More than $3 billion in crypto has been stolen in 2022 so far, and an estimated 3.7 million Bitcoin has been lost due to lost private keys. To top it all off, in the wake of the collapse of FTX Group, many crypto investors have lost access to their funds as they've been frozen while bankruptcy proceedings progress. This is why it's never been more important to know how to best store your crypto to protect it from hackers, scammers, unsafe exchanges and even human error is vital to keep your investments safe. You’ve got a lot of different options when it comes to storing cryptocurrency - from hot wallet to hardware devices - and each has their pros and cons. We’re looking at the different ways you can store your crypto and the pros and cons of each type of wallet so you can pick the best wallet to keep your crypto safe.
Crypto Key Storage 101
There’s a lot of jargon around crypto storage - and a whole industry built up around it, so let’s break it down. You’ll need to understand two key concepts - private keys and custody.
Private keys are a piece of cryptographic data, similar to a password. It’s a string of letters and numbers that allows you to access and manage your crypto. You’ll use your private key to sign any transactions from a given wallet. So anytime you want to send crypto anywhere - you’ll need your private key. What this means is that hackers are very interested in your private keys so they can access your wallet.
Meanwhile, custody is the concept of who controls your private keys. When you use a crypto exchange, like Binance or Coinbase, the exchange is the custodian of your private keys. This arrangement is more akin to traditional banking. While you have an account - it isn’t you who holds your funds or has access to the transaction. The exchange has custody of your private keys and makes the transaction on your behalf.
Is it safe to leave my crypto on an exchange?
If you’re using a custodian for your private keys - you need to trust them. Not only do you need to trust in their security, but you also need to have confidence in their proof of reserves and liquidity - so you’ll be able to access and withdraw your funds when you want to.
Crypto exchanges and networks get hacked a lot. Some notable hacks in the last couple of years included:
- $162 million from Wintermute in September 2022.
- $190 million from the Nomad Bridge in August 2022.
- $182 million from Beanstalk Farms in April 2022.
- $625 million from the Ronin Network in March 2022.
- $325 million from Wormhole Bridge in February 2022.
- $196 million stolen from BitMart in December 2021.
- $135 million stolen from Vulcan Forged in December 2021.
- $120 million stolen from BadgerDAO in December 2021.
- $77.7 million stolen from Ascendex in December 2021.
- $130 million stolen from Cream Finance in October 2021.
- $601 million stolen from Poly Network in August 2021.
This is just a selection of some of the more newsworthy attacks. In many instances, the exchanges have promised to reimburse funds to affected users, but in other instances they have not. Which brings us onto our next point - you need to trust the crypto exchange you’re using. Not only that they would cover any losses due to a security breach on their part, but that you’ll be able to withdraw your funds as and when you want to.
While many crypto exchanges are trustworthy and reputable - many are not. Some infamous crypto exchanges from over the years include:
- ACX: Despite claiming to be Australia’s most liquid Bitcoin exchange, the exchange collapsed with more than $13 million in missing funds.
- Thodex: The founder of Thodex went missing as the exchange went offline, with more than an estimated $2 billion in investors funds yet to be found.
- Africrypt: Following an alleged hack, $3.6 billion of investor funds were stolen and the exchange went offline. Many users believe the founders of the exchange are responsible and a criminal investigation is on-going.
- FCoin: FCoin exchange shutdown operations back in 2020, but failed to pay users back their held funds with an estimated $125 million missing.
- QuadrigaCX: The death of owner Gerald Cotten led to a lack of access to the exchange’s cold wallets, which stored all investor funds. On further investigation, 5 out of the 6 cold wallets had been emptied months before Cotten’s death - leading many to believe he stole funds and faked his own death. $190 million in investor funds remains missing.
Even if the circumstances aren’t as dire as above - many crypto investors have issues with exchanges. During volatile markets, many exchanges will halt sales and purchases and there is of course downtime for developers to work on site too.
The prime example of this is the collapse of FTX Group. The once market-leading exchange halted withdrawals after a bank run and filed for bankruptcy in November 2022, leading to a number of other FTX Group platforms closing too, including BlockFi & Liquid Exchange. Investors have been left without access to their assets held on the platform until bankruptcy proceedings are complete.
This is why many investors believe in self-custody - where you and you alone hold your private keys securely. It's the only way to ensure your funds are truly your own, and has never been more important in the current crypto market conditions where many exchanges are facing liquidity issues.
Of course, the downside of you being the custodian of your own private keys is that you take full responsibility for your funds. If you lose access to your private keys, they’re gone. If your funds are stolen, they’re gone.
So what you need is a secure way to store crypto. There’s many options when it comes to self-custody, but it all boils down to hot vs. cold wallets.
