The meteoric ups and the sudden falls of Bitcoin over the years have been both excruciating and unexpectedly rewarding for many Bitcoin holders—or HODLers, as the community calls them. In theory, you don’t need much to keep your Bitcoin other than a cryptocurrency wallet and obstinate faith in the future of cryptocurrency.
In reality, Bitcoin ownership is tethered to the edge of the blockchain void by a rather fragile password system known as Private Keys. That said, we prepared a guide to thoroughly explain how you can protect your Bitcoin, sprinkling just enough of the worst Bitcoin loss stories that made their way to the internet on top to give you a healthy scare, and perhaps a mild dose of schadenfreude. Read on to discover some of the worst Bitcoin losses and how you can avoid a similar fate and protect your Bitcoin.
How Secure Is Bitcoin?
Let’s start with the basics. Bitcoin has a finite supply. There can only be 21 million BTC in circulation according to Bitcoin’s original design and 18 million coins have already been mined in the first decade of Bitcoin’s launch. That means that there are only a few million coins left to mine, and since mining rewards halve every 4 years, we won’t see most of that amount until the last mining year, 2140. This is an artificial scarcity designed by Bitcoin’s very own pseudonymous Satoshi Nakamoto. But Bitcoin scarcity has reached a level even Satoshi Nakamoto may not have foreseen. It is estimated that around 4 million Bitcoins have been lost forever, an amount that equals almost 20% of all Bitcoin that will ever be mined.
4 million units is a staggering amount to lose, especially for the world’s biggest cryptocurrency that became famous for its non-decipherable and hack-resistant infrastructure. The truth is it is still impossible—or at least incredibly unlikely—that anyone can manipulate the Bitcoin ledger and steal money by exploiting the system. Bitcoin is secured by its blockchain; a public, open-source, immutable ledger held together by cryptography. It is virtually impenetrable without the right keys, assigned privately to each user by the system to control their accounts. It is an ingenious solution that can also cause a bit of an impending sense of doom to anyone who has ever lost a key.
Let’s dive a little bit deeper into the Bitcoin blockchain to understand why private keys are so important.
What Is the Relationship Between Private Keys and Blockchains?
Most people think they are buying a piece of data that they have to store when they buy Bitcoin. This is pretty inaccurate. To put it simply, all you do when you buy or sell Bitcoin is making a mark in the Bitcoin blockchain that says “X address has sent Y amount of bitcoin to Z address”. Anyone can see how much Bitcoin X and Z addresses hold by looking at the bitcoin addresses on the blockchain. So, instead of buying or selling data, all you are doing is recording transactions on a permanent, public ledger. This is much simpler than sending large amounts of data across computers around the world, and it is much more secure.
In fact, Bitcoin blockchain takes security so far that it inevitably circles back and emerges from the other side as potentially dangerous, as people who have lost their BTC to the impenetrable Bitcoin blockchain can attest. A private key is the only way to interact with the blockchain. Sans a private key, you can’t sell, buy, or do anything with your BTC other than stare at it hopelessly as it remains inaccessible to you on the Bitcoin blockchain.
Where do these mysterious keys come from and why can’t we just make copies like sensible people who lose their keys often enough to know that you should keep a spare at a trustworthy location? This is where cryptocurrency wallets come in.
What Is a Bitcoin Wallet?
A cryptocurrency wallet is a software that interacts with the blockchain in order to produce a private key. A private key is simply a long string of alphanumeric characters that are pretty much impossible to memorize unless you are a humanoid alien with extraterrestrial levels of IQ like Mr. Spock or perhaps Will Hunting from the Academy Award-winning movie Good Will Hunting. For us regulars, a private key has to be stored somewhere so that we can access it when we need to.
Technically, you can store your private key anywhere; you can even write it down. Some people even consider tattooing it on their bodies, though we don’t recommend this course of action if you have not sworn off getting naked with anyone, ever. Also, tattoos fade. You are safer with a more orthodox solution when it comes to keeping your private keys secure.
There are many different wallet types you can use to store your keys and interact with the blockchain. We will walk you through the five main Bitcoin wallet options and discuss the advantages they offer for protecting your key, as well as how they could possibly fail and what extra measures you can take to protect your Bitcoin.
What Are the Different Types of Bitcoin Wallets?
You might have heard people refer to Bitcoin wallets as hot or cold wallets. Hot wallets are either online or they are stored on devices connected to the internet; a phone or a computer wallet is a hot wallet. Cold storage refers to keeping your private keys offline, either on paper or on a hardware device. Each option offers a different advantage and they can all do the job. The question of deciding which is more secure really depends on you and your particular habits. Let’s illustrate what this means.
If you buy Bitcoin using an exchange, as most people have to do if they don’t live near a Bitcoin ATM, you will have an online wallet offered by the exchange service you use. You can also set up an online digital wallet beforehand from a service provider compatible with an exchange you will use. Online wallets are easy to use and are very convenient for frequent traders. Your private keys are stored by the online wallet company, and all you need to do is to remember a password to log in to your online wallet account.
