If you’ve ever used a cryptocurrency exchange then you might have come across the term “Hot Wallet.” You may also have heard how risky they can be and, if you’ve looked into it any further, read horror stories about hackers stealing silly amounts of cryptocurrencies straight from exchanges.
So what exactly is a hot wallet? And what distinguishes it from its opposite number: a cold wallet? What are they used for and, if you already own any cryptocurrency, is it currently stored in a hot wallet? You might, if you’ve just stumbled across this article, be wondering what temperature has to do with wallets in the first place!
About the author
Nick Percoco is Chief Security Officer at Kraken
The hot wallet basics
Let’s start from the beginning. In many ways, cryptocurrencies, like Bitcoin, are very similar to the cash you keep in your back pocket. They are divisible into tiny exchange units that can be used for private transactions. Just like cash, cryptocurrencies can be sent directly between two parties without an intermediary – a bank, say – having to process or approve the transaction for you.
But just as how you keep cash in your pocketbook, cryptocurrencies have to be held somewhere. This is where a wallet comes in. At its most basic, a cryptocurrency wallet is a bit of software that contains a public and private cryptographic key; sort of comparable to an account number and PIN number. In any transaction, the receiver shares their public key with the sender, so they know where to send the money to. The sender then signs the transaction with their private key, which effectively authorizes it. Once everything matches up, the transaction completes and the crypto is transferred from the sender’s wallet to the receiver’s wallet – much like taking out a banknote from your pocketbook and handing it over to someone else, who puts it in theirs.
So while the public key identifies wallet addresses, a private key is the crucial bit of information that confirms the transaction is actually valid. Just like a PIN number, it’s vital that wallet holders never disclose their private keys, as this effectively allows anyone, anywhere, with an internet connection to easily access the cryptocurrency and use it as if it was their own.
This is crucial for understanding what exactly makes a cryptocurrency wallet “hot.” Essentially a hot wallet is one that’s connected to the internet. They come in many shapes and sizes, and include mobile wallet apps, as well as the wallets used to hold your crypto when you log in to an exchange.
Because hot wallets are connected to the internet, they can easily be used to buy and sell cryptocurrencies. That’s important: back in the early days, sellers very often had to connect with buyers in real life in order to make transactions. What makes a hot wallet so useful is that transaction parties can buy and sell directly with one another. Without them, Bitcoin would be a very difficult asset to trade.
The dangers of using hot wallets
But, of course, what makes hot wallets so valuable, as a way to seamlessly buy and sell cryptocurrencies, also makes them vulnerable. By being connected to the internet, both the public and private keys of a hot wallet are stored online. This means they can be – and are – targeted by hackers.
As with other cybersecurity, the risks largely depend on how well the wallet owner has implemented sufficient security measures. Poor password management, using a simple phrase that has also been used for other internet accounts, say, makes hot wallet owners much more vulnerable to attacks; as does a lack of two-factor authentication. A promising development in recent years has seen cryptocurrency holders begin to use multisig wallets that require two or more private keys, making them that much more secure.
The fact that exchanges hold hundreds of millions, if not billions, of dollars worth of cryptocurrencies means they are often targets for hackers. Exchange attacks unfortunately remain commonplace. You can have all the security you want in place, but you need to ensure your exchange also has proper protection too. If they’re hacked, there’s no guarantee you’ll ever see your cryptocurrencies again. It’s very important that you thoroughly research any trading venue – make sure they take the security of your assets as seriously as you do.
But what’s cold storage and what separates it from a hot wallet? That’s simple: a cold wallet holds cryptocurrencies, just like a hot wallet, but keeps the cryptographic keys offline. They can take many forms: some of the most popular are the hardware wallets that look a little bit like USB memory sticks. Oftentimes, the wallet owner keeps the private keys on an encrypted flash drive, a smartcard, a computer that isn’t connected to the internet, or even just on a bit of paper. By keeping private keys off the internet, cold wallets are secured against hacking attempts. If a cryptocurrency holder is using a hardware wallet, they simply plug the device into the computer whenever they need to access their cryptocurrencies. As the private keys remain offline, the wallet is secure even when it’s plugged into a computer.
There is, of course, a tradeoff. As it’s not connected to the internet, accessing and moving crypto in and out of a cold wallet can be a cumbersome process. That’s why many holders use them in conjunction with hot wallets. Holders transfer the small amounts they need to trade on a hot wallet and keep the rest of their crypto wealth secure in a cold wallet. Indeed, that’s also broadly what exchanges do – although on a much bigger scale – to minimize the risk of attack.
So what should you take away from this piece? First and foremost, if you’re interested in buying cryptocurrencies, adopt a security-first mindset. Check who you’re buying your coins from and ensure that you never ever disclose your private keys to anyone.
Secondly, consider, if you haven’t already, moving any crypto assets you have that you aren’t using off your exchange account. Hot wallets are a valuable part of the crypto infrastructure, without them trading would be burdensome and time consuming, but they aren’t watertight from a security perspective.
The single best way you can protect yourself from having your assets stolen is by getting a cold wallet. So long as you follow basic security protocol when it comes to your private keys – not posting them on Facebook, for example – you’ll keep your private keys secure from hackers.