Cold Wallet Misunderstandings

It’s no surprise that Ledger is delaying their controversial Recover product after decentralization maxis and degens demanded answers.

But even before all that went down, I was inspired to write about cold wallets from this tweet by Carlini, which made me reflect on how confusing all the crypto wallet things can get.

We’ve all been guilty of connecting our wallets to suspicious sites, and then visiting revoke.cash in a panic. It’s not a fun feeling.

Here are five common cold wallet myths, solved… including me exposing my own misunderstanding. 🤡

MYTH 1: HARDWARE WALLETS=COLD WALLETS, AND THEY’RE AUTOMATICALLY SAFE

We’ve seen the disasters, the scams, the phishing. Somewhere right now, a despondent Bored Ape Yacht Club holder may be saying: “But I used a cold wallet, how could they get me?!”

A hardware device like Ledger stores your private keys offline, which is great to help protect you from online hacks.

BUT— using a hardware wallet only works as a “cold wallet” if you treat it as one. This means no connecting to dApps or smart contracts, including degen mints, and keeping it inactive except for storage and transferring assets to and from it. 🔐

You can actually use a hardware wallet as a “hot wallet” by connecting it recklessly to minting sites and dApps, and FOMO-signing transactions in a hurry. Sure, you’re using your hardware device, but you’re still signing something, and your crypto and NFTs could be at risk. It can’t protect you from social engineering.

MYTH 2: YOUR CRYPTO/NFTS ARE STORED ON THE DEVICE ITSELF

The reason I don’t use Ledger anymore is that my first one malfunctioned so hard with my Mac. I tried some YouTube fix to restart it that was way out of my screwdriver skills comfort zone. I swiftly broke it, and it was ded forever.

But good news! Your crypto and NFTs aren’t stored on the device. It’s not a USB drive. Can you believe?

As long as you have your wallet’s seed phrase, it’s no problem if your Ledger dies or you lose it. Simply restore it via seed phrase into any new Ethereum wallet, either browser-based like MetaMask or hardware-based. Your crypto and NFTs are stored on-chain, not on your ded device. ⛓️

So I guess you could wear it around your neck if you wanted to. But for the love of fashion, maybe you just don’t.

MYTH 3: A “SEED PHRASE” IS THE SAME THING AS A “PRIVATE KEY”

Not gonna lie, I thought these were the same thing until semi-recently. Anyone else? But it turns out that your seed phrase (also known as recovery or backup phrase) is simply a way to access your private keys in a different format.

• Seed Phrase: Once a wallet is created, an algorithm randomly selects 12, 18 or 24 words from a list of 2,048 words. This seed phrase is the master key to all of the private keys generated under that seed phrase.

• Private Key: Cryptographically secure 256-bit numbers that unlock access to public keys, and they are generated when the wallet is created.

• Public Key: Public keys are addresses on the blockchain that enable cryptocurrency recipients to receive funds. They are derived from private keys.

Private keys grant access to individual blockchain accounts. Seed phrases grant access to entire blockchain wallets that secure multiple blockchain accounts.

MYTH 4: THERE ARE ONLY TWO HARDWARE WALLET BRANDS

When we think about crypto cold wallets and hardware wallets, most of us think Ledger or Trezor. These are both leaders in the space, and their software features are continually improving. But these are far from the only choices.

Some hardware wallets connect to both desktop and mobile devices, use QR code connectivity, or use a card-like device for portability.

Some are best for crypto, best for NFTs, best for Macs or PCs, or have touchscreens.

It all depends on what you’re looking for. This recent article offers many different hardware wallets and compares their features and prices.

MYTH 5: NEVER USE A HOT WALLET OR AN EXCHANGE

All of this talk about the importance of wallet security in crypto leads some to say: “I’m only going to use hardware wallets.” But that isn’t always right for everybody.

A “hot wallet” (web-based wallet) like MetaMask is more susceptible to online hacks, but it’s extremely convenient for everyday transactions. Be wary of keeping too much crypto or valuable NFTs in these types of wallets, and also while using mobile wallets, but don’t let it shy you away from using them at all (although MM has had their own FUD lately).

As for exchanges (like Coinbase), well… some are better than others. Many web3 people only use exchanges as an “offramp” to convert crypto into fiat. That is what I use them for, but it doesn’t mean millions of people don’t store their crypto on them.

The benefit is that the exchange is responsible for holding your private keys instead of you, so you can’t lose the keys. However, that’s also the risk of the situation— you need to trust the exchange with your funds, and that hasn’t always worked out great.

Understanding the nuances of crypto wallets can be highly challenging for beginners and experts alike.

I personally go by the “four wallet” method to keep different security levels for different types of assets: degen hot, hot, lukewarm, and cold.

To this day, I’m still always learning about best practices for security. Remember to use services like delegate.cash and revoke.cash to better protect your wallets which hold valuable assets.

And never, ever, ever share your seed phrase with anyone— they’ll have immediate access to withdraw your funds and assets, with no way to reverse it. 😪

CHECK OUT MY LATEST POSTS:

• My VeeCon 2023 Experience (LuckyTrader)

• Everything You Need to Know about World of Women (LuckyTrader)

If you enjoyed this, you’ll also enjoy:

• BivNFT newsletter by biv.eth

• S4mmy’s Web3 Snippets