Why Not To and How to Store Private Keys on the Cloud
The cloud is a server or network of computers that store and access data through the internet. Private keys, are the secret key to unlock your crypto wallets and have many wallet recovery and import use cases. In other words, private keys can unlock the love of your life — crypto.
In a decentralized monetary system, you have the liberty of your value and the responsibility. If you lose your private key, then you’ve lost access to your wallet. You also need a backup plan. If your private key was written down on paper stored in your home, but your house burns down — along with your private key, then you need a plan A, B, and C incase any of the other 2 are not available.
Storing private keys on the cloud can sound like a convenience. We store all kinds of information on cloud services after-all with peace in mind that the data will always be there. However, crypto has a few more concerns than storing a picture of your dog on the cloud because private keys are literally the authentication to access your crypto wallets. Here are a few arguments why you definitly should not store your private keys on a cloud service provider.
Cloud providers are not your computers.
Cloud providers have their own computers that give you an interface to interact with your data on their computers. They provide a service and that service can be turned off leaving you without access to your private keys.
Surveillance State
Cloud providers are loaded with national and foreign government contracts. The state can use their absolute power or partnerships to make cloud providers give up your data. Even if your private key is encrypted, if they know the signature is from a certain source [coinbase wallet], then they don’t need to decrypt the private key to come after you!
Big Data
Cloud providers are heavily involved in the big data industry, buying, selling, and analyzing your data is part of their business model. If you think automated scrips running through your data is creepy, then you might be more intrigued if they’re reading your private keys.
How to Store Private Keys on The Cloud/ Internet
Okay, so there are thousands of ways to store your private keys on the cloud or internet in general. The main goal is to encrypt before uploading. Here are some cool tools and why they might be useful for storing private keys on the cloud.
- Encryptr is a password management app by SpiderOak. SpiderOak is a zero knowledge cloud storage provider. The app is supported on just about every platform and super easy to use.
- Cryptomator is a file encryption software that’s probably one of my favorite. It’s multi platform and you can use it to encrypt entire working directories. If you have an in sync cloud directory on your machine, then using cryptomator when interacting with that directory will keep all the data encrypted before it’s synced to the cloud. You basically add encryption to your general OneDrive or Google Drive for free, but it’s always good to donate if you can. You can store your private keys in a cryptomator secured directory and have it encrypted in real time with your cloud provider.
- Windows users may already be familiar with 7zip. It’s a file compression software, but has the ability to encrypt and password protect files. Files containing your private keys can be encrypted with 7zip, then uploaded to the cloud.
- Don’t name your file
my-crypto-private-keys. You don’t want people to know they’re your private keys, therefore don’t just tell them what it is.
Best Practices
- Avoid cloud or digital storage of private keys. If you do, then reasonably encrypt your private key files before uploading.
- Avoid browser based applications to store keys. Browser can be compromised.
- Physically write down your private key and keep it safe. The more locations it’s safely stored, then the more access you have incase location A or B is not accessible.
- It’s okay to be creative; engrave in metal card, hide it in a book, tattoo your dog, etc…
