Four Easy Ways to Protect Your Coins
I used to sell Bitcoins 
Now I sell Dash. When sitting at a table with someone who wants coins, any crypto-coin, I always ask what kind of wallet people use. After all, they will be showing me their QR (or sending me their public address - the same thing as the QR).
The second thing I ask is, "Where are the private keys stored by that program?"
Many people don't know - but this is the first thing to know if you want to avoid losing your coins. I have to admit that I don't know where the private keys are stored on every single type of wallet app. You have to look around when downloading.
- Scroll down if you don't know what a private key is.
Ways people lose coins - See how many you know.
Wallets not backed up - stolen.
Website based wallets and exchanges which are hacked.
Online Transfers reversed or not completed.
Stolen backup or paper wallet
Wallets
There are wallet apps that hold your private keys for you - insecure. They can just as easily send money to Joe Blow as you could.
Then there are wallets that generate them on your device or computer - never exposed to the internet - more secure. Now only you can send that money to Joe.
If the wallet app or the app creator, is holding your keys for you, then they are holding your money. They could spend it and walk away. They only set up a web site, with a log in and a wallet for you. You filled the wallet with real digital coins. These are not bankers and there are no laws that govern this kind of website banking. That's a lot of trust for someone who knows how to do a graphic design page.
You may be trusting them with all your coins and not knowing it. Some are fine. Just be careful how much you allow them to have, that is, not more than you are willing to lose. One such wallet app is FreeWallet - which is one of them that prompted me to write this post. I keep running into FreeWallet because they have a wallet for almost every coin. I never got a FreeWallet
because it fails my first Must Have when I am looking for somewhere to put my money. It exposes the private key to my wallet to the internet, hackers, screenshot capture and everything depends on the honesty of their entire staff.
MtGox, Bitstamp and Bitfinex all held people's money for them. They worked very well, until they didn't one day . MtGox never gave back one coin. Bitstamp and Bitfinex paid client losses out of their own pockets in order to stay in business - neither regained the number one spot after being hacked. People learn the hard way and are slow to trust again.
Browse around before downloading any wallet and you will likely see one of two clues to look for ...
Something like "Assets are stored in an off-line vault." as in the above shot. Stored by who? How is your IT department? Would you store your money at a Plywood bank or a Marble bank? (neither actually have your paper dollars btw)
- OR
Something like, "Your private keys are stored on your device and should be backed up immediately." This is the one you want! You are capable of storing your assets in an offline vault. And they can't be stolen. (1)
Websites
There are wallets hosted on websites like blockchain.info and many more. Some of these have never been hacked, but if you are signing in with a User & Password, then they have your private keys. I am absolutes struck by the ignorance out there regarding this point. Some actually associate crypto-coin risk and website hacking.
See this post who thinks that hacked web sites make crypto-currencies risky.
%20of%20my%20deposit%20around%20virtual%20currencies%20(2017-03-07)%20%E2%80%94%20Steemit%20(1).jpg)
I read the above post earlier and as noted, risk is there due to fluctuation in price (not theft). The mentioned examples of "risk" were websites that were robbed, and thus, people who had chosen to transfer their coins to those sites lost. (2)
I guess you could call it "risk" if you willingly give your coins to Mark Karpeles or UncleScrooge (MtGox and Bitfinex respectively).
Examples: MtGox, globse, BitStamp, Bitfinex, BitInstant, Bittrex, Coinbase, Poloniex, LocalBitcoins, ShapeShift, BlockChain, and the list goes on. I never expected some of these to be hacked. I expect all of them to be hacked as the price goes up. Some may never be hacked but as long as there is a wallet on the site, a hacker will try to empty it. Not all of these are exchanges, not all are wallet only sites. But all of them have access to your funds exposed to the internet.
Not all are bad. Actually most are good sites. I currently have over $10k on Poloniex. I buy my Steem there, then pull it out. I get my Dash, DGB, RBY, and ETH there - then pull it out. Some coins don't have an acceptable wallet yet so they stay there to be bought and sold.
Bitcoin, Litecoin, Dask, Monero or any other big coin has never been hacked and those who had their wallet backed up (the Private keys, I mean) have ever lost a coin.
No matter how extraordinary the measures taken by a website, there are still two major risks in having coins there. A dishonest employee with the right password and a really clever hacker.
Trades that are not face-to-face.
Anyone ever have a problem with Western Union? How about a Nigerian? A rich uncle you didn't know about? Sorry, I got off track.
