Should I store my crypto on an exchange?
There is a lot of misinformation on how to store your crypto to ensure it is always kept safe. With all the noise out there, it can become confusing to get a clear answer, especially when it comes to whether you should store your crypto on an exchange. So, I wanted to help settle the score with CryptoAltruism’s first Thursday educational blog post.
But before we get started, let’s very briefly go over what a wallet is, and the difference between a hot and cold wallet.
Wallet
A cryptocurrency wallet is a tool that allows the wallet-holder to store, receive, and send cryptocurrencies. There are two main types of wallets: hot and cold wallets.
Hot Wallet
Hot wallets, sometimes also referred to as software wallets, are cryptocurrency wallets that are connected to the internet. The main criticism of hot wallets as that they are more vulnerable to being hacked than the next type of wallet, cold wallets. Some of the most popular hot wallets include Exodus, Wasabi, Electrum, and Mycelium.
Cold Wallet
Cold wallets are cryptocurrency wallets that are NOT connected to the internet. These wallets store your private key on something offline, and many of the popular cold wallets also offer a software that allows you to easily view and access your cryptocurrency assets. These wallets may also be referred to as hardware wallets, as they are often in the form of a USB drive where your private keys are stored. The most popular cold wallets include those offered by Ledger and Trezor.
Storing on an Exchange
Technically, the wallets on cryptocurrency exchanges would be considered hot wallets, and thus, they share some of the risks that could come with any hot wallet. However, exchanges also have some unique characteristics that are worth discussing, many of which could put you at greater risk than other hot wallets. Overall, there are many concerns worth highlighting when it comes to storing your crypto on an exchange.
First, the exchange could get hacked. The risks that come with getting hacked vary greatly depending on the security measures put in place by your exchange. Some exchanges have fantastic security records, have various layers of authentication and safeguards, and store most of the crypto on the exchange in cold wallets. However, no exchange wallet is perfect, and there is always the risk of losing funds due to a hack. In fact, exchange hacks are unfortunately not uncommon, and hundreds of millions in crypto has been lost collectively from these various hacks.
Second, there is the risk that a cryptocurrency exchange could shutdown, and you could lose some or all of your assets as a result. If you utilize a well known and trusted exchange, this is extremely unlikely, but there have been cases in the past where some shadier exchanges have shut down or disappeared. There is also this terrifying example out of Turkey, where it is alleged that the founder of Turkish exchange Thodex fled the country with 2 billion USD worth of user funds. Well, that’s a terrifying thought. Then there is the unlikely risk (although it depends on where you live and the regulatory environment) of government seizure or shutdown of certain, or all, exchanges. However, I would say that the risk of shutdown is likely the least of your concerns when it comes to storing your crypto on an exchange.
Third, there is always the risk, depending on the exchange you utilize, that you don’t truly own your private keys. Some “exchanges”, such as Robinhood, don’t allow you to withdraw or deposit actual Crypto, so in a sense, you don’t really own your crypto. What is happening on Robinhood, is more closely aligned to holding a crypto ETF, minus the management fees. Again, this is more of an exchange-specific issue, rather than an argument against exchanges as a whole.
Finally, and what I believe to be the biggest risk, is your account being compromised. This could be from something as simple as malware on your computer, which is able to steal your login credentials if they are not stored securely. There is also the risk of hackers getting a hold of your personal information, making it easier for them to access your account. Recently, there have been terrifying stories of “Sim Swaps”, that essentially involve scammers “switching” your phone number from your sim card to theirs, thus gaining access to your text messages and phone calls. This then makes it easier for them to change the passwords on your crypto accounts to gain access to your funds. To help avoid this, I recommend using an independent two-factor authenticator such as Google’s Authenticator, if offered by your exchange, instead of using your phone or email for 2FA. Overall, just like your email, online banking account, or steam account, your crypto exchange account could get hacked, which could result in you losing some, or all, of your crypto.
Now, you might be thinking, “don’t exchanges have insurance for this type of thing?” Some exchanges certainly do, but the level of insurance is inconsistent across exchanges, and even with insurance, it’s not guaranteed that it would cover 100% of the assets stolen. That’s why it is important to fully vet potential crypto exchanges before depositing crypto or hard-earned fiat into them. In a future blog post, I will go into more detail on how to vet a crypto exchange for security.
In summary, storing your crypto on an exchange is far from ideal, and opens you up to a number of risks, including the potential of not truly owning your crypto. So, what then is the solution?
Storing your crypto on a cold wallet
From a security point of view, storing your crypto on a cold wallet is far safer than storing it on an exchange. If you have your crypto on a Ledger or Trezor device, for example, potential hackers or scammers would need to have your physical device to be able to access your private keys, and your crypto. Also, if you have your crypto on a cold wallet, you know, without a doubt, that you truly own it.
Both the Ledger Nano S, and Trezor Model One, my favourite cold wallets, are convenient and easy to use for beginners. If a hacker wanted access to the crypto that was stored on your Ledger or Trezor devices, not only would they have to physically have the device, but they would also need to know your pin, which can be up to 8 characters long, to gain access. Ledger and Trezor devices are also tamper proof, making it extremely difficult, if not impossible, for hackers to gain access without your pin, or recovery phrase.
Alternatively, a hacker would need to gain access to your recovery phrase. Your recovery phrase is 12 to 24 randomly generated words that are provided to you when you first activate your new device. This is unique to you, and only you, and can not be stolen from you unless you store in electronically. It’s important to physically write down your recovery phrase and to never, ever, ever share it with anyone else, or store it electronically. Make sure you clearly write down all of the words correctly and store your recovery phrase in a safe location. In the event that your device is damaged, lost, or stolen, you can use this recovery phrase to regain access to your private keys.
You may be wondering, what if Ledger or Trezor, the companies, got hacked? Even if they were hacked, the most likely thing to happen is that some of your personal information, such as your phone number, name, address, etc., could be accessed by the hackers. However, even if they was hacked, there is no way the hackers would be able to gain access to your private key, since it is stored on your physical device, and not on Ledger’s servers.
All in all, storing the vast majority of your crypto on a hardware wallet, such as the Nano S or Trezor One, is the way to go. Another strategy is splitting your crypto up, by having the largest share of it on a cold wallet, and a smaller amount on a hot wallet, so it is more accessible for trading purposes.
I hope this article was helpful, and that you feel more confident storing your crypto safely and securely. For beginners, the idea of storing your crypto on a cold wallet may be intimidating, but there are so many great resources online, such as those offered on the Ledger or Trezor websites, that make it easy and approachable.
If you are interested in purchasing a cold wallet, such as the Nano S or Trezor One that I recommended above, please use the link below to be referred to the Ledger and Trezor websites. If you purchase a device through these links, we also receive a small commission, so you will be supporting the operations of Crypto Altruism, for which we would be eternally grateful!
What do you think about storing your crypto on an exchange? How about on a hot vs cold wallet? Tweet us at @Crypto_Altruism to let us know what you think, we’d love to hear from you!