Bitcoin is falling again (or has flatlined by the time of this writing). The Securities and Exchange Commission (SEC) is still beating up on Coinbase as the two argue over what is an exchange and what it should be permitted to do. This includes where these exchanges should store your money.
As I sit here looking at my empty Ledger Nano S, I wonder if I should store my bitcoin there or keep everything in an exchange account. What’s safer and what’s more convenient, and why? Most of us retail crypto investors don’t know.
I asked around: hot storage or cold? (Physical, computer hardware is cold storage, or a cold wallet. I am not sure how much longer this lingo will last.) To date, even when I was advised during the FTX blowup to store my investments on my Ledger wallet, I have not. It sits in front of me in a home office set up, unused. Maybe I’m asking for it.
So far, other than occasional hacks that lead to thousands of accounts being robbed, most of us have not had any problems keeping our cryptocurrencies on an exchange. I can imagine losing a cold wallet (or my phone). It’s as big as a pen drive; it’s not exactly a heavy safe full of gold bars and cash. Plus, a Ledger wallet can be hacked even when not plugged in.
Some things to consider as dark clouds continue to gather around the cryptocurrency market, and some of its main players:
Cold or Hot: Or How Not To Lose Your Money
Losing money in crypto is probably very easy. Just spend $1,000 on some coin worth a $1 and watch it fall to $0.05 in a year. Beyond that, how else do you lose all your digital assets?
“You would really only lose control of your bitcoin if you lost control of your private keys,” says Geoffrey Arone, co-founder of Shield3 and a partner at a Seattle-based digital assets-focused hedge fund called Arrington Capital. Whether hot or cold wallets, investors are responsible for both storing and protecting their passwords. Recovering their assets is usually done with a 12-24 word password that you are given at the time of wallet creation.
Coinbase has a hosted wallet, meaning they have full control over account holders’ keys. They utilize a 2-factor authenticator to keep those keys safe. It’s the most convenient way to hold cryptocurrencies because it resembles how retail investors trade on any home broker account.
But, says Arone, “if the exchange were to collapse, it could potentially turn into a mess involving the SEC, the Department of Justice, and maybe the FDIC. Still, I trust Coinbase and use them, as well as other wallets, to store my assets.”
One hypothetical case study is this: you’re on vacation. TerraLUNA (LUNA) news hits crypto Twitter and it isn’t good. The price is collapsing. It’ll be worse than a penny stock soon. You played it safe and stored your 1,000 LUNAs on a Ledger. But your Ledger is at home, and you’re on a fishing boat checking your phone between Pacificos off Cabo San Lucas. If you had it all on Coinbase, you could have sold it immediately on your phone.
“The crypto market operates 24/7, so the key is being able to have access to your assets at all times,” says Louis Bellet, CEO and founder of ClearSync Ltd in the UK, the architect of Yellow Network, a decentralized clearing protocol that focuses on providing liquidity to facilitate trading, clearing, settlement, and compliance on-chain. “One option could be keeping your funds on a centralized exchange, although this has its security risks. You could use a broker that allows you to place orders by phone, provided you have enough collateral in your account for potential price fluctuations when they’re making the trade for you,” he says.
This mechanism is known as “clearing,” which is something the SEC wants to be separated from existing exchanges. Most exchanges do this themselves but SEC Chairman Gary Gensler said in April that some exchanges are not registered for that.
Each solution – cold wallet or hot wallet – “comes with its trade-offs in terms of security and flexibility,” Bellet says, adding that even though the Ledger Nano has its complexities, he thinks it is one of the most secure products on the market.
“These (physical) wallets may not be the epitome of user-friendliness, but their security standards are commendable,” he says. “The crypto industry certainly has room for improvement in making these devices more intuitive, but their importance in self-custody cannot be understated.”
Crypto Wallets: The Changing Landscape
Trevor Traina, CEO and Founder of Kresus, a crypto wallet application, says that cold wallets have peaked.