I used to trade on a site where people would trade small amounts of bitcoin for Paypal or WU. You could gain a very good reputation and start trading larger amounts with trusted partners. I always bought with Paypal and had really good luck. (accepting Paypal is risky because they reverse transfers all the time for the squeaky wheels). I did the same with bank transfers on globse (very old and not there any longer). Never a glitch.
I trade all the time on LocalBitcoins where they have an online wallet that you can fill and an escrow system that holds the money until cash is paid or a bank transfer is made. When the seller is satisfied, there is a release key that the seller sends to the buyer. My only loss was a $2000 transaction that I released after receiving the funds, only to find out that this person was somehow able to reverse the transfer. In South America, the robbery heaven, bank transfers are like bitcoins - Done is done. So, the bank was surprised and tried to blame it on me.
The bank asked me how I was able to turn the deposit negative. I replied that I didn't and couldn't have. They said they had insurance for these kinds of situations but after months of grilling me... "What did you sell?" and "What is a bitcoin?" and "You have to take it up that LocalBitcoins site." I gave up. I told them to keep there ATM's and Account Fees. You just lost a 12 year customer with perfect credit.
Never have I lost money for lack of a private key, or on an exchange that was hacked. But, eEnough with my experience.
What is a private key?
There are two keys for any Bitcoin wallet:
- The public key
Which is like your name. The thing someone needs in order to write you a check.
- The private key
Which is like your birth certificate, account number, mother's maiden name, and your right arm to sign withdrawal slips with. (everything someone would need to empty your account.)
Most wallets - no matter the coin - have a private and a public key (some have seeds but that is for another post).
Keys are generated in pairs. Each private key has a public key - private for the account owner with spending rights - public for anyone to use in order to send money to the owner. (some have several public keys and the one private key will restore all public keys and their transactions.
Here is a paper wallet I just generated. It can hold bitcoins. Paper wallets are designed for people who want to print them, fold them, then deposit bitcoins using the public key or QR (same thing). The end result is a quantity of bitcoins that can be stored in a safe like paper dollars and nobody can take them from you. This one, however has some of my coinage in it for the first one who takes the time to read this post, open it and grab them.
If one ever wants to redeem a paper wallet (or any other wallet for which they have the PRIVATE KEY), they just need to get a wallet program, in this case a bitcoin wallet program, and select "Tools" --> "Import Private Key", type in (or scan) the private key and watch the coins appear in that wallet. (different wallets may have the import option under "File" --> "Import Keys" or the like.) In this case, my coins are a gift for your having read this blog. Please let me know who got them - the private key is published on this blog, the person should transfer the coins to a safer wallet before someone else finds it.
Another example :
My Steemit private key is "sponge-bob" and my private key is a long number that they called my "owner key" or the "master key" for the account. This is the only key that I can use to spend the money which I have here. Keys are found under "Wallet" --> "Permissions" here on Steemit.
Rant
You will hear a lot of news about this company or that - this technology or that. They will say "And it's all on The Blockchain! NO IT IS NOT - this is false.
Bitcoin matters because it's on the Bitcoin Blockchain
Dash matters because it's on the Dash Blockchain
Etereum matters because it's on the Etereum Blockchain
Monero matters because it's on the Monero Blockchain
All of these blockchains are separate and apart with their own levels of confidence found in them. If some entity is creating A BLOCKCHAIN, you need NOT be impressed with it because it is worth less than the Venezuelan Bolivar. You can create a coin, and miners - that is done everyday. You cannot create a worldwide user base for a new coing and its unused BLOCKCHAIN. - the story is misleading and false.
Summary:
Safest wallets
When you download a wallet app or program, it will generate your key pair (private and public).
- the program or app should be open source.
- the keys should be stored on your computer or device.
- the program or app should allow you to generate the key pair while off-line.
When you create a paper wallet, it will generate your key pair (private and public).
- it is best to use a 'live CD' of linux if possible
- the site should allow you to unplug from the internet and still generate the key pair.
- print the keys before restarting and close the browser.
- then restart the computer with no trace that a private key was ever there.
If you generated your wallet on a web browser while connected to the internet, someone likely could have seen your private key. The above precautions allow you to be reasonably sure that your private key is never exposed to the internet (ie; hackers)
Less safe wallets
Wallets that allow you to store your keys on your device or computer but,
- which are new or untested open source wallets
- which are proprietary (nobody can inspect the source code they were designed with )
there is a chance that the proprietary or not-yet-inspected open source code contains something that could compromise your keys.
Least safe wallets
Wallets that rely on a company and its security department to secure your and other users' funds
- Wallet apps like FreeWallet (3)
- Websites and exchanges on which you have a username and password to gain access to your wallet.
- again, I use Poloniex which can see my private keys and I rarely trust them with more than $10k.
