored safely and securely, you will always be able to recover your coins.
Your failsafe is always your 24 word seed. If you lose your device, or the device fails, or you forget your PIN, or your house burns down, or any of your other hypothetical situations, provided you have your 24 word seed stored safely and securely, you will always be able to recover your coins.
All of these replies are educational however, they don't address human error.
Every single option available has the possibility of human error in there. Bitpay, one of the most established and best funded crypto companies out there, lost a million and more dollars when one of their employees opened an email attachment.
I'd rather invest in myself preventing my own errors than trust a bunch of compete and utter strangers not to make some errors themselves. And that's before you get your money caught up in any weird policies they may choose to throw at you.
All of these replies are educational however, they don't address human error. I guess I'll just have to YouTube how to foolproof losing coins from the Trezor through mech failure, and best practices on key storage.
The important goal of bitcoin and other cryptocurrencies is to completely eradicate the concept of a centralized party holding your funds. You don't seem to believe in yourself but on those centralized exchanges for holding your fucking funds? You are meant to use only fiat money and not the decentralized cryptocurrencies. As o_e_l_e_o pointed out the What if scenarios on exchanges, these are the way exchanges operate and they can play with your money if they need. Most of these funds which you see in the front end doesn't belong to you. The exchanges GUI just show you the balance updation and the funds are stored elsewhere.
Let me highlight my situation on an exchange vs wallets which I had experienced over this past 2 years of being in crypto. I have a huge trust on myself (securing crypto through offline wallets, hardware wallets etc) rather than relying on such third party centralized shits. On the other hand, I am holding funds of my friend in btc. The friend doesn't have much knowledge on the wallets and security and he is a investor. Whenever he needs money I transfer the btc to him and probably he traded them on cryptopia till last year. I have never allowed him to hold more funds on these exchanges and subsequently he lost around $300 in the cryptopia hack. Did those so called centralized exchanges refund my friend's money?
I still hold his funds in an offline multi-sig wallet for past 2 years and I have never lost even a single penny till now. There are multiple backups of the funds in my house and gave some in my friend's house. Even if my house is subjected to the earthquake and I die, he will have the funds and would sweep them away with his minimal knowledge on how to handle offline and hardware wallets.
If you don't trust yourself, stop using cryptocurrencies and fiat is for you. Depened on the centralized banks and governments and allow them to play with your money.
Let me highlight my situation on an exchange vs wallets which I had experienced over this past 2 years of being in crypto. I have a huge trust on myself (securing crypto through offline wallets, hardware wallets etc) rather than relying on such third party centralized shits. On the other hand, I am holding funds of my friend in btc. The friend doesn't have much knowledge on the wallets and security and he is a investor. Whenever he needs money I transfer the btc to him and probably he traded them on cryptopia till last year. I have never allowed him to hold more funds on these exchanges and subsequently he lost around $300 in the cryptopia hack. Did those so called centralized exchanges refund my friend's money?
I still hold his funds in an offline multi-sig wallet for past 2 years and I have never lost even a single penny till now. There are multiple backups of the funds in my house and gave some in my friend's house. Even if my house is subjected to the earthquake and I die, he will have the funds and would sweep them away with his minimal knowledge on how to handle offline and hardware wallets.
If you don't trust yourself, stop using cryptocurrencies and fiat is for you. Depened on the centralized banks and governments and allow them to play with your money.
You highlight arguments against a wallet and for and exchange, but where are your arguments against the exchange?
Exchange hacks are very common. What if the attackers steal more than the exchange is insured for or can deal with? What if the hack leaves them insolvent? What if they just become insolvent through bad business practices? What if a couple of rogue employees empty their wallets? What if they are seized by the feds and all funds are frozen? What if they exit scam? What if they stop trading in your country? What if new laws prevent them for releasing your funds? What if they suffer from any of your hypothetical scenarios and lose access to their wallets? What if they decide you showed suspicious activity and lock your account? What if they decide you broke their ToS and lock your account? What if they decide you need to perform more KYC and lock your account? Then there are attacks against your individual account. Passwords can be broken, phished, brute forced, etc. 2FA can be reset. Phone numbers can be transferred. Emails can be hacked. All of these things can and do happen.
There are so many vectors of attack when you store your coins on an exchange or custodial service, and there is next to nothing you can do about any of them. When I store my coins myself, I know what all the vectors of attack/failure are, and I can take steps to prevent them all.
Exchange hacks are very common. What if the attackers steal more than the exchange is insured for or can deal with? What if the hack leaves them insolvent? What if they just become insolvent through bad business practices? What if a couple of rogue employees empty their wallets? What if they are seized by the feds and all funds are frozen? What if they exit scam? What if they stop trading in your country? What if new laws prevent them for releasing your funds? What if they suffer from any of your hypothetical scenarios and lose access to their wallets? What if they decide you showed suspicious activity and lock your account? What if they decide you broke their ToS and lock your account? What if they decide you need to perform more KYC and lock your account? Then there are attacks against your individual account. Passwords can be broken, phished, brute forced, etc. 2FA can be reset. Phone numbers can be transferred. Emails can be hacked. All of these things can and do happen.
