How to be on the safe side with crypto
The crypto market can change in an instant. From bears and bulls to spikes and dips, everyone wants to protect and grow what they’ve invested. No one wants to miss out. But this leads to a big problem: you end up having a portfolio of different assets and nowhere to keep them safe in the storm.
This is the world of crypto in 2019, where being your own bank can sometimes be harder than it seems. Given the occasional fraud and high-level hacks which have plagued the crypto space, it’s important to understand the rule of thumb “not your keys, not your crypto”. This means, that unless you have access to your private keys, the assets are actually in someone else’s possession, so you’re not as much in control of it (if they get attacked, it’s your loss), whereas owning the private keys means you have full control over how to store them and who has access to them.
It is also important to note, that each network, has its own interfaces to access your funds. For example, in the case of Ether and ERC20, you should look into specific ‘doorways’ that allow you to access and manage your assets on that specific network, and for Bitcoin, those would be different.
Noticed how I didn’t say “Ethereum Wallets” or “Bitcoin Wallets”? That’s something we should delve into as a starter.
MyEtherWallet/Metamask (in the case of Ether and ERC20), or any other decentralised interface, do not store your tokens. The same occurs for Bitcoin with, for example, the Electrum wallet. All these platforms do is allow you to access and move your crypto through their interface. It’s like your bank’s mobile app. You don’t have the money in front of you, but it can be used in many ways.
Let’s use Metamask — an interface to access the Ethereum network — as an example. Upon creating your account, you will be asked for a password. From that moment, a seed phrase (that you should backup!) and a Private Key will be generated. When wanting to access your funds, your password will be requested to do so, but if you forgot your password and are looking to restore your Wallet, then there are only 2 possible ways to do so: either use the seed phrase (usually 12 random words), or restore an account using the Private Key.
A Private Key is no more than a big random number used to generate your Public Key, and from that Public Key, your public address is generated. Since Private Keys are so long and not easy to remember, an interface like Metamask allows customization to secure your Private Key with a password that you can easily remember.
It is important for you to understand that your password is not your Private Key. On Metamask case, it is a simplified form of accessing and signing for transactions. Keep in mind: Private Key and seed phrase are the go-to account recovery checks.
There are also examples of Desktop Wallets (eg. Blockchain) and Mobile Wallets (eg. Trust Wallet), that even allow you to manage crypto from different networks under the same interface. Metamask, on the other hand, only allows you to manage crypto on the Ethereum Blockchain.
Private Key, Public Key, Address, Seed Phrase… After all, what’s the difference and why do we care?
The Public Key is used to generate an Address. That Address is your Public Address and what you provide others to be able to send you crypto. Think about it in terms of your postal mailbox. You can have people send packages with it, but only you are able to access what is inside.
Private Key really is key here. Another analogy: if your Public Address were your postal mailbox, it could only be opened with your Private Key. It classifies you as its legitimate owner and provides you the access and to what’s inside. Would you share the keys to your mailbox with someone you don’t know? Sure not!
It’s important that you always keep your private keys in a safe place, as it is what provides you with the power to access and move your funds.
The most common way is writing it on a piece of paper (or several, or even on a different material to actually survive fires and calamities alike), and safely store it in places only you and people you trust accessing your funds know. This is also commonly called “Cold Storage” since the private key isn’t online, or accessible through any device. Once it is accessible to the internet, it’s in hot storage and it’s vulnerable.
Your seed phrase is the ultimate go-to recovery of your account. It is the only possible recovery of your funds in case you lose your regular access to your account (Private Key or Password) and to the device you use to access your account (for example, a Hardware Wallet). You may restore your Wallet through that same Seed Phrase, which is usually a combination of 12 random words. That should be always provided to you upon the creation of your Wallet.
Hardware Wallet? What?
Indeed, there are hardware wallets. Do these store your assets? Kind of. A Hardware Wallet (such as Trezor, Nano Ledger) stores the Private Key in the device. It’s harder to hack a hardware wallet than any other kind. All transactions being broadcasted through any Hardware Wallet must be physically signed (approved) on the device itself, so it’s also not possible to move funds without physically use it. What if I lose my hardware wallet? Do I lose my funds? And the answer is Seed Phrase.
Your Seed Phrase comes into action, even if you lose your Hardware Wallet. You can always use the 12 seed-word originally given to you to restore your device on a different Wallet (from the same manufacturer). So, the bottom line is, keep your Private Key and Seed Phrase far from curious cats and danger, and your crypto shall be protected.
Our advice is to always access the majority of your funds through a Decentralised Interface, which means a wallet that you own the Private Keys for. This may sound conflicting with our Wallet at UTRUST, which is centralised in order to provide some features such as instant transactions and buyer protection. Our wallet was primarily built for payments, not storage. But security is also our great focus. We want to keep you safe so that you can use the UTRUST wallet in your personal ecosystem. Like our Telegram Admin, Longcat, always says — “The hardware wallet should be your bank, and UTRUST the pocket wallet you carry around.” 🙂
How can you know which wallets may serve as an interface for my tokens on different networks?
First and foremost, the official websites of the Networks itself will always provide you with that information. We highly recommend that you to double and triple check if you’re getting the info from official sources (Telegram/Twitter/Website). It’s important to be sure that you’re getting accurate info.
I’ve heard storing them on exchanges may not be the safest way, why? I can just store them all in one place right?
Hundreds of millions of dollars in crypto pass through exchanges every day and this makes them a target for criminals. Exchanges are used by hundreds of thousands of people all over the world so they are more exposed to being exploited. You don’t want to leave your funds in an exchange where they are more vulnerable.
Storing all your assets in one place means one point of failure may be enough to compromise the entirety of your assets. Those would be unusual, unfortunate situations, but they can happen. Check out this article about Mt. Gox, one of the more infamous exchanges to lose its clients funds. That’s why storing the majority of your funds in your own Wallet, the one you own the Private Key for, would be your best reassurance.
To conclude, what are good examples of wallets?
Decentralised wallets such as Trust Wallet, Metamask and MyEtherWallet allow people to be their own bank and take control. To some, that’s the safest harbor they can land on. To some others, not so much.
We can’t generalize the security level of a decentralised vs centralised wallet, due to the simple fact that it ultimately depends on the user. If one isn’t that tech savvy and does not want to have the responsibility of all their funds, then a centralised wallet would serve them well.
The utmost level of security is provided by any wallet to which you own the Private Key. That also makes you accountable for making sure no one ever accesses your funds. But as Uncle Ben taught us, “With great powers, comes great responsibility!”
