Watching the blockchain mature and slowly enter into the mainstream over the years has been a source of pride for those involved since the early stages of the ecosystem. As the field begins to accumulate traction, individuals need to understand the risks when it comes to keeping their cryptocurrencies secure. With a market cap exceeding $400 billion, the space has attracted hackers and other malicious actors attempting to gain access to users funds, such as the recent MyEtherWallet hijacking, where $150k worth of funds were stolen from users due to a DNS exploit.
There’s a variety of different ways someone can store their cryptocurrency. A handful of different methods for storing coins exist, which generally fall into the categories of either hot or cold storage. Cold storage wallets are generally preferred by those with security as their number one priority: storing your private keys offline is the safest option. Hot storage wallets, in contrast, tend to be riskier. An individual using a hot storage wallet does not have control over their own keys – we saw the disastrous consequences of this with the Mt Gox breach, where close to a million bitcoins were reported stolen (a momentous event in Bitcoin history that caused the price to plummet, and still influences its value).
While networked solutions like exchanges and hot wallets are useful for traders, merchants and other services needing to process a high volume of transactions, it’s widely held that cold storage is vastly superior in most cases from a security standpoint. This refers to the practice of keeping one’s keys offline, so that attack vectors via online means are reduced. Cold storage can range from the low-tech printing of paper wallets (a piece of paper with private and public keys on it), to the use of hardware devices. Of course, these methods have been proven in the past to leave some (though minor) security loopholes.
Hardware wallets are undoubtedly the gold standard among existing cold storage options. These are physical devices fitted with a secure chip (a hardware security module, or HSM) for generating private keys. The HSM is attached to the microcontroller of the device, but never reveals the keys to the connected computer (instead signing transactions from within). Gaining access to a hardware wallet requires physical control and knowledge of the encryption (private) key, a task that is much harder to execute than on an internet-connected wallet.
It’s vital that developers and engineers continue to work on solutions for protecting cryptocurrency, given that it’s increasingly being viewed as a lucrative target for theft. We can’t forget that as the tech evolves, so do the methods taken by malicious actors for compromising the safety of wallets.
I firmly believe that cryptocurrency will soon outpace traditional forms of savings and accumulation of wealth. To ensure it does, we need to develop better means of securing coins, as well as delivering a user experience so that even the most technologically-challenged can monitor their wallet and make transactions.
We’re gearing towards a future where, as a result of the mass proliferation of cryptocurrencies and utility tokens, we see such streamlining taking place. Significant advances are constantly emerging, and we’re progressing towards developing better solutions for interacting with blockchains. I have no doubt that hardware wallets are pivotal to this future and that they will only grow easier to use, with more intuitive software and user-friendly displays.
About the Author – Ken Hodler | Chief Engineer, KeepKey
Ken has been involved in cryptocurrency since 2011 and has contributed to the KeepKey product since 2015. He is an enthusiastic supporter of the ideals of decentralized currency and autonomous computing. He has worked on security-focused products for a significant part of his career and is a strong advocate of agile development and management methodologies.