Last updated on:
It’s already the fourth part of our security series! Today we turn our focus to transaction processing. In layman terms, this would meaning sending cryptocurrencies or receiving them. Or buying and selling them.
If you would like to read other parts of this series, here are the links:
- Part 1: Crypto Security – General security principles
- Part 2: Cryptocurrency wallets
- Part 3: Cryptocurrency exchanges
- Part 4: Sending and receiving (this article)
One of the draws of blockchain technology is its immutability. Thus, once transactions in a block get verified, they become permanent. Mistakes made by users when transacting (eg. wrong address or wrong amount) are irreversible. Users thus have to take extreme care when sending cryptocurrencies or receiving them.
1. Be extremely careful when sending and receiving crypto
We would first discuss precautions applicable to both sending and receiving funds. After that, we also provide safety measures specific to each aspect.
Sending and receiving cryptocurrencies
Never type in addresses. Always copy and paste. After pasting the addresses, check that the pasted address matches the intended address. Typing out addresses is prone to error. Not verifying the recipient address leaves you vulnerable to malware like Coinbitclip. When installed on your computer, the malware alters the pasted address. What’s more, the malware pastes addresses that look similar to your intended address. The scammers are able to do this as they possess numerous wallet addresses. The video below demonstrates how this works.
Such malware is not confined to desktops. Recently, similar malware surfaced on Google Play.
“But the address I am sending to is too long to verify?” If you get lazy, perhaps you can verify the first few and last few letters of the recipient address. But bear in mind that each character you don’t review increases the probability of loss. This is because hackers can generate addresses that appear similar to yours. Let us illustrate this with an example.
Suppose your intended recipient address is this:
If you only verify the first character, all the hacker has to do is to generate an address that starts with 1 to fool you. For example, he may just generate keys to the following address.
However, if you verify all but the last character, the task of the hacker becomes much more difficult. He/she would now have to generate keys to address like the following in order to fool you.
This requires much more computational power is thus more costly to an attacker.
Care when using QR codes. QR codes offer a great deal of simplicity to users. Instead of simply copying and pasting addresses, why not just scan a code? However, because they are indistinguishable to the naked eye, scammers have begun preying on them.
There have been malicious sites which help users convert addresses into QR codes. However, these sites encode the scammer’s address instead of the user’s. If you need to generate a QR code, avoid using such sites. Instead, get a reputable wallet with a built-in QR generator.
Or you can use DuckDuckGo to generate your QR code. Simply type “qr” followed by your address to convert it to a QR code.
If you ever use a QR code, be sure to scan the code to obtain the encoded address. Then, verify that this address is indeed what it is supposed to be.
Don’t rush when carrying out transactions. Doing so makes you more prone to errors…
Send small quantities first. For handling transfers of crypto, why not take a tip from the pros.
Consider sending small amounts first. Upon confirmation of receipt, then proceed to send the remainder.
Double check the recipient address with an alternative channel. An example would be when sending crypto to exchanges for trading. You would first obtain the address to deposit your crypto into from the exchange website. If you did this on a PC with Firefox, then reperform this step using a different setup. For example, using your Android phone with Chrome browser. You can even introduce more variation by using different networks (eg. one with WiFi and another with cellular data). If the addresses match then you have a high degree of certainty that it is correct. By verifying using a second channel, you lower the risk of man-in-the-middle attacks. It is certainly possible for a hacker to compromise Firefox on your PC. However, it is less likely that both Firefox on your PC and Chrome on your Android get compromised at the same time.
Other ways to verify addresses include SMS, face-to-face meetings or via phone calls.
Remember to check transaction fees too. You don’t want to be paying excessive amounts to get your transaction confirmed. Neither do you want to pay too low a fee and have to wait days to get your transaction confirmed.
In the above screenshot, a glitch in Ledger Live caused it to add $55 to all transactions. This is a large amount to pay for transferring less than a dollar worth of Bitcoin.
Consider using human-readable addresses. When providing your address to others, consider using services like ENS. ENS is a service for Ethereum which shortens addresses to human-readable forms. This makes it easy for the sender to verify your address.
Unconfirmed transactions are not secure. Transactions do not start out as irreversible. Instead, they receive a confirmation score indicating how hard it is to reverse them. If receiving significant funds, wait for sufficient confirmations prior to accepting payments.
For Bitcoin transactions, six confirmations are recommended (see table).
For hardware wallet users
Only trust information on the device, never what’s on your computer screen.
Always assume that the software (eg. Ledger Live or Trezor Bridge) your hardware wallet interacts with is compromised. This is applicable even if you previously verified its authenticity. It is much easier for the software on your computer to be compromised than for your hardware wallet to be. This is because your computer is routinely exposed to potentially risky data from untrusted sources, unlike your hardware device.
