As eager investors jump into cryptocurrency to partake in wealth creation or avoid missing out, learning about how to safeguard their digital assets is paramount.
Bitcoin and other cryptocurrencies live on the blockchain, a form of digital transaction ledger. Cryptos are decentralized digital currency, meaning they do not have a central authority such as a bank that can monitor transactions. Rather, they operate on a peer-to-peer exchange network where transactions are validated by members in the decentralized network, also known as miners. Even though blockchain has a good reputation for security, blockchain is not free from vulnerabilities.
For example, Badger DAO, a decentralized finance app, suffered a hack where users lost $120 million worth of funds from its platform. This crypto hack was a result of a phishing incident where the front end of the platform was compromised, resulting in malicious transactions.
Novice crypto investors who are still learning best practices to manage their digital assets need to understand that they have some of the responsibility in managing the threat of a crypto hack. Actions crypto investors can take include choosing a crypto exchange that works best for their investing or trading needs, selecting a crypto wallet that properly secures digital assets, and taking security measures when interacting on exchanges.
Addressing these many considerations can be a difficult task, but here are the key items you need to know to be a successful – and safe – crypto investor:
- Can the blockchain be hacked?
- How to safely store crypto.
- Cold versus hot wallets.
- Tips to prevent cryptocurrency theft.
Can the Blockchain Be Hacked?
Despite security features inherent in the blockchain’s design, it can be vulnerable to attack, and crypto exchanges have been hacked before.
Here’s what to know: Cryptocurrency and blockchain work together. Blockchain is the technology that allows digital assets such as Bitcoin to operate, so this technology is fundamental in crypto’s success. The blockchain is a chain of digital blocks that hosts information. The blockchain network secures financial transactions.
Once this data is recorded on the blockchain, it’s nearly impossible to change it. When a transaction takes place, a new block is created. A series of blocks creates a chain. If a miner tries to tamper with a block, the chain becomes invalid. Since blockchain is a distributed ledger without a central authority, this reduces the possibility of data tampering. Despite this, crypto exchanges have been hacked before.
In the Badger DAO hack, when users were interacting with the app, such as moving funds, the hacker was able to control the approval of transactions, exploiting the network and draining users’ accounts.
Users can protect themselves from a blockchain hack by properly securing their cryptocurrency. This starts with safely storing their digital assets in crypto wallets.
How to Safely Store Cryptocurrency
Since it may not be safe to keep all of your crypto on a third-party exchange, it’s best to use cryptocurrency wallets to manage digital assets.
Wallets are software that creates and stores both public and private keys. These keys are used to access digital money that’s stored in the crypto wallet. These keys are critical because if you lose them, you can lose access to your digital assets.
When explaining private versus public keys, Chris Kline, chief operating officer of Bitcoin IRA, compares them to an email and its password. “You give your email address out to people, so they can send you emails – a public key is your email address of your crypto. If you want to send Bitcoin to someone, you share your public key with them. The private key is your password to your email.”
Crypto users own the responsibility to keep their private key password safe.
You have to write it down and put it in a safe place because if you lose it or forget, it could pose a challenge in accessing your crypto funds.
Cold Wallets vs. Hot Wallets
Crypto investors who prefer not to use a wallet can use services like Coinbase Global Inc. (ticker: COIN), PayPal Holdings Inc. (PYPL) or Venmo that have integrated services known as hot wallets.
“(With) a custodial platform like Coinbase, you are entrusting the ownership of your assets with that of Coinbase,” says JP Richardson, founder of crypto wallet company Exodus. In this case, you do not control the security of your digital assets.
Hot wallets are online wallets that allow users to transfer or trade crypto assets quickly. However, because they are connected to the internet, hot wallets may be vulnerable to cyberattacks or hacks that could lead to losing your cryptocurrency. For example, if you open an account with a cryptocurrency exchange and put funds in that account, this is considered holding your digital assets in a hot wallet.
Cold wallets, on the other hand, are not connected to the internet. They offer greater security and are thought of as a less risky way to store cryptocurrency.
Cold storage requires users to have a hardware device, similar to a USB drive, along with passwords to get into the wallet. If you want to move assets from your cold account, you would have to transfer them from a cold to a hot wallet in order to transact with the cryptocurrency. This may seem less convenient, but unless someone else has access to your cold wallet’s PINS or passwords, cold storage is far less susceptible to hacking.
To avoid having to go back and forth between cold and hot wallets frequently, a standard practice is keeping a certain amount of crypto on an exchange to easily transact with but to have a majority of crypto funds safely secured in cold storage. So it makes sense to have more than one crypto wallet: a hot wallet for access to crypto markets and to easily transact and a cold wallet to maximize security.
If you don’t want to deal with storage and security issues but want to invest in cryptocurrency, you can choose Bitcoin exchange-traded funds. This is probably the safest route when going into crypto, says Tally Greenberg, head of business development at Allnodes, a crypto hosting provider. In the U.S., there are only two directly invested crypto ETFs so far: Proshares Bitcoin Strategy ETF (BITO), the first Bitcoin-linked ETF, and VanEck Bitcoin Strategy ETF (XBTF). These Bitcoin ETFs trade in Bitcoin futures contracts. This option solves concerns over wallet management, asset liquidity and security.
Tips to Prevent Cryptocurrency Theft
One of the risks of managing your digital investments in a custodial account – or hot wallet – is the potential for hacks. If the platform goes down, and users are no longer able to transact crypto or log in to withdraw their money, this could pose a big risk
On the other hand, the risk when using a self-custodial account – or cold wallet – is safeguarding your password. Typically, investors put this written password in a safe deposit box. As there is more innovation in the crypto space and storage technology evolves, experts say, there will be solutions for easier self-custodial storage.
“We’re going to leverage the power of iCloud or Google Cloud to help consumers save this safely, but today, you still have to write it down,” Richardson says.
When searching for an exchange to transact cryptocurrency, there are a few key features that ensure that it is storing assets on a secure platform. “The biggest concern is, where do you trade?” Greenberg says..
First, Greenberg says, investors must look at the exchange’s reviews to understand how big the exchange is, how many people are trading on it, what assets are trading on it and which ones they want to get into.
Kline says to look for authentication options and built-in security parameters. He says that when you create an account, make sure it has two-factor authentication. This is a security feature that verifies that you, and not an imposter, are trying to access your account. SMS codes, or text messages, are the most common methods for verification. But depending on the account, it may offer additional security features.
Experts say that reputation is one of the biggest factors. “If it’s a platform that is well-known and has a strong reputation, you typically can’t go wrong, and the biggest one today is going to be a company like Coinbase,” Richardson says. For companies that may have had security issues in the past but claim to have corrected them, this could be a red flag requiring additional research.