{"id":85717,"date":"2018-12-11T18:27:16","date_gmt":"2018-12-12T02:27:16","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/?p=85717"},"modified":"2018-12-13T18:23:13","modified_gmt":"2018-12-14T02:23:13","slug":"best-bitcoin-wallet-hardware-or-hosted","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2018\/12\/best-bitcoin-wallet-hardware-or-hosted","title":{"rendered":"Best Bitcoin wallet: Hardware or hosted?"},"content":{"rendered":"The question asked in the title has been edited from what was asked today at Quora, the Q&amp;A forum at which I participate as expert columnist. The original question was a bit more ambiguous: \u201cWhich is better? \u2014 a digital bitcoin wallet or a physical one?\u201d <!-- \/wp:post-content --><!-- wp:paragraph --> I have included the original question, to better distinguish products and terms. <!-- \/wp:paragraph --><!-- wp:paragraph -->\r\n\r\n<em>All bitcoin wallets are all digital<\/em>\u2014even a paper wallet, whether a character string or a QR code. Conversely, an exchange may use \u201cphysical\u201d wallets to host client assets, individual application wallets, or they may simply keep records of client assets that are stored, collectively, in their own master wallet. <!-- \/wp:paragraph --><!-- wp:paragraph --> To complicate matters, Bitcoin is never really \u201cstored\u201d by you or an exchange service. <em>It is stored on a public blockchain<\/em>, where assets and transaction history can be traced through time by anyone. Therefore, all forms of user access are \u201cdigital\u201d. What the reader really wants to know is \u201c<em>Which form of access control is better?<\/em> \u2014 custodial or personal?\u201d <!-- \/wp:paragraph --><!-- wp:paragraph \/--><!-- wp:paragraph -->\r\n\r\n<strong>Type 1: Custodial Wallets are Managed by a Trusted Party<\/strong> They hold your assets. You view a statement balance\u2014just like a bank account. <!-- \/wp:paragraph --><!-- wp:paragraph {\"backgroundColor\":\"light-gray\"} -->\r\n<p class=\"has-background has-light-gray-background-color\">The reader uses the term \u201cdigital wallet\u201d to mean a hosted wallet in which a trusted 3rd party holds the private keys, or aggregates the assets of many customers and tracks their individual ownership in their own accounting system, like a traditional bank or broker. In this case, the 3rd party is trusted to maintain security, privacy, and constant, robust user access.<\/p> It is possible that the reader may have used the term \u201cdigital wallet\u201d to additionally refer to PC and smartphone applications, such as Bitcoin Core, Armory or Electrum. But, these are really personal and private wallets \u2014 because they are created and configured by the owner, and only the owner has the private keys. And so, we classify device wallet applications as \u201cpersonal\/private\u201d along with hardware or paper wallets. <strong>Type 2: Personal Wallets are Private<\/strong> \u2014but with privacy comes risk! <!-- \/wp:paragraph --><!-- wp:paragraph {\"backgroundColor\":\"light-gray\"} -->\r\n\r\n<img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-5758\" src=\"http:\/\/awildduck.com\/wp-content\/uploads\/2018\/12\/Trezor-Model-T-wallet-300x234.png\" alt=\"\" width=\"232\" height=\"184\" \/>\r\n<p class=\"has-background has-light-gray-background-color\">Wallets are <em><strong>personal<\/strong><\/em> if the private keys are generated and stored by the user, either on paper, in their PC or smart phone, on a thumbdrive, in a <em>hardware wallet<\/em>, or even uploaded to cloud storage. As long as the asset owner holds the keys and securely encrypted any uploaded file that contains the keys, the assets are accessible only with his consent.<\/p>\r\n<!-- \/wp:paragraph --><!-- wp:paragraph --> So, which wallet class is better for securing cryptocurrency access credentials? Custodial or Personal? Which of these models best fits your needs? <!-- \/wp:paragraph --><!-- wp:list -->\r\n<ul>\r\n \t<li>A custodial wallet is like a bank a statement. Your assets are maintained by an exchange, rather than tucked into your mattress. The wallet and keys are not under your control, but the process that governs backup and security is rigorous &amp; standardized. Availability to your heirs is governed by documents and laws.<\/li>\r\n<\/ul>\r\n<!-- \/wp:list --><!-- wp:paragraph --> \u2014OR\u2014 <!-- \/wp:paragraph --><!-- wp:list -->\r\n<ul>\r\n \t<li>A personal wallet is completely controlled by you. The private keys must be stored where you will always find them (in your head, a lock box or an encrypted file that is distributed to family in a way that they will always be able to unlock it!). Ensuring future availability, swift transactions or passing wealth after death requires careful attention to tools, process and a secret.<\/li>\r\n<\/ul>\r\n<!-- \/wp:list --><!