Topic: Crypto wallet security protocols (Read 100 times)

You seem to be here just advertising your own product in a sneaky way and asking people fake question about crypto wallets.
Nothing wrong in advertising anything in bitcointalk forum but not in this shitty way.

Okay, I miswrote it. There's nothing truly, absolutely and assuredly secure. But, for a newbie who doesn't know much about computers and the probable dangers of keeping the keys in a hard drive of a continuously online computer I recommend to:

• Educate themselves which will help beyond they can think of or
• Buy a hardware wallet.

Yes, there are still things you should be aware of such as $5 wrench attacks, but they're mostly faced with common sense.

Cold wallets are far better than hot wallets, cold wallets protect your seed phrase and keys to remain offline, hardware wallet are cold wallets, this makes many online attack impossible, especially by not revealing you seed phrase and private keys to online attackers.

There can be physical attack on Trezor that can reveal its seed phrase, that is why people are encouraged to use passphrase long while generating keys and addresses to help about this type of attack if happened. But romitdeb should know that using passphrase will generate different keys and addresses, which means he should as well well backup and protect the seed phrase which will be needed for recovery.

Yes, not absolute, because clipboard malware is still very possible, the seed phrase or the keys are not revealed but the malware can change receiver's address to a hackers address. @romitdeb, this can be known when the address change but some people have lost their coins through this hack method in the past and very possible many people will still be hacked and lost coins through clipboard malware. Always check and recheck the address you are sending bitcoin to, making sure it is the receiver's address.

I wouldn't say "absolutely" safe as you put it. The attack vector is significantly smaller than a hot wallet, but from experience nothing is ever 100% or absolute secure. There's bugs that can be exploited, and various other physical attacks that could happen, especially since if you carry a hardware wallet around with you, then that could potentially be less secure through threat of physical harm. Anyone, not to jump down that rabbit hole, I'd probably rephrase, and say hardware wallets are usually enough for most users on a security stand point.

For example, nuclear power plants that don't have internet access have been locally compromised, which was quite well documented in the news a few years ago. My point being is, because an attack vector isn't immediately obvious doesn't mean it's completely safe. I don't actually consider anything safe, besides Bitcoin has had exploits which have been abused in the past, they were rectified, but the very currency we rely on today to store significant amounts of our wealth has been abused previously, and will likely run into problems in the future. Also, banks, hospitals, and military bases have been compromised, and you'd assume that they have the top individuals at the helm making all the security decisions.

Nearly everything with a electronic components can be hacked, remember that hacking isn't always digitally, but can be physical hacks too. No software is ever coded to perfection, though is it reasonably safe? Yeah. Though, a cold wallet will likely always trump it.

The good news is; hardware wallets aren't exactly new technology we've always have the ability to do something like this, but lacked a need. In fact, banks implemented this years ago, where you would enter your pin, and a signature would be created, and the computer just reads that signature, though they have been recalled in the past for security concerns.

Also, I think it's worth mentioning your primary method of storage is only as good as your backup, since physical devices can stop working, be damaged etc.

Hot wallets “touch” the internet while cold wallets are located in air gaped devices. (Which means they don't)

Assuming “buying a crypto wallet” means a hardware wallet such as Trezor, Ledger and Coldcard, then you're absolutely secured if you protect your seed phrase. Your funds are secure as long as no one can access your private keys. Usually, on a computer in which you've already installed many apps and it connects to the internet every day, it isn't recommended to install a wallet.

A malware may access your private keys from your hard drive somehow; with the hardware wallet you ensure this can't happen, because the private keys are in the hardware's drive. Each time you want to sign a transaction, your computer just receives the signature directly from the hardware wallet without any private key transferal.

This completely depends on the software you're going to be using, and the method of storage.

Bitcoin core online - decent
Bitcoin core offline - Hard pressed to find anything better

Electrum online - decent
Electrum offline - Again, pretty hard to find anything better

I've just said this in another thread, but usually hardware wallets are going to be the more appealing to new users, because they offer the ability to continue to use your wallet online, while also assuring certain attack vectors are blocked. Though, unless you specifically ask about a certain wallet, it'll be very difficult to give you specific advice since you could probably write a book about security revolving around storing Bitcoin.

I have bought a Safepal crypto wallet and so far the security of the Safepal wallet hardware is still good. damn better than a mobile wallet.
But all the most important security depends on how we take care of it ourselves. never share phrases or private keys with anyone. Save it well and don't get hit by web phishing.
Every security will have a loophole, the most vulnerable gap is ourselves as the wallet owner.

If you'd like to be really really specific about each wallet software's security, I'm afraid you'd have to dig onto their source code yourself. Not sure if anyone here has THAT deep of technical level that they'd understand the literal ins and outs of most wallet "brands".

But if you're just asking about the kinds of wallets in general and which one to use, there are lots of guides that you can use to educate yourself.

https://cryptosec.info/wallets

Educate yourself thoroughly.

The most important aspect of wallet security is properly managing your seed phrase. Any screw-up in this regard can prove to be catastrophic.

• Never share your seed phrase with ANYONE no matter what. Even if you are about to get a "sweet" deal for doing so.
• Back up your seed phrase using pen and paper ONLY. This should be stored in a very secure location that only you know of.
• Never store your seed on an unencrypted drive. I would recommend not using digital copies altogether.
• Take advantage of using an extra word at the end of your seed phrase for a little extra security.

These are just some basic precautions. Follow these and you should fair just fine.

And please for the love of god make sure you are using reputable open-source software if not using a hardware wallet!

I will be buying a crypto wallet for the first time and wanted to know more about the security protocols followed by both hot and cold wallets. Can anyone share some info around how the wallets implement safeguards and whether it's easy to ensure security of my stored crypto as a first-time user?