I always read about public keys,private keys and speedphrases that you need to store them in a paper wallet or hardware wallet. The only thing I ever stored are the passphrases (those 12 or 24 words) I get from metamask or other wallet provider in the beginning of creating a wallet. Is this enough when I write them down and secure them?

  • telejoshi@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Hot wallets are imho not secure enough for your investment. There can always be hacks or exploits, malware on your computer and so on. Also, some say that keys generated by wallets may not be 100% secure either, because the randomness comes from software.

    I would stick with a hardware wallet (or cold wallet) so that your private key is never on an online device. For the paranoid (like me), I’d suggest rolling the dice to generate keys.

    • ashketchup422@alien.topOPB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      What is the difference between storing the speed phrase on a paper and storing your private key on a paper a so called paper wallet? As far as I know, a paper wallet is a cold wallet. Or am I wrong? And storing your speedphrase on a paper is a hot wallet cause the actual Private keys are still online?

      • telejoshi@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Never had one, but paper wallets usually have a QR-Code to scan if you want to send transactions. I don’t like the idea of a paper wallet. Paper just doesn’t like water and fire, too many possible points of failure. Generating the wallet could compromise your key too.

        You can turn an old phone into a cold wallet with AirGap Vault for android or iOS. For Bitcoin, Electrum can be used on an offline Computer. Hardware wallets are the easiest solution and they’re around 70 bucks I believe

        Most important thing is to create a new wallet and not to use an old wallet that was a hot wallet before

      • Nonocoiner@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Assuming the see phrase is created secure, and stored 100% offline 100% off the time, it’s perfectly safe to store your ETH.

        For NFT’s and tokens it’s also important to only interact with trusted contracts, but since you’re creating a cold wallet there wouldn’t be any interaction with contracts anyway.

        • ashketchup422@alien.topOPB
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          But to create a paper wallet I need to set up a new wallet on metamask. That means the wallet will be connected to the internet at least once. Am I right?

          • Nonocoiner@alien.topB
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            So to create a paper wallet I need to set up a new wallet on metamask. That means the wallet will be connected to the internet at least once. Am I right?

            That would work, but it’s not really a cold and secure wallet then.

            To be 100% secure you need to create the seed phrase offline. You can do that using a hardware wallet, or a wallet installed on a PC that’s never connected to the internet for example.

            There are solutions available, but I can’t recommend any since I don’t have recent experience with this.

            • Ch40440@alien.topB
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              It doesn’t have to be a PC that has never connected to the internet. You can disconnect the internet connection, or use a VPN, etc

      • ExamAccomplished6865@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Oh god. For your own sake don’t go buying large dollar amounts worth of crypto. You have NO idea what you’re doing, talking about or even asking lol

        • ashketchup422@alien.topOPB
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          That’s why I’m asking dude. Do you really think the average crypto dude knows that? Following your logic 90% of crypto holders shouldn’t buy large amounts.

            • ashketchup422@alien.topOPB
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Who said I’m buying large amounts? You can’t even read properly. And why the hell are you bothering me. I just asked a question. I’m sure you’re fun at Parties.

        • CryptoWarfare11@alien.topB
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          No shit, hence why he’s trying to ask the community. Take time to explain if you’re going to bother posting.

  • Passi-RVN@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    for some reason i dont like hardware wallets too, the following is “my way” to store my eth:

    i did a fresh windows install and only downloaded metamask, nothing else, wrote down the address and the seed phrase and gave my metamask a password ( wrote the seed phrase and password on 20 pieces of paper and hid it here in my house in the cellar ) and turned off the computer and took out the hard drive

    after that i did send my eth to the address

    and there it is now ( 2 years from now ) until i need to access it again, but im a hodler, when the time comes (5 years maybe or more ) i will do a fresh install of windows again, install MM again and transfer my eth to an exchange of my choosing and change it to fiat then

    • Juankestein@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Sorry but this is the most stupid thing I’ve heard regarding safeguarding crypto lol.

      Why not make an Ubuntu bootable USB, why windows 10?

      And even with your unnecessary method, your steps are wrong. You first need to send ETH to the address, verify it arrive and that you can send it back, and then you take out the hard drive.

      I could write a bible as to why your method is slow, unsecure and bad but I’m just gonna say that creating your seed in a hot wallet is a bad idea, there a bazillion ways you could get exploited. Buy a HW wallet, they’re literally $70 and will save you this pain in the ass PLUS being like 25 times more secure lol

    • Neophyte-@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      for some reason i dont like hardware wallets too, the following is “my way” to store my eth:

      why dont you like hw wallets?

      with your other steps, everything would have been fine, but you connected your pc unpatched / no virus scanner to the internet to dl metamask to create a wallet, and yeah its windows…

      how ever unlikely it may be, you may have been subjected to a virus / keylogger while your unpatched windows machine got metamask… at hte time of the install

      even if there was a 0.00001% chance your pc was compromised. imagine you had your life savings on a potentially compromised wallet where some bad actor had a keylogger on your pass phrase. sure its been 2 years, but maybe the hackers are waiting

      • Juankestein@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        This guy created the most unnecessary, slow, impractical and unsecure method to safeguard his crypto to avoid paying $70 to Ledger/Trezor.

  • erizi0n@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    OP, somethings for you to learn, cuz you are kinda messing everything up together:

    Seed phrase: those 12 to 24 words (from the BIP39 mnemonic word list of 2048 possible words) that give you an infinite of possible private keys, it works like a master key. NEVER GIVE THIS TO ANYONE!

