Casa Blog - Bitcoin Security Made Easy

Long gone are the days in which the underside of your mattress was the safest place for storing your hard-earned cash — or so you’d think. As the prevalence of bitcoin grows, more and more banks (and mattresses) are being passed up on in favor of more advanced means of safe storage.

In this edition of Bitcoin 101 we’ll go over the main types of storage, the pros and cons of each, and touch on which might be right for you.

Background: Public and private keys

Before we discuss each storage method, it’s important to understand the concepts of public keys and private keys.

Similarly to how many store cash, your bitcoin is stored in a digital “wallet.” These wallets contain a public key for receiving funds and a private key for spending funds — you’ll often hear them referred to as a key pair. Each key is represented by a long, cryptographically generated sequence of numbers and letters.

You can think of a public key as similar to a bank account number, and a private key like the PIN for that bank account.

For any given transaction, the public key generates an address for a recipient. Each new transaction will create a unique public key, and there’s no need to remember it in order to use it because it can simply be scanned or copied and pasted.

The private key acts like a password and allows someone access to transfer or spend their currency. Due to the cryptography used in key generation, it is not possible to reverse engineer a public key to ascertain a private key. However, anyone who knows your private key has access to your funds; therefore, the security of your funds is only as strong as the protection of your private keys. The harder it is for anyone but you to obtain your private keys, the more secure the storage.

The main differences between storage types, discussed below, are usability and security — most notably in how private keys are stored.

Storage

Now that we’ve got a basic understanding of how public and private keys work, let’s dive into the methods for bitcoin safekeeping. There are two primary types of storage: hot and cold.

Hot storage is generally considered easier to use, but far less secure because it relies upon a device that is connected to the internet. This makes hot storage more vulnerable to hackers and malware. Cold storage does not use a connection to the internet, and is thus considered the safer of the two.

Among hot and cold storage, the three most prominent classifications are: software, hardware, and paper.

Software

Software storage can be divided into three sub-categories: Desktop, Mobile, and Web.

Desktop

This type of storage can be installed on your computer. Once installed, your funds are only accessible from that single device. This means you can’t borrow a friend’s computer to access your own desktop device. Private keys are stored on the computer’s hard drive.

Exodus — one example of a desktop wallet.

Mobile

This type runs on an app on your phone and is available on most operating systems. As with desktop storage, private keys are stored directly on your mobile device.

*You should keep a paper backup and a secure PIN to prevent unauthorized access in the event that your mobile device is lost.
BRD — one example of a mobile wallet.

Web

Web storage is often run on the cloud and managed via web browser or browser extension. This makes it accessible from any computing device and at any location, provided there is an internet connection. However, web wallets are generally more of a black box than other types. Many are custodial and managed by a third party, so you can’t be sure of what goes on behind the scenes.

Coinbase — one example of a web wallet.

Paper

At the opposite end of the hot and cold spectrum lies paper storage — which is, quite literally, paper. Keeping paper storage means printing out both your private and public keys onto a piece of paper, which should then be kept in a safe or other very secure place. Paper storage should not be confused with a paper backup, which is a means of recovery for all storage types.

A paper wallet. Note the distinctions between public and private keys.

Hardware

Hardware storage is a physical device that generates and holds your private keys offline. To make a transaction, users connect their hardware device to any computer with internet access, enter a security PIN, and confirm.

*You should not trust pre-owned hardware storage, as previous users may have tampered with it in some fashion. Although many devices are open source (and thus do not require you to trust a manufacturer), some are not.
Trezor, the first-to-market hardware wallet

Well? Which should I use?

The answer is different for every person, and really depends on the trade-offs you want to make. What’s more certain, however, is that the more you rely upon a third party for management of your private keys, the more security risks you take on. Cold storage offers the greatest opportunity for management of your own keys. The catch is that you take on the added responsibility of understanding the security risks associated with self-management of keys. On the other hand, hot storage solutions may force you to sacrifice some degree of control of your private keys in exchange for less personal responsibility.

  • For a casual bitcoin user with small investments and high risk-tolerance, desktop or mobile storage will probably suffice.
  • As your bitcoin holdings increase, you should look to more secure solutions like hardware storage (we specifically recommend Ledger or Trezor).
  • The plainness of paper storage may be alluring, but we recommend against it because it is highly prone to damage, loss, and hacking during the process of importing private keys.
  • For the greatest of security needs, Casa’s multi-signature, multi-location, multi-device key management solution gives you ultimate control of your keys, and a world-class support system to back you up.

At the end of the day, it’s a matter of preference. The solution you choose should reflect your specific needs, but the bottom line is this: the greater control over your keys you have, the better.


Questions? Comments? Want to see something specific covered in the next edition of Bitcoin 101? Send us a tweet and we’ll take it into consideration.

For a more in-depth look at various storage types, visit our blog post on the Evolution of Key Management.