Hot wallets vs. cold wallets
A hot wallet is any crypto wallet that’s connected to the internet. Hot wallets are also known as software wallets - it’s any form of digital storage you access through your PC or phone. Because it’s connected to the internet at all times - this makes it far more vulnerable to hacks and thefts than the alternative - cold wallets.
Cold wallets, also known as hardware wallets or cold storage, are the opposite. Your private keys are held in an offline environment. There’s a lot of options when it comes to cold wallets - from the simple paper wallet through to hardware wallets with extra security features.
Let’s break down each option for your crypto storage and the different pros and cons of each.
Crypto exchange storage
Arguably, not holding your own private keys is the least secure way to store them.
We’ve covered this above, but crypto exchanges and other custodial wallets have issues. They’re hacked - regularly. With millions in funds in a given exchange, they work like a honeypot for hackers. On top of this, there's always the risk that they don't have adequate reserves to hold steady should there ever be a bank run, as with the FTX collapse.
This said, the upside of using a larger crypto exchange is that in some instances - they’re able to cover their losses if there is a hack. For example, in 2019 Binance lost 7,000 BTC, but as the world’s largest exchange, they also had the funds to cover the losses. Smaller exchanges often don’t have this luxury - nor do they have the funds to put into building stronger security - which often makes them far less secure.
However, storing crypto on an exchange is often a necessity. You need to store crypto with a given exchange - at least temporarily - to make the transactions you want to make. You can lessen your risk of loss or theft by only storing what you need on a crypto exchange and using other storage solutions for crypto you plan to HODL.
Of course, there’s always decentralized exchanges (dex). These don’t require you to give up custody of your private keys - but they’ve got their own issues. Liquidity, limited recovery ability due to a lack of KYC verification and security being the top risks for your assets. Most of the time, when you use a dex - you’re going to be using a software wallet (hot wallet) to do so and these come with their own pros and cons.
Software wallet storage
Software wallets give you control of your private keys. Popular examples of software wallets include MetaMask, Exodus, Electrum and Atomic. With a software wallet - you don’t need to worry about exchange hacks or mismanagement. But they’re not without their flaws.
In simple terms - a software wallet is only as secure as your device is. If you’re following best practices for digital security, this could be somewhat secure. But if you’re not, your crypto may be even more vulnerable in a software wallet than in a crypto exchange.
There are a lot of common hacks when it comes to software wallets including:
- Fake software wallets.
- Keylogging software.
- Clipboard hijacking.
Malware is an issue for everyone who uses the internet. It’s intrusive software specifically designed to gain unauthorized access to a device. You can download malware from a number of places - completely by accident. This could be through downloading malicious apps, using an outdated operating system with vulnerabilities, through email phishing scams or connecting to an unsecure site or Wi-Fi network.
Fake software wallets sound far-fetched, but scammers will go to great lengths to gain access to your crypto. Back in 2020, an Electrum user installed a fake update for the wallet and had 1400 BTC stolen.
Keylogging software is also an issue. Keyloggers monitor keystrokes recorded by a user. This means if you’re unlucky enough to end up with a keylogger on your device - your private keys are not secure.
Finally, clipboard hijacking is a newer hack to the crypto space where a hacker switches out your public address for their own when you send crypto. It’s a very simple scam - but an effective one because most of us are copying and pasting our addresses in when we’re making transfers.
All this considered, like crypto exchanges - software wallets are sometimes essential for specific transactions. For example, many DeFi protocols require you to use a software wallet in order to stake tokens.
You can improve the security of your software wallet by following best security practices - we’ll cover this below in more detail. But you can also opt to use multisig software wallets to improve your security.
So if even software wallets aren’t always secure - what’s the alternative? A hardware wallet.
Hardware wallet storage
Hardware wallets evolved from a need for more effective cold storage. Cold storage for crypto back in its infancy consisted of so-called paper wallets - so literally a piece of paper with your private key on, or even a USB device.
Both these had their issues. You still need to plug a USB stick into a device in order to access it - so if your device is compromised, so is your USB. Meanwhile, we’ve all lost important bits of paper at some point or another and both options are vulnerable to theft. In essence, if you lost your device or paper, your crypto was similarly lost too.
Hardware wallets emerged as a solution to some of these problems and are now considered the safest way to store crypto.
A hardware wallet is a physical device that stores all your private keys that is always kept offline. When you want to send crypto from a hardware wallet, you’ll connect your hardware wallet to your PC/mobile using USB or Bluetooth. Once connected, you’ll sign any transactions related to your hardware wallet using a pin or password. This has the additional benefit that even if someone stole your hardware wallet - without the pin or password to it, they’ll still have no access to your private keys.