Backups and Trading
If you choose the safest form of wallet, you MUST back up your keys. The process varies but it is not difficult. Best to try it, then restore it to another computer to familiarize yourself with the process.
- some wallet programs allow you to see the private key via one of the menu items - You need to copy it, write it down clearly, put it on pendrives, print it, store copies in a safe, but never lose it or let others see it or copy it
- some wallets prompt you to create an encrypted file (you set a password) - Then you send that file to a pendrive, or email address but never store the password with the file and never forget the password.
- some have a "seed" (a long phrase of random words) that will allow you to restore your wallet (using the same program) on another device.
All of these work well and you should give them a try
The rest are relatively unsafe, but because they have been around so long, they are trusted. Do not put more money in those on line wallets than you can afford to lose. Keep your password safe.
- for exchanges, enable 2 factor authorization for withdrawals.
- for private party trades, make sure you receive funds before sending bitcoins.
I had prepared to write a post to present just one bitcoin wallet and how to secure it - but I have stopped using bitcoin due to the high fees and slow transaction lags. Clue: You will no longer see transactions of 0.00005 bitcoins. It is divisible into many digits to the right of the decimal, but the fee on that transaction would need to be 0.001 for it to go through - so small transactions are now like having mammaries on a male bovine.
Footnotes:
(1) provided the code is open source and has been reviewed by you or someone who can verify there is nothing "mal" about the software.
(2) I am not saying the person is ignorant, just that they are mixing risk and theft
(3) websites and apps that store your keys for you are not all bad, but they all are at risk of being hacked
Sources: 1
If you were the one who got it, please let me know in the comments.
It was supposed to be a gift.
I appreciate your comments, upvote, resteems and following.
I upvote all friendly comments and reciprocate other good will :)
Hello new best friend, and thank you for the gift :)
I am forever grateful.
Though I am honestly surprised no one tried it before... everyone just assumes someone ELSE got to it before maybe ? or no one really though they needed it / wanted to leave it to someone else.
TLDR:
THANK YOUUUUUU
HUGS sponge-bob
Oh, I completely forgot:
This was a superb post !
I created a wallet using an app on my android after searching for the right criteria, and am now about to transfer the encrypted password file off to cold storage :)
So your teachings have already born partial fruit, sensei bows
I did it because I usually get a lot of votes, but very few views. This one, as of this writing, only has 20 views, but 189 votes. I figured anyone who was tenacious enough to read it, deserves a reward :)
Call it your "Practical Assignment"
Huh, does it count the views as a function of how long someone stays on it, or is it more related to bots not being counted. Or do some people just upvote without even READING what's written ?
Cause otherwise I can't fathom how there's such a disconnect between votes and views : /
Homework complete then, sensei :)
Well, I reload the page to see if people have commented. It doesn't give me another view if it's me from the same IP - so...
It's probably counting page loads.
Bots vote on the main list of new posts based on time since it was posted and how many votes it has obtained so the page never gets loaded. (I am guessing)
That would make quite a few bots + people not reading and just up voting from main feed... would be interesting to see the distribution, but I guess the bots don't keep a centralise count of their visited pages.
If you have another phone available, try sending that encrypted backup to the other phone, then download a wallet and import that backup. You will see that it works.
After 8 years in this space, I still confirm my backups before transferring lots of money into those wallets. Thanks for reading.
I don't have another phone, so I'll set up a wallet on my small linux computer.
I really regret not waiting it out 2-3 years ago. I downloaded a wallet software but didn't get into bitcoin at all because the computer restarted in the middle of the initial synchronization (Whatever coin ends up dominating, is going to have to fix the sheer amount of TIME it takes to download the entire blockchain... maybe it's gotten better since I tried ?).
No problemo, it was one of the more interesting articles on here :)
You could try Electrum - it uses servers to sync the blockchain. I imported my private keys to it from a 9 year old wallet, and it works for me as cold storage.
https://electrum.org/ ( as with any wallet - try it with small amounts )
I'll check it out.
I was looking at Bitcoin Core (I think that's the name?)
but my computers is very old and doesn't have enough space on it yo become a part of the network.
Do you recommend I remove the address containing the larger sum from my app wallets memory, or is it relatively safe as long as I keep backups hidden in cold storage ?
I was wondering also. How does it work if someone steals my phone and I then reload the backup and transfer it to a new address ?will it only work if they haven't already transferred it out of the address?
Bitcoin is having its inevitable problems with overload/under capacity these days. I am liquidating the remaining coins I have. I have mentioned in this recent post and
this recent post that bitcoin is becoming the Western Union of cryptocurrencies. Wait times are up to two days unless you bend over and pay a huge fee in order to have your transfer included in the next block.
