How to Secure your Cryptocurrency Wallet
In the second part of this security series, we talk about how to safely manage and secure your cryptocurrency wallet. We also discuss measures to protect yourself when using them.
If you are unfamiliar with cryptocurrency wallets, do see our beginners guide to them here.
Before we begin, we would like to emphasize there isn’t a gold standard in security. What one may deem to be sufficient security, may be woefully inadequate to another. Ultimately, what matters is balancing your threat model against your technical ability to implement the security measures.
1. Get yourself a suitable wallet
There are many different types of crypto wallets. How would you determine which is right for you? In our view, there are three key areas for consideration.
Amounts invested. If you have a lot invested in crypto then you should definitely get a hardware wallet such as Trezor or Ledger.
What exactly is “a lot”? Only you can decide. If we had more than a week’s worth of salary in crypto, we would get a hardware wallet for the added security it provides. You can also consider if the value of your crypto assets is worth more than that of a hardware wallet. If so, you may wish to get one.
What if you have massive crypto holdings? You should definitely obtain multiple wallets and spread your holdings across them. Why? If you lose your private keys, then any hacker who obtains the keys are going to drain every cent from it. So spreading funds across multiple wallets are advisable.
Some argue for using air-gapped computers (one disconnected from the internet) to hold private keys. But, as Bitcoin Core developer Andrew Chow notes…
Furthermore, air-gapped computers are not entirely secure and can still be breached.
Coin support. Does your wallet provider support coins you want to invest in? Check their website for such information. If your coin is currently not supported, check if their roadmap includes plans to support it. See the following links for roadmaps of Trezor and Ledger.
Usage. If you do intend to use crypto for making daily purchases, then you might want to use a mobile wallet. However, do not store more than you can afford to lose on this wallet. Examples of mobile wallets include Breadwallet, Mycelium, Copay or Airbitz. For the rest of your cryptocurrencies, store them in a hardware wallet.
To read more about wallet selection, do refer to our guide on cryptocurrency wallets.
2. Don’t roll your own crypto
As discussed in Part 1 of our series, this refers to users implementing seemingly smart schemes to protect themselves. However, they fail to realize that in doing so, they could be jeopardizing the security of the secrets they seek to protect.
Here are a few very common examples we see mentioned online.
Implementing security that is beyond your technical ability. If you follow Trace Meyer, you may have seen recommendations like this.
In the tweet above, Trace is recommending the following:
- Bitcoin Core for network validation
- Armory for managing private keys
- Glacier Protocol for standard operating procedures
- Running the above on a Purism laptop
This is beyond the technical ability of 99% of crypto users. Thus, implementing such a scheme is out of the question. By doing so, you greatly increase the risk of loss. Because you messed up on the execution. Or you may not understand a certain aspect well enough, try to improvise and mess it up.
How then should you deal with this? For most crypto users, a hardware wallet is sufficient. It helps achieves a good balance between your technical ability and the risk of loss of your crypto.
Seed splitting of your recovery phrase, a.k.a mnemonic seed, is another common example. Some authors recommend splitting the 24-word seed in half. Each half is then stored in separated locations.
One author went a step further. He recommended the encryption of each half. Users were then asked to backup each half on two different cloud providers protected by 2FA.Security tips. Let us just state that you should never take a photo of or enter your seeds into an electronic device. And you certainly shouldn’t back them up to the cloud!
As explained by Andreas Antonopoulos, the above schemes make your seeds less secure. This is because it isn’t the standard. By doing this you are reducing the security of your seed. If a scammer manages to get hold of 12 of your 24-word seed, it isn’t going to take him half the effort to crack it. Rather, it is approximately 10^39 times easier. You have effectively converted your seed from 256 bits of complexity to one with 128 bits.
Also, by attempting such schemes, you are far more likely to lose your money. One, you may simply forget about your scheme. Two, by deviating from the standard, you have also made it impossible for your heirs or family to retrieve them once you pass on. It could also be that your scheme isn’t as secure as you think and this allows a hacker to brute-force their way in.
People also tend to overestimate the risk of theft vs risk of loss due to technology or backup failure. Most people are much more likely to lose their crypto because they lose their keys. Or they may lose access to their keys because they couldn’t recall the manner they concealed them.
