{"id":156572,"date":"2021-01-17T18:32:00","date_gmt":"2021-01-17T15:32:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/secure-bitcoin-self-custody-balancing-safety-and-ease-of-use\/"},"modified":"2021-01-17T18:32:00","modified_gmt":"2021-01-17T15:32:00","slug":"secure-bitcoin-self-custody-balancing-safety-and-ease-of-use","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/secure-bitcoin-self-custody-balancing-safety-and-ease-of-use\/","title":{"rendered":"# Secure Bitcoin self-custody: Balancing safety and ease of use"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a28bb5defbff\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a28bb5defbff\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/secure-bitcoin-self-custody-balancing-safety-and-ease-of-use\/#Not_your_keys_not_your_coins\" >Not your keys, not your coins<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/secure-bitcoin-self-custody-balancing-safety-and-ease-of-use\/#No_magic_bullet\" >No magic bullet<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/secure-bitcoin-self-custody-balancing-safety-and-ease-of-use\/#A_few_helpful_suggestions\" >A few helpful suggestions<\/a><\/li><\/ul><\/nav><\/div>\n<p>&#8220;<strong># Secure Bitcoin self-custody: Balancing safety and ease of use  <\/strong>&#8221;<br \/>\n<img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjEtMDEvODc5MWEyYWMtNjU5Yi00OTkyLWEwMmUtOWQ5YzgxZjFjOWNmLmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-5a136f3a>Bitcoin\u2019s supply is c<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ed at 21 million, but a significant proportion of that total sum is likely lost forever. This situation is due to a variety of reasons such as lost private keys and discarded storage devices containing substantial amounts of Bitcoin (BTC).<\/p>\n<p>When Bitcoin owners are not being careless with their wallet passwords, they can sometimes be targeted by hackers looking to steal their precious crypto. Those who utilize third-party custodial solutions place their Bitcoin fortune at the mercy of the security protocols adopted by such services.<\/p>\n<p>Indeed, several attack vectors are constantly being utilized to try and gain access to people\u2019s Bitcoin funds. These exploits, which range from the simple to the sophisticated, target any perceived weaknesses inherent in any storage method.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Not_your_keys_not_your_coins\"><\/span>Not your keys, not your coins<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Crypto exchanges cater to millions of customers, and it\u2019s reasonable to assume that a significant proportion of that number uses these services as their primary Bitcoin custodian. Under such a custodial arrangement, the cryptocurrency owner does not possess the private key of the wallet.<\/p>\n<p>\u201cNot your keys, not your coins\u201d is a popular refrain in the crypto space, and the maxim serves to warn people of the risks involved in storing cryptocurrencies with third-party entities. Indeed, the crypto landscape is dotted with numerous exchange hacks where cybercriminals broke into poorly-secured platform wallets to steal customer funds.<\/p>\n<p>Sometimes, the exchange recovers from the theft, and other times, the platform goes bankrupt. Mt. Gox and QuadrigaCX serve as examples of the latter, with affected customers still striving to recover their funds.<\/p>\n<p>These days, exchanges are attempting to upgrade their security protocols to prevent hacks. Exchanges holding uninsured and substantial crypto sums in vulnerable hot wallets is now greatly discouraged. Some platforms still make this grave error and often pay the price.<\/p>\n<p>Crypto forensics is also evolving by the day, making it more difficult for cybercriminals to liquidate their loot. In all, 2020 saw a significant decline in the number of crypto-related thefts with rogue actors reportedly stealing <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/atlasvpn.com\/blog\/blockchain-hackers-stole-3-8-billion-in-122-attacks-throughout-2020\">$3.8 billion<\/a> from over 120 attacks throughout the year. However, the emergence of decentralized exchanges has opened up another way for criminals to launder money.<\/p>\n<p>The reduction seen in 2020 has broken a four-year trend of increasing cryptocurrency crime. However, decentralized finance now seems to be the new playground for crypto thieves and other rogue actors with the novel market niche accounting for more than half of the stolen cryptocurrency in 2020.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"No_magic_bullet\"><\/span>No magic bullet<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>When it comes to robust security for self-hosted Bitcoin storage, it\u2019s perhaps important to realize that there is no magic bullet. Indeed, Ruben Merre, CEO of hardware wallet maker NGrave, touched on this point, telling Cointelegraph that BTC owners are often torn between the choice of keeping their coins on exchanges with decreased security or in cold wallets that are typically not user-friendly.<\/p>\n<p>In theory, every conceivable method for holding BTC has tradeoffs, and some of the drawbacks associated with any of these systems can act as an entry point for malicious actors.<\/p>\n<p>Take air-gapped devices for instance. On the face of it, simply isolating a computer from the internet should provide robust security against hacks. However,<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/arxiv.org\/pdf\/2012.06884.pdf\"> according<\/a> to a study recently published by Mordechai Guri, a cybersecurity researcher at the Ben-Gurion University of the Negev, it is possible to \u201cgenerate covert Wi-Fi signals from air-gapped computers.\u201d<\/p>\n<p>In the research paper, Guri established that \u201cair-gapped networks are not immune to cyber attacks.\u201d Indeed, a skilled hacker can exfiltrate sensitive data like keylogging credentials and biometrics from air-gapped computers.<\/p>\n<p>Perhaps even more alarming are portions of the research study devoted to the possible means of data exfiltration from air-gapped computers placed in Faraday cages, shielded enclosures that block electromagnetic fields. So, relying only on a Bitcoin wallet stored in a computer isolated from the internet might not be as secure as previously thought. A person utilizing this method might need to run signal jammers continuously.