Blockchain 101 - Part 2
A blockchain wallet represents a vital tool in the realm of cryptocurrency, serving as a secure and anonymous digital wallet that empowers users to effectively manage diverse forms of cryptocurrencies, such as Bitcoin, Ethereum, or QANX.
Its core purpose lies in facilitating seamless fund exchanges, ensuring both convenience and security. The cryptographic signatures employed in transactions guarantee the integrity and protection of each transaction. Accessible via web devices, including mobile platforms, this wallet upholds user privacy and identity confidentiality. By encompassing these essential features, a blockchain wallet establishes a robust framework for executing secure and trustworthy transfers and exchanges of funds among various parties.
The blockchain wallet itself can manifest in different forms, including internet-connected “hot wallets” like MetaMask, or offline “airgapped” hardware wallets. From a technical standpoint, it is pertinent to view the wallet as the client responsible for managing the functionality, as opposed to being solely reliant on storing cryptographic keys.
In common practice, individuals frequently employ the term “wallet” to encompass their overall cryptocurrency portfolio, the associated accounts derived from it, or even an individual account.
By adhering to simple yet effective best practices, you can elevate the security of your crypto wallet and fortify the protection of your holdings. Some recommended measures include safeguarding your seed phrase, opting for cold wallets, utilizing multiple addresses, and exercising caution when dealing with tokens received through airdrops.
Safeguarding your cryptocurrency from potential hacks involves implementing straightforward yet effective measures. Firstly, it is crucial to ensure the secure setup of your wallet.
Activating two-factor authentication (2FA) to your exchange account adds always an extra layer of protection.
By setting up your self-custodial wallet you can mitigate the risk of future hacks by using a freshly installed computer which was never connected to the internet before. If and when you need internet access to setup a wallet or transact with it, you should avoid utilizing public Wi-Fi networks. Avoiding public Wi-Fi networks is a general rule in the online space.
It is advisable to set up a hardware wallet. Hardware wallets are physical devices designed explicitly for storing cryptocurrencies securely offline. They are considered the most reliable type of crypto wallet.
Aside from hacking exchanges, one of the most prevalent cryptocurrency scams involves persuading individuals to download counterfeit wallets or utilize fake applications. Scammers often distribute fraudulent versions of popular wallets like MetaMask, even resorting to advertising these deceptive wallets on platforms such as Facebook or Google. Protecting oneself from such scams involves exclusively downloading wallets from the official websites of their respective developers.
It is recommended to use a unique and strong password specifically for your wallet to enhance security. When using a browser-extension wallet such as MetaMask wallet, it is important to note that the wallet may prompt you for your password frequently. However, the wallet will only request your seed phrase during the initial installation. If you encounter a window that resembles your wallet and solicits your seed phrase while browsing the web, it is highly likely that you have come across a malicious website.
Accessing a wallet necessitates the provision of a unique and confidential 12-24-word seed phrase. The loss of this seed phrase results in the irretrievable loss of wallet access and the inability to recover your assets. Therefore, it is of utmost importance to securely store your wallet’s secret seed phrase.
It is considered a best practice to refrain from saving your seed phrase on any computer or smartphone. It is essential to avoid keeping plaintext copies or screenshots of your seed phrase. Your password and seed phrase should be stored offline in a secure location — or multiple locations — that is preferably protected from fire and water damage. Maintaining the confidentiality of the physical backup’s location is imperative.
Simultaneously, it is vital to ensure that your password and seed phrase remains unknown to any other individual, as anyone possessing it can gain unrestricted access to and control over your assets. Never share your seed phrase or your private keys with anyone!
Don’t put all your eggs in one basket! By distributing your cryptocurrencies across multiple wallets, you can effectively mitigate the risks associated with losing all your digital assets in the event of a hack. It is also advisable to use fresh wallets for each airdrop if you want to participate in one.
When it comes to airdrops, it is essential to exercise caution and refrain from engaging with randomly received tokens in your wallet address. It is advisable to treat them similarly to spam emails: avoid interacting with them and leave them untouched. Interacting with such tokens can potentially result in the loss of all the tokens present in that particular wallet.
