How to Safely Store Tezos and Cryptocurrencies
A Beginner’s Guide to Private Key Storage and Tezos Wallets
Tezos, like many cryptocurrencies, have been growing in popularity. Yet, few people understand how to protect their funds from hackers and scammers. Advanced and strong security measures are needed to protect your digital assets, but most people do not learn or apply the necessary precautions. Sadly, there’s no shortage of scams around DeFi and NFTs today. CNBC reported that a record $14 billion USD was stolen in 2021 through blockchain-related scams. Wallets are secured through private keys, which allow the spending of tokens. Wallets are used to interact with a blockchain, and they sign transactions with the private key. Wallet interfaces such as Metamask, Ledger, Trust Wallet, and many others are simply interfaces to see the value in a wallet and store the private key. Thousands of scams exist to trick users’ wallets to reveal their private key, which will essentially give the scammer your tokens and funds.
Most scams require access to this private key or trick the wallet owner into giving permission to another wallet to spend the digital assets. To the cryptocurrency professionals, even the most aware and knowledgeable cryptocurrency users fall for these scams and phishing attempts. Security of the private keys while maintaining accessibility is the balance many users face. We will be discussing the pros and cons of various storage solutions to safely secure your funds.
There are two main options for storing your cryptocurrency safely and securely: cold storage and hot storage. Within these two categories are sub-categories that we will be reviewing. Cold storage wallets are offline devices used to store private keys. Hot wallets also store private keys, but the wallet is linked to the internet through desktops, phones, and browsers for easy access.
Cold Storage
Cold storage refers to any offline device or service that you use to store your cryptocurrencies, whether it’s a USB drive, an encrypted hard drive, or even a paper wallet. Since they are not linked to any network when not in use, they are the most secure option, but they are often more expensive. The most popular and reliable cold storage is Ledger and Trezor. These are a subcategory of cold storage, known as hardware wallets. They are USB stick-like devices used to store private keys and easily interact with a blockchain and often through a wired connection. In addition to these different types of wallets, people may sometimes use hot wallets on a laptop that are never connected to the internet. Since they are never connected to the internet, they are considered cold storage. With these setups, they will only connect the device to the internet through Wifi, cellular, etc., to make transactions. You can then send funds from this cold storage to the hot wallet.
What makes hardware wallets specifically so secure is the fact that you need to have the physical wallet in hand and access it through a password or PIN. These are often hidden in bedrooms and lockboxes. Assuming someone finds this cold storage, they would then require a PIN or passcode to access it and transfer funds. For a hardware wallet like Ledger or Trezor, you can store your XTZ (Tezos) quite simply. Here is some information about storing and staking your Tezos wallet on Ledger.
These cold storage options are much safer than a wallet that is insecurely locked and constantly connected to the internet like hot storage options.
Hot Storage
Hot storage is similar to a cold wallet but has two distinct differences. First, your secret key is stored on your computer. Second, the wallet is always connected to the internet and hackable. What makes the hot wallet still so popular is that it is often much easier to use and requires much less hassle. While this is a huge advantage for the user, it often causes people to be careless and can lead to accidental phishing attacks. A phishing attack is when you link your wallet to a malicious site that will steal your private keys or tokens.
While they have their issues, they are widely used and have created a lot of mainstream adoption. Types of hot wallets are desktop, mobile, extension, and web-based.
Desktop wallets are applications that can be downloaded onto your computer. They store the private key directly on your hard drive and can be linked to the browser to interact with dApps.
Mobile wallets are iPhone or Android apps that can store your private keys on a mobile device. From your phone, you can interact with links and connect your wallet. Some mobile wallets also have capability to connect with websites on your computer through QR codes and links. Popular mobile wallets on Tezos are AirGap, ZenGo, Naan, and Atomic Wallet. This is in addition to multichain cryptocurrency custodian wallets like Gemini, Kraken, and Binance.
Extension wallets are the most popular form of hot storage wallets. Chrome extensions like Metamask, MyEtherWallet, and Coinbase are the best for the Ethereum blockchain amongst others. Other wallets like Phantom are great for Solana and Yoroi for Cardano. On Tezos, the most popular Chrome extension is the Temple Wallet.
Finally, web-based applications are part of custodian wallets, where a company holds your keys. This allows users to Log In through traditional Web 2.0 ways like username and password. After logging in, you can access your funds and make transactions. Popular desktop wallets for Tezos are Unami and Galleon.
Using a hot storage wallet is inherently riskier as your private key is public to anyone who hacks your computer, but for many, their convenience and usability outweigh the risk.
Popular Chrome crypto wallet extension, Metamask, stores your private keys directly on the Chrome extension file itself. While the file is encrypted, it is encrypted using your password to unlock the extension. To know how long it will take to break this encryption with a given password, check the chart below. For example, if your password is 4Er&64Q, it will take only 17 hours for a hacker to get all of your funds. Plus, if you’re not careful, you might accidentally expose your private key to the outside world through phishing attempts.
An important note to make is that your wallet’s password is not necessarily what you need to protect. It is your private keys that need to be protected. Even if you’re locked out of your wallets like a Metamask or Ledger, you can still recover your blockchain wallet with the private key. So, if you have funds in a cold wallet, but you store your private key on a Google Document, the wallet is not as secure as you think. In this situation, while you may think you are taking the necessary precautions, your wallet is only as secure as Google Drive’s Cloud services. With a fully cold wallet, you do not need to rely on any cloud providers.
Thank you so much for learning with Tezos Israel and continuing to use the best practices in securing your cryptocurrencies! We hope you learned about different types of wallets and how to use them. We wish you much success in your Web3.0 journey and remember, “Not your keys, not your coins”.
If you have any questions, feel free to reach out to me on Twitter at @adshinder and follow Tezos Israel on Twitter at @TezosIsrael.
