Securing your cryptocurrency

Introduction

+++

"A fool and his money are soon parted"

Proverb

There's a reason that I often refer to Bitcoin (and most altcoins) as "digital cash." Like its printed counterpart, digital cash can be lost, stolen, misplaced, etc.

Listen carefully. Your "digital cash" is not automatically any more safe than your printed cash.

Here are some ways you can lose everything your "investing" in cryptocurrency:

• If a malicious user were able to login to your coinbase.com account, they would be able to transfer away all your cryptocurrency.
• If a malicious user were able to access the Coinbase app on your phone, they would be able to transfer away all your cryptocurrency, and you would never be able to get it back.
• If you were to share your "passphrase" with anyone they would be able to transfer your cryptocurrency away.

In each of the above cases, you would never be able to get your assets back. Never!

Security should be your number one priority with every new step you take on your cryptocurrency journey. And if you forget, we'll be here to remind you. And if you don't listen to our reminders, you will get screwed.

+++

Why does security matter?

+++

Security is not a product, but a process.

Bruce Schneier

Look, I could spend the next few hundred words explaining the importance of doing the work necessary to secure your cryptocurrency.

I tend to be of the type that needs to learn the lesson myself before it sinks in. And yes, I've lost Bitcoin because of lax security practices. Don't be like me, or the people in the following stories.

These real-world cases should scare you enough that you will endure the extra effort required to secure your cryptocurrency.

Turkish Playboy

A wealthy local businessman was kidnapped after posting pictures of his luxurious lifestyle on social media. The gang caught the man and held him for 8 hours while the pressured him to part with his 450 BTC with violence.[^http://www.xbt.money/police-bust-turkish-gang-that-kidnapped-wealthy-bitcoin-holders/]

Good Samaritan turned victim

A friend was helping a friend by posting on social media and trying to bring attention to a case of theft. Unknowingly, he was identifying himself to thieves as a holder of cryptocurrency. He was later targeted and lost about 2 BTC worth of assets from his Coinbase account[^https://medium.com/@CodyBrown/how-to-lose-8k-worth-of-bitcoin-in-15-minutes-with-verizon-and-coinbase-com-ba75fb8d0bac].

The hackers used the now-very-common phone porting hack, which is where they call your phone company, pretend to be you, and get the number ported to a sim they control. After this, they can receive any 2FA SMS messages sent from Gmail or Coinbase and ruin your life. For a little while anyway.

+++

How to secure my cryptocurrency?

+++

Our security must be threatened for us to appreciate it.

Mary Astor

Here's the lowdown. Cryptocurrency is stored in wallets. Like.. you guessed it. Cash.

In the world of "digital cash" there are three types of wallets:

1. Custodial Wallets
2. Hot Wallets
3. Cold Wallets

Each wallet comes with pros and cons.

Custodial Wallets

Custodial Wallets are asset stores where a) you delegate private key management to a third-party and b) the wallet is available online.

If you don't know what a private key is, you are probably using a Custodial Wallet.

Examples include, but are not limited to:

• Coinbase/GDAX (personal favorite)
• Gemini

Hot Wallets

Hot Wallets are asset stores where a) you manage your private keys and b) the wallet is available online.

Examples include, but are not limited to:

• Blockchain
• Exodus (personal favorite)
• BitPay

You know you are using a Hot Wallet is the software stresses storing your "recovery phrase" somewhere safe. A recovery phrase is usually a 12-word phrase that could be used to restore your wallets.

Cold Wallets

Cold Wallets are asset stores where a) you manage your private keys and b) the wallet is kept offline. These are often referred to as Hardware Wallets, but a dedicated Raspberry PI with wallet software installed and no internet connection would work fine, too.

Examples include, but are not limited to:

• Ledger Nano
• KeepKey (personal favorite)
• Coinkite Coldcard (exciting newcomer)

Spectrum of trust

When it comes to deciding on which wallet to use, you have to think hard about who you trust.

What? Didn't you expect the most considerable monetary shift in centuries to require some introspection?

One tool to rule them all?

Two is one. One is none.

Jocko Willink

Is there one tool to rule them all? A single place you could keep all of your cryptocurrency with complete confidence you'll never lose any or be susceptible to theft. Sorry, no. Maybe in 5-10 years. Maybe you can start a company that solves this problem.

There are however several options, and we're going to lay them out on a spectrum.

Coinbase

Coinbase, for this writing, is a Custodial Wallet, that offers both hot and cold storage options. I know that's confusing. It took me a while to wrap my head around it. What's important is that for 80% of the people reading this, Coinbase is all you are going ever to need.

Let's get this straight. If you don't own your keys, you don't own your cryptocurrency. Coinbase gets hacked, then so do you. At the very least be unable to withdraw your funds when you wanted to.

Thought Exercise: All your money is in the bank, but you suddenly need cash. If the ATM is out of service, you don't have your money, do you?

Recommendation

If you're newish to cryptocurrency, use Coinbase and just Coinbase. Use protonmail.com for your email service and enable 2FA (Google Authenticator, not SMS!), and keep all balances that you won't use in the short-term (like one week) in a Vault[^https://www.coinbase.com/vault].

Send BTC from Coinbase to other Coinbase users: Sending someone Bitcoin usually is quite expensive. For a $100/USD/BTC transfer, you'll end up paying over $3 in fees. That's 3%. Instead, if both parties have Coinbase accounts, you can do an on-exchange-swap. Coinbase, since they own the private keys for your wallets, reassigns the owner of the transferred BTC.

Cheat Sheet

• [ ] Use your protonmail.com account to sign up
• [ ] Set a secure password
• [ ] Save your login credentials in 1Password
• [ ] Enable Two-Step Authentication (not with SMS!)
• [ ] Store your assets in the Coinbase Vault

Exodus

The next wallet I want to talk about is called Exodus. Exodus is both a Wallet where you own the keys and a hot wallet. Hot in the sense that it's connected to the Internet.

With Exodus, we start to check off some of the cons of corn base. For example, you own your private keys. Exodus cannot go down and prevent you from withdrawing your funds. On the flipside, if someone were to compromise your computer then along with your Exodus password your assets would be compromised as well.

Exodus has excellent support documentation, too.

KeepKey

Cold, or hardware wallets, can be challenging to grasp. There is nothing analogous to them in the world of fiat. A Cold Wallet might be comparable to gold bullion in your safe.

The KeepKey is my favorite hardware wallet. It feels solid in your hands.

With Cold Wallets, your private keys are kept safe by hardware and secured using some fancy encryption. You can receive funds to your Cold Wallet addresses anytime since the transactions happen on the blockchain, but only send when the device is unlocked.

It's a wrap

I use all three of these types of wallets:

1. I use a Cold Wallet, in my case a KeepKey, for really long-term storage.
2. I use a Hot Wallet, in my case Exodus, for light trading, diversification, and mid-term storage.
3. I use a Custodial Wallet, in my case Coinbase, for short-term storage and exchanging into fiat.

Pro Tip: Using a single service to exchange fiat to crypto and back is useful because it simplifies tax preparations.