Just as pickpockets prowl the streets to steal innocent people's money, hackers surf cyberspace to break into vulnerable crypto wallets. Unfortunately, these bad actors can successfully drain thousands or millions of dollars worth of cryptocurrency.
For example, hackers stole $4.5 million from Solana wallets in August 2022, and the crypto app Trust Wallet reported a hack of $4 million in 2023. Because cryptocurrencies like Bitcoin (BTC) are on decentralized networks, there aren't any banks or companies for traders to call to recover their stolen digital funds.
Thankfully, a few tools and security strategies dramatically reduce crypto cyberattack risk. For instance, crypto traders sometimes use cold storage devices to prevent their wallet's sensitive information from leaking onto the internet.
But what’s crypto cold storage, how does it work, and why is it considered the gold standard in cryptocurrency security? Here’s all you need to know to make informed decisions.
What is Cold Storage in Crypto?
Cold storage in cryptocurrency refers to storing a wallet's essential passcode, called a private key, offline. Like an online account password, a wallet's private key is a long alphanumeric code. Anyone with a crypto wallet’s private key can control a trader's cryptocurrency, making it a critical part of crypto security. Cold storage cryptocurrency wallets maximize users' safety by keeping private keys off the internet.
In cryptocurrency's early history, paper wallets were one of the most popular cold storage methods. As the name suggests, crypto traders who used paper wallets printed their private keys on paper, usually as a scannable QR code. However, since paper is fragile (and humans are mistake-prone), crypto wallet developers sought to create a more secure, reliable, and convenient way to interact with digital assets. In 2014, a team of Czech developers introduced the first cold storage hardware wallet, the Trezor One, which stores the private key inside a physical device, similar to a USB. Following Trezor's success, other manufacturers, such as Ledger and KeepKey, entered the industry, and more crypto traders gravitated toward hardware wallets as their primary cold storage solution. When traders want to transfer crypto from a hardware wallet, they link it to their PC with a cord or wireless Bluetooth connection and manually confirm each transaction with their device. Most hardware wallets also require users to create a secret PIN as a primary line of defense when hooking up their unit, further preventing thieves from getting their hands on a user's crypto.
How are Hot Wallets Different from Cold Wallets?
Hot wallets have many of the same features as cold wallets but don't keep a user's private key offline. Instead, these mobile or desktop software applications are always on the internet, so there's less of a barrier between a person's private key and the World Wide Web. Although hot wallet developers use encryption technologies and firewalls to prevent hackers from getting into their apps, these wallets risk exposure to more cybersecurity issues, such as malware and viruses.
Why Do People Use Cold Storage Crypto Wallets?
Security is the primary benefit of using a cold storage crypto device. Because cold wallets keep users' private keys off the internet, there's more of a barrier between online hackers and each holder's cryptocurrency. Unless a thief knows a person's private key or steals their physical device plus the private PIN, getting into a high-quality cold storage device is difficult. Since cold storage wallets have the highest reputation for security, long-term crypto purchasers (aka hodlers) often use these units to store digital assets they want to hold for years. Keeping cryptocurrency on a cold storage device gives people the peace of mind that their funds aren't as vulnerable to hacks or cybersecurity issues.
Are There Downsides to Using Cold Storage?
The main selling point for cold storage devices is their enhanced security, not their affordability or convenience. Granted, some hardware wallet models aren't relatively "expensive," and a few of these units make it easier to connect with a PC or mobile device with a wireless connection. However, compared with most hot wallets, cold storage devices can't compete on price because many software wallets like MetaMask and Trust Wallet are free. Also, being "cumbersome" is essential to a cold wallet's design.
Remember, many people use cold wallets to store their cryptocurrency for long periods, so these devices aren't tailored for daily trading activity or for use in decentralized applications (dApps). Traders, gamers, or non-fungible token (NFT) collectors more interested in using their cryptocurrency often prefer hot wallets due to a seamless internet connection.
What Does Deep Cold Storage Mean?
Deep cold storage means a crypto trader deliberately makes it difficult to access their crypto account. For instance, instead of keeping a hardware wallet on their property, a trader might store their device and a copy of their private key in a vault at a bank. Since banks ask for personal identification before letting people access their assets, it creates extra inconvenience for would-be criminals. Another option is to write half of the private key on one sheet of paper and the other half on another to lock these documents in two safety deposit boxes.
