Types of cryptocurrency wallets are diverse, including cold wallets, hot wallets, custodial wallets, non-custodial wallets, and multisig wallets. This article will introduce their characteristics and advantages and disadvantages one by one.
Table of Contents
What is a cold wallet?
Advantages compared to hot wallets
Disadvantages of cold wallets
Lower convenience
Higher hardware costs
Physical damage
What is a hot wallet?
Disadvantages of hot wallets
Custodial wallets and non-custodial wallets
Advantages and disadvantages of custodial wallets
Advantages and disadvantages of non-custodial wallets
What is a multisig wallet?
Comparison between single-signature wallets and multisig wallets
Advantages and suitable occasions for multisig wallets
Increased security
Convenient for enterprise arbitration
Enterprise decision-making
Multiple verifications to avoid erroneous transactions
Disadvantages of multisig wallets
Inability to completely eliminate the risk of key loss
Decreased convenience in operation
Cryptocurrency wallets are digital wallets used for storing, sending, and receiving cryptocurrencies. However, for beginners, it may be confusing to differentiate between cold wallets, hot wallets, custodial wallets, non-custodial wallets, and multisig wallets.
Usually, to facilitate transactions, many investors often store their cryptocurrencies in the “custodial wallets” of large exchanges. Generally, reputable trading platforms are trustworthy, but with the increasing number of users participating in DeFi, it is also important to learn how to use non-custodial wallets.
After all, in the crypto world, there is a saying: “Not your keys, not your coins.” It is crucial to have control over your own private keys and wallet.
The following will explain to readers what cold wallets are, the advantages and disadvantages compared to hot wallets, the advantages and disadvantages of non-custodial wallets, and what a multisig wallet recommended by Vitalik Buterin is.
A cold wallet, also known as an offline wallet, usually relies on offline computers, mobile phones, or specialized manufacturer products. It uses physical means to store private keys offline and authorizes transactions only when necessary to reduce the risk of private key theft by hackers.
Due to its more complex operation, it is mainly used by long-term HODLers or users who prioritize asset security. However, it should be noted that if your mnemonic phrase is leaked or you authorize a malicious contract, there is still a possibility of losing wallet assets. Therefore, attention must still be paid to the security of operations.
Although it is convenient for regular users to store their wallets on exchanges (usually hot wallets) for transactions, in terms of security, because users do not own the wallet private keys and instead authorize the exchange to hold them, if the exchange is unfortunately hacked or manipulated internally, the assets in the account are likely to be lost. For example, there were rumors that FTX Exchange had transferred a large amount of user assets without authorization. In addition, most current cryptocurrency exchanges do not provide SIPC financial insurance like traditional institutions. Although some platforms provide insurance funds in the event of a hack, risks still need to be carefully considered when using them.
However, cold wallets are not without flaws. Their settings and transaction processes are relatively complex, and each use requires connection to other devices and additional time, which is inconvenient for frequent traders.
Cold wallets on the market today usually cost around $100 to $200, which is higher than the cost of free hot wallets. It is also necessary to ensure that the purchased cold wallet is from a trustworthy merchant. If it is purchased second-hand or has been maliciously modified, there is a risk of private key leakage.
Cold wallets may also face physical security risks, such as computer loss or damage, so they need to be stored properly.
As the name suggests, a hot wallet is an online wallet that can be stored on a mobile phone, computer, or website. Compared to cold wallets that require a high cost of purchase and setup, hot wallets are convenient and easy to obtain because all operations are centralized on the internet. They do not require connecting the cold wallet carrier to the internet every time a transaction is made. Due to its high usability, it is favored by general investors.
However, the operations of hot wallets generate wallet addresses and private keys in a connected state. When private keys are exposed to the malicious internet, it also means that they are constantly exposed to the risk of hacker attacks and phishing.
Hot wallets can also be divided into two types: “browser extension wallets” and “mobile apps.” The most popular Ethereum wallet in browser extensions is MetaMask. The most popular wallet services on mobile phones include imToken, Trust, and Cipher. Among them, mobile wallets have the simplest and most user-friendly interface, making them more suitable for beginners.
Custodial wallets and non-custodial wallets
Custodial wallets are wallets managed by third parties. In these wallets, the third-party platform can manage the assets in the user’s wallet. In other words, the ultimate decision-making power over user wallet assets is still in the hands of the third party, not the user. Common centralized exchanges on the market set up custodial wallets.
Non-custodial wallets, on the other hand, allow users to fully control their private keys and assets. In these wallets, users can directly manage and protect their private keys without relying on any intermediaries or third-party services. Common non-custodial wallets include MetaMask and Trust Wallet.
The advantages of custodial wallets lie in their convenience. If users find the process of buying and selling cryptocurrencies complicated, third-party custodial wallet providers usually set up platforms for users to directly buy and sell cryptocurrencies.
The disadvantages of custodial wallets are particularly evident. First, third parties hold the user’s private keys and assets, which may pose a risk if the custodial third party runs away. Therefore, it is crucial to choose a reliable third party. Furthermore, third parties usually require users to undergo identity verification (KYC) to register for custodial wallets, which may raise concerns about privacy leakage for some people.
Non-custodial wallets compensate for the disadvantages of custodial wallets:
Full control: Users have control over their own private keys and assets, avoiding the centralization risk of custodial wallets.
