This article by MAiCO is an important tip for new cryptocurrency investors.
(
https://medium.com/@MAiCO_74696/is-your-digital-wallet-hack-proof-5668e8cb5183)
Is your digital wallet hack-proof?After a fifteen-year-old British teenager hacked the FBI back in 2016, it’s easy to understand why many people are afraid to buy virtual money like bitcoin and other cryptocurrencies. After all, if the most top-secret information in the US isn’t even hacker-proof…What is?
This is a question that many prospective cryptocurrency owners face before making the plunge and investing in digital coins. In this article, we will explore that very question to better understand just how safe the blockchain and the digital wallets your coins are stored on really are.
Blockchain- a quick reminder
Also known as a ‘digital ledger’, the blockchain is a technology that records digital transactions across a wide network of computers throughout the world. This ensures that no transaction can be altered retroactively without the collusion of all blocks and computers simultaneously. It is a highly sophisticated process of tracking the ownership of coins and their movement.
In technical terms, the blockchain is a system that identifies the information involved with a said transaction. The transaction has its own unique block and is then stored and hashed. ‘Hashed’ basically means that the transaction block is given its own unique DNA. In other words, if the information in a block is changed, the entire hash must be changed. This will have a ripple effect on all corresponding blocks. The hashes are then protected by a process called ‘proof of work’. The ‘proof of work’ is the soul of blockchain’s security and ensures that even if a hacker tampers with one block’s hash, it will have to recalculate all of the ‘proofs of work’ of all previous corresponding blocks.
This innovative, advanced infrastructure is a safer means of executing transactions. One reason is because since the blockchain is open-sourced, it is virtually impossible to change or alter any recorded transaction without getting noticed. That’s because it will have multiple eyes monitoring it worldwide. They would notice if a change to a transaction has been made. For that to happen, a massive worldwide conspiracy of blockchain miners would have to occur. But that is highly unlikely. That’s because those monitoring the blockchain (miners), are usually the ones with a vested interest in seeing the blockchain succeed. Furthermore, most people will opt not to commit criminal acts since anything they do will be out in the open and caught immediately.
So, is the Blockchain secure?
The answer is yes. In layman’s terms, although nothing in the cloud is hack-proof, it’s probably the most difficult system to hack on the internet. That’s because, as mentioned before, a successful hack would require a worldwide conspiracy involving thousands of miners who not only track the blockchain like a hawk but also have a vested interest in seeing the infrastructure succeed.
But even in the off chance that the blockchain gets hacked, as a digital coin owner, it shouldn’t affect your asset…at least not directly. That’s because the coins you own aren’t stored on the blockchain at all. They’re stored in what’s known as a digital wallet. If the blockchain is indeed hacked, it would shut down the entire blockchain enterprise and all coins that are dependent on it.
Types of storage
Any bitcoin or altcoin that you own must be stored in a digital wallet. A digital wallet has the same function as your local bank or your actual real-life wallet where you store your money. But in the cryptocurrency world, there are two types of storage-cold and warm. In general, the advantage of cold storage is that it’s more secure while the advantage of a warm wallet is its convenience.
Unlike a cold storage wallet, a warm storage wallet is connected to the internet. This means that by definition, it is susceptible to hackers. However, it will take a lot of work for a hacker to hack into a warm wallet. Therefore, it is advised to keep small sums of money in a warm wallet and large sums in a cold wallet. That’s because most hackers won’t waste their time hacking a wallet with a small amount of money. It’s just not worth their while.
Wallets
Under the category of cold and warm storage are the wallets that the digital assets are actually stored in. Aside from storing your funds, the wallet’s main function is the creation, storage and utilization of the private key. The wallet is defined by where the private key is stored and automates the coin’s complex cryptography. Some of the more popular wallets include:
● Online wallet Exchanges like Polinex and Bittrex actually hold your digital coins on in their servers. Although it may be a convenient solution, it also means that if they get hacked, you will likely lose your money. That’s because the asset is held by them in their location. The same is true for the American exchange Coinbase. However, despite being the most popular cryptocurrency exchange in North America, Coinbase has yet to experience any type of hack. This lies in stark contrast to the South Korean cryptocurrency exchange ‘Youbit’ who has been hacked twice. So if you agree to go with an exchange that stores your asset, be sure to perform due diligence.
