Do you sleep easy at night, knowing how many thieves would love to steal your bitcoin? At this very moment, hackers are probing your cryptocurrency exchange for weaknesses. They’re gathering information about you – where you live, your pet’s name, your favorite football team – with a view to social engineering. They’re crafting malware laden emails with your name on and prepping to port your phone number to a different handset while you sleep. Concerned about the security of your bitcoins? Sounds like you need a storage solution for the ultra-paranoid.
Keep Calm and Lock It Down
Provided your bitcoin is stored in a wallet that you – and you only – hold the private keys to, your coins are safe from all online attack vectors. The one thing this setup can’t protect you from is real world risks: threats from thieves, brandishing a gun to your head, threats from fire and flood damage, and threats from yourself. The biggest cause of lost coins isn’t third parties – it’s you.
The tales of lost hardware wallets, overwritten hard drives, and forgotten seeds don’t need retelling. Just as human error – usually stolen or weak passwords – is the cause of most successful cyber attacks, it’s the same when it comes to lost or stolen bitcoins. Any private key-based solution needs to address the risk of human error. Otherwise, even the fanciest of hardware wallets and strongest of safes can be rendered redundant.
For individuals in possession of life-changing amounts of bitcoin – or who believe that their coins will one day be worth a life-changing amount – the following methods guarantee a good night’s sleep. There are downsides to resorting to such extremities of course: in the event of a major bitcoin crash, the rest of the world will have cashed out while you’re still taping together strips of paper wallets. If you’re contemplating drastic measures to safeguard your cryptocurrency holdings, however, you presumably have faith in bitcoin’s long-term prospects.
Create a Timelock
For long-term investors, entering bitcoins into a time-locked wallet is a surefire way to ensure they can’t be accessed anytime soon. With smart contract protocol Ivy providing a framework for utilizing the Bitcoin Script assembly language, it will soon be a lot easier to create time-locked wallets. Set the date far enough in the future and you needn’t concern yourself with the wallet being prematurely opened – by you or anyone else. For now, implementing timelocks is a feature best left to the experts.
Coinb.in is one such service. As the site explains: “Use OP_CHECKLOCKTIMEVERIFY (OP_HODL) to create a time locked address where the funds are unspendable until a set date and time has passed”. All of the site’s code can be audited on Github and the site doesn’t hold your private keys.
Timelocks are all well and good, but what if you would like to access your bitcoins at some point in the future, you’re just not sure when? Multisig is the preferred solution for enterprises in charge of substantial bitcoin holdings. Because the private keys of two of three individuals is generally required, multisig makes it impossible for a rogue employee to drain the wallet. For personal use, a multisig wallet could involve one of the keys being entrusted to an attorney or other trusted entity.
Don’t mandate that every signatory’s key must be used to unlock the wallet though, as if one person loses their key you’re screwed. Coinb.in, once again, is an option: it will allow you to specify as many as 15 keyholders per wallet, and to state how many keys should be required to unlock it. Other providers of multisig wallets include Armory, Electrum, Coinbase, and Bitgo.
Use a Cryptocurrency Custodial Vault
A number of companies have launched ultra-secure cold storage solutions. You’ll need to have at least $100,000 in digital assets to enter into Coinbase’s, for instance, and it’ll cost you a premium. Still, for those who would sleep easier offloading responsibility for their coins to a fully insured third party, a custodial vault is about as good as it gets. Swiss ones cut into a mountainside are particularly well regarded. Xapo’s is a decommissioned Swiss military bunker that can survive a nuclear blast. In its core lies a “cold room”, protected by steel slabs that act as a Faraday cage to repel electromagnetic pulse attacks.
Set Up Your Own Vault
Why pay over the odds for someone else to slap a bitcoin logo on their bank vault when you could visit your local bank and put your private key in a safety deposit box? Better still, store your key at several banks, just to be sure. While there’s nothing to stop you from storing your wallet seed in a safe in your own house, this runs the risk of criminals forcing you to open it. Far better to let a bank deal with the danger.
Split Your Paper Wallet Into Parts
A variation of number four, this technique calls for cutting your private key into parts and then storing them in numerous vaults, including at least two copies of each pars to ensure redundancy. Using multiple paper wallets is essentially multisig for people who don’t trust other people. If you’re worried that the paper itself could be damaged and rendered illegible, have your keys etched into metal. That’s a job you’ll want to do yourself or outsource to multiple etchers, to ensure that no one gets to read your entire private key.
If the foregoing options aren’t robust enough for your liking, there’s nothing to stop you from combining them all. A time-locked multisig paper wallet split into sections and distributed in banks across multiple continents? Now that’s just getting silly. In reality, a paper or hardware wallet with the private key backed up in a safe place off-site should be enough for most people. Still, if the safety of your cryptocurrency holdings is causing you worry, up your opsec and start sleeping easy.
Would you pay for a premium cold storage service, or do you think a hardware or paper wallet should suffice? Let us know in the comments section below.
Images courtesy of Shutterstock.
Want to create your own secure cold storage paper wallet? Check our tools section.