Privacy: Users do not need to disclose too much personal information to third parties.
Flexibility: Users can interact with various blockchains and decentralized applications (DApps).
The disadvantages of non-custodial wallets lie in their complex operation and security risks. Compared to the convenience of custodial wallets, non-custodial wallet transactions are much more complicated.
Regarding security risks, users need to store wallet private keys themselves. Once private keys are leaked, the assets in the wallet are highly likely to be stolen. Finally, when using non-custodial wallets for DApp interactions, users need to pay attention to whether the website is a malicious website and whether the signed smart contract is a malicious contract. These are security risks that users need to be aware of.
Although cold wallets are secure, the premise is that users do not lose them. They may not be user-friendly for beginners or those prone to making mistakes. Ethereum co-founder Vitalik Buterin also expressed his preference for social recovery and multisig wallets rather than hardware wallets and paper records.
As the name suggests, multisig wallets allow multiple users to jointly execute digital signatures to control wallet assets. For example, imagine a safe with two locks and two keys. One key is held by A, and the other is held by B. The only way to open this safe is for both of them to provide their keys at the same time. If only one key is present, the safe cannot be opened.
In normal cases, our cryptocurrency assets are stored in standard single-key addresses, which means that anyone who holds the corresponding private key can control the funds in that address. Although it is more manageable compared to multisig, it also has greater security risks. For example, we often hear about criminals obtaining user private keys through phishing websites or contract vulnerabilities.
At this time, multisig wallets provide a solution. By setting up multiple users to jointly manage an address, funds can only be accessed when more than half of the managers agree, reducing the risk of asset theft.
By using a multisig wallet, users can greatly reduce the risk of security issues caused by key loss or theft. Even if one of the private keys is stolen, the funds will still be secure as long as the others are not compromised.
Suppose Andy creates a 2-of-3 multisig wallet and stores each private key on different devices, such as a mobile phone, laptop, and desktop. Even if her phone is stolen and the private key is obtained by a thief, they cannot use the single private key to steal the funds in the wallet. Without considering malicious attacks, if Andy loses one private key, she can still access her wallet using the other two keys.
It is worth mentioning that a 2-of-3 multisig wallet means that at least two out of the three private keys are required to access the wallet. Similarly, 3-of-5 means that at least three out of the five private keys are required.
Setting up a 2-of-3 multisig wallet allows both parties to control transactions through a third-party collaborator, serving as a trusted arbitrator to prevent trust crises. For example, if A deposits funds into the wallet and B provides the corresponding product or service as agreed, they can sign and complete the transaction by using their respective private keys.
However, if a dispute arises, C, as an arbitrator, can intervene and provide his signature to the correct party (A or B) based on his judgment, thereby successfully accessing the funds in the vault.
Multisig wallets can allow company boards to control company funds more securely. For example, if the board sets up a 3-of-5 multisig wallet, each board member will have their own private key. In this case, no individual board member can abuse the funds. Only when more than half of the board members agree can the funds be accessed.
Traditionally, when making bank transfers, if there is an input error or other oversight in the account number, the funds will be returned to the original address. However, transactions on the blockchain are irreversible. Once cryptocurrencies are sent to the wrong address, the assets may be permanently lost or require significant time and money to request processing from the exchange.
Therefore, when a user initiates a transaction, other private key holders can prevent the erroneous transaction by refusing to sign it when they discover the error. The more people involved in the signature verification process, the lower the possibility of erroneous transactions.
Although multisig wallets can provide solutions to the above problems, they still have risks and limitations due to the complexities of real-life social operations and human nature.
Using this technology, especially 2-of-2 multisig wallets, if one of the private keys is lost, you will lose access to the funds. Therefore, it is strongly recommended to use settings with 2-of-3 or more for greater security.
When considering the devices to store private keys, it is also better to consider the possibility of diversifying risks. For example, if you store all private keys in a study, you may permanently lose the ability to operate the wallet in the event of a fire or other accidents.
Due to the added process of multisig verification, multisig wallets are much less convenient compared to single-signature wallets. If there is an urgent transaction or frequent daily transactions, they require the agreement of more than half of the private key holders, resulting in significantly longer transaction completion times.
Therefore, the main users of multisig wallets are still institutions with a need for joint management of large amounts of funds. Compared to the general individual users, the application is relatively limited.
Although holding multiple private keys can reduce the risk of unauthorized operations, if malicious individuals obtain more than half of the private keys through various means, you cannot prevent them from operating the wallet. However, this involves complex social operations, and it can only be reminded that no matter what security technology is used, risks still exist, and caution is required.
The above is a basic introduction to cryptocurrency wallets. I hope it provides beginners who have just entered the field with a basic understanding and helps you explore the vast world of Web3.
Related Reports
El Salvador Reveals Cold Wallet Address for “Daily $1 Bitcoin”! President Vows to Continue Until Fiat Currency Can’t Afford It
Identity of Mysterious Bitcoin Whale “Mr.100” Revealed: Turns Out to Be an Exchange’s Cold Wallet
Evolved “Sniffing Cold Wallet” Drug Detection Dogs! US Donates Electronic Detection Dog “Wafer” to Taiwan, Has Cracked Election Betting and Large-scale Drug Cases.