top of page
This site was designed with the
.com
website builder. Create your website today.Start Now
Search
    • Jun 29, 2021

Crypto Wallets & Safety


Clarity for Dummies


There is a lot of confusion about what crypto wallets actually are. The question is, what is really stored in those wallets?

Well the correct and short answer to that question is, whatever is stored there, at least it is not your coins, BTC, ETH, LTC or any other coins.

To be clear, all your coins are in reality part of a certain blockchain and are also registered there (that's a better word than saved).

For example, if you own bitcoins, then you actually own a piece of the blockchain. That piece where those BTC´s of you are stored can only be accessed by you, or at least by the person who has the secret code to access it.

  • That secret code they call the "Private Key". Only someone who owns a private key can get access to certain coins registered under that key. As this is complicated to understand, to make it easier they decided to call this coin registration a "wallet".

  • Every wallet is actually a piece of the blockchain.

  • Each wallet is shielded with a code, the private key.

  • Only the person who owns the private key owns that wallet and has access to all the coins that are in it (or are actually registered under that private key).

  • Each wallet also has a name, called the public key, also called the wallet address.

  • The public key can best be compared to a bank iban number.

  • A public key can be used to receive crypto coins. (Please send the money owed to me to my "public key/wallet address". The public key can also be used to see how many coins there are in the wallet, this is where the comparison with a bank account ends.

  • However, you cannot transfer or move coins with the public key. This can only be done with the private key.

Decentralised versus Centralised (Custodian) Wallets.

The Blockchain is a decentralized database stored on multiple computers. What we call a wallet is just a part of that blockchain, a piece of data from that decentralized database.

A wallet is therefore also a decentralised registration of personal, secure possessions.


Yet there are also centralised wallets. Think, for example, of a bank account, in fact nothing more than a registration of assets in your name.

Something like this also exists for cryptocurrencies, e.g. a wallet you have received from an exchange like Binance or Coinbase.


Coinbase keeps a record in its own central database of how much BTC you have stored with them. They also call that central registration of assets a wallet, but it is a wallet of its own, which is not part of the blockchain.

You have to trust Coinbase to keep a record for you of how much BTC you have received, bought, sent or sold. They keep that information and the balance for you. That's why they call that a "Custodian Wallet".


The Coinbase custodian wallet is not a decentralized wallet, it is not part of the blockchain, but a record kept by Coinbase of coins they have placed for you on the blockchain. Coinbase owns the private keys of the pieces of blockchain where "your" coins are stored.

Because they own the private key, they are actually the owner of your coins.


Legally they only have a debt to you, or who knows, maybe they don't, and they prefer to talk about a custody obligation.

For the record, there is nothing wrong with that, just like the banking system, it can be very practical and provide a useful service for many people.

But just like banks, it is based on trust and power is unevenly distributed. Coinbase, just like banks, can block your account or refuse transactions, or restrict large withdrawals and, when forced to do so, hand over your account details to the government.

A Choice of Freedom and Safety

However, the block chain has been developed with the main goal to eliminate the middle man like that bank, or in our example Coinbase. The trend is to own our money, to be the bank itself and to have the keys of the safe or wallet in which that money is stored in the form of e.g. BTC.


For this we need the blockchain, we want to own a piece of that blockchain in the form of our own private key that only gives us, the owner of it, access to a safe and decentralized wallet, part of the blockchain, without middleman or interference from other parties.


So if you really want to benefit from the blockchain, the security and freedom for which it was designed, you need a decentralised wallet. Period.


Cold wallet or Hot wallet

Another new term.

One speaks of a hotwallet, when the private keys are stored somewhere online. Most wallets you get on exchanges like Coinbase or Binance give you access based on password and/or 2FA. They don't ask for your private keys, in fact, you don't even have them, they just have them stored somewhere more or less safe online.


A cold wallet is a wallet of which only you possess the private keys. These keys are nowhere to be found online. Only when you have saved these keys on your computer or sent them by e-mail a hacker could possibly gain access to your wallet. Most of the time you will lose your coins.

For this reason a private key is usually provided in the form of 12 simple words that must be entered in a certain order. These 12 so-called "Mnemonic Words" can be easily written on a piece of paper and safely stored. Preferably in 2 separate locations, because again, if you lose your codes, keys or mnemonic words, you lose your coins.

Oh yeah, don't take a picture of your mnemonic words, that's also unsafe.

A Choice of Freedom and Safety

However, the block chain has been developed with the main goal to eliminate the middle man like that bank, or in our example Coinbase. The trend is to own our money, to be the bank itself and to have the keys of the safe or wallet in which that money is stored in the form of e.g. BTC.


