When something went wrong …
I will tell only a few possible stories that are waiting for you in the case of lack of computer literacy:
- If you catch some “shit” in an attempt to generate a license key for some extremely desirable game. This software will scan your hard disk, then it will find the private key. After a few milliseconds a new transaction appears on the bitcoin network that will take all of your hard-earned money
- If your email provider will loose the database of its users. Then some guy John will buy it in the darknet and quickly begin to run different semantic analyzers. After a couple of hours, it will lead to the disappearance of all bitcoins from all of the services that use authorization via email.
- In other case, some guy Peter, who works for Google and has a admin rights (like Snowden had) simply steal your Bitcoins from some service. And nobody will notice that. Will be like magic.
- Some virtual exchange, where all of your crypto is stored will disappear along with all the money. Exactly what Mt.Gox did and dozens of others.
- If you catch some trojan in the process of hunting for a cool porn. It can encrypt all the files on the hard disk. Afterwards it will find all links to your wallets and it quickly realize how much money you have and how much money it can demand from you. If you wan’t pay your hard drive will not be decrypted. This is a tragic scenario. After all, you can’t even send money to this hacker, because your keys will stay on an encrypted hard drive!
- If you lose your unencrypted laptop or phone.
- If you catch a clever Keylogger, none of your activities will save you from epic fail.
- If you will get an email from the service where your crypto-money stored. However the name of website is not blockchain.info but, for example, blokchain.info, and all will look identical. If you click on the link and successfully authorises it, your bitcoins will disappear simultaneously.
- One morning you will wake up without your money because the NSA agent will take advantage of some delicious backdoor in Windows operating system.
- If you decide to transfer cash to the smart contract that you think will do what it supposed to do, in fact, it will do something else. So this smart contract turned out to be smarter than you are.
Clearly, this is not a complete list. But maybe it will give you some ideas when something goes wrong. Now you see, cryptocurrencies — is not bucks. You are fully responsible for it’s safety. Neither Jesus Christ nor the Pope, nor Vladimir Putin nor Donald Trump will not be able to help you if you do something wrong. But those guys can’t take your money if you do everything in a right way.
With great power comes great responsibility.
My overall recommendation is to increase computer literacy. A specific recommendation is act strictly according to instructions without unnecessary actions.
What kind of wallets I do not recommend to use?
Here is one basic rule:
Do not give ANYONE your private key.
This means – do not use any of these wallets:
- Online web wallets, like blockchain.info, Coinbase, etc. In generally, all wallets which keep the private key on their servers.
- Any hot wallets. Any app on computer or phone which is used with Internet connection. It can be used with small amounts to make payments, but not for storing your whole money.
Use Cold Storate
Cold storage in the context of Bitcoin refers to keeping a reserve of Bitcoins offline.
Methods of cold storage include keeping bitcoins:
- On a USB drive or other storage media
- On a Paper wallet
- On a bearer item such as a physical bitcoin.
- Use a offline Bitcoin Hardware wallet
I will share my own method which I use. The main thing to understand is the basic rule:
Do not give ANYONE your private key.
Step 1 — Create a bootable USB flash drive
Create a bootable USB flash drive with permanent encrypted storage. Tails will be perfect, because it has an Electrum (Bitcoin wallet) and encryption in the box. Set up two passwords for login and for encryption.
Step 2 — Create a cold wallet.
Load with Tails (without the Internet). Create your cold wallet using Electrum. Come up with a complex password and write down 12–13 words (seed) on paper or think of something other place.
This seed — is your money!!! These 12 words will allow you to regain access to the wallet from any computer in the future.
You must also select the check box on the option “View Transaction Before Signing” in the wallet Settings. Thus, you will cause Electrum to show the transaction details before enter a password (i.e. signature) and send the transaction to the network.
Step 3 — Create a “watch-only” wallet in the main OS or mobile phone.
Copy your Bitcoin public address from Electrum into a text document on a flash drive and shutdown the Tails.
Create a ‘watch-only’ wallet using your public address or public key in any wallet app you like on main OS or on mobile phone. For example in Electrum you need to do the following steps:
– Create new wallet
– Choose “standart wallet”
– Choose “Use public or private keys”
– Paste your PUBLIC key in the next window > Create
Now we can view the balance of our bitcoins and generate new addresses from public key, but we can’t spend any of our bitcoins.
Step 4–Spend Bitcoins in a secured way
To send your Bitcoins in a secured way: run Tails again (do not use Internet).
Then make the transaction > a window will appear (as we have enabled the checkbox ““View Transaction Before Signing”).
At first click “Sign” and then when you enter the password, click “Save”.
Do not send the transaction to the network and do not enable internet, just copy the transaction file to the flash drive.
Start in the main OS > Open your wallet > In the menu choose something like “Load transaction from file” > load the signed transaction from a flash drive > and push “Broadcast” button
Thus the signed transaction is sent to the Blockchain from the ‘watch-only’ wallet, and your private key is not leaked anywhere from your Tails usb.
Very important. Always check address AFTER you have copied it in the field. Just going back to wallet, remember the first 2 digits and last 2, and then go to the form and check whether these are the numbers that you copied! First, we sometimes make mistakes. Practice shows that quite often. Second, now there are so smart viruses that will determine when you copied the bitcoin address to the clipboard, and replace it to another address.
What about other cryptocurrencies?
The same logic can be used in relation to all other cryptocurrencies.
I agree that this scheme is not the most comfortable to use, because you need to make a lot of manipulations with multiple OS and usb devices.
If you are looking for a good usability — look at buying a hardware wallet. These hardware wallets works by scheme described above, but also they have some unique advantages:
- private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext
- immune to computer viruses that steal from software wallets
- can be used securely and interactively, as opposed to a paper wallet which must be imported to software at some point
- You can feel like James Bond
Some of these wallets (e.g. Ledger wallet) support not only Bitcoin but also Ethereum, Litecoin, Dogecoin, ZCash, DASH, Stratis. And also it has integrations with many wallet apps like Electrum, BitGo, Copay, GreenBit and others.
If you ignored all of the above, or strongly believe to other people, or really appreciate the convenience or maybe all at once — you can even make a credit card linked to your bitcoin wallet.
Article by Alexandr Nellson, Read it in Medium