A wallet address, which is also called as crypto address or blockchain address is a special combination of characters that acts as a representation of a wallet used to receive, store, send cryptocurrency. It’s like a real-life address, bank account, or an email address.
Most wallet addresses are hard for people to read since they consist of long random strings of letters and numbers, but computers can easily understand them. Bitcoin addresses mostly start with a “1” or “3” and are typically 26–35 alphanumeric characters long. Ethereum and Binance Smart Chain addresses start with “0x,” followed by a string of 40 hexadecimal characters.
Addresses are created using a private key, which is also unique to the address. The digital assets held by the address can be accessed with the private key. Never share your private key with anyone!
Blockchain addresses are public and often called “public keys”. By using a blockchain explorer, you have the ability to observe the transactions linked to an address and check the number of assets it holds.
Although addresses are public, they are mostly anonymous (or pseudonymous). The person who owns an address usually doesn’t have their real name connected to it, and setting up a new wallet address on the blockchain doesn’t require any personally identifiable information. Nevertheless, there are situations where the identities of addresses and the people or organizations associated with them are identifiable, such as in the case of exchanges.
Public-key cryptography relies on two essential components: public keys and private keys, which function as its operational elements. Jointly, they facilitate the encryption and decryption processes for data circulating within a network. While the public key is openly accessible and can be distributed without limitations, it is crucial to safeguard the private key, ensuring exclusive knowledge limited to its rightful owner.
A public key is a unique combination of letters and numbers used to encrypt messages into a secure form called ciphertext. It enables peer-to-peer transactions without revealing private key details, ensuring a safe exchange of assets and information without involving a third party.
When engaging in a transaction, a user shares their public key with the other party. They can make this key public for everyone to see. Private keys, on the other hand, are secret keys used to access cryptocurrency funds. They correspond to specific public keys and are generated together using advanced encryption algorithms. This ensures that knowing someone’s public key doesn’t allow anyone to figure out their private key.
A private key is like a password or access code associated with a crypto wallet address. It encrypts transactions to prevent unauthorized access to assets. In contrast, a public key decrypts the private key to authorize access. In the world of cryptocurrency, a public key is used to receive tokens, while a private key proves ownership of those tokens.
A private key enables the digital signing of data, such as a message indicating a payment from one address to another. In essence, a transaction is a signed statement on the blockchain that assigns coins to a new address.
These key pairs consist of long strings of alphanumeric characters. While a public key can be derived from its corresponding private key using mathematical calculations, mathematically, it is not possible to figure out a private key based on its corresponding public key.
The seed phrase, which is also called a key phrase, recovery phrase or mnemonic phrase, consists of a sequence of 12 to 24 words created by your cryptocurrency wallet. It acts as a master password, granting access to the crypto linked to that wallet. Imagine the wallet as a password manager for your cryptocurrencies and the seed phrase as the ultimate key.
As long as you possess your seed phrase, you can access all the crypto associated with the wallet, even if you lose or delete the wallet itself.
The seed phrase is created by the wallet’s software using a random set of words obtained from the private key of the wallet. The same set of words in the same order always generate the same number. It’s essential to keep a secure record of the seed phrase. If the user loses access to their wallet, the seed phrase can be entered into any BIP39-compatible wallet to recover the funds.
It is advised to keep a backup of the seed phrase in an offline storage to prevent hacking attempts. Storing the seed phrase on internet-connected devices is considered unsafe and not recommended. Seed phrases are not specific to any particular cryptocurrency.
The same seed phrase can be used across numerous wallets, enabling the user to recover an entire portfolio of coins and tokens using a single seed phrase. Most popular wallets offer the option to recover funds using a seed phrase as long as it has been accurately recorded.
Blockchain wallets can be classified into two distinct categories: custodial or self-custodial wallets, and further categorized as hardware or software wallets.
Custodial wallets, like centralized exchanges, do not provide users with direct access to their private keys. Instead, a trusted third-party securely manages and protects the seed phrase on behalf of the user.
