8 min read
Cryptocurrencies are a relatively new and generally poorly understood technology. This has been causing problems for years in an industry where transactions are not reversible and there is no bank that can freeze anyone’s funds.
Lack of security on the Internet can lead to problems, but it has nothing to do with the scenarios that can occur on the Internet of value. Under this new paradigm, security and the ability to keep information hidden can make a million dollar difference.
That is why in this article we are going to take a journey through the levels of security in crypto. But first you need to understand the basic workings of the technology and the concept of security.
Security is multifaceted
The first thing to keep in mind is that security is not black and white, it is a scale of grayscale that also encompasses different domains. For example, someone could have bitcoin stored in a very secure device but tell everyone how much bitcoin they have at home.
In other words, security can be affected not only by technical aspects but also by other areas such as social.
Complexity is the enemy of security
A common mistake is to seek unbreakable security with a very complex scheme. The truth is that you are much more likely to lose your cryptocurrencies to your own mistake than to a thief, and the more complexity you add the more likely a fatal human error will be. As they say “Keep It Simple Stupid!“
What is crypto ownership?
Before we ask ourselves how to increase security in cryptocurrencies we need to understand what it means to have cryptocurrencies.
The idea is very simple. You have a cryptocurrency if you have the private key associated with the address where it is. When you receive a cryptocurrency what happens is that the blockchain records that this amount of coins is at an address. If you control the private key mathematically associated to the address, you own those cryptocurrencies. Therefore, to receive cryptocurrencies your wallet will only show addresses that are under your control (you control the private keys).
And what is a private key? It is just a huge number, so big that nobody can guess it (a number of 256 bits). With that private key you can make a digital signature authorizing the movement of your coins to another address.
And perhaps more importantly, since each user can use as many addresses as he/she wants, as a backup all addresses are generated from a “seed“. This seed is generated from 12 or 24 words and an optional password (passphrase). If your wallet is broken or lost, you still have access to your cryptocurrencies with these words and, if added, the passphrase. The words and passphrase should be written in order on an offline and resistant medium, and have several copies in different safe places.
The worst level of security is to keep your cryptocurrencies in a centralized exchange, such as Coinbase or Binance. Using these types of services you do not own your own keys, and therefore you only have one cryptocurrency debt.
This other entity will probably make use of your funds, just as traditional banks do, and will make a profit with the liquidity provided by the users who give up custody.
While many people choose this practice for convenience and because they do not want to be burdened with the responsibility for the security of their funds, it is clear that the results can be very counterproductive.
We have already seen it on thousands of occasions, even in Spain: exchanges closed from one day to the next or hacked with the consequent loss of their users’ funds.
At Bitnovo we make it very clear in this article in which we explain why we choose not to be cryptocurrency custodians.
One advance in security is the use of software wallets or apps to store cryptocurrencies.
When you start these wallets they will teach you the 12 or 24 words, and maybe ask you for a passphrase. Once written and stored in safe places (with one or two additional copies) you can receive crypto at your address, for example, by withdrawing it from a platform like Bitnovo.
Software wallets store your encrypted keys on your mobile (or computer) and are optimal for small to medium amounts of money, but not for large amounts.
For large amounts you should use hardware wallets or cold wallets such as Ledger and Trezor which can be purchased on Amazon (confirming that they are the official sellers) and on their official pages.
Again, when you start them, these purses will show you your 12 or 24 recovery words and probably ask you to retype them in order to confirm that you have spelled them correctly.
It is highly recommended to have the different copies of the recovery words stored in different places (different houses) and the same with the copies of the passphrase if you opt for it. For maximum security it is best to opt for the passphrase as an additional security feature.
In short, to store cryptocurrencies securely they should be in a software wallet if it is not a large amount or in a hardware wallet if it is. In both cases you should keep copies of your 12 or 24 words, and of the passphrase if you use it, in secure, offline and distanced locations. No need to complicate things further, this is the optimal strategy in the vast majority of cases.
Multi signature wallets
For the highest security, and only if you have enough technical knowledge, you can use multi signature wallets. With multi-signature wallets like Specter Desktop you can store cryptocurrencies using different hardware and software wallets.
A multi signature scheme can be 2 out of 3. This means that 2 private keys out of a total of 3 are needed to move funds. The point of this is that each key is in a wallet in a different location. Therefore, if a thief were to steal one of your three wallets he would not have access to your bitcoin, and you, with the remaining two would.
However, these schemes require more technical knowledge and are not yet ready for the general public.
As we have seen, having a good crypto security does not require any expertise. It is enough with a software or hardware wallet with the backup (12 or 24 words and optional passphrase) well stored in different scattered and offline copies.
You can start gradually and gain confidence as you test the operation of the wallets with little money. But remember, security and simplicity go hand in hand. Having your own passwords (a.k.a 24 words) gives you greater security than most users have.