Cryptocurrencies have undergone rapid growth over the years and have been widely accepted worldwide. Their fast-growing adoption has contributed to their increasing value which resulted in a booming crypto market. The market’s current status has also attracted bad actors that have exploited the vulnerabilities of platforms that serve as custodians to these cryptocurrencies.
Crypto exchanges also offer custodial to their users’ digital assets. Despite efforts made by these custodians, hacking remains the biggest security threat causing billions of dollars in losses. To date, the Coincheck incident was the biggest hacking incident recorded in crypto history which has involved a $532 million loss of digital assets.
With the advancement of technology, innovation brought by blockchain paved the way for the creation of cold wallets that offers a safer and secure way of storing a user’s virtual assets. What are cold wallets? Cold wallets are offline wallets used to store digital assets like BTC (bitcoin), ETH (ethereum), LTC (litecoin), XRP (Ripple), DOGE (dogecoin), and other cryptocurrencies. Since there are not connected to the internet, it is free from unauthorized access, hacking, and other vulnerabilities making it the safest storage for cryptocurrencies. These wallets store the user’s address and private key and work with compatible software on the computer.
Types of Cold Wallets
Most crypto exchanges are using cold wallets in order to protect their users’ assets in case a security breach happens. Coinbase for instance stores 98% of users’ funds in offline cold wallets. Offline paper wallets and hardware wallets are the two types of cold wallets. Let’s take a look at how these two works.
- Offline paper wallet
This type of cold wallet can be generated from certain websites. To create one, you need to use a trusted wallet generator. Here’s a simple guide to creating one in reference to a blog published by Gemini.
- Go to the wallet generator website and save the wallet generators as a web archive
- Go offline and click on the web archive file to generate the key offline
- Using a stand-alone printer, print the key
For additional security, you can perform the following operations though some may be optional at your end.
- Run the generator file and OS (operating system) on a USB drive or another offline computer
- Destroying the printer after wallet creation (totally optional of course)
- Adding a BIP 38 password, which provides an extra level of protection by encrypting your private key with a password
Though it is no longer encouraged to use this type of cold wallet, the idea may present other practical uses like creating a present card for someone. It can also be a giveaway, or promo scratch-off card, a source of fun, and for other offline transactions.
This is a physical wallet that is offline and not connected to the internet. It is also considered the safest way of storing one’s digital assets since it is not vulnerable to hacking and other security breaches. The top ten cold wallets most comprehensive we have right now are:
- NGRAVE
- Bitbox02
- Trezor
- Ledger Nano X
- Keepkey
- Coldcard
- Opolo Cosmos
- Safepal S1
- Satochip
- SecuX w20 and v20
Among these wallets, NGRAVE is considered the coldest wallet since it does not allow any means of connecting to the internet. These wallets support the storage of top cryptocurrencies like BTC (bitcoin), ETH (ethereum), LTC (litecoin), DOGE (dogecoin), and others. Though these were touted as the safest crypto wallets so far, are they really safe from vulnerabilities?
Cold Wallets: Vulnerability Revealed
Security breaches have abounded the crypto market since the time of its founding. With the invention of cold wallets, crypto holders now have the best and safest way of storing their crypto holdings. But is it really free from exploitation from bad actors lurking in the industry?
According to a study conducted by Ledger, one of the leading hardware wallet providers, cold wallets present a very minimal vulnerability to hacking by accessing the PIN codes that secure the wallets. Wait don’t panic yet. As further stated in the study, cold wallets can only be hacked if the attacker has physical access to one. Charles Guillemet, chief technology officer from Ledger stated:
“You can put millions or even billions if you want in a hardware wallet. So this is definitely a big thing if an attacker has physical access to a hardware wallet and the wallet is not secure. Some cryptocurrency exchanges are even using hardware wallets for cold storage.”
Crypto exchanges like Shapeshift were able to address the issue by receiving updates for its Keepkey cold wallet to ensure greater security. With the recent fix, it will be more difficult to develop a reliable catalog of power consumption outputs that map to PIN values. Also, even without the update, Keepkey users can add a passphrase as a second layer authentication.
Shapeshift has also encouraged cold wallet users to secure their devices.
“The fact is that there’s no way to prevent a highly sophisticated attacker with physical possession of the device, and lots of time, technology, and resources, from completely ‘pwning’ that device—eventually. ShapeShift recommends that you secure your device with the same caution you would with other investments or valuables. Protect your KeepKey like it could be stolen tomorrow.”
Though cold wallet providers are mainly responsible for the safety of their users’ digital assets, given that hacking attacks can only be done with access to the physical wallet, securing these assets remains a shared responsibility with users.