There are so many vectors of attack when you store your coins on an exchange or custodial service, and there is next to nothing you can do about any of them. When I store my coins myself, I know what all the vectors of attack/failure are, and I can take steps to prevent them all.
"Be your own bank" sounds nice again, in theory. But I've heard of more horror stories of people losing hundreds of thousands of USD because they somehow ended up in a situation where everything was either stolen or missing IRL -
That is why you need to to take necessary precautions to avoid getting yourself in a situation where your funds are stolen. Be it paper wallets, hardware wallets or air gapped systems, whatever you are comfortable with.The #1 thing most people will tell you here is "Not Your Keys - Not Your Money! That means don't leave any money on exchanges no matter how trustworthy they are or seem to be. Different types of hacks have happened and can happen again in the future. There were also incidents like exit scams where an exchange would simply shut down, take the money and leave for good.
Quote
- Argument AGAINST Wallet: What happens if a fire occurs and your Trezor wallet is damaged? And on the same day there is a "Run on the Bank" and due to some event the price of BTC will fall to 50% of it's value by tomorrow. Liquidity is a concern when you need to make a rapid move.
you are two completely different discussions here.
the price volatility is an entirely different discussion that has nothing to do with wallets and security. if you find it unacceptable then invest smaller amounts or stay away altogether.
as for the first part, the solution is simply keeping multiple backups and storing them encrypted with a strong password and encryption technique. for example you simply encrypt your Trezor's seed phrase with a password that has 10+ length consisting of random upper/lower characters and symbols and numbers. now you just have to remember that password and print the encrypted string and stored it in multiple places so that if your home caught on fire you still have a place to go to and recover your bitcoins.
Quote
Well #1 we have to consider is only a certain percentage of funds on Coinbase and some other exchanges are kept in the HOT wallets. So it's possible the thieves only get 1% of your holdings.
hot wallet is different from exchange wallet.a hot wallet is a wallet that contains small (spending) amount of bitcoin in it and you hold it in a wallet that is connected to the internet. for example a desktop wallet like bitcoin core or electrum that you have on your PC that you use daily, or a mobile wallet on your smart phone.
an exchange wallet is not even a wallet and is not for storing anything. it is an "account" that lets you trade and should not be used for anything else.
Hard wallet sounds nice in theory but at least liability in a hack is on the company and not you personally from a legal perspective.
Both leave responsibility entirely in your hands.
The odds of Coinbase itself being hacked are very low when you read up about their security practices. They can't really get much better.
The odds of your Coinbase account being hacked are high. You may be sim swapped, your email might be accessed, your 2FA key might be accessed somehow. The only thing separating your money and it going bye bye are a handful of things that most people don't take seriously enough.
When you yourself are hacked Coinbase won't help you. That 1% of hotness is meaningless. If you're emptied it all goes.
Blindly trusting Binance to make good no matter what happens is utterly ludicrous and Binance themselves warn against it. The alternative is complete control on your part and all the information is out there to make good on it. It's available to all. Why would anyone turn that down?
https://blog.bitpay.com/content/images/2018/02/exchanges-advantages-disadvantages.png
https://blog.bitpay.com/content/images/2018/02/wallet-advantages-disadvantages.png
"Be your own bank" sounds nice again, in theory. But I've heard of more horror stories of people losing hundreds of thousands of USD because they somehow ended up in a situation where everything was either stolen or missing IRL - And up schitt's creek with no one to blame but themselves....
Meanwhile I think Binance users who lost funds in the latest hack will get it all back.
https://blog.bitpay.com/content/images/2018/02/wallet-advantages-disadvantages.png
"Be your own bank" sounds nice again, in theory. But I've heard of more horror stories of people losing hundreds of thousands of USD because they somehow ended up in a situation where everything was either stolen or missing IRL - And up schitt's creek with no one to blame but themselves....
Meanwhile I think Binance users who lost funds in the latest hack will get it all back.
You're ignoring one of the main tenants of Bitcoin... No control of private keys = No control of coins. Placing all your holdings in custodial wallets is simply a "Bad Idea"™
It's "Be Your Own Bank"... not "Let some online company be your new bank"
It's "Be Your Own Bank"... not "Let some online company be your new bank"
- Argument AGAINST Wallet: What happens if a fire occurs and your Trezor wallet is damaged? And on the same day there is a "Run on the Bank" and due to some event the price of BTC will fall to 50% of it's value by tomorrow. Liquidity is a concern when you need to make a rapid move. Apparently the procedure to recover your funds require the key phrases stored on paper and you have to contact customer support.
Ummm no. You simply restore your 24 word seed mnemonic into any BIP39 compatible wallet (software or hardware) and you should have access to your funds. You don't need to contact customer support for anything.Quote
Sounds unlikely, but Murphy's law...
Yes, your "doomsday" scenario is highly unlikely... If you want to play that game, then one could argue that it's just as likely that an Earthquake or Tornado could wipe out the datacentre of an exchange... poof all coins gone
I am on the fence in regards to using my Trezor which I just bought.