-- wp:paragraph --> A crypto purist or Libertarian might insist on taking full control of the assets. That is, storing them locally and with only the owner having the private keys. This is analogous to storing bars of gold in a safe and then burying the safe in a deep, covered hole in your yard\u2014and in a spot that only you can find. Even if your children can find the safe after you die, it is equipped with explosives that will completely obliterate the gold, if it is unearthed without the correct password. <!-- \/wp:paragraph --><!-- wp:paragraph --> I am privacy zealot. And yet, to the dismay of some followers, I believe that\u2014for most cryptocoin owners\u2014a hosted, custodial wallet is better than taking possession of a hardware wallet, paper wallet or digital wallet (anything that the user personally stores in a PC, phone, on paper or in a personally encrypted cloud account). <!-- \/wp:paragraph --><!-- wp:paragraph --> To explain, I shall call out [1] a critical requirement, and [2] the deciding factor in determining this advice applies to you. <!-- \/wp:paragraph --><!-- wp:paragraph -->\r\n\r\n<strong>1. Critical Requirement<\/strong>\r\n\r\n<!-- \/wp:paragraph --><!-- wp:paragraph --> The host must have impeccable credentials, a solid and ongoing regimen of security reviews and unscheduled audits \u2014 and they must be sufficiently capitalized by large, respected organizations, such that widely recognized individuals and organizations are at substantial risk if anything were to go wrong. <!-- \/wp:paragraph --><!-- wp:paragraph --> Trust among strangers is easily scammed. So let me be clear. Regarding the investors, board, executives and security auditors of a custodial wallet service, both their reputations must be at risk as well as their worldwide assets across other business areas. <!-- \/wp:paragraph --><!-- wp:paragraph --> Coinbase in San Francisco is such an exchange and hosting service. Currently, there are only two others that meet this extreme level of vetting. If Fidelity Investments enters the market as a crypto-hosting service, they would likely meet this bar. <!-- \/wp:paragraph --><!-- wp:paragraph -->\r\n\r\n<strong><img loading=\"lazy\" decoding=\"async\" class=\"alignright size-medium wp-image-3086\" src=\"http:\/\/awildduck.com\/wp-content\/uploads\/2014\/02\/Coinbase_Logo-300x58.jpg\" alt=\"\" width=\"300\" height=\"58\" \/>2. Deciding Factor<\/strong>\r\n\r\n<!-- \/wp:paragraph --><!-- wp:paragraph --> There are few individuals for whom direct and private ownership makes sense. In fact, until this month, it did not make sense for me. I am only now configuring my first hardware wallet. I still trust Coinbase to host and control most of my assets. <!-- \/wp:paragraph --><!-- wp:paragraph --> The reasons boil down to security, forgetfulness, errors, legacy ownership and instant access. The ONLY factor that is arguably better with personal custody &amp; control is privacy. <!-- \/wp:paragraph --><!-- wp:paragraph -->\r\n\r\n<!-- \/wp:paragraph --><!-- wp:paragraph --> Due to a lack of education, standards, and definitive best practices, this option makes sense for fewer than 5% of Bitcoin owners. Take me, for example\u2026 I have been involved with Bitcoin since the first years of its existence, and have been a Bitcoin educator since shortly after Satoshi\u2019s original bombshell. Today, I am a keynote presenter at blockchain and cryptocurrency conferences. I teach blockchain seminars, design courseware for colleges, and am co-chair of the Cryptocurrency Standards Association and partner in Blockchain Research Council. <!-- \/wp:paragraph --><!-- wp:paragraph -->\r\n\r\n<!-- \/wp:paragraph --><!-- wp:paragraph --> Yet, I am only now configuring my first hardware wallet. I still trust Coinbase to host and control most of my cryptocurrency. <!-- \/wp:paragraph --><!-- wp:paragraph -->\r\n\r\n<strong>How do I know if I am a candidate for <em>full \/ private<\/em><\/strong><strong> control?<\/strong>\r\n\r\n<!-- \/wp:paragraph --><!-- wp:paragraph --> Using an exchange hosted wallet service is best for most individuals. But, for some, it makes sense to maintain private, local control of blockchain assets. If all criteria in the bulleted list below applies to you, then local and private ownership might make sense. But if you fail even one criteria, then <em><strong>WAIT!<\/strong><\/em> Wait until multisig becomes uniform and ubiquitous \u2014 and wait until a larger fraction of society is comfortable with the concept and practice of managing private keys. These are gradually becoming new norms. But, it will take a few more years for the world to become comfortable with an unfamiliar concept: personal control of a decentralized asset. <!-- \/wp:paragraph --><!-- wp:paragraph --> You are a candidate for using a personal wallet if you plan to control and secure your own private keys, and if you meet all conditions listed below. The technical criteria will not be requisite in the future\u2014but they are necessary today, because the market currently lacks simple, standardized, widespread tools and uniform practices for safely securing, accessing and passing on these credentials to your heirs. <!