There will always be an ongoing debate regarding the functionality of wallets and the appropriate methods for storing private keys. As there are many different methods in securing funds, it is important for users to make their own decisions on which method works best. # What is a Wallet? A digital wallet is an all encompassing device. It allows you to hold tokens, NFT’s, and any other digital asset that can be transferred on the blockchain. The wallet is where transactions are conducted and past transactions can be viewed. Wallets are usually generated using [bip-32](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki), [bip-39](https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki), or [bip-44](https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki). **Short overview:** - [bip-32](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki): Explains how HD (Hierarchical Deterministic) wallets work and how they are defined and generated. HD wallets allow users to create an infinite amount of private keys from a single root key. - [bip-39](https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki): Improves on this by encoding a list of 2048 words interchangeably. By encoding these words, this makes recovery of accounts much easier. These words create a 512 bit seed that is commonly known as "bip-39 seed." For added security, a password can be optionally added to generate the seed. - [bip-44](https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki): As an extension of bip-32, it allows for a specified structuring to make using, finding, and recovering for multi-purpose use cases. #### Accounts: - [Externally-owned-account (EOA)](https://ethereum.org/en/developers/docs/accounts/) An EOA is a wallet address controlled by private keys. - Contract Account - a smart contract that is deployed to an EVM network. This is a wallet fully controlled by code instead of a private key. - Common examples of contract accounts: - [Multi-signature wallets](https://safe.global/) - [Time-lock accounts](https://blog.openzeppelin.com/protect-your-users-with-smart-contract-timelocks) - [Threshold signature accounts](https://www.coinbase.com/blog/threshold-digital-signatures) - [ERC-4337](https://eips.ethereum.org/EIPS/eip-4337) ## Public Key & Private Key On [Ethereum](https://ethereum.org/en/developers/docs/accounts/), the public key is in 3 steps: 1. The private key is randomly generated from 256 bits. 2. Using [ECDSA](https://cryptobook.nakov.com/digital-signatures/ecdsa-sign-verify-messages) to generate a public key. 3. Hash the public key using [Keccak-256](https://www.quicknode.com/guides/ethereum-development/smart-contracts/how-to-use-keccak256-with-solidity). After the hash, you will have obtained the public key to be used on-chain. This combination of a private and public key can be used to transact on the Ethereum network via signatures. Ethereum signatures are used to provide proof of ownership without revealing the private key. By utilizing [elliptical curves]((https://medium.com/mycrypto/the-magic-of-digital-signatures-on-ethereum-98fe184dc9c7)), mathematical proofs can be used verify that each signature came from a corresponding private key without malicious tampering. # Self - Custody Options ## Hot Wallet Hot wallets are wallets that are directly connected to the internet. These wallets offer various features, such as sending, storing, receiving, staking, and swapping. Hot wallets can be accessed from a phone or laptop via products such as MetaMask, Phantom, and Kelpr. The purpose of these wallets is to make the user experience as simple as possible, but they should be treated with caution. Hot wallets should be treated like a traditional wallet. The funds in a hot wallet should be viewed the same as the cash held inside a wallet. If a wallet is lost or stolen, then everything in it can be permanently lost. One disadvantage of a hot wallet is that a private key is connected to the internet. For example, on MetaMask the private key can be easily discovered. This can lead to a security issue, and the user can be at risk of losing funds if they are not careful. ## Cold Wallet Cold wallets are not directly connected to the internet. This connection gap is what keeps private keys from leaking. **Types of cold wallets:** - Hardware Wallets - Hardware wallets start as cold wallets as the private key is generated off-chain. The wallets have no approvals or transaction history. - It is important to ensure that the device has not been tampered with and has the enclosed packaging seal. If the seal is broken, it is advised to not use the hardware wallet to prevent risk of funds. - Paper Wallets - Paper wallets are private keys produced offline via generators or done manually. These wallets are then sent coins without being moved. - Deep Cold Storage - Deep cold storage is taking any cold storage method and making it a costly manner time wise to get the key. This might include storing it underground or in a vault with multi steps to gain access. By doing this, it will slow down any attack method to gain access to your private