Best you have a strong "password to spend" set up in your wallet app. I Have had my phone stolen - You want to make it hard for them to spend your funds while you purchase a phone, install a wallet app, find your backup file, install it, and sync to the network. That process took me over 8 hours and I already had an old Android phone to install on.
Yes. You would reload App and backup, then transfer all funds to another wallet which you will likely have to set up as well. Be prepared for all eventualities as you do with banks, stocks, health.
You are your own insurance policy - good news is wallets are free!
Lucky bastard!!!
Yep,
I think the Universe sent me an advance birthday gift XD
I had just been wondering if anyone reads these things and I put a feeler out. Not luck! @pbock read my post :)
Excellent post. Well worth bookmarking and revisiting again. Thank you for sharing the many angles. I for one see very high potential for the DASH and STEEM Blockchains. They should find a way to Peg themselves to one another WITHOUT a Fiat in between. IMHO.
Thanks for taking the time to comment. I agree on the potential of Dash and Steem. Dash is already paying off as my mined btc had when it broke $10
Steem has gone down which doesn't bother me - I did not sell my btc when it went from $1300 to $200 so I am not bothered by the Steem price. I power-up once a week - am gathering Steem for tomorrow's increase now.
The peg. I live in Argentina which is only steps behind Venezuela... I peg value in "Coffees" or "Hot Dogs"
A Coffee at the corner cafe in 2007 was 2.50 and hot dog was 1.00 - now they are 38.00 and 22 respectively in Argentine pesos. I get $20,000 pesos for one bitcoin today. The math is mind boggling.
A Bitcoin is 1200 dollars, each dollar is 16.20 pesos <--- each of those is a variable that changes daily.
I am pegging my funny munny, coins, gold, to physical things like a can of Pepsi. The value is one thirst quenched.
This is a good way to look at it.
I am so glad to have met someone from Argentina. I'm very fond of your country. I sincerely hope you do not run into the same problems of Venezuela. It's important to be diversified out of the Fiats however. Your investment in Cryptocurrency WILL pay off in greater and greater ways as we march on. Best of Luck and so grateful to make your acquaintance!
~Frank
I am from the U.S. but I have two half Argentinian children - hehe. There are so many expatriates here in Argentina -whole communities really. Whenever I get the chance, I meet people from all over the world who have chosen Argentina for a hassle free life. See @budgetbucketlist who I met just 2 months ago. She is a Steemit success story, having retired early and traveling the world on the earnings from her first post here on Steemit.
I like to remain un-shuttered on the internet, but she actually published my son and I here: https://steemit.com/travel/@budgetbucketlist/2017-will-be-the-year-of-steemit-meet-ups-encounters-amidst-buenos-aires-street-art
Look for this when considering a wallet.
Nice post.
I would also urge anyone to try out different wallets. Before buying any significant amount of coin load them with tiny amounts of coins (10 cents worth), then try to backup delete and restore them to get an understanding of how they work. What codes you need to keep etc.
I urge the same. Many can be installed on two or three devices and they all work simultaneously (coinomi and DashWallet (android) for example). if one phone is stolen, you can quickly empty balances out of the phone still running at home.
Thanks, @sponge-bob, for this excellent post!
As one who took a serious bath at MtGox, I am very glad you're "teaching the noobs" here. Bookmarked.
My very first article on Steemit was a short tutorial on using dice to make a private bitcoin key completely offline. I actually have some more articles on the topic "in the pipe." Very paranoid these days about anything but "cold storage."
😄😇😄
Haha. If you are a Linux person, you should check out qubes-os Even my hot wallet is cold - that VM doesn't get an internet connection except for the minute it takes to send coins out of Electrum.
This post has been ranked within the top 50 most undervalued posts in the first half of Mar 08. We estimate that this post is undervalued by $3.51 as compared to a scenario in which every voter had an equal say.
See the full rankings and details in The Daily Tribune: Mar 08 - Part I. You can also read about some of our methodology, data analysis and technical details in our initial post.
If you are the author and would prefer not to receive these comments, simply reply "Stop" to this comment.
I know! Right? I seem to win this prize with every post, but, but, but, Show Me Da Munny.
LOL! Best reply to a @screenname pronouncement I've seen yet! And, I've seen a lot! (usually under my own articles.)
😄😇😄
Hi, I know that I'm late to the party for this post but I still wanted to say thank you for this information. I'm new to crypto and still getting used to it. I'm going to follow the tips in here to make sure my wallet is secure. Thank you.