-- \/wp:paragraph --><!-- wp:paragraph --> Do <strong><em>all<\/em><\/strong> of these criteria apply to you? <!-- \/wp:paragraph --><!-- wp:list -->\r\n<ul>\r\n \t<li>You have a comprehensive understanding of cryptography, including the principals of RSA public-key crypto.<\/li>\r\n \t<li>You have practiced multisig decryption for at least a year. For now, you will need to roll-your-own multisig, to ensure that your heirs or executor can access your wealth in the event of death, forgetfulness or incapacitation.<\/li>\r\n \t<li>You have experience and a clear, documented and standardized plan for separately encrypting and distributing your private keys.<\/li>\r\n \t<li>You understand how to implement a hard fork and have the time to do it after any hard fork split.<\/li>\r\n \t<li>You have an exceptional need for privacy or anonymity, and you feel that a custodian is more likely to \u201csing\u201d in the event of an audit or court order.<\/li>\r\n \t<li>You have a rehearsal plan for testing your multisig recovery and a willing group of trusted friends (most of them younger than you) who can combine their keys to access your wealth.<\/li>\r\n \t<li>After ensuring that encrypted wallet works, is completely secure and is accessible to your heirs, you have replicated it in a sufficient number of places, that you are certain that your heirs will find it after you die, even if it is 90 years in the future.It must not only survive your lifetime, but the knowledge of where to look and *IF* to look, must be certain, even if your home burns down, your cloud accounts have been deleted and\/or Google, Amazon, Microsoft &amp; Apple are no longer in business.<\/li>\r\n<\/ul>\r\n<!-- \/wp:list --><!-- wp:paragraph --> If all conditions apply to you (and <em>only if they apply<\/em>), then you may be among the 5% of enthusiasts for whom a personal hardware wallet makes sense. At some time in the next few years, it will make sense for a far greater fraction of cryptocurrency holders, rather than just the most disciplined and knowledgeable Geek-enthusiasts. <hr \/>\n<p>\n<p class=\"ui_qtext_para\"><span style=\"font-size: 9pt\"><em><a href=\"http:\/\/bitcoinreferee.com\/\" target=\"_blank\" rel=\"noopener\">Philip Raymond<\/a> co-chairs <\/em><a href=\"http:\/\/crypsa.org\/\" target=\"_blank\" rel=\"noopener nofollow\"><em>CRYPSA<\/em><\/a><em>, hosts the <\/em><a href=\"http:\/\/vanquish.com\/_domains\/crypsa\" target=\"_blank\" rel=\"noopener nofollow\"><em>Bitcoin Event<\/em><\/a><em> and is keynote speaker at <\/em><a href=\"http:\/\/www.cryptocurrencyexpo.com\/\" target=\"_blank\" rel=\"noopener nofollow\"><em>Cryptocurrency Conferences<\/em><\/a><em>. He advises <a href=\"https:\/\/www.eventbrite.com\/e\/the-disruption-experience-sneak-peek-tickets-50106332389?aff=eand\" target=\"_blank\" rel=\"noopener\">The Disruption Experience<\/a> in Singapore, sits on the <\/em><a href=\"https:\/\/lifeboat.com\/blog\/author\/phil-raymond\" target=\"_blank\" rel=\"noopener nofollow\"><em>New Money Systems board<\/em><\/a><em> of Lifeboat Foundation and is a <\/em><a href=\"https:\/\/www.quora.com\/profile\/Ellery-Davies\" target=\"_blank\" rel=\"noopener nofollow\"><em>top writer<\/em><\/a><em> at Quora. <\/em><a href=\"http:\/\/bitcoinreferee.com\/\" target=\"_blank\" rel=\"noopener nofollow\"><em>Book a presentation<\/em><\/a><em> or consulting engagement.<\/em><\/span><\/p><\/p>","protected":false},"excerpt":{"rendered":"<p>The question asked in the title has been edited from what was asked today at Quora, the Q&amp;A forum at which I participate as expert columnist. The original question was a bit more ambiguous: \u201cWhich is better? \u2014 a digital bitcoin wallet or a physical one?\u201d I have included the original question, to better distinguish [\u2026]<\/p>\n","protected":false},"author":353,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1318,1761],"tags":[2161,3212,1884,3213,3214,3215,3216,3217,3218],"class_list":["post-85717","post","type-post","status-publish","format-standard","hentry","category-bitcoin","category-cryptocurrencies","tag-bitcoin","tag-bitcoin-wallet","tag-cryptocurrency","tag-cryptocurrency-wallet","tag-custodial-wallet","tag-digital-wallet","tag-exchange-wallet","tag-hardware-wallet","tag-hosted-wallet"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/85717","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/353"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=85717"}],"version-history":[{"count":7,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/85717\/revisions"}],"predecessor-version":[{"id":85803,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/85717\/revisions\/85803"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=85717"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=85717"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=85717"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}