keys. Additionally, this method comes with consequences if the need for the keys arise. ## Seed Phrase Storage Storing your seed phrase on a piece of paper can be destroyed by natural events such as water, animals, fire, etc. Seed phrases should be stored in weather protected capsules. - Seed phrases should never be stored on your desktop computer. - If seed phrases are stored on your computer, it should be treated as a personal wallet for day to day use. If you dropped your wallet on the floor, you cannot expect the money to still be there. ## Benefits of Self-Custody - **Privacy**: Users are not providing personal information before sending funds or having to potentially have their information be leaked when completing a transaction. - **Security**: User keys are not backed up on a server that can be exploited. - **Censorship Resistance**: A centralized entity cannot lock your funds for any reason. - **Decentralized**: Users rely on themselves and the network they are transacting on instead of offloading into a wallet before transacting. ## Pitfalls of Self-Custody - **Poor Key Management**: As key management can be challenging, users should take great care in which method they decide to store. If a weather related instance happens, is your private key safe? - **Difficulty**: Given that users are responsible for their own security, they are accountable for circumstances that may occur. - **Potentially Fewer Features**: Custodial services may offer easy access to staking, liquidity, and other resources that can provide a better UX. # Custodial Services As more investment opportunities grow inside of blockchain, more capital will enter the markets. Big institutions will need proper private key management and storage of large assets. By holding your assets with a custodian, a user or entity is leveraging proper key management to hold their coins. ## Benefits of Custodial Services - **Security**: Using robust encryption methods that reduce fraud, error, and hacks. - **Proper Key Management**: Keys are properly managed and insure best practices are used to mitigate private key leaks. - **User Experience**: Extra features such as access to liquidity, customer service, and other features. - **Compliance**: Custodians are able to navigate the complex legal landscape and follow all proper regulatory practices. - **Insurance**: If funds are lost due to a breach, the custodian will reimburse losses. ## Pitfalls of Custodial Services - **Time**: Withdrawing funds from. - **Lack of Control**: Trust is implied when using a custodian as the user does not have control over the assets. - **Privacy**: No privacy as the custodian has privilege overall all requests. - **Fees**: Account fees are taken so services can be given to all clients. - **Counterparty Risk**: Safety of funds may be compromised at any point by a breach. # Other Options ## Centralized Exchanges For users that do not have good methods of storing their private keys or do not have access to hardware wallets, trustful centralized exchanges can offer much higher protection than hot wallets. By using an exchange, you do not have to worry about key management. As the trusted exchange is using best in class storage methods. This comes with disadvantages if the exchange went down you might not be able to recover your coins. ## Recent Events On Jul 22, 2023 Alpapho hot wallet was exploited for $32 million dollars. After the exploit occurred, the wallet suspended withdrawals of certain tokens. The cause of the incident was said to be an unnamed third party. However, it is unknown what the outcome will be for Alpapho wallet users. As any hot wallet should be treated as a traditional wallet, it is encouraged to use an acceptable level of risk. ## Overview By leveraging different techniques, users should use a method that best suits their needs. For Example, if a user’s funds are approximately the same value of a hardware wallet, it might not make much sense to use one. However, if a user has enough funds to have life-altering implications in the case of a hack, then they should be using rigorous security techniques. Users can mitigate their risk by using several approaches mentioned. ## Key Takeaways - Excessive safety regime on private key storage. - Private keys should not be memorized as there is no method to recover the account balance if forgotten. - Keys should be stored in a weather & hazard proof environment. - Hot wallets should be treated as a traditional wallet and acceptable risk levels should be met. - Large emphasis on 2FA when applicable. - Do not self implement any cryptographic processes, use battle tested libraries and services. - If you are using a custodian, make sure there is a recovery plan in place if something were to happen to the company. - If using an exchange and/or a custodian, any friction to resist an outgoing transaction should be opted in. - For example: A user wants to transfer X amount of funds, then there should be an alert to approve or deny the transaction. - Keeping devices updated to the latest OS version to ensure latest security updates are enabled.