I would say I have an "intermediate" level of Crypto and solutions on the market. Something stands out to me that can be summed up in the following points:
- Argument AGAINST Wallet: What happens if a fire occurs and your Trezor wallet is damaged? And on the same day there is a "Run on the Bank" and due to some event the price of BTC will fall to 50% of it's value by tomorrow. Liquidity is a concern when you need to make a rapid move. Apparently the procedure to recover your funds require the key phrases stored on paper and you have to contact customer support. But the response is not ASAP. What if the paper is burnt and your other 2 copies are lost? You basically lose all your coins due to human error/disaster. What if my dog eats the paper? What if a lightning bolt strikes me dead and my surviving relatives can't find the paper? Extra bonus: Trezor is not liable for the disaster nor do you have any type of recourse or insurance for such events...
Also what happens if a relative comes over steals your key phrases and fraudulently poses as you. What happens if the ink smudges over time on all of your key phrases. You are trying to re-copy it every year to ensure that doesn't happen. Static electricity spontaneously vaporizes the paper in the closet. AND an EMP attack shorts your hardware wallet. Sounds unlikely, but Murphy's law...
- Argument FOR Exchange: Let's say the main risk of hacking happens and your funds are included in the thieves cash grab on the hack.
Well #1 we have to consider is only a certain percentage of funds on Coinbase and some other exchanges are kept in the HOT wallets. So it's possible the thieves only get 1% of your holdings.
#2 - These exchanges self-insure so your lost funds in BTC are covered.
#3 - With Google authenticator your chances of direct P2P attack on your individual account is slim to none
Coinbase has a customer service phone number and one of the first prompts is regarding account security. Does Trezor have this same setup?
Maybe if you are dealing with an exchange based abroad or in a questionable country (i.e. - Poland, no offense) then you should probably use hard wallets. But for a New Yorker like myself investing in either Coinbase or Gemini which have been throughly regulated and have the highest chain of custody and security standards, it would in my opinion be better to leave it on the exchange. That way worst case scenario you are a creditor, but if something happens to your hard wallet or pass phrases get stolen you are FUBAR/SOL (F****). At least if L33T Krew hacks Coinbase I can go to the NY State Attorney General and demand they recoup my funds, which they will have great incentive to do considering typical hacks involve millions of dollars in funds.
If Joe Blow investor loses 100k because he misplaced his key phrases nobody cares. But if 500 people lose $5 million they can easily block the sale on the receiving exchanges end even if the IDs are anonymized they can flag that sale and link it back to the hack.
Hard wallet sounds nice in theory but at least liability in a hack is on the company and not you personally from a legal perspective.
I would say I have an "intermediate" level of Crypto and solutions on the market. Something stands out to me that can be summed up in the following points:
- Argument AGAINST Wallet: What happens if a fire occurs and your Trezor wallet is damaged? And on the same day there is a "Run on the Bank" and due to some event the price of BTC will fall to 50% of it's value by tomorrow. Liquidity is a concern when you need to make a rapid move. Apparently the procedure to recover your funds require the key phrases stored on paper and you have to contact customer support. But the response is not ASAP. What if the paper is burnt and your other 2 copies are lost? You basically lose all your coins due to human error/disaster. What if my dog eats the paper? What if a lightning bolt strikes me dead and my surviving relatives can't find the paper? Extra bonus: Trezor is not liable for the disaster nor do you have any type of recourse or insurance for such events...
Also what happens if a relative comes over steals your key phrases and fraudulently poses as you. What happens if the ink smudges over time on all of your key phrases. You are trying to re-copy it every year to ensure that doesn't happen. Static electricity spontaneously vaporizes the paper in the closet. AND an EMP attack shorts your hardware wallet. Sounds unlikely, but Murphy's law...
- Argument FOR Exchange: Let's say the main risk of hacking happens and your funds are included in the thieves cash grab on the hack.
Well #1 we have to consider is only a certain percentage of funds on Coinbase and some other exchanges are kept in the HOT wallets. So it's possible the thieves only get 1% of your holdings.
#2 - These exchanges self-insure so your lost funds in BTC are covered.
#3 - With Google authenticator your chances of direct P2P attack on your individual account is slim to none
Coinbase has a customer service phone number and one of the first prompts is regarding account security. Does Trezor have this same setup?
Maybe if you are dealing with an exchange based abroad or in a questionable country (i.e. - Poland, no offense) then you should probably use hard wallets. But for a New Yorker like myself investing in either Coinbase or Gemini which have been throughly regulated and have the highest chain of custody and security standards, it would in my opinion be better to leave it on the exchange. That way worst case scenario you are a creditor, but if something happens to your hard wallet or pass phrases get stolen you are FUBAR/SOL (F****). At least if L33T Krew hacks Coinbase I can go to the NY State Attorney General and demand they recoup my funds, which they will have great incentive to do considering typical hacks involve millions of dollars in funds.
If Joe Blow investor loses 100k because he misplaced his key phrases nobody cares. But if 500 people lose $5 million they can easily block the sale on the receiving exchanges end even if the IDs are anonymized they can flag that sale and link it back to the hack.
Hard wallet sounds nice in theory but at least liability in a hack is on the company and not you personally from a legal perspective.
Jump to: