Storing Cryptocurrencies Securely

Artwork by cryptopop.net!

After reading about Bitcoin in the article Bitcoin P2P Currency: The Most Dangerous Project We’ve Ever Seen, I was driven to research on how to keep Bitcoin safe without significantly relying on any other single party.

Fortunately, through the years, many have shared what they have learned to secure their crypto assets. I can no longer identify my sources, but I can share a summary of other people’s thoughts on the matter.

By the end of the article, you should have a good idea on how to store your personal cryptocurrencies. Storing cryptocurrencies for an institution is practically a different topic — it takes a lot more planning because of the required continuity in the business.

Before proceeding, here are a few disclaimers:

• 100% security is impossible. Each increment towards 100% gets exponentially harder: getting from 79% to 80% safe is much easier than 95% to 96%. That said, perhaps what you’ll learn here will be good enough for now. When you reach millions of dollars worth of cryptocurrencies, then you can afford to research more.
• This advice changes. As devices and exploits have evolved, my thinking has changed as well. Especially for the amounts of money I do not have myself, I’m only imagining what kind of security I might require. I figured if I ever reach those amounts, I could afford to hire people to research for me.

Here’s a table that sums things up succinctly. The “Value” column shows a rough estimate of the value you’d store with the “Scheme” column. The higher the value, the more elaborate the storage scheme will be. Obviously, we have different thresholds for what we consider acceptable in each level. If you don’t put more than $50 in your wallet, adjust accordingly.

+-----------------------------+----------------------------+
| Value                       | Scheme                     |
+-----------------------------+----------------------------+
| Wallet (~ $200)             | Single sig, software       |
| Vacation (~ $8,000)         | Single sig, hardware       |
| Car (~ $20,000)             | 2 of 2 multi-sig, hardware |
| House (~ $300,000)          | 2 of 3 multi-sig, hardware |
| Small island (~ $1,000,000) | 3 of 5 multi-sig, hardware |
| Castle (~ $20,000,000)      | 4 of 6 multi-sig, hardware |
| Fortune (above $50,000,000) | 5 of 8 multi-sig, hardware |
+-----------------------------+----------------------------+

Definitions

• Software wallet: something like Electrum, Copay, mycelium
• Hardware wallet: devices like Ledger, Trezor, KeepKey
• Single sig: only one signer is required
• Multi-sig: m of n setup where there and are n signers and m people are required to agree to spend funds. For example, 3 of 10 means you have 10 total signatories and require 3 out of the 10 people to agree to spend from that wallet.

A Ledger Nano S.

Rules of Thumb

The signers you choose should be people you trust. The likelihood that enough of them will collude to steal your funds should be infinitesimally small that if they do so, you have other things other than the money to worry about.

Ideally, the signers should not know one another well. The more they are in contact with one another, the more likely that they may leak information to one another about the transactions you do.

Signers should be ideally be technically savvy. This might be a little difficult given how new cryptocurrencies are. The reason for this is that you don’t want to be tech support whenever you need things signed, and you also want them to be able to access it in case you are incapacitated.

Signers should not be likely to be all together in one physical space. You don’t want a physical catastrophe to make your funds inaccessible.

Have a backup plan in case your signers are incapacitated. In case something happens to the signers at the same time, there should be another way for you to gain access. Perhaps each of them can have their own lawyer that also has access to the keys. Maybe they store the private key in their own bank boxes that you can recover.

Use different hardware wallets. Exploits are more likely to affect one wallet only. If the remote hackers must get exploits for 3 different wallets just to access your funds, they’re likely to be discouraged by this complexity. They can find easier ways to steal someone else’s money.

Keeping personal cryptocurrencies safe is a never-ending exercise, and keeping this post short is not. It is my hope that you can use this as a springboard to reach the levels of security you’re comfortable with.

I expect that most people that read this are still exploring this topic. Though this article isn’t an in-depth guide, it should be enough to get you started. Every so often, review your security setup and assess if you need to change things. Ideally, you will automate the reviews by putting it in your schedule and committing to strengthening your security. We often forget about guarding our assets and only become cautious after we’ve been hit. For your own safety, it’s best to be proactive on protecting your cryptocurrencies.