Voices

Crucial keys to cryptoasset storage methods

Bitcoin mining setup

In my last column, we covered the ABCs of cryptoassets and the world of DeFi. Now, let’s turn to an equally important topic: where to store this novel asset class.

A key differentiator between traditional and decentralized finance — De Fi — is the role that public and private keys play in storing, receiving and transferring cryptoassets.

Public keys are unique digital addresses used by investors to send and receive cryptoassets. These keys are broadcast on the blockchain, represent ownership of an account and can be shared openly without fear of theft.

Private keys, though, must be kept confidential. These digital addresses are used by investors to sign transactions and spend funds. If private keys are accessed by anyone other than the owner, the owner’s cryptoasset wallet associated with that private key is vulnerable to misappropriation.

Given the importance of public and private keys, proper storage of each is important to protect against the loss or theft of cryptoassets. When determining wallet suitability (see below) among the numerous options, major considerations include:

  • The investor’s risk tolerance.
  • Comfort with their ability to safeguard their keys independently.
  • Long-term outlook on the crypotasset space. 

Wallets are either “hot,” meaning they are connected to the internet, or “cold,” meaning the cryptoassets are held offline. Within that framework, there are two main wallet categories: custodial and non-custodial.

Custodial wallets
We’ve all heard horror stories of investors with crypto fortunes who lost their private keys and subsequently their riches. When purchasing and storing cryptoassets with a crypto exchange, investors are issued their public and private keys, with the private key being managed by the exchange. Investors have the option to hold their assets on the exchange in hot storage or offline in cold storage through the options below.

Custodial software wallets: Crypto exchanges such as Coinbase, Gemini, Binance and Kraken (all of which operate simultaneously as exchanges, brokers and custodians) provide strong examples of custodial software wallets. Storage of keys can be managed through wallets installed on your computer or mobile device — in hot storage connected to the internet.

Ease of accessibility via a computer or smartphone allows for swift transfer of funds should the need to do so ever arise. For this reason, software wallets are commonly used by investors who trade cryptoassets on a regular basis. Keeping private keys at the exchange is also convenient and relieves investors of the risk of losing their keys.

A cautionary word though: custodial software wallets are one of the least secure storage options available. If an exchange or a phone is hacked, your cryptoassets in hot storage are susceptible. In addition, the idea of using a third party to safekeep keys and the cryptoassets themselves goes against the goal of decentralization and the total autonomy it hopes to achieve. Still, many investors overlook the shortcomings of custodial wallets in exchange for their convenience. (see below).

Custodial cold wallets: Many firms such as Coinbase, Gemini and Fidelity offer cold storage via standalone custody solutions. Proper cold storage by a responsible third party alleviates the hacking risk that comes with holding assets directly on an exchange as the cryptoassets are taken offline. By working with a third party to store assets offline rather than doing so independently, investors eliminate a major risk that comes with self custody — forgetting their password and thus risking the loss of their assets FOREVER.

The trade-off for having third party support is loss of self-sovereignty. While cold storage is a more secure option for investors, it is less convenient for transferability as the assets must be brought back online for any transactions. For this reason, cold storage, whether done in cooperation with a custodian as stated above or done independently, is best suited for those who wish to buy and hold their cryptoassets for the long term rather than for regular trading.

Non-Custodial Wallets
Non-custodial wallets allow investors to self-custody; they cut out third parties and maintain self-sovereignty by being in full control of their keys and their crypto. In alignment with the decentralized nature of cryptoassets, it is the responsibility of the investor to select their preferred method for secure storage and remember their private key.

Hardware wallets: To remain independence of any third party, investors can purchase a hardware wallet — a physical device for storing cryptoassets offline. Hardware wallets typically take the form of a USB stick lookalike, like Ledger or Trezor.

When purchasing a hardware wallet, an investor receives their public and private keys. Private hardware wallets also issue investors a 12-word seed phrase as a way to derive the private key. This seed phrase must not be lost because without it, wallets, private keys and ultimately cryptossets cannot be recovered and the investor risks losing their cryptoassets forever. Should an investor endeavor to perform a transaction, they need only plug in their wallet to a computer to bring the cryptoassets back online.

As stated above, hardware wallets provide investors with a high level of sovereignty — a defining characteristic of the decentralized finance space. Hardware wallet users have full control over where their keys and assets are stored. In addition, the fact that hardware wallets are not internet-based removes susceptibility to internet hacks, thus increasing overall security.

Keep in mind when considering a hardware wallet that there is no insurance or customer support team to report to in this space if your assets are stolen. With increased security comes decreased speed and convenience for investors who wish to move cryptoassets frequently. For this reason, hardware wallets are commonly used by investors who plan to “HODL” (an acronym for hold on for dear life) their cryptoassets over a long time period.

Non-custodial software wallets: Non-custodial software wallets differ as they do not require the participation of a third party that is responsible for safekeeping of your private key. Storage of keys can be managed through wallets installed on your computer or mobile device, such as Metamask or Exodus.

As with hardware wallets, investors are independently responsible for the safekeeping of their private key and seed phrase. Since keys are stored on a device, i.e., in “hot storage” connected to the internet, software wallets are susceptible to hackers.

However, the ease of accessibility via a computer or smartphone allows for swift transfer of funds should the need to do so arise. For this reason, software wallets are commonly used by investors who trade cryptoassets regularly. They offer the convenience of being online without the risks involved with having a third party manage your private key.

Hybrid wallets
Although an unofficial categorization, there are services such as Casa that fall in between custodial and non-custodial wallets. These services do not take custody of your keys (i.e., non-custodial), but set up a two- or three-factor authentication process where the user is one authenticator and the firm is the other. This way, there is a method for recovering your keys if needed.

The storage method for cryptoassets is an extremely important decision for investors, and suitability should be determined on a case-by-case basis. Advisors investing on behalf of clients or providing guidance on held-away assets must consider the pros and cons of each option including the level of security, compliance and reputation of the digital wallet company or exchange. No asset is risk-free; that being said, the nuance within the cryptoasset space provides an opportunity for financial advisors to educate clients and prove their value when navigating this burgeoning asset class.

For reprint and licensing requests for this article, click here.
Technology Cryptocurrency
MORE FROM FINANCIAL PLANNING