There is some prejudice against online wallets in the crypto community, though with good reason. Unfortunately, crypto exchange security breaches are common in the cryptocurrency ecosystem. Exchange services run their own sites and servers so they are open to malware and phishing cyberattacks, unlike blockchains. Even well-known exchanges like Binance have had security breaches. These hacks can result in huge digital asset losses and you might have to bid goodbye to your Bitcoin.
Another problem with exchange service wallets is that owners who have the sole control of private keys sometimes die under mysterious circumstances, leaving behind only a cold trail of suspiciously empty cryptocurrency wallets, as what happened with QuadrigaCX.
One way to solve this problem is to use a non-custodial online wallet. Unlike custodial wallets, non-custodial wallets don’t store your security keys on their servers, and you have the sole responsibility of keeping your key private safe. However, this means that you still have to find another way of keeping your private key secure and accessible.
You can set up a desktop wallet on your computer by downloading digital wallet software. This way, you don’t have to entrust your private key to a third-party provider. There are two problems with this approach, though. First, your private computer is probably much more defenseless against hacker attacks than online wallet services that use professional security.
You are less of a target, especially if no one knows you have Bitcoin, but an internet-connected computer is still a weak link in the security ecosystem. Just ask the CEO of EasyFi Network whose computer was compromised by a hacker attack, which in turn compromised EasyFi’s MetaMask Private key. The attacker stole $6 million from EasyFi’s liquidity pools, as well as $75 million worth of EASY tokens.
The second problem is that your computer and its hard drive can be corrupted, stolen, or in some cases, get thrown into the trash to be buried under years of landfill. This last one happened to James Howells who desperately keeps offering the Newport City Council money in order to get an excavation permit to find the laptop hard drive he accidentally threw away years ago, which he claims had the private key to his 7,500 bitcoins.
You can download a mobile wallet app to your phone. It is admittedly very convenient to be able to trade on the go without needing computer access, but a mobile device is hardly the most secure device you can use to store your private keys. That said, most mobile app wallets don’t deserve the bad rep they get. Any modern mobile app wallet will offer you the option of a backup, which you shouldn’t keep on your phone for obvious reasons. With a backup wallet, you can still access your Bitcoin funds if you lose your phone.
The problem with mobile app wallets is that there are many scam apps mixed in with the good ones; even on Apple’s own App Store. People think these fraudulent mobile wallet apps are the real deal when they download them since these apps copy trusted company names and logos and have good ratings on the App Store. As one man found out tragically, not all apps can be trusted.
Hardware wallets are perhaps the most cherished wallet type in the cryptocurrency community. They are hardware devices not connected to the internet so they are not vulnerable to hacks, and that’s on top of being easy to move around. They also come with password and pin protection so your private key is definitely secure in one of these devices. Well, maybe a bit too secure.
Stefan Thomas went viral when he forgot the password to his IronKey device, losing 7,002 BTC. He is not the first to lose funds because he couldn’t remember a password or a pin code. Forgetting hardware passwords or pin codes is an incredibly common way to lose digital assets.
This is why hardware wallets like Trezor or Ledger started to offer seed recovery services.
Basically, when you set up your hardware wallet you get a list of 12 to 20 words that you can write down somewhere safe and secure. If you lose access to your hardware wallet for any reason, you can use the words or seed phrases to recover your private key.
What happens if you lose your seed phrases? Well, we know at least one person—a veteran tech journalist—that has managed to recover his wallet using an old version of Trezor back in 2016, but you probably shouldn’t depend on possible security vulnerabilities as a backup plan.
Ah, paper. A technology that has existed for almost 2000 years and it still beats the competition due to its sheer simpleness. Whether you pick an online wallet, a desktop wallet, or a hard drive wallet, you will likely need a paper copy of your private key, PIN Code, or at least the seed recovery words for a backup. There’s also paper wallet software that prints your private key in the form of a QR Code for ease of use. While paper is easy to destroy or lose, you can take measures such as laminating the paper and keeping a copy in a safety deposit box only accessible to you or your family and close ones.
A Few Words Before You Go…
Bitcoin allows you to become your own banker, but there are risks involved with having complete control and responsibility for your funds, as Stefan Thomas told the New York Times: “The whole idea of being your own bank – let me put it this way, do you make your own shoes?” This is an astute observation that stems from painful experiences. In order to protect your Bitcoin, it is important to shoulder the responsibility that comes with managing your own funds. That includes treating your crypto wallet security with utmost seriousness.
Your best bet is to take multiple security measures to ensure you have a backup plan. If you are using a cryptocurrency exchange wallet, always use two-factor authentication and pick a non-custodial online wallet. Some Bitcoin wallets like Electrum’s software wallet also have multi-signature features that require at least two confirmations from separate sources for any transaction. Finally, keeping a copy of your private key or seed recovery words on a piece of paper in a safety deposit box is a great idea to protect your Bitcoin. With all these measures, you will hopefully be safe from the anguish of losing your digital assets.