The bitcoin/cryptocurrency space can be confusing at times.
Just the sheer amount of options when it comes to storing your coins can be overwhelming.
Let us clear some of that up and help you make an informed decision when choosing your wallet.
Web vs Desktop vs App vs Hardware
Web wallets, such as exchanges and other services, are non-custodial.
With cryptocurrencies, ownership is defined by whomever holds the keys to the coins. Here, you are trusting someone else to hold them for you. All you really have is an IOU. This model is highly insecure, as it leaves you vulnerable to phishing, exchange collapse, or confiscation of your coins.
Examples: Exchanges, yield generating sites, and other custodial services
——————–
Desktop wallets are highly insecure self-custody wallets.
Unless they are used with a hardware wallet, your private key is directly on your compromisable internet-connected computer*.
Many users lose funds this way due to phishing and malware attacks. If you have reason to use one of these wallets, only ever use them when paired with a hardware wallet, so that your private key remains safe.
(*an airgapped device mitigates most of this attack surface – however, this practice is not recommended for beginners)
Examples: Exodus, Metamask, Electrum, Samourai, Bitcoin Core
——————–
App wallets that provide you with a seed are relatively safe for smaller amounts.
Phones are less prone to malware than computers as the app stores are curated and apps run in separate virtual containers to keep them safe.
These wallets are more than secure enough for ‘pocket money’, but are still hot wallets, prone to malicious/faulty software updates and thus should not be used for large amounts of bitcoin/crypto (more than $1000 or so).
Examples: Blockstream Green, BlueWallet, Coinomi, Muun, Phoenix
——————–
Hardware wallets are the prime standard.
They are really the only sensible choice for holding large amounts of cryptocurrency.
These devices are built specifically to ensure your private key never leaves the device, even when connected directly to a compromised computer.
While sometimes referred to as ‘cold storage wallets’, technically they are ‘warm’ unless used in an air-gapped fashion.
Examples: Ledger, Trezor, Blockstream Jade, ColdCard
Open-source vs Closed-source
Open-source means its software code is made available for public review.
This code does in fact get peer reviewed regularly. This ensures that there is nothing malicious, compromising, or otherwise undesirable in the code itself that can compromise your security.
With closed-source wallets, you are placing your trust in the people who build it to not have any backdoors that could potentially steal your private key.
Examples of open source wallets: ColdCard, Trezor, Blockstream Jade, Electrum
Examples of closed source wallets: Ledger, Exodus, Coinomi, Metamask
Bitcoin-only vs Altcoin Support
A wallet that supports numerous coins, by its nature, is less secure than one that only supports bitcoin.
Every altcoin requires its own code and algorithm which introduces new attack surfaces and potentially insecure signing methods. While this threat isn’t as great as others (an open source hardware wallet with altcoin support is far better than a closed source bitcoin-only phone wallet), it is still often an unnecessary, mitigatable risk.
Even if you hold a substantial amount of altcoins, it may be wise to hold them in a separate wallet from your bitcoin. If either were ever to become compromised through software fault, it would almost certainly be the altcoin wallet.
Bitcoin-only wallets: ColdCard, Trezor, Blockstream Jade (optional firmware), Blockstream Green, BlueWallet, Electrum, Bitcoin Core
Altcoin wallets: Ledger, Trezor (optional firmware), Coinomi, Metamask, Exodus
The gold standard of self-custody: Multi-vendor Multisig
Above a certain level of Bitcoin savings, it is highly recommended to make oneself familiar with Multi-vendor Multisig solutions.
We will explore this topic in more detail in the future on our blog and our Twitter, but in short:
It eliminates single-points of failure by utilizing several keys generated on devices which are not produced/originated by the same vendor.
All hardware wallets in our online shop which are marked as “Nunchuk Partner” or “Nunchuk compatible” are able to be utilized in such a setup.
——————–
Here at BitcoinVN, we are dedicated to helping you on your path to self-sovereignty. We want you to hold your keys and take control of your finances. And we are here to assist you every step of the way.
Any more questions?
Get in touch with us – our team is offering Cybersec and custody consulting services to get you started off the right way.