For this we need the blockchain, we want to own a piece of that blockchain in the form of our own private key that only gives us, the owner of it, access to a safe and decentralized wallet, part of the blockchain, without middleman or interference from other parties.


So if you really want to benefit from the blockchain, the security and freedom for which it was designed, you need a decentralised wallet. Period.




2 Decentrale wallets, TrustWallet and IMToken


You can install such a decentralized wallet on your PC, Mac or phone.

The trend nowadays is to use this mainly and only via your phone, because it is much safer than a desktop computer. For now take that from me.


In fact there now exist 2 different apps that both offer about the same functionality, TrustWallet and IMToken. Both apps can be downloaded from the Apple AppStore or Google Playstore.


Both apps are also called wallets, but are actually not.

However, these apps do allow you to view and edit your real wallets (the pieces of blockchain you own the private keys of), make or receive payments and transfer coins to exchanges to swap them for euros, dollars or other coins.


The only thing these apps TrustWallet and IMToken store on your phone are the private keys of your pieces of the blockchain, of your decentralized wallets.

Both apps also create a new, so empty, real blockchain wallet for you, initially for ETH, but you can also add BTC, LTC or other coin wallets yourself. You can also import existing wallets, provided that you have access to them and have the private keys to them.



Hassle with private keys

So those private keys are very important. Whoever owns them owns a piece of blockchain plus everything stored there. Without private keys you stand empty-handed and own nothing.


So we have to be very careful with those private keys. I can't repeat it often enough, whoever loses his private keys loses everything. There is no one on this whole earth who can help you to get your possessions without keys. They'll just be gone.

That's why people have developed all kinds of extras to be able to handle those private keys as safely as possible. One of them is "mnemonic words".

Mnemonic words have the same function as a private key, but are easier and certainly safer to use. Mnemonic words consist of 12 simple words that in the right order form an access code.

Each time a wallet is created on the blockchain, the blockchain also generates both a new private key and a new set of mnemonic words. With only one of these two options you have full access to that wallet.


Private keys are a digital number consisting of 256 bits that are usually displayed in a long sequence of 64 characters, which is difficult to write down without making mistakes. So what does everyone do, they make a copy of it and paste it somewhere in a notebook or Word file.

But that is not safe. If someone finds your word file and can open it, he has your private key and thus full access to your wallet. In practice, this usually means that you have lost your money.


The alternative, the mnemonic words are just 12 simple words. You can easily write them down on a piece of paper and store them safely. So there is no information on your computer or phone.

Always make 2 copies for safety, think of fire etc.

Both Trustwallet and IMToken offer you the possibility to save your wallet by exporting the mnemonics words and/or the private key of that wallet.

Trustwallet has even gone so far as to no longer export the private key for security reasons, only the mnemonic words, but they actually have the same function.


With your mnemonic words you can always download a new TrustWallet or IMToken app when you lose your phone and with your mnemonic words you can import your original wallet again. You will then see all your coins as you used to see them.

You can even import the mnemonic words into both TW and IMT, it doesn't matter. In that case both apps display exactly the same information because they get it from exactly the same source, your part of the blockchain.


So the mnemonic words have exactly the same function as a private key, it contains all the information needed to use your wallet, but it's much safer because, if you do it right, those mnemonic words won't be found on your computer or phone, but are only written on a piece of paper.


If you want to get your private keys out of your Trustwallet, I have a trick for that.

You import your wallets that are in Trustwallet into an IMToken app, (import wallet) by entering the mnemonic codes of each wallet into IMT.

The wallets shown in Trustwallet are now also shown in IMT. Actually both apps only look at the same part of the blockchain.

IMToken still offers the option to export the private key. But why should you? Mnemonic words serves the same purpose and is much more secure.


Remember this as well: Both the mnemonic code and the private key are part of the blockchain and are generated by the blockchain and not by apps like TW and IMT.

These apps only use the mnemonic words or the pk to access your part of the blockchain where your coins are stored.

The only things TW and IMT store on your phone are the pk and mnemonics.


Finally, for the sake of completeness, you can usually export or import the private key in a so called Keystore file. This is simply a private key that is encrypted with a separate password, more secure than an unencrypted pk but not as secure as 12 mnemonic words.

Attention:

Pay attention to this, you can display multiple blockchain wallets in a TW or IMT app. E.g. one for LTC and one for BTC plus e.g. 2 extra different ETH wallets.

Each of these wallets has its own private key and therefore also its own mnemonic words.

Clearly it is not possible to back up all wallets from your TW or IMT app with just one key or code.

So you really need to export the mnemonic words for each wallet in your app and write them down securely. Then you are always safe and protected.

bottom of page