Being The Chief Security Officer For Your Crypto Currency Portfolio
Previous article — https://medium.com/@edtrem_55994/options-for-securing-your-crypto-currency-portfolio-6404f0287bc
Are you willing to acquire the knowledge to be the CSO (Chief Security Officer) for your own crypto currency portfolio? As the CSO, let’s review how control of your crypto currency’s value can be lost or stolen:
Exchange hack — malicious operators hack and steal the private keys held by an exchange.
Exchange business risk — a government shuts down an exchange or an exchange goes bankrupt preventing access to your private keys.
Asset Lock — an exchange ’locks up’ and prevents access to your crypto assets. If an exchange chose to do this, you have minimal path of recourse especially for exchanges that are located out of your country of residence.
Laptop / Mobile device hack — malicious operators hack into your laptop / mobile device’s wallet and steal your private keys.
Loss of physical device — your laptop/mobile/hardware wallet/digital device is lost or stolen, and you do not have a backup of your private keys.
Physical device access theft — someone (friend, family, other) who has physical access to your laptop/mobile/hardware wallet/digital device steals your private keys.
Paper wallet theft or destruction — A thief accesses your paper wallet and transfers (i.e. steals) the value of the crypto currencies associated with the paper wallet. Another threat for a paper wallet is your house catches fire and the paper wallet listing your private keys burn in the fire.
Organizing principles for creating a crypto currency security plan:
Security: The wallet technology used for holding your private keys needs to provide the degree of security that you are comfortable controlling.
Usability: The wallet technology used needs to be usable enough for you to be able to securely control, store and retrieve your crypto currency’s private keys without error.
Repeatability: Any process you use to control, store and retrieve private keys needs to be repeatable. This means you are comfortable performing steps to secure your private keys and will not have any issues accessing, transferring or spending your crypto currencies. This also means that if you are incapacitated your designee will be able to successfully follow steps to access your crypto currencies.
While it seems simpler to outsource the security of your crypto currency to an exchange, it is important to realize that exchanges have been hacked and that there are crypto currency millionaires who can’t touch the value of their crypto currency because it’s asset locked for reasons that an exchange or a government dictates. (see: 25% of Bitcoins are lost forever).
For those investors who decide to not leave their crypto currency in an exchange, it is important to spend time getting comfortable with controlling, storing, sending and retrieving crypto currencies. This means you will need to experiment with technology (online wallets, hardware wallets, desktop wallets, paper wallets) to become comfortable understanding which security technology works best for you.
PRACTICE CONTROLLING, SENDING AND RETRIEVING
A good way to become comfortable with security technologies is to practice controlling small amounts of crypto currencies using different technologies.
Here are some of the exercises I used to help me understand wallet technologies and the mechanics of controlling/sending/receiving crypto currency value. For these exercises I used Coinbase as the exchange, Litecoin as the crypto currency, Exodus as the desktop wallet app and Trezor as the hardware wallet. I recommend you do similar exercises as part of developing your crypto security plan (Note: You can choose any currency, exchange, wallet technology that you want to explore when you do these exercises):
Exercise 1 — Get familiar with online wallet and desktop wallet transfers
1) Install a wallet app on your laptop (ex. Exodus wallet app)
2) Use a small amount ($5 worth) of crypto currency (ex. Litecoin) and transfer that amount from your Coinbase Litecoin wallet to the receive address of the Exodus app’s Litecoin wallet.
3) Your Exodus wallet’s private key(s) now controls the amount of Litecoin transferred to Exodus.
4) Once the transfer to Exodus is complete, transfer that amount of Litecoin from the Exodus wallet app to the receive address of your Coinbase Litecoin wallet.
Exercise 2 — Get familiar with paper wallets and desktop wallet transfers and private key sweeping
1) Create a paper wallet for Litecoin.
2) Transfer a small amount of Litecoin from your Coinbase Litecoin wallet to your paper wallet’s public key .
3) Your paper wallet’s private key(s) now controls the amount of Litecoin transferred to the paper wallet’s public key (aka ‘receive address’).
4) Transfer the amount of Litecoin from your paper wallet to the Exodus desktop wallet. This is done by importing the Litecoin paper wallet’s private key to Exodus (aka “sweeping” the paper wallet).
5) Transfer the amount of Litecoin from Exodus to back to your Coinbase Litecoin wallet’s receive address.
Exercise 3 — Get familiar with hardware wallets and wallet recovery
1) Use a hardware wallet (ex. Trezor) and transfer a small amount of Litecoin from on online or desktop wallet to the receive address of your hardware wallet device’s Litecoin wallet.
2) ADVANCED EXERCISE: Simulate recovery from loss of a hardware wallet by resetting the hardware wallet to factory defaults and then follow the recovery seed process to recover the value of the crypto currencies held on the hardware wallet. IMPORTANT — try this first this with a very small amount of crypto currency associated with the hardware wallet in case the recovery of hardware wallet’s private keys via the seed recovery process is unsuccessful.
RECOMMENDATIONS
Be patient with gaining knowledge. Give yourself the time you need to understand the concepts related to acquiring, controlling and securely managing crypto currencies. Securing and Controlling crypto currencies is COMPLICATED. With the rising value of Bitcoin and the large amount of technical investment pouring into blockchain related tech, it seems likely that the user experience for crypto currencies will greatly improve. But currently, the crypto ownership experience is confusing (at best) for typical investors.
Spend time doing your homework. It takes time to understand blockchains and the wallet technologies that allow you to control, access, secure and retrieve your crypto currency holdings. If you directly control the keys that dictate crypto currency ownership, you can mitigate threats. If you do not directly control the keys, your holdings are at the mercy of on line hackers, governments, and exchanges. My personal security plan calls for keeping a small percentage of my portfolio for trading in a well-known exchange’s online wallet with most of my portfolio being kept in cold storage.
Research exchanges’ storage options. If you are less inclined to do your homework, then leave your crypto currencies in vaults at reputable exchange(s). Exchange vaults store the keys that control your crypto currencies in cold storage to prevent theft from hacking. If you plan to store your crypto currencies on exchanges, then consider storing your holdings at multiple reputable exchanges. The reason why is if one exchange gets hacked or goes bankrupt your holdings at the other exchange are still safe. Coinbase is an attractive option for holding a percentage of your crypto currencies because they provide offline storage via vaults and have insurance against thefts.
When assessing which exchanges are good candidates for holding a percentage of your holdings, assess an exchange for trustworthiness, security expertise and for the exchange having a sustainable business model.
THE BOTTOM LINE
The tectonic plates governing institutional control of personal financial data are beginning a shift towards open, decentralized blockchain based systems that are not owned by any company or government. It is an exciting time to be learning about the systems that will serve the world in a more open and transparent way.
Dutch philosopher Erasumus once said “In the land of the blind, the one-eyed man is king.” By learning about open blockchain based systems and crypto currency investing now you have the opportunity to be the prosperous ‘one-eyed king’ of crypto currency investing.
When attempting to reap the returns associated with early adopter investments in crypto currencies, don’t forget you are a pioneer. Crypto currency investing will remain a territory of the Wild West for the foreseeable future. Proceed with a great deal of caution. Only invest what you can afford to lose, and best of luck reaping the gains that come being a pioneer.