BIP 39, the standard governing seed generation, is carefully designed by actual cryptographers. They try to achieve the best balance of security, ease of use, ease of backup and recoverability. By devising your own scheme, you are upsetting this balance. You may design a scheme too complex that you effectively buried your crypto “in the desert without a map”. Or you may tilt it in the other direction and unintentionally make it too easy.
Key point: Don’t roll your own crypto unless you are an experienced cryptographer. Andreas doesn’t consider himself experienced enough in cryptography to roll his own crypto. So why should you?
How then should you store your seed? This brings us to our next point.
3. Treat your seed / private keys with extreme care
For deterministic wallets, the mnemonic seed (a.k.a recovery phrase), is the banking-equivalent of your credit card pin. For non-deterministic wallets, the private keys are the banking-equivalent of your pin. Theft of your funds can happen if someone gets hold of them.
So what precautions can users take in managing these?
Always generate them by yourself. For example, if your hardware wallet comes with a recovery seed, never use the seed. A Reddit user purchased his Ledger wallet off eBay and within it was a Recovery Sheet.
What could go wrong? Let’s lay out what is happening.
Step 1: Scammer places a completed Recovery Sheet in packaging and reseals it.
Step 2: User purchases this hardware wallet off eBay.
Step 3: User then creates a wallet using the Recovery Sheet and transferred crypto to it.
Step 4: Scammers gain access to funds in wallets created by the user and drains it.
This is just one example of a low tech scam. Given the rapidly evolving nature of the space, more such scams will emerge going forward.
Test it before using it. Your seed effectively controls your funds. Thus, always test it before using it. You may write it down on a piece of paper. But what happens if you wrote it down wrong? What happens if you can’t read your handwriting subsequently?
If using hardware wallets like Ledger, there are various ways for testing your seed. We describe two methods for doing so in our Ledger Nano S lifecycle article. In brief, you can reset your hardware wallet and restore them using your seed. Alternatively, Ledger has a Recovery Check app where you can type in your seed to check it. You can perform similar procedures with a Trezor. At no point should you enter your seed into a software wallet or onto any electronic device. Doing so effectively defeats the purpose of having a hardware wallet. Hardware wallets secure your seeds by keeping them separate from other electronic devices.
For other wallets eg. software wallets, you can reset your wallet and restore them with your seed to verify if they work.
While these tests take time, they are absolutely necessary. Also, they provide you with a peace of mind that you can restore them on another device if necessary.
Never disclose these to anyone. And no one should ever be asking you for them. Not even tech support from your wallet provider.
How to store
- Make backups of your 12-24 word seed. You may do so by writing them down on acid-free paper. If concerned about damage by fire or water, then laminate it and store in a fireproof safe.
- Never take a picture of your seed. Do not enter it into a computer or electronic device in any shape or form. And certainly, don’t store it in the cloud. The only time you would enter it into an electronic device is when you are recovering your wallet. For example, perhaps your hardware wallet is down and you urgently need access to your funds. Thus, you restore them onto a software wallet like Electrum.
- Do not store them on USB. USB storage is susceptible to data rot.
- For us, we have engraved our seeds onto a piece of stainless steel. Doing so makes our seeds stainless, fireproof, waterproof and shockproof. Don’t have someone to do this for you? Fret not, there are products out there to help you such as Cryptosteel, the HODL wallet or Billfodl.
- If using a hardware wallet, implement a strong passphrase. Do not use phrases available on google. Or those which are on the BIP39 mnemonic list.
- For multi-signature wallets, backups should exist for the number of keys required to spend funds. Let’s use a 2-of-3 setup to illustrate. In this instance, 2 of 3 keys are required to spend funds. Thus, backups should exist for at least 2 keys.
- If using a passphrase, you also need to make multiple backups of it.
Where to store
- You should make many backups and store them offsite in multiple locations. Storing them in one location only isn’t helpful if that location gets destroyed by an asteroid.
- We advise not to keep any backup copy within your house. Not having immediate access to your backup increases resilience to physical threats eg. burglary or hostage situations.
- Places you can consider storing them include safe deposit boxes or your parent’s house.
- As an added precaution, keep your backups within opaque serial-numbered tamper-evident bags. An example of this would be bank cash bags. Do remember to physically sign your signature over the seal.