“I believe their market share will shrink as more modern and user-friendly non-custodial solutions become available,” he says. Traina is a Bay Area “serial entrepreneur”. He sold startups to MicrosoftMSFT and MastercardMA and was U.S. Ambassador to Austria in 2018 to 2021.
“Wallets like Ledger require a high upfront cost, a high degree of technical knowledge, and are hindered by the fact that the owner must keep the device on their person at all times if they plan to make a transaction. In the case of a Black Swan event, hardware users have commonly encountered the issue of not having their hardware device accessible when they need it most,” he says, alluding to my hypothetical run on LUNA tokens.
Szymon Sypniewicz, co-founder and CEO of Ramp, a London-based fintech company, said new wallet products, including hardware products, are constantly turning up. He mentioned Ledger Stax – a smartphone-sized device for storing NFTs and cryptocurrencies. This costs nearly $280.
“They all want to simplify the (cold wallet) experience for everyday users without compromising security,” Sypniewicz says. “The integration of software wallets on downloadable apps, bolstered by the hardware components of smartphones, like Samsung’s crypto wallet, is a promising development.”
Just Let Coinbase Handle It
What is the downfall of just letting the exchange you’re trading on hold your digital assets? This is what I do. It is convenient. And I believe the U.S. government would not allow investors to lose their capital if a big exchange shut down.
“When exchanges take custody of clients’ funds, they typically hold them all in cold wallets (offline) while maintaining a database of user’s funds,” says Brandon Brown, Detroit-based CEO & co-founder of FairSide, a crypto insurance alternative for personal wallets.
“Retail clients’ funds are generally held in pooled wallets on exchanges. When you deposit bitcoin to an exchange, the exchange doesn’t necessarily keep it in a unique wallet assigned to you. Instead, it goes into a pool with other users’ funds,” Brown says. “Your account on the platform will then be credited with a ‘promise’ or an IOU for that bitcoin and this is stored in a normal database, not on-chain. Many exchanges will offer specialized custodial services, but only for institutional investors.”
Brown likens cold wallets to a savings account, whereas hot wallets are the checking accounts used to trade and for daily use. “I think it will take some time to make cold wallets irrelevant, if ever.”
For Jack Vinijtrongjit, co-founder and CEO of AAG, a Web3 infrastructure company based in Tokyo, the Ledger Nano is a dust collector.
“These hardware wallets simply don’t make sense for mainstream users,” he says. “They still use the ancient concept of seed phrases for security and are susceptible to the same risks as any online wallet using seed phrases. In the past few weeks, we have seen cases of phishing scams that caused users of hardware wallets to be drained of their assets.”
During the spring of 2023 alone, Woburn, MA-based subsidiary of Russian-headquartered cybersecurity company Kaspersky said in a report on July 5 that it detected and thwarted over 85,000 scam emails targeting hot and cold wallets.
For storage with the exchanges themselves, there have been significant advancements in protecting investor assets online. The SEC would not allow these exchanges to remain in business if hackers were continually eating away at investor assets while the exchanges could not cover the loss.
Security schemes such as Shamir’s Secret Sharing, a cryptography algorithm that requires group approval to access information, have allowed developers to eliminate the use of seed phrases and private keys in many cases.
AAG has their MetaOne Wallet, which went live this January. “If someone snatches the phone from your hand while you are using your wallet, they still can’t steal anything from you,” says the AAG CEO. “If you include other security measures like blacklisting of malicious applications, there are fewer and fewer reasons to use hardware wallets.”
Based on an in-house AAG report, wallets requiring seed phrases like MetaMask and hardware wallets like Ledger will have a smaller market share by the end of 2024.
“Software wallets are getting better,” Vinijtrongjit says. “I’d just keep my money hot on those apps and on exchanges, instead of cold.”
*The writer of this article owns bitcoin and many other cryptocurrencies not mentioned here.
Follow me on LinkedIn.