Self-custodial wallets grant users full control over their private keys. When setting up such a wallet, you will be provided with your seed phrase. Once you unlock a self-custodial wallet, you have complete ownership and control over your cryptocurrency.
Cold wallets are offline physical hardware wallets. They offer the highest level of security when it comes to storing cryptocurrencies.
Hot wallets, or so called software wallets are digital wallets connected to the internet. They are less secure than cold wallets because they are vulnerable to hacking.
Cold wallets are physical devices specifically designed for storing cryptocurrencies securely offline.
They are considered the most reliable type of crypto wallet. When you use a cold wallet, your crypto tokens are stored offline, providing a high level of protection.
A hardware wallet is a physical device that stores your cryptographic keys and facilitates transaction signing. It acts as a barrier between potential attackers and the contents of your wallet. Some hardware wallets can be connected to the internet through physical or software means, while others are “air-gapped,” meaning they receive transaction requests and provide approvals through methods like QR codes. The main objective of using a hardware wallet is to minimize the risk of your keys or seed phrase being stolen or compromised due to online connectivity.
Software wallet, which is also called hot wallet, can be web wallets, desktop wallets, or mobile wallets.
Web wallets can be accessed through a web browser. They offer convenience, but they can be riskier since the management of private keys is often entrusted to third parties.
Desktop wallets are software programs. They need to be downloaded and run on the user’s computer. They are less convenient than web wallets but offer more security because the private keys are stored locally and managed by the users themselves. It is important to use desktop wallets only on clean computers without any virus or malware infections.
Mobile wallets share similarities with desktop wallets in terms of functionality and purpose, but they are specifically designed for the use on smartphones. They utilize QR codes, making it easy to send and receive cryptocurrencies.
Each type of software wallet has its own advantages and considerations in terms of convenience and security.
The primary distinction between a self-custodial cryptocurrency wallet and an exchange wallet lies in the management of private keys.
“Not your keys, not your coins” is a popular expression in the world of blockchain. In exchange wallets, like those provided by centralized exchanges (CEXs), the exchange has control over your private keys, similar to how banks hold your funds. With a self-custodial wallet, you have full control and ownership of your private keys.
If you prefer to have custody of your assets and trade on a decentralized exchange, you use a crypto wallet. However, when you make a purchase on a centralized cryptocurrency exchange, the acquired cryptocurrency is typically stored in the exchange’s wallet, which is both custodial and in most cases also “hot.” This means the exchange holds your private keys, and the wallet is connected to the internet. It is crucial to trust the exchange you use to safeguard your crypto in such cases.
In the world of cryptocurrencies, exchange wallets are often considered less secure compared to self-custodial wallets. With an exchange wallet, you must trust the centralized exchange (CEX) to protect your funds. Additionally, since exchanges hold a large amount of digital assets, they become attractive targets for hackers.
Although leaving your crypto on an exchange poses security risks, it doesn’t mean that self-custodial wallets are immune to hacking or the possibility of misplacing your seed phrase. Even if you have access to your private keys, precautions must still be taken to ensure the safety of your crypto assets.
If you use a custodial wallet, such as an exchange wallet, you can conveniently access your account balance by visiting the exchange’s website. If you use a self-custodial wallet, you can check the balance of your address on a blockchain explorer or in your wallet.
Remember, since blockchain addresses are public, the easiest way to check the balance of your wallet address — if you don’t store your cryptocurrency on a centralized exchange — is to copy and paste your wallet address into a blockchain explorer. If you have ERC-20 tokens (tokens on the Ethereum network), you shall use etherscan.io. If you have BEP-20 tokens (tokens on the Binance Smart Chain), you shall use bscscan.com to view your balance.
In addition, you can also review your holdings within your hardware or software wallet. However, in some instances, certain cryptocurrencies may not be automatically displayed in your wallet. If you encounter such a situation, you should refer to your wallet settings. You can either import a token using the search bar or manually add the token’s contract address to your wallet.
Read all questions and answers in one single blog post: