Erik Weijers, 6 months ago
Unlike in traditional finance, in crypto you can truly own your money. Because whoever controls the cryptographic keys, controls the funds. That's a fundamental property and THE major benefit of crypto. If you don't have your keys, you don't really own your coins. If you deposit your coins on an exchange, you risk them going bankrupt. Instead, if you own the keys, then you are the custodian: we call that self-custody. How can you learn to take self-custody?
Custody is a spectrum. You can slowly move your way up from other parties holding your coins, to full self-custody. In between are multi signature solutions, where you can have control delegated to multiple parties.
Let's dive in (this article is based on the work of the great Bitcoin teacher Andreas 'not your keys, not your coins' Antonopoulos).
How does a cryptographic key give you control over funds?
A key is an insanely large number, sometimes with letters intermingled. But it's just a number. The number of keys available is comparable than the number of atoms in the universe. That's the basis of the security in this industry. It guarantees that no one will guess your private key. A key is like a password: only people with the password, have access to the coins.
You don't have to generate your own key. A random generator built in your crypto wallet does it for you.
You must prevent other people from accessing your key: it's not for nothing we call it your private key.
A private key does two things for you:
So, the private key is used to generate a public key that you can share anywhere you want. Based on the public key, another person can know you own the funds. But they can't derive the private key from the public key.
The practical problem with private keys is that you will own many private keys if you own multiple cryptocurrencies. Another privacy related issue is that ideally you don't want to reuse an address. Otherwise, people will know how much coins you own.
That's why so-called Hierarchically Deterministic Wallets (HD Wallets) were invented. They store and back up all your private keys.
Instead of one private key, this type of wallet generates from a 'seed' an entire tree of keys. Each branch is used for storing different coins. View them as accounts and (sub)accounts. Keep in mind that an HD wallet, unlike a hardware wallet, (see below), is not physical, not even an app: it's pure information that can be used and recreated.
An HD wallet: an information tree that can hold many coins
The seed of the above tree is the private key: it is the only thing you need to back up. With the seed you can at any time recreate the entire tree, for example on another device.
So, to recap, HD wallets will allow you to:
Mnemonic phrase: easy way to remember your private key
As large numbers are not easy to remember or even copy manually, private keys are for convenience encoded as a mnemonic phrase (also known as recovery phrase or seed phrase). The large number which is the private key is presented to you as a series of 12 to 24 English words. It is easy to write down and store as a backup.
Example of a mnemonic phrase (no funds on this address)
Remember that the mnemonic phrase is the password. With it, you can always access your funds. Simply by entering them in a crypto wallet - either a software or hardware wallet.
When setting it up, your smartphone/desktop wallet or hardware wallet will generate a new private key, from which the mnemonic phrase is derived. The device will prompt you to write down the 12 or 24 words in the exact order.
If you start implementing a new wallet, DO THIS! Write down the words in the right order.
There are two main ways people store their mnemonic phrases:
In either case, make two copies, for an added level of security.
Store these mnemonic phrases at safe locations, for example a safe.
Don't overcomplicate storing your mnemonic phrase
Don't be too cute or sophisticated. Don't encrypt the mnemonic phrase itself, and don't split it up in different pieces that you store in different locations. Don't ever upload it, even in encrypted form.
A mnemonic phrase should be kept offline. Storing it in a text file in the cloud will make it vulnerable to being hacked. The same goes for digital photos. Also, never type it into a device that is connected to the internet.
Besides the options of taking total control and handing over control to a custodian, there is a third option: shared custody between multiple owners or devices.
In Bitcoin, for example, there is a special type of address that requires more than one person or device to sign and get access to the funds.
Multisignature (multisig) schemes can be set up as for example:
Alternatively, you can set up a multisig scheme where you need more than one device to sign. For example, you need at least two of three devices to sign a transaction.
Why set up this option? Well, if you lose a device, you're still in control of your funds. Or, if a thief gets access to one set of private keys, he doesn't have enough control to sign transactions.
Why even bother handing some of the keys to a third party, a custodian? Well, let's say you set up a 2 out of 3 multisig scheme. The single key you give to the custodian is a form of backup. This key alone doesn't give them access to your funds. Whereas you make sure that you have 2 keys yourself, so you can sign independently of the custodial service. But in case you lose one of your keys, you can ask them to co-sign.
To summarize: shared custody can function as a backup mechanism where you still have ownership, but offload some of the responsibility of backing up the keys to a third party. If you lose one of your keys, you can be rescued by the custodian.
Let's face it: not everyone is a hodler, there are traders too. They want to have funds to trade with on a custodial service like LiteBit.
The word hot refers to the fact that the private keys are stored online. For example, you have an account at a crypto exchange where you have funds to trade with, or your MetaMask wallet (an app or browser extension).
The funds that you never or rarely access and keep safe in one of the ways described above. A typical way to implement cold storage is by a hardware wallet (see below).
Most people who start out in crypto start with hot storage. They buy some coins on an exchange, or buy an NFT with their MetaMask app. As you get more involved in crypto, and collect more funds, it makes sense to go the safe way and start moving (a part of) your funds to cold storage.
The highest step of the self-custody ladder is using a hardware wallet. These are pieces of hardware that can resemble a usb-stick. They're small, single-purpose computers that you connect to your desktop of mobile phone. The most common brands are Ledger and Trezor.
Hardware wallets generate and hold your private keys and allow you to sign transactions.
Example of a hardware wallet. Source: Ledger
Why is a hardware wallet a form of cold storage? It's because it keeps your private keys physically separate from any computer or smartphone. Still, to interact with the hardware wallet, you will need some sort of wallet software on your desktop or mobile phone that either supports the device or is directly supplied by the hardware wallet manufacturer. But the private keys will never leave the hardware wallet. And you only sign for transactions on the hardware wallet itself.
The term wallet isn't totally apt here. A hardware wallet is more like a keychain. As long as you have a backup key - that's your mnenonic phrase (see above), you won't lose your funds, even if you lose your hardware wallet. The hardware wallet itself is protected by a pin code of your choice. So, if your hardware wallet would be stolen it won't give the thief access to your crypto.
You can self-custody with a software wallet. This is a form of 'hot storage', as the generation and signing of private keys happens on a device like a mobile phone or desktop computer. This means that they are connected to the internet and its connectivity devices. That makes hot storage vulnerable to viruses such as keyword loggers.
Why use a software wallet? Well, it's easier and faster to use than a hardware wallet. To buy let's say a not-too-expensive NFT on OpenSea, sure you could use a software wallet like MetaMask. But to permanently store it, why not move it to your hardware wallet?
This all seems like quite some work, and it is. Taking custody of your assets is the work you have to put in to set you free from third parties managing and misusing your money. The good news is that you are free to learn this new skill at the pace and with the amount of money that feels comfortable to you.
Feb 01, 2023
Phishing exists in many forms of contact, with the goal of extracting confidential information. This is done via phone, social media, emails, and counterfeit websites. Fraudsters ‘fish’ for information from potential victims by sending emails, sending messages on social media, sending text messages to your cellphone, or calling you claiming some form of urgency. The goal is to gain access to digital or physical property. When you click on a link to a fake website, you are asked to submit your login credentials. When you provide them with your login credentials, the criminals can use these to access your account without you even knowing.
May 16, 2022
If you are considering investing in Bitcoin, you undoubtedly have questions about the soundness of the system. And rightly so. You will soon learn that the security and risks depend not only on the technology but also on the user: you. Together, you and Bitcoin are the bank. If Bitcoin is the vault, you are the one who keeps the keys. How secure are you, as a team?
Aug 24, 2021
Bitcoin is absolutely secure. That is a sentence that is perfectly true at the time of writing. But this is not only due to the fact that its technology has been proven in the past but also because of its network and its constant growth in the last couple of years. That being said, one should never take the transaction security of a network for granted. Bitcoin allows every user to check and verify literally everything in its network, including, but not limited to its monetary supply and if a transaction is valid or not.' But there is also the possibility of fraud, meaning that an entity could try and overtake the Bitcoin network. In this article we will discuss how this is theoretically possible and how likely this is to succeed.
Sign up to stay informed via our email updates