Some cold storage crypto wallets also let people create an "optional passphrase" for their accounts. This helps traders remember the passcode, and the passphrase isn't literally stored on the hardware device with the private key. So, in this example, even if a criminal had a hardware wallet's private key, they can't transfer the cryptocurrency without the optional passphrase. And if a crypto trader memorized their optional passcode, there's no physical trace of this important word. This makes it impossible for a hacker to break into a crypto wallet unless they get the victim to admit it.
How to Store Crypto in Cold Storage
Hardware crypto wallets aren't the only way to store crypto in cold storage, but they’re popular and accessible for crypto traders.
We recommend reviewing the highest-rated crypto hardware wallets and double-checking each device’s features and supported cryptocurrencies. When you find the right crypto cold storage wallet for your needs, order directly from the manufacturer's website to receive an authentic product. E-commerce shops like Amazon and eBay offer second-hand hardware devices, but there have been cases where scammers set up the private keys on these wallets beforehand to siphon a victim's crypto funds.
After receiving a hardware wallet in the mail, open the device and link it to a PC. Every cold wallet has a different setup process, but most connect to a proprietary software wallet application, such as Ledger's "Ledger Live" or Trezor's "Trezor Suite." After connecting a hardware wallet to a software application, you’ll need to set up a PIN and write down a list of 12–24 words called the "seed phrase," which is a readable representation of the private key. Ensure you keep these words in a secure and secret place. After completing these preliminary steps, click on a cryptocurrency in the wallet’s software app and select "Receive" to move crypto to cold storage.
For example, if you want to send BTC from a Coinbase account to a Trezor One, here’s what you need to do:
Be sure to connect the Trezor One to a PC
Click "Bitcoin" in the Trezor Suite app
Select "Receive BTC"
Copy the public Bitcoin blockchain address, or leave the QR code open
Log in to the Coinbase app
Choose "Withdraw BTC"
Enter the amount of BTC to send, and paste the Trezor address or scan the QR code
Finally, confirm the transaction
Learn How to Keep Crypto Safe on dYdX Academy
Although software wallets are often cheaper and more convenient to use—especially when making quick trades or interacting with dApps—cold storage is the best option for hodlers. However, no matter which wallet you use, it's imperative to keep your private keys secret.
Head to dYdX's blog and Academy to learn tips on avoiding security risks and common scams in Web3. We have a wealth of educational materials and resources on subjects such as custodial versus non-custodial wallets, blockchain nodes, and more.
Start trading on dYdX today!
The content of this article (the “Article”) is provided for general informational purposes only. Reference to any specific strategy, technique, product, service, or entity does not constitute an endorsement or recommendation by dYdX Trading Inc., or any affiliate, agent, or representative thereof (“dYdX”). Use of strategies, techniques, products or services referenced in this Article may involve material risks, including the risk of financial losses arising from the volatility, operational loss, or nonconsensual liquidation of digital assets. The content of this Article does not constitute, and should not be considered, construed, or relied upon as, financial advice, legal advice, tax advice, investment advice, or advice of any other nature; and the content of this Article is not an offer, solicitation or call to action to make any investment, or purchase any crypto asset, of any kind. dYdX makes no representation, assurance or guarantee as to the accuracy, completeness, timeliness, suitability, or validity of any information in this Article or any third-party website that may be linked to it. You are solely responsible for conducting independent research, performing due diligence, and/or seeking advice from a professional advisor prior to taking any financial, tax, legal, or investment action.
Any applicable sponsorship in connection with this Article will be disclosed, and any reference to a sponsor in this Article is for disclosure purposes, or informational in nature, and in any event is not a call to action to make an investment, acquire a service or product, or purchase crypto assets. This Article does not offer the purchase or sale of any financial instruments or related services.
By accessing this Article and taking any action in connection with the information contained in this Article, you agree that dYdX is not responsible, directly or indirectly, for any errors, omissions, or delays related to this Article, or any damage, injury, or loss incurred in connection with use of or reliance on the content of this Article, including any specific strategy, technique, product, service, or entity that may be referenced in the Article.