Trusting only information on your device mitigates man in the middle attacks. In such attacks, scammers replace receiving addresses shown on the software with their own addresses. But because they can’t alter information on your hardware device, this attack would fail if users rely solely on information on their device.
Some wallets do not require you to verify addresses on your device by default. However, users should find out how to verify addresses on their devices. For example, in older versions of Ledger desktop software, such verification was non-mandatory. But users could select a button on their software that would show the address on the device. Ledger users should note that this step has become mandatory with the upgrade to Ledger Live.
2. Rotate addresses used to receive funds
Doing so means you would not have a single address that accumulates all your crypto. Thus, no one knows your total balance unless they can link your transactions together.
An example of the dangers of reusing Bitcoin addresses is as follows. Suppose you placed all your Bitcoin into a single address. You then proceeded to buy additional Bitcoin from someone. You then instruct the seller to send the purchased Bitcoins to your address. This person may then follow your trail on the blockchain to find out how much Bitcoin you actually own. If this person knows your identity and leaks it to criminals, expect trouble for yourself. Read more about the dangers of reusing addresses here.
Hardware wallets such as Ledger and Trezor generate new addresses with each transaction. Old addresses continue to work and can receive funds even upon creation of new addresses. The funds sent to older addresses do not just disappear.
Also, when spending funds, consider using a wallet that allows coin control. This is a feature available in wallets such as Electrum. It allows users to select the addresses to spend funds from. This helps to protect your privacy. Let’s illustrate this with an example using this transaction (not ours).
Suppose two sellers send funds to you on different addresses.
Sender 1 sends 0.00026498 BTC to one of your addresses at 1HLhvhtJze5ZkQjdhsnoTY8Z3BGRCxyNYK
Sender 2 sends 0.00167263 BTC to another of your addresses at 1MKGLxmFMr1Jx8feyzeLEhdoCT7T47aqnB
Neither sender 1 or 2 knows about the existence of funds in your other addresses. But if you spend funds in both addresses in a single transaction, they can analyze the blockchain and figure out that you own funds from both. In other words, they know you had 0.00193761 BTC previously. They can further analyze other transactions linked together to estimate your holdings.
As should be obvious from the above, never share previously used addresses.
Note: In Bitcoin, rotating addresses is easily done by using deterministic wallets like Ledger. However, deterministic wallets are not applicable to all cryptocurrencies. For example, using them for Ethereum would only complicate transaction processing. This is because Ethereum is built differently.
In such instances, precautions you can take include not revealing you own crypto. Another method is to create multiple wallets. You can then move funds to new addresses after each transaction. In other words, maintain one transaction per address. Or you can also consider using untraceable cryptocurrencies like Monero.
3. Consider running a full node
This is especially so if you are transferring large sums of crypto. Avoid relying on lightweight wallets or blockchain explorers such as Blockchain.com. Doing so would mean delegating responsibility for transaction verification to third parties. And you have to make many assumptions:
- That the third party provider is not hacked.
- That their consensus algorithms are free from bugs.
- That they are not deliberately trying to mislead you.
- That there isn’t a man-in-the-middle attack. Or that your computer setup isn’t compromised to display false information.
As should be obvious from the above, this is far from ideal. Running a full node helps eliminates the need for making such assumptions. You do not need to trust anyone to keep the network honest. Instead, you are doing it yourself. By independently validating your transactions you gain transaction certainty. If a transaction breaks consensus rules, your node will reject it. This happens even if everyone else accepts the transaction. For businesses that accept crypto, running full nodes are thus critical.
There is another benefit to running your own full node – more privacy. While absolute privacy is impossible, running a full node broadcasts less identifying information. Connecting to third-party providers to broadcast your transaction exposes you. Providers would be able to log information such as your IP and time of the transaction. Or if you used your email to sign up for your online wallet, your transactions will get associated with it. If such information is linkable to your real-world identity, it opens the door to many side effects. An example would be social engineering to extort funds from you.
Read more about setting up a Bitcoin full node here. If privacy is of concern to you, consider running a full node over Tor. If these instructions feel troublesome, then get a plug-and-play solution. Examples include Casa Node and Samourai Dojo Trusted Node. These help you easily run your own full node.
Transactions sent to the blockchain are irreversible. It pays to spend a few more seconds to perform such checks. Doing so gives you more confidence about processing your transaction.
We hope this article has helped you. We have discussed many areas including how best to send and receive crypto. We also touched on the reasons why you should run a full node.
Now it’s your turn: leave a comment below and let us know what other precautions you take.
Or if you have other suggestions, we would love to hear it.
Let us know with a quick comment below!
In our next article, we would talk about managing forks and inheritance. Subscribe here to get notified when it is released.