- Never use your computer or cloud storage eg. Dropbox to store your backups.
- Write a letter to trusted relatives so that they are aware of the existence of your crypto. Set up procedures to have this letter made available to them in the event of your demise.
4. Avoid using the following wallets
You should never use the following types of wallets.
Paper wallets are those which generate a private/public key pair on a piece of paper. Unless you are an infosec expert, there are just too many ways your private keys can be compromised. For example, your printer would store a copy of your private keys when you print it. Anyone with access to your printer’s internal storage can retrieve your private keys. For a long list of other problems with paper wallets, see this article.
Brain wallets are those which derive keys using words or phrases decided by you. Unfortunately, the human brain lacks the ability to create high-entropy seeds. Phrases made up by you may appear “random” or “rare”. But they are not as secure as you think and can be brute-forced by a motivated hacker.
Paper and brain wallets are usually implemented together. An example of this is Bitaddress.org. As shown in the images below, the user would enter random characters determined by them (first image) and the output of this would be a private/public key pair (second image).
Custodial wallets are those in which you do not control your private keys. Examples include storing crypto with a service like G4S or on cryptocurrency exchanges like Binance. By failing to control your private keys, you lack absolute control of your funds. You are trusting the operator not to abscond with your crypto. Also, by placing your funds in the hands of others, your coins can be seized by a court decision. Whatsmore, during periods of high usage or during forks, access to your funds may be frozen.
These suffer the same drawbacks as custodial wallets. For example, while Bitgo users have access to their private keys, the firm also has access to them. Thus, you need to trust that they will safeguard your keys (eg. no malicious employees), something which is beyond your control.
What wallets should you then be using and what precautions should you take when using them? This brings us to our next point.
5. Precautions for various wallet types
Use a strong password or pin to secure all your wallets.
Weak passwords have the following characteristics:
- Predictable or simple pins eg. 1234
- A series of sequenced or repeated numbers eg. 1111
- Short in length. By using a short pin, you are reducing the number of combinations possible. This makes it easier for scammers to crack your pin. Try to have pins in excess of 4 digits.
- Contain personal information eg. birthdates, social security numbers, mobile phone numbers
While apps on Google’s Play Store or Apple’s App Store are pre-screened before listing, malicious apps still do manage to slip through. If you aren’t a tech expert, the best you can do is to read reviews of the apps before downloading them. Apps, where users are complaining about getting scammed, are huge red flags.
Always verify the PGP signatures of such wallets. Doing so helps avoid downloading fake wallets.
The necessity of PGP verification was clearly evident in the attack carried out on the Electrum wallet in December 2018. In brief, a Sybil attack was undertaken in which the attackers created legitimate looking nodes controlled by them. The attackers then broadcasted a message directing users to download a fake wallet. When users transacted with this wallet, it sent funds back to the attacker.
Had users verified signatures before usage, they could have avoided losing their funds. Bitzuma has a great guide on how to verify signatures for Electrum.
Use wallets that make it easy for you to verify their integrity. For example, the Ledger Nano S has a built-in genuine check to help you verify software integrity.
They also provide instructions for verifying the hardware integrity of your device.
Trezor has similar procedures likewise. For example, tampering with the device’s firmware will cause a warning sign to appear on boot.
Verify the authenticity of the software that communicates with your wallet. This would involve verifying PGP signatures. At the time of writing, Ledger has yet to provide PGP signatures for Ledger Live. Trezor, on the other hand, has provided signatures for Trezor Bridge.
Trust only information on your device, never your computer screen. Always assume that the software (eg. Ledger Live or Trezor Bridge) your hardware wallet interacts with is compromised. This is applicable even if you previously verified its authenticity. It is much easier for the software on your computer to be compromised than for your hardware wallet to be. This is because your computer is routinely exposed to potentially risky data from untrusted sources, unlike your hardware device.
Trusting only information on your device mitigates man in the middle attacks. In such attacks, scammers replace receiving addresses shown on the software with their own addresses. But because they can’t alter information on your hardware device, this attack fails if users rely solely on information on their device.
Never use a device that has been pre-configured. A pre-configured device is one in which the PIN and recovery phrase have been set by someone other than yourself. Doing so is just a recipe for disaster as this means someone else is aware of your seed.
