Hey guys, it's Decoded!One of the most essential things when it comes to a cryptocurency like bitcoin is to have somewhere safe to store it. It's almost impossible to brute force into your bitcoin wallet, however it's worlds easier to drop malware into a computer that takes your passwords and wallet files. So how best to store your bitcoin?
-
Coindesk, Bitcoin SecurityI'll categorise wallets into six parts::
- Hardware Wallets
- Multisig Wallets
- Normal Wallets
- Paper Wallets
- Web Wallets
- Dedicated Cold WalletsHardware WalletsA hardware wallet is a bitcoin wallet that uses physical storage. At the moment, this is definitely one of the best storage options available. The current norm of these is the concept of your private key being stored on the physical wallet itself, either in a credit-card-like chip, or an encyrpted storage form. They are coded specifically so that malware cannot access the private keys. Therefore the only way to succesfully retrieve your private key is to have a virus intercept the recovery key given to you when initializing the wallet.
-
Trezor hardware walletThis wallet is best for a single user.You can find a thread listing these here:
https://forum.bitcoin.com/alternative-clients/overview-bitcoin-hardware-wallets-secure-your-coins-t200.htmlMy personal recommendation is simply based on budget.<$2o: Ledger HW.1 (My personal choice and what I currently use. One downside is that it cannot sign messages. Review here:
http://www.cryptodot.com/home/hardware-wallet-review-ledger-hw1)
<$40: Ledger Nano (Exact same as the HW.1 but with different build quality and a leather card slip. Cannot sign messages.)
<$70: Ledger Nano S (A cheaper alternative to the more expensive trezor, however the trezor is more flexible. Not sure if able to sign messages)
~$100: Trezor Wallet or KeepKey (The latter is more fashionable, however the former is more trusted and more rigid/sturdy).
>$100: Case Wallet (This wallet is more gauged toward the everyday spender. You can send only through scanning QR codes, but it is a standalone device and you can send it from almost anywhere without an accompanying computer.)
Pros: - Great security
- Not the broadest range to choose from
- Great portability
- Good value for security
Cons: - Not free
- Vulnerability when first generating recovery seed
- Owner needs to remember/keep recovery seed
Multisig WalletsMultisig wallets are wallets that take advantage of multiple signature technology. A wallet has an odd number (usually 3) of private keys, which are held by more than one party. There are many uses of this -
If a hacker gains control of only one private key, they will need more to have control over the wallet.
If there is a group transaction, an equal amount of power can be distributed between parties
In a p2p trade, the odd key can be used by an escrow/middleman
-
BitGo visual explanation of the multisignature processThis wallet is best for a single user or small group.A good list of these wallets can be found here:
http://bravenewcoin.com/news/the-best-multisignature-wallets-for-2016/My personal preference is BitGo, as they were the first to release their wallet with multisig and is supposedly have been developing their wallet the longest. They also have insurance, a huge plus.
NOTE: The recent bitfinex hack has been linked with BitGo, due to both BitGo and Bitfinex having compromised keys. They supposedly have fixed this issue.
Pros: - Some wallets provide insurance
- High security, low effect on performance and user experience
Cons: - Wallet provider and 3rd party can team up and steal your coins
- If the provider is compromised, effectively everyone using it has the same security as a normal wallet
Normal WalletsA normal wallet is a wallet that is akin to Bitcoin Core, without any add-on security measures. These wallets can be split into two categories, SPV and Full wallets. These can be password-encrypted, however a simple keylogger can get past these security measures.
This wallet is best for a single userFull wallets download the whole blockchain, the public ledger of all bitcoin transactions in history, currently totaling to over 100 gigabytes. This is a hassle for some people as they may not have enough storage, or cannot bear to sync their wallet for almost a week for the first time, downloading the whole blockchain from scratch.
SPV wallets only download the block headers of each block, which in comparison to the whole blockchain, is tiny. The wallet will connect to external nodes to retrieve their copy of the blockchain instead, only retrieving the information they need and effectively removing and sync times. The problem with these however is that your information is at the hands of the node your wallet connects to. A malicious node could easily lie to your wallet about your balances and transactions. In actuality they will stay the same, but could cause you a heart attack.
