2018 was a notable year for hacking of cryptocurrency exchanges and stealing funds. Such situations affected not only little known exchanges, but also major ones including Bithumb, Coincheck and Zaif. The beginning of 2019 was marked by another hack of the exchange, this time a New Zealand based exchange, Cryptopia. The damage and the circumstances of this incident have not yet been fully established, but this continues to raise questions about risks of keeping any funds on a cryptocurrency exchange and what you give up when doing so.
Types of Wallets
To begin, let’s examine what types of wallets there are and how safe they are to use. There are two major kinds of wallets: cold and hot. The main difference is if they are accessible through an Internet connection. Due to their connection to a network, you can easily send a transaction and quickly access the funds whenever you want. Hot wallets include web wallets, desktop wallets, mobile wallets and exchange wallets. There is also another difference among this type: in the case of using the exchange wallet, and even some mobile wallets, you do not own your private keys and the funds are more like an IOU. Hot wallets are an excellent solution for most users, but nevertheless, they have an increased risk of hacking.
The ideal solution in terms of security and storage of large sums are cold wallets. They do not have an Internet connection which prevents that threat of hacking, but they do have other risks – you may lose or damage the storage device. For cold wallets they are typically not a wallet for daily use, but rather a solution for a long-term secure storage.
Storage of Coins on Exchange
Many users prefer to use an exchange wallet, as they can immediately start trading and/or withdraw funds to another cryptocurrency or withdraw to fiat. This is quite convenient if we are talking about small amounts, or if you make periodic withdrawals to your personal wallet. But should you consider the address of the exchange as a place to store your funds longer than absolutely necessary?
The first and, perhaps, the main disadvantage is that you are not the real owner of private keys to the cryptocurrency addresses of the exchange and this puts your funds at serious risk. They are an IOU, and the exchange could at any point become unable to send you the coins.
The second disadvantage is that the exchange can be hacked and, accordingly, your funds can be stolen or frozen until all the circumstances are clarified.
Centralized exchanges have many risks due to their nature: hacking, blocking by authorities, freezing of funds, etc. These situations can not be predicted when they will occur and for which exchange, but they do happen.
Each user must understand these risks before storing funds on the exchange wallet. You should also not forget about the security of your account on your part either. A good solution is to enable confirmation of withdrawal of funds by email or mobile phone number and also enable two-factor authentication.
Proof of Keys Event
On January 3, at the 10th anniversary of Bitcoin, “Proof of Keys” celebration was held with calls to withdraw your funds from exchanges to personal wallets in order to confirm that you are the real owner of your funds.
Don’t Put All your Eggs in One Basket
As for security, it is better not to keep all assets in one place. You can distribute your funds between a desktop wallet for quick access, a mobile wallet for access at any time, and hardware/paper wallets for long-term storage.
A hardware wallet is a type of crypto wallet that stores your public and private keys. The advantage of hardware wallets is that they store your keys offline, thereby ensuring a high level of security. In addition, your private keys are protected if you connect to virus infected PC or lose your wallet, because there is needed a PIN code to access the funds. You can also restore your wallet using the 24-word seed if it was lost. The most famous manufacturers of hardware wallets are Ledger and Trezor.
A paper wallet is perfect for people who are planning to keep large amounts and care about security. Creating a paper wallet is somewhat more complicated than just creating an account, but this storage method is considered one of the most secure. After creation, the wallet owner must save the information containing addresses and private keys. This wallet also stores the keys offline, just like the hardware wallets. But in the case of a paper wallet, you must take care not to lose your piece of paper with your keys or compromise it in any way.
Security in the Hands of the User
Many wallets have a fairly high level of security, but security also depends largely on the user. A desktop wallet can be a safe place to store your funds if other steps are followed as well (if the wallet is encrypted, used on a trusted PC, etc.). Paper wallets, in turn, can be lost. In the case of an exchange wallet, unfortunately, even ensuring a decent level of protection for your account, you are still not the real owners of your funds, therefore, it is not recommended to keep your assets on the exchange. Almost all the risks associated with exchanges are absent with other types of wallets.