    Passphrase: a 25th word/phrase/whatever you want, chosen by you, for extra security for a new set of infinite possible private keys, every new passphrase used on the same seed phrase opens up a new infinite of possible private keys. NEVER GIVE THIS TO ANYONE!

    Private key: the string of characters that’s used to sign transactions for a specific wallet from the set of private keys derivative from a seed phrase or a combined seed phrase with a specific passphrase. NEVER GIVE THIS TO ANYONE!

    Public key: the string of characters you use, or give to someone, to receive money/crypto.

    I described it as lay as possible for you to better understand, but this info. alone is not enough, dig this on Google/YouTube by yourself, cuz you are your own bank now. So if you are not smart and careful your only client (you) loses all his stored money/crypto.

    • ashketchup422@alien.topOPB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      That’s the comment I was searching for! Thank you. I need to learn more. Do you have any recommendations? Maybe a trustful website or YouTube that doesn’t shill coins.

      • erizi0n@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        There are good crypto YouTubers out there, like Benjamin Cowen, he doesn’t even run ads on his videos.

        There’s also a guy that does whiteboard explanations (can’t remember the his name), but if you search on YouTube for crypto whiteboards he might appear.

        Anyways, I’m gonna give my last two cents to you, so just remember this about crypto investments, no one knows when crypto will actually go up or down (“no one knows shit about fuck”), do your own research, mainly invest in the top 2 cryptos (BTC and ETH), don’t diversify too much, learn about one specific crypto niche or blockchain network that’s fun to you and you really like (like L2’s protocols, gaming, AI etc.) and invest maximum on more 2 to 5 different alts (alt coins - other coins rather than BTC) if you have extra cash apart from your main holds (BTC/ETH) and you will be more than fine.

  • Mx_Nx@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Seriously, buy a Trezor or Ledger. If you are dealing with any serious sum of money stop right in your tracks and do your research. And yes, keep copies of your seed phrases but don’t do it on paper, get them etched into metal and stored in a SECURE place, can’t emphasize that enough.

    • Juankestein@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I sell stainless steel plates: https://cryptonumeris.com

      I always am surprised by why people oppose to HW wallets, they are less than $100 and they’re pretty much impossible to “hack”.

      If your investment is +10k and you don’t have a HW wallet you’re walking on thin ice.

  • Lifter_Dan@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Getting the 12/24 words from metamask is not the same as a paper or hardware wallet.

    Hardware wallet = Trezor or Ledger giving you the 24 words to write down. They are NEVER on your computer, thus hackers can never view/steal them. You still use Metamask, but metamask talks to your USB trezor and then you do the approval on the hardware device where no malware can touch it only you can approve. In contrast, any virus on your computer can read your screen, store whatever password you type into metamask and potentially even tell metamask what to do when you walk away from your computer.

    Paper wallet = old style wallet where you’d write down the phrases from a wallet created on a computer that does not have internet access (air gapped computer). You would then send some Bitcoin to that address and let it sit there until you’re rich at which stage you’ll have to use the key to transfer it to sell. Paper wallets aren’t really used anymore.

    Hardware wallet is recommended, and if you can read the docs about using a trezor passphrase on top of that it’s an extra step of security too that I’d recommend.

      • Lifter_Dan@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Personally I don’t like ledger because they allowed a data leak, I prefer Trezor. But ledger does support more types of crypto.

        • ashketchup422@alien.topOPB
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Damn yes I remember. I read about the leak. But Trevor is almost twice the price. I can’t spend almost $200 for a hardware wallet. Do you know any cheaper and secure wallets?

          • Lifter_Dan@alien.topB
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Curious why it is too much for something you’d keep using for 10 years or more (I’ve had mine since 2017) then it might be a good idea to reconsider crypto, it’s well worth foregoing a night on the town or whatever alternative you would spend $200 on.

  • 4cademy@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Due to the fact that one seed phrase can generate multiple wallet even of the same currency I write down a bit more than just the seed phrase.

    I also write down the derivation path of the wallet I used to create the adress and the corresponding address itself. That way I still know in years what to do with an old seed phrase aka. how to derive the right wallet. Because even today some wallets use different derivation methods and they migth be subject to change in the future.

      • 4cademy@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Haha. Well I don’t think it is that big of an issue. Big changes to the derivation methods would definitely throw many users under the bus so that either never happens or if it happens the old way of deriving your wallet will quickly be well documented. I personally still feel better by writing down the derivation path. That way I am not dependent on anyone at anytime.

  • KoreanJesusFTW@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Hi OP.

    A cold wallet is a wallet that’s never been exposed online.

    I’d say that the other kind of wallets come in “levels of heat”.

    I personally wouldn’t use any wallet that is in a Windows environment; be it a standalone app or a browser extension. I would even extend to saying that this kind of wallet is just about as “hot” as an exchange wallet (which is always custodial). The only way I would use a wallet on a PC is if the OS is Linux.

    Some will say to go the hardware wallet route. Here, you are trusting the manufacturer. With the recent Ledger fiasco, this a huge NO for me as well.

    If you are simply storing (multisig wallets aside), an airgapped Linux PC or an airgapped Cell Phone with MEW OFFLINE is by far the best option. MEW is fully audited and open-source. So long as you are downloading a hash verified MEW and the Offline PC that you are using to generate your seed phrase/keystore/private keys is clean, you are very safe.

    Create the wallet, note the generated public address, remove it, then try to restore it and compare to see if the generated public address is the same. When storing them coins, send a bit first and check first before sending the rest.

    Take care.