Every investor should never neglect to secure their assets. In the crypto world, this responsibility is even more significant because it is entrusted to individual holders of crypto activities. Being aware of how to hold your assets and keep them safe is a practice that would be good to master even before investing. Because in the crypto ecosystem, a single mistake or a single oversight can lead to the loss of your funds.
But what are the best practices of ‘self custody’ to protect your digital assets? The main risks to assess and try to eliminate can be summarized in 3 points:
- Risk of theft or compromise of access keys
- Counterparty risk
- Risk of extortion and loss of privacy
In this article, we will try to delve into each of these aspects, outlining the guidelines that every crypto holder should follow. In addition to knowing basic concepts such as the difference between a custodial wallet and a non-custodial wallet, the seed phrase, the nature of public and private keys, and the various methods to store them, we will therefore try to go deeper, analyzing both the aspects related to the web and those of the real world, from which the main security threats usually come.
Summary
How to protect yourself from theft or compromise of access keys to the crypto account
Each wallet is characterized by two keys: a public one and a private one. Elliptic Curve Cryptography (ECDSA) generates this key pair, ensuring the security of operations on the blockchain. Thanks to this, only those who possess the private key can dispose of the wallet’s funds.
The seed phrase translates the private key into a series of 12 or 24 words, making it more user-friendly. But it is also the origin of a whole series of keys that facilitate interaction with the various chains and the creation of different wallets dedicated to various operations (holding, purchases, etc.), thus keeping them separate to protect one’s privacy. It is crucial to understand that the seed phrase is the wallet itself; it is the only access to the funds, which are actually stored on the blockchain. It should never be shared or entered online. It is best to store it on a durable and secure physical medium, such as those made of titanium, on which to engrave the words of the seed phrase.
An additional level of security can be achieved with “Shamir’s secret sharing,” a method that divides the seed phrase into at least three parts, entrusting them to trusted individuals. No single part can reconstruct the seed phrase, but it is necessary to combine at least two parts to recompose it.
How to mitigate counterparty risk by choosing secure platforms for holding cryptocurrencies
The use of online platforms such as exchanges is an almost mandatory step if you want to do trading or simply convert fiat currency into cryptocurrency. The very choice of the exchange on which to operate is fundamental to reduce counterparty risk: the age of the platform, its capitalization, or the history of hacker attacks it has suffered, is directly proportional to its level of security.
The access password is the first level of defense. It must therefore be as complex as possible, to at least avoid attacks of the “password spray” type, that is, the attempt to access a high volume of accounts with a few commonly used passwords, or of the “credential stuffing” type, exploiting the fact that people use the same credentials to access multiple applications, sites, and services.
The detention of crypto on an exchange should be limited as much as possible to the necessity of performing certain operations (trading, exchange, …), since exchanges are in all respects ‘non-custodial’ wallets, meaning it is not the user who holds the private keys to access the wallet, but the exchange that holds them for him.
In general, it is certainly safer to store your crypto on a wallet of which you hold the private keys (custodial wallet). Among these, a hardware wallet is safer than an online wallet: in fact, it allows you to keep the seed phrase always offline, never having to be typed on the pc.
A good practice, often overlooked, is to provide for a testamentary bequest, through a private writing managed by a notary, in which every information on where and how the seed phrases of one’s wallets are stored is transferred to the heirs, which would otherwise be lost.
How to avoid the risk of extortion and protect your crypto account from hackers
Finally, but not in order of importance, privacy is essential for security. Despite the blockchain making transactions secure, hackers always find new ways to compromise wallet keys, often exploiting personal information that users do not pay the necessary attention to, precisely because of this sense of security that can lower their guard.
Some tips for protecting yourself are:
- Use different addresses for each transaction.
- Create multiple accounts to distribute your assets.
- Use tools that maintain the anonymity of the operations.
- Avoid public WiFi, which are vulnerable to attacks.
- Use a VPN to mask your IP address and network activity, making it difficult for hackers to identify you.
- Enable two-factor authentication to verify identity during access, preferring biometric data such as facial recognition or fingerprints.
To avoid falling into a scam and minimize risks, countermeasures can be adopted based on the knowledge of the opponent’s tactics. The first bait used by scammers is generally the easy investment opportunity. We also find phishing attempts with email messages containing urgent requests for money, unsolicited messages that lure the user to a fraudulent site, and cybercriminals posing as companies or government agencies to induce completing a payment using cryptocurrency.
Final considerations on key practices to protect your investments in cryptocurrencies
In conclusion, being aware of how to hold your assets and keep them safe is essential for those who want to venture into the crypto ecosystem, since a single mistake or a single oversight can lead to the loss of your funds. Some risks are more evident and known, others more hidden and equally dangerous, but it has been shown that by practicing good ‘self custody’ rules, it is possible to minimize them and sleep peacefully.
See you next time and happy trading!
Andrea Unger