A cryptocurrency wallet is called a “wallet” because it gives an owner access to Bitcoin and other digital currencies that they own. But don’t let the term mislead you — a crypto wallet is more similar to an online banking website than a physical wallet. It allows an owner to review, buy, or sell their assets, but their wealth is not physically stored there.
What a crypto wallet actually stores is an owner’s cryptocurrency keys: a private one and a public one, both digital. The private key is a set of letters and numbers unique to an owner’s cryptocurrency wallet that allows them to send digital currency from that wallet. The public key (a.k.a. public address) is an alphanumeric string of characters that can be used to receive cryptocurrency from others.
While the public key is 100% open to the public, the private key must absolutely be kept secret at all costs because the latter grants full access to one’s crypto assets. In this effort to keep the private key secure, two types of cryptocurrency wallets have developed. A hot wallet is connected to the internet, while a cold wallet is offline. This one distinction has significant implications for the security (and convenience) of an investor’s digital assets. Knowledge of security best practices will help you choose the best cryptocurrency wallet.
A hot wallet is defined as one that is connected to the internet. To novices, this may seem like a logical decision. After all, online banking itself is becoming increasingly more common, so why shouldn’t crypto follow this trend? However, like anything connected to the internet, a hot wallet is vulnerable to hackers who are increasingly targeting crypto investors.
Large banking institutions have gigantic IT security budgets to prevent online hacks, and digital theft of this sort can be traced and remedied through law enforcement and the courts. In contrast, given the decentralized and anonymous nature of cryptocurrency, theft of an individual investor’s private keys means very likely the complete loss of those assets. There are no personal “accounts” with cryptocurrency like there are with traditional banks — whoever knows the private key of a Bitcoin wallet, for example, essentially owns that Bitcoin.
So there are distinct security disadvantages to holding cryptocurrency with a online wallet, especially if stored by an individual investor themselves (who may or may not be current on the latest security measures). Even trusted crypto exchanges and services that offer hot wallet storage on their own servers can be hacked, as has happened time and time again.
Even though they may not be the best cryptocurrency wallet, hot wallets do have some advantages of convenience. For one, an investor can access their online wallet from anywhere with an internet connection (much like online banking). Trades of coins between crypto wallets and other digital currency transactions can also be instantaneous with a hot wallet. In many cases, a hot wallet is less expensive as well.
Nevertheless, more often than not, these advantages are outweighed by the risks of online storage. So, if you own Bitcoin (or perhaps other cryptocurrencies), in most cases, cold wallets will prove to be the best Bitcoin wallet option.
Cold wallets are ones not connected to the internet. For digital assets held within them, there is almost no conceivable way for a hacker to gain access. Theft of cryptocurrency kept in cold storage can only occur through robbery of a building or other physical means (i.e. not through traditional hacking).
Hot wallets are of course also susceptible to such physical theft, but cold wallet storage is uniquely focused on preventing such robbery. Companies that specialize in cold storage of crypto assets will often employ enclosures like high-security vaults to store cold wallet devices.
There are a range of such devices where a cold wallet can reside. While hot wallets will often be stored on hard drives (or SSDs) inside of a server, cold wallets are frequently stored on portable drives, such as a USB flash drive. Some USB drives are specifically made for housing cryptocurrency wallets.
Another common method of cold storage of crypto is the humble “paper wallet”, which just means writing your private key down on a piece of paper. Since any crypto wallet essentially just keeps your private key a secret, writing it down and securely hiding the piece of paper can achieve the same thing. A hard drive or flash drive can suffer mechanical malfunction, but paper can not (of course, the paper wallet is prone to other vulnerabilities, such as burning or being misplaced).
Eventually, though, any investor will want to trade or transact with their cryptocurrency, and this can’t be done through a cold wallet alone. The blockchain lives online, and for a transaction to be recorded on it, a Bitcoin wallet–even a cold one–needs access to the internet. Typically, such transactions will occur via a separate device apart from the cold storage device — this is known as an “air gap”.
This concept can be illustrated with a simple example. Suppose you have two computers at home. Computer A is always connected to the internet, while Computer B is never connected to the internet. A crypto investor who utilizes a cold wallet with an air gap would always store their digital wallet on Computer B (offline) and only ever plug in their digital wallet via a USB to Computer A (online) to make a transaction.
Once the trade is complete, the USB is immediately removed from Computer A and the digital wallet is completely cold again. This air gap between Computer B and Computer A makes it significantly harder for hackers to snatch a private key than if a cryptocurrency wallet is always online, as with hot storage.
This process of cold storage is of course more laborious. Trades can’t be carried out immediately and from any location, as they can with hot storage. Cold storage is best utilized in a long-term investment strategy, not for crypto day trading. But, as with any security measure, what you lose in convenience you will likely gain in peace of mind.
Other hot storage and cold storage considerations
There are some important aspects that are common to both hot wallets and cold wallets. For example, let’s say that you own Bitcoin. Who is actually responsible for storing it? An individual investor, a cryptocurrency exchange, a services company, or a custodian can all store the same Bitcoin wallet either using hot storage or cold storage.
An individual investor storing a cryptocurrency wallet on their own device has complete control over the wallet but may not be aware of the most current security measures to protect the digital assets. Cryptocurrency exchanges often offer crypto wallet services to their customers, but these companies are often especially targeted by hackers (given the concentration of crypto assets there). In some cases, even the best Bitcoin wallet may be vulnerable to hacking.
Various services, from dedicated wallet companies to even an internet browser, offer crypto wallets with varying levels of security. An increasing trend in crypto storage is the emergence of custodian companies that offer comprehensive cold storage services for digital currencies. Many offer services such as vault storage, personal hardware devices, secure authentication, and other managed benefits.
Multi-signature wallets are another great feature that may be offered by organizations specializing in cryptocurrency storage. Such wallets require that more than one party (including the investor) authorize a transaction, adding a further layer of security against unauthorized transactions.
Backups are important for crypto wallets as well, since if a private key is lost, the digital assets in the wallet can never be accessed again. This is especially important for investors storing their cryptocurrency wallet on their own device(s). Often, an investor will store their crypto wallet on an offline USB flash drive and also keep a paper wallet backup with the private key in a safe. Redundancy prevents loss from technological failures (e.g. a corrupted drive).
Finally, some exchanges and custodians offer cryptocurrency insurance. When all else fails and the security of a Bitcoin wallet is breached (i.e. the private key and the coins are stolen) an insurance policy may provide a remedy for lost funds. The crypto insurance industry has been slow to take off but is now rapidly growing, offering policies that protect against hacks, physical theft, loss, and other incidents. Some companies, such as Coinbase, only insure hot storage (only 2% of the total) rather than cold storage assets, so you must take care to research crypto insurance policies thoroughly.
The benefit of a hot wallet is generally convenience, while a cold wallet is much more secure against hacking. Bitcoin and other digital currencies can be great investments, but the decentralized nature of blockchain means that every investor is responsible for how they decide (or with whom they partner with) to keep their private keys safe. Keep this in mind when searching for the best cryptocurrency wallet.
Read more about cryptocurrency security here.