● Mobile Wallets store your private key on your mobile device. Many people assume that using their phone to store coin is less secure than their desktop. But what they may not realize is that an iPhone, for example, implements identical techniques of app sandboxing and enforced code signatures that dedicated hardware wallets use. Additionally, the device is hardware encrypted so your funds are tightly secured even if it is physically lost or stolen. If you decide to use a mobile wallet like ‘Bread’, be sure to enable multi-factor authentication, password protection and make a backup of your private key.
● PC Web wallets like Exodus, are the least secure wallet since you do not have access to your private key. You are essentially relying on a third party to hold your digital assets for you. This means that if your Web wallet is hacked, the chances of retrieving your coin are highly unlikely. This makes web wallets the least secure. However, they do often offer multi-factor authentication including a text message every time a wallet login is detected.
● Paper wallets are a type of cold storage since the data is stored offline on an actual piece of paper. The advantages are that like a USB device, it can store your coin offline and you can make multiple copies of the document in case of loss or damage. However, paper wallets must be kept safe from fire or water damage. Also, paper wallets cannot be hacked without a private key, but can easily be hacked with a private key. If you want to send coin from a paper wallet, you will need to import the private key into a form of a digital wallet. This process is complicated and is a real hassle for many wallet owners.
● Hardware Wallets fall under the category of ‘cold storage’. This can be anything from a USB stick to a specially designed hardware wallet by companies like Trezor or Ledger. These wallets are crafted to store digital coin. Cold storage and hardware wallets are the safest option. That’s because a hacker can’t hack into something that’s not connected to the internet. One key feature of a cold storage wallet is that you can create multiple addresses to receive coin and they can all be stored in one single wallet. Though a hardware wallet may be lost or stolen, the providers today offer security mechanisms that protect the users such as pin codes and remote wipe solutions. As long as the seed is kept safe, this would be the best way to protect your crytocurrencies.
Diversifying security
Serious cryptocurrency investors own both warm and cold wallets. Small amounts of money dedicated to immediate transactions are usually stored in a warm wallet. Large amounts of money that investors want to hold onto are usually kept in cold wallets. Just think of warm wallets as the leather (or velcro) wallet you carry in your pants (or purse) and cold wallets as the savings account at your bank. If you lose your wallet ID, there is a process to recover it by verifying and authenticating your personal information. The process may vary for different types of wallets. This is even the case for certain cold storage wallets that allow you to wipe the data, recover it and create a new one. These are usually the more advanced cold storage wallets. Other cold storage wallets like Trezor and Ledger will wipe the data on a device after three failed pin code attempts. The recovery process will often require you to insert your 12 or 24 word seed. The seed is a combination of 24 random but unique words that were initially given to you when your wallet was created. It is a backup of your wallet’s address and a means of verification in case of a lost or stolen wallet. So, whatever happens, don’t lose your seed. Otherwise, you won’t be able to restore your wallet.
Keys: Public vs Private
Accessing your wallet requires two types of keys: public and private. Both keys are a combination of upper and lower-case letters and numbers. A public key is anywhere from 30–34 characters while a private key is 51 characters. A public key is a way for anyone sending coin to an account to do so in a secure manner. A public key is often compared to a mailbox whereby anyone can send, but only the mailman who has the key to the box can receive. In this metaphor, the mailman would be the private key. The private key belongs to the recipient while the public key belongs to the sender.
Bottom line
Ginni Rometty, CEO of IBM said, “what the internet did for communications, I think blockchain will do for trusted transactions”. Although she may be right, what she forgot to mention is that the word ‘trusted’ is a relative term. That’s because while the internet made communication faster and more accessible, it didn’t necessarily improve the security of that very communication. And although the blockchain did, don’t fall into the trap of assuming that warm wallets are hack-proof. If you want complete security for your cryptocurrency, cold storage is might be the best solution, at least until security companies will take the lead and find better solutions.