Pros: - Traditional wallet, has all core features
- Ability to host full node
- Normal wallets provide powerful in built tools and a console that most other wallets don't
- SPV wallets are lightweight
Cons: - No security besides encryption that is password-encrypted
- No 2FA
- Full wallets take up a LOT of space
- No more CPU mining capability
Paper WalletsThis wallet is best for long term storage, for use of a single user.These wallets, usually used for long term storage, are made of - yes, you guessed it - paper. A paper wallet is a private key and a bitcoin address printed on a paper, usually with accompanying QR codes to make it easier to send and withdraw from. The use of these is that if generated properly, the private key will never touch the internet and also any malware. You will want to generate one offline, and print it offline. However a good virus may still operate while your computer is offline, and could still take the private key and send it to the hacker once you bring the computer offline. That's if you
do bring it back online.
To load up the wallet, you deposit into the public key. To send from the wallet, you will need to open a bitcoin wallet application on your computer and input the private key.
A good thing about a paper wallet is it's lifespan. Good ink and paper will take years to start fading, especially if in a place like a bank vault, where it is temperature controlled. If you store your private key in a USB, the memory chip may some day just crash.
Pros: - Long lifespan
- Cheap to produce
- The "poor man's cold wallet"
Cons: - Not as portable as a hardware wallet, since it can be destroyed, ripped or damaged easily
- Can get lost easily
Web WalletsThese wallets are hosted on the internet. These are usually the some of least secure wallets, after normal wallets. This is because in most cases, when using a web wallet, you are not actually in control of the funds. The website is. They hold your bitcoin and when you send bitcoin, they send it for you. There is only one exception to this list.
Blockchain.info. They hold your bitcoin private key for you, but as an encrypted payload. They have no access to it, however they are in control of it. As if you have the key, but they have the chest. Only you can access it by putting in your password, where your browser decrypts the payload live. Blockchaininfo also supports two-factor authentication, where they ask you for a phone, email, sms or google authenticator code before sending you the payload. Another level of security.
-
Image of my own wallet - Transactions removed for privacy This wallet is best for a single user.The problem with this is of course if blockchain,info goes down. Down goes your information, and if you have not saved a backup of your private key, you're doomed. But if you were to save a backup of a private key, then you would need somewhere safe to store it like a dedicated USB. USBs these days only cost a tiny bit less than a Ledger HW.1, so why not get that?
Pros: - Convenience
- Accessible from anywhere online
Cons: - Very low security
Dedicated Cold StorageThis form of storage, as opposed to the common term "hot wallet", (a wallet constantly connected to the internet) is very much the opposite. It is a wallet that has never touched the internet. A dedicated cold storage solution is a dedicated device that has never touched the internet. It is a costly but impossible to hack into when done properly.
-
blog.adafruit.com - You can use a relativelyinexpensive device like a Raspberry Pi to host your cold walletTo use this solution, you need your dedicated unit, which will generate the offline transaction hash, signed with the private key. You copy this transaction hash to your computer which is connected to the internet, and broadcast it. Therefore the computer that holds the private key has not touched the internet in this procedure.
This wallet is best for use of large companies. It's overkill for a single user, unless they have a whole lot of funds stored.To send the bitcoin, all you need is for the offline wallet to generate a receiving address, and send your bitcoin to it.
Pros: - Very high security
- Good for commercial use
Cons: - Has to be manually overseen
- Very hard to automate
- Overkill
- Costs alot
Personal NotesHonestly, I wouldn't choose anything but a hardware wallet. They are the most secure, and relatively cheap when compared to a cold storage solution. If you really don't want to spend anything however, use a multisig wallet like BitGo. If you're a company that handles a large amount of bitcoin, like an exchange, only withdraw what you need every day from cold storage, so if you get hacked, only that small amount will be taken, not your total amount in storage.
I personally own a HW.1 and have never been happier. May even be upgrading to a trezor soon.
This post was taken from my forum.bitcoin.com thread, and I only just realised that I should post it here too ^_^Thanks for taking the time to read this! If you liked this post or found it useful, please post! Discuss what could be added, and what could be changed. Cheers!