Consider using a passphrase. A passphrase is like a second additional layer of protection to your seed. According to Trezor, doing so makes your wallet “impervious to physical attack”. This is because “even if someone stole your device and examined its chip under an electron microscope to discover your recovery seed, your coins would still be safe.”
The flip side is that if you lose this passphrase, your crypto is forever gone. There is no way to recover it. So make backups of your passphrase too.
Buy wallets only from the source. So if you are purchasing a Ledger, order them directly from their website.
Is it safe to purchase wallets from authorized retailers? Here is what Ledger’s CTO had to say.
While Ledger lists Amazon as an official store, buying from Amazon is not recommended. Even if the product description indicates “Ships from and sold by Amazon.com”, you should not buy it. The reason for this is inventory commingling. This means your purchase could come from any one of the sellers on Amazon, not just Amazon. Doing so leaves you open to supply chain attacks where your wallet is manipulated prior to you receiving it.
Here is an example of what can happen if you don’t purchase from a legitimate source.
Also, be aware of fakes floating around the internet. More of these would pop up in the future. If you want to see an example, click here.
Lastly, never buy used wallets no matter the price. Many “used once” or “never used” wallets frequently appear on eBay. While the low prices may tempt you, it is possible that these devices have been tampered with.
Make your device easily identifiable. Make them physically distinguishable by signing on your device with permanent ink. Before using the device, check the signature.
Or if using a Trezor, you can personalize your device’s home screen.
Doing so protects against evil maid attacks. In such attacks, scammers gain physical access to your wallets and replace it with a fake one. This fake device may then transmit details of your PIN to the scammer. The scammer can then gain full access to your funds.
A useful software to take note of is USBDeview. It can show when your hardware wallet was last plugged into or removed from your computer.
6. Use deterministic wallets
Deterministic wallets generate public and private keys through a specific algorithm. Thus, as long as you control the seed you would be in control of the funds. Examples of such wallets include Bitcoin wallets for Trezor, Ledger and Electrum.
Such wallets offer better privacy since you would not need to reuse addresses. What’s more, backing up is easy since you just need to back up the seed.
In non-deterministic wallets, users need to backup all keys. Frequent key generation would necessitate frequent backups.
Note: The distinction between deterministic and non-deterministic wallets is not always applicable. For eg., deterministic wallets for Ethereum would only complicate transaction processing as it is built differently.
7. Only unlock wallets when sending transactions
The longer the device storing your private keys is connected to the internet, the higher the risk of losing your crypto.
Thus, unlocking your wallet unnecessarily exposes your private keys and increases your risk of loss.
The public nature of blockchain transactions allows users to check their balances easily. You can enter your wallet addresses into the relevant blockchain explorer. Examples:
Fun fact, see the largest holders of bitcoins here.
What if you use a deterministic wallet and have multiple wallet addresses? This method still works. But you need to use your master public key instead. Read more about how to do this for Ledger and Trezor under the section “Get relevant wallet information”.
8. Separate funds into different tiers with appropriate wallets for each
As mentioned in point 7, the longer the exposure of keys to the internet, the greater the risk of loss. As such, you should split your funds into different tiers. An example of how to do this is as follows.
- Purpose: For daily use.
- Suitable wallet: Mobile wallet.
- Details: Stores only amounts you are willing to lose. Remember to secure your mobile phone (since it houses your mobile wallet). Refer to our article on general security principles for how to do this. Mobile wallets are connected to the internet and are thus at high risk of network-based attacks. If you receive large sums of crypto in this wallet, move them immediately to cold wallets (eg. Tier 2 / Tier 3).
- Purpose: For infrequent usage such as moving funds to exchanges.
- Suitable wallet: Hardware wallet, stored at home. Protected with a pin and passphrase.
- Details: Stores amounts needed for us to trade with.
- Purpose: For funds meant to pass down to your heirs.
- Suitable wallet: Private keys that have been not initiated on any device (“uninitiated private keys”).
- Details: To store the vast majority of funds here.
Example of how to generate uninitiated private keys is as follows.
- Download Ian Coleman’s tool. See instructions in the section of Offline Usage on how to do this.
- Transfer this tool to your air-gapped computer using a USB.
- On your air-gapped computer, use the tool to generate public and private keys.
