The fastest way to lose money in the crypto space is not taking security seriously. I’ve been in crypto since 2016 and know many people who have lost funds to an hacks, exploits, and rug pulls. Unfortunately it’s so common that it is almost a rite of passage.
All it takes is getting hacked one time to start taking security seriously, so you might as well do it from the beginning.
If you are in crypto and have lax security measures, this is your wake up call.
Hot wallet - A hot wallet is a cryptocurrency wallet that is always connected to the internet and cryptocurrency network. For example, a MetaMask wallet.
Cold wallet - A cold wallet, otherwise known as a hardware wallet or cold storage, is a physical device that keeps your cryptocurrency completely offline. For example, a Ledger Nano X
Custody - Custody is a term that describes who has control over funds (crypto in this case).
Private Keys & Seed Phrases - A private key is usually an access key to just one address (account), while seed phrase is an access key to the whole wallet, which can hold multiple addresses.
VPN - A Virtual Private Network is a service that creates a safe, encrypted online connection. Internet users may use a VPN to give themselves more privacy and anonymity online or circumvent geographic-based blocking and censorship.
It’s generally best practice to maintain custody of your own crypto when possible. Custody simply means “control”. Custody does not necessarily mean ownership. For example, you can own crypto, but if you keep it on an exchange you do not have custody, or control, over it, the exchange does.
This is similar to how a bank custodies your money. The big difference here is that when it comes to leaving your crypto on an exchange there is no FDIC insurance. If the exchange is hacked or otherwise loses your funds you are out of luck.
This is what happened in the cases of Celsius and Voyager. Many customers deposited their crypto with these entities, only to lose it when they both engaged in risky lending and investing behavior which ultimately led to their bankruptcies.
Now that we’ve established that we want to custody our own crypto when possible, how do we do that? We have two options: hot and cold.
Hot wallets are connected to the internet (think MetaMask). Therefore they are more vulnerable to attacks. Someone could gain remote access of your computer and steal your funds. You could accidentally click on a phishing email or fall for a scam that gives the attacker access to your wallet. The benefit to a hot wallet is the ease of use. You are only ever a few clicks away from sending funds or interacting with a dApp (like UniSwap).
Cold wallets (like a Ledger) are by default disconnected from the internet and only connect when you need to send funds. This is safer as anyone who gains access to your computer will not be able to access the cold wallet assuming it is disconnected.
One major drawback to cold wallet storage is the lack of yield opportunities. Most cryptocurrencies have staking or lending options to earn additional yield. If your crypto funds are locked away in a cold wallet, depending on the cryptocurrency, they may actually be losing some value to staking dilution.
Ledger has some nice staking integrations for cryptocurrencies like Ethereum and Solana that allow you to stake directly from your Ledger device. Just know that when you ‘stake’ your crypto, in many cases you are actually ‘delegating’ it to a stake pool operator, which is essentially giving up temporary custody of your funds while you stake.
Alternatively, if you have the skillset, equipment, and time you can operate your own staking pools and maintain 100% custody of your crypto. This is not recommended for most users.
Paper (and metal) wallets can also be used and are one of the safest ways to store crypto. Paper wallets are just a copy of your private keys and/or seed phrase on a piece of paper. Ultimately, this is all you need to access the funds within a crypto address. As paper is vulnerable to fire and water destruction, many choose to engrave their private keys into a piece of metal. From there, you can keep it in secure location such as a fireproof safe or safe-deposit box.
Security can be further increased with advanced methods which we won’t cover here as complicated security measures can often times indirectly lead to loss of funds.
Here is an excellent visual from DappRadar regarding best practices for storing crypto:
- Only use your cold wallet for simple in/out transactions.
- Don’t keep more than you need to on centralized exchanges.
- Use hot wallets like MetaMask to interact with dApps, but only with the funds you need (not for long-term storage).
Unfortunately, scams and phishing attempts are commonplace in the crypto space.
If it’s too good to be true, it probably is.
If it’s too good to be true, it probably is.
Seriously, if it’s too good to be true, it probably is.
Here are some best practices for avoiding hacks, scams, and phishing attempts:
- Never click on suspicious links.
- Never connect your wallets to site you do not 100% trust (even then there is still some vulnerability).
- When you are done using a dApp, revoke the permissions via revoke.cash.
- Never, ever give your private keys or seed phrase to ANYONE, especially someone who says they are trying to help you.
- If someone (even family) DMs you about anything, assume they are a scammer until proven otherwise. A common scam is to make a FaceBook or Twitter account of a family member and try to convince you to download malware, give access to your funds, or send money directly.
- Use a burner wallet to mint NFTs. A burner wallet is just a newly generated wallet that you do not intend to store anything valuable in long-term.