Hardware wallets started out by being quite technically complicated, which put a lot of potential users off. Nowadays, hardware wallets are a lot more user friendly and come with a lot of advanced security features to get around previous problems.
One of the early problems with a hardware wallet was the risk of loss. Like a piece of paper or a USB stick - you could lose your hardware wallet. Don't believe us? One crypto investor accidently threw his hardware wallet in the bin by accident, which contained the private keys to 7500 of BTC - valued at more than $300 million at the time of writing.
To get around this, most hardware wallets now feature a seed recovery phrase. This is a list of words which work as a backup - which stores all the information needed to recover funds on the blockchain. As well as this - like software wallets - many hardware wallets now also feature multi-signature security. Some of the most trusted hardware wallets include:
- Trezor Model T
- Ledger Nano X
While hardware wallets might be the most secure - the downside is that they’re not great for active trading. This is why many hardware wallets now feature integration with software wallets to make this process easier, while still maintaining the highest levels of security for your private keys.
A final point on hardware wallets is that they don’t come free, or even cheap. Or if they do come cheap - they’ll often not feature the best security features of the high end hardware wallets. You should never be tempted to buy a hardware wallet secondhand or from anywhere other than the manufacturer. These devices may have been tampered with.
With all this said, the question remains - what’s the best way to store crypto?
What’s the best way to store crypto?
Each type of crypto storage has its pros and cons, which you need to consider when choosing the best way to store crypto.
In reality, the best way to store your crypto depends on your unique circumstances like how long you plan to hold your crypto, how often you plan to trade your crypto and how much crypto you hold. A mix of custodial, software wallets and a hardware wallet is the best practice when it comes to the best way to store crypto.
If you’re storing crypto on an exchange, you should:
- Only store small amounts.
- Only store what you plan to trade.
- Use trustworthy and reputable exchanges.
If you’re storing crypto using a hardware wallet, you should:
- Store crypto you plan to HODL longer term.
- Pick a hardware device with a seed recovery phrase (and store your seed recovery phrase somewhere secure!).
- Never buy from anywhere other than the manufacturer.
Finally, if you’re storing crypto using a software wallet - you should follow best security practices.
How to keep crypto safe: best practices
We’ve harped on about how your crypto is only as safe as your device is - but it’s true. The good news is, there’s lots of ways to keep your cryptocurrency safe:
- Password best practices: Use different passwords for every single account and use passwords with no personal relation to you. Avoid cloud-based password managers and never store seeds on any password manager.
- Enable 2FA: Whenever you have the option to enable two-factor authentication, you should enable it.
- Use multiple emails: Don’t use your personal email for your accounts on various crypto exchanges or wallets. Personal emails are far more vulnerable to a data breach.
- Use reputable exchanges: Never heard of an exchange? Proceed with caution. Never hold more crypto on a smaller exchange than you’re willing to lose.
- Use multiple exchanges: Even if you’re using larger exchanges, it’s wise to use multiple larger exchanges. This splits your hot coins and means there is one less single point of failure. Want to find a safe exchange? See our best exchanges guide.
- Keep your PC/mobile device clean: Splurge on the best antivirus software and avoid using unsecure sites, Wi-Fi networks or clicking on any spam links.
- Keep software up to date: Outdated operating systems are an easy target for hackers. Always ensure you download updates directly from the manufacturer/provider.
- Always double check the URL: Make sure you’re on the site you mean to be on by double checking the URL. Scammers have gotten much better at replicating sites, so always ensure you’re on the site you mean to be before transacting with crypto.
- Use multisig wallets: Multisig wallets require two or more private keys to sign a transaction. So even if someone gets hold of one key, they still have no means to move your crypto without the other.
- Keep your seed phrase somewhere safe: Don’t save it on your PC or take a photo of it on your phone. Store it in an offline location - like a safety deposit box.
How crypto wallets work with Koinly
Whatever crypto wallet you’re using - you can use Koinly for your crypto taxes. We support all major crypto exchanges, as well as all major software wallets - like Exodus, MetaMask and Electrum. We even support hardware wallets like Trezor, Ledger and KeepKey.
All you need to do is sync the wallets and exchanges you use with Koinly using API integration or by importing a CSV file of your transactions. Don’t worry about another app having access to your crypto - Koinly only has read-only access. You cannot make transactions from your Koinly account.
Once you’ve done this, Koinly calculates your capital gains, losses, crypto income and expenses and generates your crypto tax report. You can download multiple tax reports based on your location - for example, the IRS Form 8949 and Schedule D for US residents, the ATO myTax report for Australian residents or a HMRC Capital Gains Summary for UK residents.