Word of caution. Only do this if you know how to manage the security aspects involved. For example, a compromised USB may result in leaked private keys.
9. Be aware of the support channels of your wallet provider
For example, Trezor and Ledger do not provide call support. Instead, support is available by submitting tickets on their website or Reddit page. If a representative claiming to be from them drops you a call, you should immediately know it is fake.
10. Diversify, diversify, diversify
Do banks place all their eggs in one basket? No, they don’t. They seek diversity so that they don’t just have a single point of failure. You should do the same. Here are some areas of diversification you may consider.
Use multiple wallet providers to manage funds
If you rely on one wallet provider and it has a vulnerability, you may have to wait for it to be patched prior to using it. Note that vulnerabilities have been discovered even in hardware wallets produced by Trezor and Ledger.
Also, it could be that your wallet may not work after an update. What then would you do if you need to process a transaction urgently?
Geographically distribute your private keys/seed
By separating these over multiple locations, access to your funds would not be disrupted due to localized disruptions such as floods and earthquakes. In addition, we advise not to keep a copy of these within your house. Not having immediate access to your backup increases resilience to physical threats eg. burglary or hostage situations.
Spreading funds across multiple wallets
Just as you don’t hold all your fiat in a single bank account, neither should you hold all your crypto in one wallet. You can create different wallets with different seeds and spread your funds across them. That way, you wouldn’t lose all your funds should a single seed be compromised.
11. Implement a multi-signature solution
In such a solution, funds can only be spent with authorization from more than 1 signing keys. In a 2 of 3 signing arrangement, at least 2 of 3 possible keys are required to authorize a transaction. For which signing arrangement to implement, read here to find out more.
Several precautions to note when implementing them:
- No two signing keys/seeds should ever be present / generated on the same device. Doing so allows scammers to steal them simultaneously, allowing them access to funds. Storing each key/seed on dedicated devices (in geographically separate locations) reduces such risks and increases security.
- Wallets used should come from different manufacturers. That way, the compromisation of a particular wallet provider (eg. Ledger gets backdoored somewhere in production) only gives attackers access to one of your keys.
- Backups should exist for as many keys as required to spend funds. Thus, in our 2 of 3 signing arrangement, there should be backups for at least 2 keys.
12. Have a key compromise plan in place
This refers to developing a plan to protect and monitor your funds.
It considers actions you take before and after a breach occurs. Here are some areas for your consideration.
Use a multi-signature wallet. Share keys with people you trust. Instruct them never to approve a transaction without a 30-day cooling period. And that if you do call asking for immediate release of funds, they should inform the FBI.
Set up wallets with different passphrases. This feature is useful if someone coerces you into revealing your holdings. You can open up the wallet with smaller amounts while concealing your main holdings.
|Passphrase 1: [empty passphrase]
|Passphrase 2: correct-horse-battery-staple
|Passphrase 3: Brainy2$Mccoy$Tie6
Have a means of easily tracking your funds for suspicious movements. The easiest way to do so is by setting up watch-only wallets. We have provided guides on how to set them up here. If suspicious movements happen, immediately send funds to a separate wallet. Don’t wait for a compromise to happen to create this emergency wallet. Do it right now.
13. Use a dedicated device for managing your cold wallets
This computer should not be used for browsing the internet, playing games or downloading unnecessary executable files. Also, avoid sharing this computer with others. The objective is to create a trusted environment for managing your cold wallets. Find out other ways of securing your computer in our article on general security principles.
Some may go a step further and use an air-gapped computer (one disconnected from the internet). This reduces the risk of malware making unauthorized copies of your seed. Processing transactions would then work in the following manner:
- Generate unsigned transactions online on your computer which has access to the internet.
- Make a copy of this transaction and transfer it to your air-gapped computer on a USB stick.
- Sign the transaction on your air-gapped computer.
- Transfer this signed transaction back to your computer with internet access for broadcasting.
Setting up air-gapped computers is a massive topic and we aim to cover it in a separate post.
And that brings us to the end of this article. Phew!
You just learned a ton about protecting your cryptocurrency wallets, from wallet selection to coming up with a disaster recovery plan.
Now it’s your turn: leave a comment below and let us know what you’re going to implement first.
Or if you have other suggestions, we would love to hear it.
Let us know with a quick comment below!