<\/p>\n<p>Then, there are hardware wallets that offer robust security with private keys stored offline. Though these devices interface with a computer when in use, they never actually connect to the internet.<\/p>\n<p>A hardware wallet owner needs to either encrypt their keys or store them in a safe place. For the former, if the encryption is performed using a computer that has or will be connected to the internet, then there is a significant risk of losing the keys to malware.<\/p>\n<p>A user can even utilize every security measure available with hardware wallets and still lose their Bitcoin. Hardware wallet maker Ledger has suffered severe breaches leading to the theft of sensitive customer information. With their phone numbers and personal addresses out in the open, several Ledger customers are facing the threat of physical attack.<\/p>\n<p>For Monero\u2019s former lead developer, Riccardo Spagni, Ledger\u2019s failure to protect customer information has exacerbated the difficult nature of secure crypto self-custody, telling Cointelegraph:<\/p>\n<blockquote><p>\u201cSecuring Bitcoin is hard, and people often overestimate their technical abilities. This is made doubly complex by companies, like Ledger, failing to keep customer data secure. Ledger is amazingly competent at building a secure hardware wallet that is also easy to use, but customers are getting caught out by <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">social<\/a> engineering due to their customer data being leaked. This makes robust Bitcoin storage even more difficult.\u201d<\/p><\/blockquote>\n<h2><span class=\"ez-toc-section\" id=\"A_few_helpful_suggestions\"><\/span>A few helpful suggestions<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>An ongoing survey by NGrave revealed that 25% of crypto users are not securing their coins as well as they think. While hardware wallets might not offer the ease of use associated with keeping Bitcoin on an exchange, the consensus among commentators was that the former option is still the safest method. <\/p>\n<p>According to Merre, when the user opts to own their own assets, they can no longer use the centralized exchange model and have to move to decentralized exchanges, or hot wallets, like mobile apps, adding:<\/p>\n<blockquote><p>\u201cWith all online solutions, you have some level of convenience as everything is easily accessible, but you\u2019ll be giving up a lot of security. For example, your hot wallet will give you a private key to begin with, and hence, that key\u2019s first touchpoint is immediately with the internet. A huge security risk already.\u201d<\/p><\/blockquote>\n<p>For Spagni, Bitcoin self-custody for the less tech-savvy is a balancing act between security and ease of use. The easiest methods tend to have the least security and the most secure methods require a fair few configuration protocols.<\/p>\n<p>Back in November 2020, Whirlpool Stats\u2019 Matt Odell<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/matt_odell\/status\/1325779512127188994\"> tweeted<\/a> his favorite Bitcoin storage setup that combined running Bitcoin Core and desktop-based wallet Specter with a ColdCard hardware wallet. According to Odell, the setup costs about $150 and required at least 10 gigabytes of storage space. Specter works directly with the Bitcoin Core, so combining both eliminates the need for running an Electrum server. The user can then verify transactions on ColdCard directly.<\/p>\n<p>For users who might find the above setup overly daunting, it\u2019s important to include as many security layers as possible on top of their chosen storage method. These include two-factor authentication and encrypted keys, among others.<\/p>\n<p>It is also important to note that backups and retrieval processes for additional security protocols must be carefully stored. According to Spagni, Bitcoin owners should treat information such as seed words, wallet passwords, passphrases and encryption keys as though they were physical gold bars and keep them safely ensconced.<\/p>\n<p>The inability to remember key wallet data has led to many Bitcoin owners locked out of their accounts. As many as 3.7 million BTC, or 20% of the circulating supply, is thought to be lost forever. Some examples of such stories include an IT engineer accidentally discarding his BTC into the trash and now offering $72 million for an opportunity to dig it up. Meanwhile, another early-day crypto enthusiast has forgotten a password for his hard drive containing around $266 million in BTC and only has two password tries left to unlock his stash or it will be lost forever.<\/p>\n<p>To ensure that one does not add to that sad statistic, it\u2019s important to treat seed words, encryption keys and the like as valuable data and guard them accordingly.<\/p>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/secure-bitcoin-self-custody-balancing-safety-and-ease-of-use\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;# Secure Bitcoin self-custody: Balancing safety and ease of use &#8221; Bitcoin\u2019s supply is capped at 21 million, but a significant proportion of that total sum is likely lost forever. This situation is due to a variety of reasons such as lost private keys and discarded storage devices containing substantial amounts of Bitcoin (BTC). When&#8230;<\/p>\n","protected":false},"author":1,"featured_media":156573,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/s3.cointelegraph.com\/uploads\/2021-01\/8791a2ac-659b-4992-a02e-9d9c81f1c9cf.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74867,74862,75819,75190,89871,75189,80097,74879,4965],"class_list":["post-156572","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-altcoin","tag-bitcoin","tag-bitcoin-wallet","tag-hardware-wallet","tag-hot-wallet","tag-ledger","tag-mobile-wallet","tag-wallet","tag-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/156572","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=156572"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/156572\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/156573"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=156572"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=156572"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=156572"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}