The easiest way to describe crypto wallets is to compare them to plain old regular wallets. But as tempting as this analogy is to use, it falls short. Crypto wallets are simply too different—not only in terms of their technology, but also in terms of the role they play in security.
In this article, you’ll learn the basic mechanisms of crypto wallets, how they fit into the overall context of keeping your crypto secure, and the accepted best practices in this area.
Public and Private Keys—Making Sense of How Crypto Wallets Work
First, let’s dismiss the “crypto wallets are like regular wallets” rumor. Instead, let’s take a look at how they compare to bank accounts, but with a slight twist. The first thing to note is that you cannot send or receive crypto without a crypto wallet, in the same way you cannot send or receive fiat money without a bank account.
However, unlike bank accounts, crypto wallets don’t actually ‘store’ any cryptocurrency coins—that’s what the blockchain does. Since crypto coins are digital, it is more accurate to say the public blockchain stores the ownership records of the entire ecosystem. Instead, a crypto wallet is a device (whether software, hardware, or both) that stores your public and private keys.
When it comes to crypto and crypto wallets, these are the terms you need to familiarize yourself with.
- Private Key: Your private key is like your bank account password. You need it if you want to send crypto from your wallet.
- Public Key: Your public key is a point of reference, like your bank account number. You only need this to receive funds.
- Wallet Address: For practical purposes, this is the same as your public key.
- Seed Phrase: A 12, 18, or 24-word phrase used by most crypto wallets that serves as a root key which then generates a whole tree of private and public keys. The format of the seed phrase makes it easier to store. It is just as important as your private keys—in most wallets, you won’t even see your private key, just the seed phrase.
The 5 Types of Crypto Wallets (and How They Keep Your Private Keys Safe)
In general, there are five different types of crypto wallets. These can be further classified along a hot/cold spectrum, with the ‘temperature’ representing the level of internet connectivity. The ‘coldest’ wallet is entirely offline, while the ‘hottest’ wallet is 100% online.
The tradeoff between hot and cold comes down to security versus convenience. The fully offline wallet (coldest) is the most inconvenient to use, but it’s also thought to be the most secure. The following list of crypto wallet types is broken down in order from the coldest to the hottest.
1. Paper Wallets
A paper wallet is essentially you writing down your public and private keys on a piece of paper (or something more durable) and then storing it in a secure, physical location. It’s 100% physical and thus offline, but it’s also massively inconvenient. Every time you want to send funds, you have to import your keys into one of the other wallet types below—meaning you cannot use a paper wallet on its own.
Here’s how you can setup a Bitcoin paper wallet.
What you need to know: If your paper wallet is destroyed, your crypto will be lost forever (one study estimates as many as 4 million BTC may have already been lost in this manner). If an attacker gets hold of your paper wallet, they’ll be able to steal your crypto.
2. Hardware Wallets
Most of the crypto community consider hardware wallets the best accepted practice for individual holders. While they could be classified as ‘cold’ wallets, they do have some degree of internet connectivity and are not considered to be 100% cold wallets like paper wallets.
You can think of hardware wallets like USB drives with added functionality. Private keys are stored in a secure portion of the device and never leave it. The devices themselves can usually be further secured by a PIN number and two-factor authentication. If your hardware wallet gets destroyed, you can still restore your wallet using your seed phrase.
At the time of this writing, there hasn’t been a known instance of a hardware wallet getting hacked.
What you need to know: If an attacker does obtain your hardware wallet and PIN number, they will be able to spend your crypto. If they also manage to get your seed phrase, they’ll be able to steal your crypto without needing access to the physical device itself.
3. Desktop Wallets
First on the list of crypto hot wallets is the desktop wallet. These can be downloaded onto your computer like any program or app. A good desktop wallet keeps your private keys in an encrypted format, and additional security is provided through passwords and two-factor authentication methods. If you don’t want to get a hardware wallet yet, a desktop wallet is your next-best option.
What you need to know: If an attacker gets hold of your PC and your passwords, they’ll have full access to your cryptocurrency. For instance, if your PC has been infected with malware, any desktop wallets may also be compromised. And again, if they get a hold of your seed phrase, they won’t even need those to access your digital funds.
4. Mobile Wallets
Like desktop wallets, but for mobile. Private keys should also be encrypted, and additional security can be in the form of a passphrase, PIN, two-factor authentication, or fingerprint unlock.
What you need to know: Same vulnerabilities as desktop wallets, although in general, mobile phones are less susceptible to malware compared to PCs (although rooted Android phones may present additional security vulnerabilities).
5. Web-Based Wallets
The hottest of all crypto wallets, these wallets are accessible from your browser, and are considered the least secure option.
What are the Accepted Best Practices for Keeping Your Crypto Secure?
As mentioned, the accepted best practice is to keep most of your crypto holdings in a reputable hardware wallet with two-factor authentication enabled (whether you use a hardware wallet or not). As for your private keys/seed phrase, you should never copy it (no matter the form) on a connected device (such as your laptop or phone). The seed phrase itself should be written down physically and stored somewhere secure.
If you want to trade crypto, you can temporarily transfer your crypto to an exchange, do the necessary, and then move it back to your hardware wallet. If you’re just sending or receiving funds, you can do so directly from your hardware wallet.
This brings us to the next point—should you trust an exchange with your funds? There is no right answer to this question, and it all depends on your level of risk tolerance. On one hand, a reputable exchange will have more robust and rigorous security protocols than most individual holders. On the other hand, exchanges are also natural honeypots for attackers, meaning the threats they face are also much more sophisticated.
The decision is ultimately yours. But as Andreas Antonopoulos, author of Mastering Bitcoin says, “Your keys, your Bitcoin. Not your keys, not your Bitcoin.” He believes you should be in charge of your own private keys, and also recommends hardware wallets as the ideal solution.
Scams are the Greatest Threat for Crypto Traders
While major exchange hacks are the first (and often the only) to make the news, the majority of cryptocurrency theft is due to scams—not hacks.
While hacks typically involve high-level technical attacks, scams tend to exploit age-old human psychology (e.g. wanting something for nothing). Read this article to learn more about common crypto scams and how to avoid them.
You Must Take Responsibility for Your Crypto’s Security
In cryptocurrency, there is no central authority like a bank that can reverse fraudulent transactions or theft. This is decentralization’s unavoidable tradeoff—more freedom also means you must take more responsibility for the security of your crypto.
Crypto wallets are an integral part of that. But once you understand how they work and follow the best practices for their use, a little bit of caution and skepticism is all you need to keep your crypto safe.