The journalists on the editorial team at Forbes Advisor Australia base their research and opinions on objective, independent information-gathering.
When covering investment and personal finance stories, we aim to inform our readers rather than recommend specific financial product or asset classes. While we may highlight certain positives of a financial product or asset class, there is no guarantee that readers will benefit from the product or investment approach and may, in fact, make a loss if they acquire the product or adopt the approach.
To the extent any recommendations or statements of opinion or fact made in a story may constitute financial advice, they constitute general information and not personal financial advice in any form. As such, any recommendations or statements do not take into account the financial circumstances, investment objectives, tax implications, or any specific requirements of readers.
Readers of our stories should not act on any recommendation without first taking appropriate steps to verify the information in the stories consulting their independent financial adviser in order to ascertain whether the recommendation (if any) is appropriate, having regard to their investment objectives, financial situation and particular needs. Providing access to our stories should not be construed as investment advice or a solicitation to buy or sell any security or product, or to engage in or refrain from engaging in any transaction by Forbes Advisor Australia. In comparing various financial products and services, we are unable to compare every provider in the market so our rankings do not constitute a comprehensive review of a particular sector. While we do go to great lengths to ensure our ranking criteria matches the concerns of consumers, we cannot guarantee that every relevant feature of a financial product will be reviewed. We make every effort to provide accurate and up-to-date information. However, Forbes Advisor Australia cannot guarantee the accuracy, completeness or timeliness of this website. Forbes Advisor Australia accepts no responsibility to update any person regarding any inaccuracy, omission or change in information in our stories or any other information made available to a person, nor any obligation to furnish the person with any further information.
Published: Jan 30, 2023, 12:24pm
Edited By
Edited By
It’s no secret the investing in crypto comes with risk: the market is volatile, regulators are still catching up and there have been many high-profile hacks, scams and frauds. Chainalysis’ 2022 mid-year analysis of crypto crime found that $US1.9 billion worth of crypto had been stolen in hacks and scams had resulted in losses of $1.6 billion. And who can forget that spectacular collapse of central exchange FTX, which ensnared some 50,000 Australians whose coins were listed on the exchange.
Investors with a better grasp of how to hold crypto safely have an advantage. You might have heard phrases like ‘be your own bank’ and ‘not your keys, not your crypto’ thrown around, but do you really understand the differences between wallets, what it means to manage your own crypto assets, and storage best practices?
While no crypto storage method is foolproof, knowing more will help you improve the security of your digital assets.
Related: Crypto News Blog: Lender Genesis Files for Bankruptcy
Before we look at the types of storage that is commonly used, let’s explore why cryptocurrency storage is so crucial for crypto investors and traders
Cryptocurrencies are digital tokens designed to be exchanged through encrypted transactions via decentralised computer networks known as blockchains. While crypto tokens exist on the blockchain, crypto wallets are the mechanism for making the assets accessible, so you can send and receive tokens between two different accounts.
Transfers between wallets are made by sharing what is essentially a unique account number for each type of cryptocurrency you own—known as a public key or wallet address. Each ‘account’ also has a private key. Safeguarding this information, via a wallet, is a fundamental aspect of crypto storage.
The importance of protecting private keys is a common knowledge gap for new investors, according to experienced crypto educator Danielle Marie, who delivers accredited blockchain training and founded the non-profit networking group All Things Blockchain.
Marie explained that private keys are a long string of letters and numbers that serve as a unique identifier—they prove ownership of a particular wallet and give people the right to access and control its assets. A seed phrase is a series of 12 to 24 words that can be used to recover a wallet if you lose access.
“To put it in simple terms, A private key is like a password to get into your online bank account. A seed phrase is like the answer to a security question you set up to recover your account, when you forget the password,” she said.
A significant amount of crypto theft arises from bad actors getting access to private keys, through hacks of exchanges/wallets or scams that trick people into revealing them. Or tokens might be lost forever if private keys and seed phrases are lost or accidentally destroyed by an asset owner.
Effective security also matters because blockchain transactions are permanent and irreversible. The decentralised and largely unregulated nature of crypto means there’s no third-party institution that protects your tokens or guarantees your investment (like a bank or the government) if something goes wrong.
Crypto exchanges are essentially digital marketplaces that let you use real money ($AUD) to purchase cryptocurrency like Bitcoin and Ethereum, trade one type of crypto for another, and convert your crypto back into cash.
Most popular exchanges like Binance, Coinbase, CoinSpot and eToro are run like any other online platform (that is, they don’t leverage the blockchain and are considered ‘centralised’). This is also why they’re popular: they’re user-friendly and convenient. Decentralised exchanges that support direct peer-to-peer transactions do exist, but are often more complex to use.
Your account on a centralised exchange may be described as a wallet. However, storing your crypto on exchanges usually means the business retains control (or ‘custody’) of the assets and users can’t access the private keys. This is what’s known as a custodial wallet, or sometimes a hosted wallet. You have to trust the company running the exchange to take care of your assets and run a tight ship.
