So you’re thinking of taking full custody of your bitcoin, or you’ve already taken possession of your coins and living that self-sovereign life. You may have eliminated the third party risk of storing your bitcoin with an exchange or a custodial wallet provider, but you’ve also opened yourself up to a new set of risks that you may not yet be aware of and could lead to your loss of funds.
Firstly, you should consider generating your wallet using a hardware device to create keys that remain offline. If you’re using a hot wallet, those keys will always have an element of vulnerability as those keys were generated on a device with open access to the internet. We’re all guilty of installing apps we don’t check. We’re all guilty of surfing websites that have malware, so keeping the keys to your wallet on the same device is a hazardous occupation.
You want a small device that ONLY does bitcoin; it cannot install any other software and can only be used to handle your keys. The fewer options a machine can do, the less likely it is to vulnerabilities.
Once you’ve created a seed phrase/private key for your wallet, it is up to you to protect that seed phrase using the most secure storage methods available to you. Remember, your private key is the most critical access codes you’ll ever own, and once compromised, it’s over. You cannot change it, and anyone with access to those keys can access your wallet and, of course, your funds.
Now I see so many people focus on getting a hardware wallet and thinking this is the be-all and end-all and will bring them security but then make mistakes that open them back up to having their funds stolen. So what are these storage methods, and why are they so dangerous?
A single piece of paper
A paper seed phrase copy is probably the most common because it forms part of the instruction set of many hardware wallets. Once you’ve written down your 12-18-24 or more private key on a single piece of paper, you leave yourself open to several vulnerabilities. Firstly the physical damage and erosion, if that paper gets wet, burned, left in direct sunlight you could lose access to those keys. If the paper gets lost or stolen, your funds will go along with it.
While the paper option is far more secure than some of the methods on this list, it’s not without its issues. You may need to create several copies in case of damage, and you may want to split those copies into two or three versions.
The copies are in case one is lost or stolen, but splitting them up is in case someone else lands in possession of your keys; they may not be able to access your funds since they only have a half or third of the set of phrases.
In terms of physical damage, you could laminate the paper to give it an additional layer of protection, but always be sure to check that your phrase papers have not been damaged. If they are starting to fade, perhaps create a new copy and destroy the old documents.
Flash drives
Flash drives are not hardware wallets, they are general-purpose storage devices, and even with a password, many of these flash drives have ways to bypass that security and get into those files. Sure, you can encrypt the files too, but why even take these risks when you can avoid it with a physical copy of your seed phrase instead. The entire point of generating a seed phrase is to keep it offline; having digital copies of it defeats the purpose of securing your funds.
Screenshots
Screenshots are a great way to grab a meme or capture a conversation from your instant messaging app; it is NOT a good idea to screenshot your seed phrase. Don’t think you’re being smart by adding your seed phrase to a text file or word processor and then taking a screenshot that you’re going to secure.
It’s too late; you’ve already exposed your seed phrase to a host of cloud service providers your device connects with to store images and is probably one of the more secure connections on your device. Images of all kinds get leaked across the internet, regardless of having them stored in secure locations or robust devices.
If your nudes aren’t safe on your phone or laptop, what makes you think a picture of a seed phrase that gives me access to your bitcoin is not going to be an attractive target. If you have taken a screenshot of your seed phrase, I recommend moving those funds to a new wallet and getting rid of that compromised wallet.
Photographs
Same with screenshots, for the love of all things satoshi, don’t take photographs of your paper wallet or steel wallet as a copy. Regardless if you’re taking that photo with a digital camera or a smartphone, you’re creating so many unnecessary copies and metadata on the device and the memory card, you’re simply leaving more trails to your seed phrase than it should have, and that’s not a good idea.
If you have taken photos of your seed phrase in the past, delete those photos, have them removed from all local and cloud storage options and move those funds to a new wallet.
Print outs
So you have ugly handwriting, and you think a digital printout would be a better option; it would be neater, and you can create several copies easier for storage. My advice would be, take a calligraphy class and clean up your handwriting; it could save you a fortune in the future. When you create a digital copy of your seed phrase, even if you don’t save the document, it is held in temporary files on your computer, which can be accessed if someone knows where to look.
In addition, when submitting a job to the printer that metadata can be stored in several places, and let’s be honest, printers aren’t the most secure means of transferring data, and why should they be? Their purpose is to create copies of information, not to secure information. Many of today’s printers also have their own WiFi and internet access that also provide additional access points to your seed phrase.
So lay off the printer and break out the pen and paper instead. If you have printed a seed phrase and it’s still in use, It would be best to migrate to a new wallet instead.Â
Digital text files
So you think you can type your seed phrase into a text file or Word document and store it digitally? I am here to tell you that’s not a good idea. Yes, you can password protect a document, and even though MS Word uses AES 256 encryption, it’s not that safe. Depending on your password, if you choose a short password or something simple, then yes, it can be cracked in a relatively short amount of time, ~ a few days to a few months by a determined adversary.
Note apps
I know note apps can seem convenient. You probably use it as a reminder or to create shopping lists, but that’s all they are suitable for, storing temporary information that you wouldn’t otherwise care about in the future. It’s not ideal for keeping the keys to your bitcoin and a small fortune. These note apps are often connected to cloud servers, which may not even be run by the device’s manufacturer or the app developer and could be a third-party service like Amazon.
That means you expose your data not only to the manufacturer but to any third parties in between that host your note app and, of course, anyone who can access those connections. Apps may seem like walled gardens, but they very much have free access to your device. Apps can log keystrokes, texts, messages and metadata from other apps and aggregate it to data centres you have no idea even exist.
If you do or have added your seed phrase to a note app, I recommend creating a new wallet with an offline key and moving your funds as soon as possible. Don’t risk having your funds in a wallet with keys that have the possibility of exposure. It’s not only the host of apps that have free reign on your phone and the data you create but also internet connections like the WiFi at your local coffee shop or the memory card you stuff inside your phone for extra data.
Every time you add a new connection to your device, you open up a potential vulnerability point to access those keys.
Your seed phrase is your bitcoin.
Remember, when it comes to bitcoin, that private key is the only way to prove and claim access to that self custody bitcoin. If you destroy, lose or have your keys stolen, you only have yourself to blame. When storing generational wealth, you should not take even the slightest chance.
Yes, the other methods may be convenient, but it comes at a cost, a cost many of you would not be willing to pay in the future. While being your own bank and taking responsibility for your funds and safeguarding them can be annoying and tedious, this is the price you pay for your self-sovereignty and complete security of your wealth.
