Why leaving your bitcoin on an exchange is like leaving cash under your mattress
Information about Why leaving your bitcoin on an exchange is like leaving cash under your mattress
Leaving your bitcoin on an exchange is like placing cash under your mattress.
With traditional finance, the bank secures your cash balance and you have recourse to the bank if something goes missing. When it comes to stock or bond portfolios, your investment broker takes care of the custody issues.
Bitcoin has none of these regulated role-players with their respective oversight bodies. In finance, these custodians are established to keep our money safe – and mostly do just that.
Custody is one of the topics we often neglect when starting on our crypto journeys.
Bad habits creep in by increments …
What starts out as an investment of a few hundred or a few thousand rand does not warrant paying undue attention to security. Then the crypto portfolio grows, and grows a bit more, and too often we become aware of security issues far too late.
The risks of poor security only become apparent after disaster strikes.
It is estimated that up to 3.7 million bitcoin (around R3.4 trillion) are already lost due to poor knowledge (or implementation) of security issues.
There are different levels of security and increasing costs involved as you dig deeper. Feasible options to cover the needs of most use cases are presented below.
Getting started: custodial wallets
A bitcoin exchange account, or bitcoin held by a broker, is one solution. This is called a custodial wallet. This leaves our bitcoin in the complete control of the trusted person or company.
The greatest risk here is that you have very little recourse should the exchange close down or the executives simply disappear.
Each year there are multiple exchanges around the world that close, leaving their clients nursing painful losses. And that’s not counting the multiple scams feasting off what is an unregulated market.
With the current lack of regulations, this is the worst form of custody, since you have forfeited control of your bitcoin.
Self-custody is where you take full custody of your bitcoin using one of the commonly-used and freely available digital wallets, such as BlueWallet, MetaMask or Exodus.
This is where you need to understand a few crucial security points. These wallets require a 12- to 24-word ‘seed phrase’ that allows you to unlock the private security key to the wallet.
This is the equivalent of your password to a bank account.
The seed phrase allows you to restore your wallet should you lose your login details or cell phone. It is the most important element in bitcoin security and anyone with access to this seed phrase can empty your wallet at any time.
Without a seed phrase, you don’t have custody of your bitcoin.
The seed phrase should be securely stored offline where nobody can access it. Best practice is to write it down and store it somewhere safe. Never store it digitally or enter it into a computer, file or phone. Taking a photo of it puts the whole wallet at risk and transferring it to a printer could allow a hacker to recover the phrase and steal the balance. Many users of software wallets have been tricked into giving up their seed phrases by people ‘helping’ them to perform simple functions in their accounts or sending the seed phrase away in a screenshot or email.
Once you download and set up the self-custody wallet (like BlueWallet, MetaMask, Exodus and many others), an address is generated for receiving bitcoin and you are now able to move your bitcoin off the exchange you bought it on to your very own wallet.
If you’re storing a larger amount of crypto – say a month or two worth of income – then a hardware wallet is the next step to take for secure self-custody. The hardware wallet locked in a safe is a good system to build a long-term investment portfolio with limited risk.
Hardware wallets also require a seed phrase which, as explained above, is best written down on paper and safely stored somewhere, not on a computer or electronic file of any kind that can be hacked and also not with your hardware wallet.
Most hardware wallets are not connected to the internet and in some cases operate with a battery pack, mitigating the ‘online’ risks of a software wallet.
The downside of hardware wallets is the initial cost of the device and the need to save a seed phrase entirely removed from any form of electronic device. If a wallet is stolen without its access password, or lost, your bitcoin is safe.
As long as you retain the seed phrase you can always recover your bitcoin balance, with or without the physical wallet.
Hardware wallet 2.0
A more recent development that is available on most hardware wallets is the ability to create a 25th word ‘passphrase’. This gives you an additional layer of security on top of the 24-word seed phrase, but allows you to create hidden additional wallets secured by a specific (strong) password.
The challenge is to ensure that you secure the seed phrase and the passphrase separately.
However, be warned: if the passphrase is lost, the additional wallet will not be recoverable.
This level of security must be implemented with care and with some planning to ensure your estate can find these in the event of you passing away. An advantage of the passphrase option is that the single-word passphrase can be stored online as it is completely useless without the 24-word seed phrase or hardware wallet.
Multi-signature hardware wallets
The ultimate long-term bitcoin security setup is fairly technical, but is well suited to corporate structures and legacy planning or shared and managed custody. This is the multi-signature (multisig) hardware wallet and is accomplished by combining multiple hardware wallets using specialist software. When using wallets from different manufacturers, this method eliminates the ‘single point of failure’ risk. Even if one wallet seed phrase is compromised, the new ‘multisig wallet’ will not be at risk.
Don’t split up your seed phrase words
Whatever option you select to keep your bitcoin safe, it is never advisable to transmit or pass on your seed phrase.
Splitting up seed phrases into multiple locations actually creates additional risk should multiple parts go missing – and reduces the security of the phrase exponentially if even one third is lost. Which means it is also important to ensure that you check at regular intervals that these parts have not been compromised.
A hardware wallet with a passphrase or a multisig solution is a better way to reduce single points of failure in your bitcoin wallet backups. Such solutions also allow you to plan an effective way to pass your bitcoin on to your estate.
James Caw is a director at Simple Bitcoin.