Unfortunately, while many exchanges are ethical and vigilant, it only takes one bad exchange to cause havoc across the entire industry. As was the case with Sam Bankman-Fried’s FTX, which has since filed for Chapter 11 bankruptcy: thousands of investors entrusted their crypto holdings to his company, which were later found to be propping up his Alameda Research hedge fund. Bankman-Fried is now facing criminal charges of fraud.
Hot wallets are online, software-based crypto wallets. Your account on a crypto exchange can be classed a hot wallet because it’s connected to the internet.
Specifically, non-custodial or self-custody hot wallets are internet-connected wallets where you control the private key and seed phrase for your crypto assets. The private keys are stored within the app/software itself.
Being able to access a non-custodial wallet via a web browser or app is convenient, but like everything online, it does make these wallets vulnerable to cybersecurity threats, hacks, scams and fraud.
Offline wallets are called cold wallets. Nowadays that generally means a physical device—which can range from a USB drive through to specifically designed hardware with custom security and accessibility features. Cold storage can also include paper-based documentation but it’s an approach that’s out of favor because of paper’s fragility.
The first decision to make is how comfortable you are with custodial storage, or the extent to which you want self-custody (essentially: be your own bank).
While most crypto exchanges are custodial, there are new models emerging that keep users in control of their own private keys and digital assets. Australian company Elbaite has a non-custodial exchange model that facilitates crypto transactions directly between two individuals’ self-custody wallets.
Elbaite’s CTO and co-founder Samira Tollo said self-custody helps investors avoid losing access to crypto held on centralised exchanges if the exchange is hacked, becomes insolvent, or in cases where the company freezes user accounts or withdrawals.
“With recent events that have occurred overseas, such as the FTX breakdown, crypto investors are becoming ever more aware of the risks associated with holding their cryptocurrency in centralised exchanges and so are choosing to self-custody,” she said.
Even when you commit to managing your own assets, choosing how you store crypto is rarely an either/or scenario. Tollo said experienced investors will often have multiple hot and cold wallets to cater for:
To narrow down your options as you determine your ideal mix of storage methods, Danielle Marie said some key factors to consider include:
Just as diversifying your investments can reduce your risk, spreading your assets across multiple storage types may be a good idea. “By diversifying your storage methods, you can reduce your risk of losing everything in the event that one of your storage options is compromised,” according to Danielle Marie.
Arguably, the safest way to store crypto is a hardware wallet. But as Marie explains, the effectiveness of cold storage depends on its careful use.
“Hardware wallets are physical devices that securely store the private keys to your cryptocurrency addresses offline. This makes them immune to hacking attempts that target online software wallets,” she said.
“Additionally, it is important to properly secure the device, like creating a strong passphrase and keeping the device firmware updated. And also avoid sharing private keys with others, or storing them online or on a computer.
“It is also important to make sure that you are using a reputable hardware wallet manufacturer.”
Samira Tollo agrees that storing private keys offline is critical, making the case for investors to add cold storage devices into their self-custody processes. “People think it is ‘clunkier’ to use, but really it only contains an extra step, which is to plug it into your computer,” she said.
Tollo offered a two-layered strategy to manage risks while simplifying wallet and private key management:
As an additional back-up, Marie and Tollo both suggest keeping a physical record of private keys and recovery phrases that is stored offline and securely: such as a piece of paper or metal engraving kept in a safe.
This article is not an endorsement of any particular cryptocurrency, broker, storage method or exchange nor does it constitute a recommendation of cryptocurrency as an investment class.
Featured Partners
1
eToro
Invest with a crypto brand trusted by millions
Buy and sell 70+ cryptoassets on a secure, easy-to-use platform
Crypto assets are unregulated & highly speculative. No consumer protection. Capital at risk.
Hot crypto storage or a hot wallet is an internet-connected platform/app for holding your crypto assets. Hot wallets may be custodial (e.g., accounts on crypto exchange platforms that keep your assets in their custody) or non-custodial (platforms and apps that give you full control over the crypto you hold, a.k.a. self-custody).
As you invest more and increase the amount of crypto you hold, you may prefer to store the majority of your assets in a secure, offline wallet/device (known as a cold wallet), while retaining some crypto in online hot wallets for your more frequent trading needs.
Yes, you can store crypto offline. Offline storage is called a cold wallet. While in the past some people used a paper wallet (a paper printout with scannable barcodes), now cold wallets are usually a hardware device. It could literally be a USB drive, but there is a huge range of custom crypto hardware wallets available on the market from brands like Ledger, Trezor and SafePal.
Jody McDonald is a freelance writer based in Brisbane who specialises in writing about business, technology and the future of work. She’s helped a range of SaaS platforms and tech companies share their stories, and has written for the Mortgage and Finance Association of Australia magazine, MYOB Pulse, Anthill Magazine, Crypto News Australia and The Chainsaw.