Well, the theory part is over. Now we will take about practical operation. The key here is to understand how to ensure the security while using a wallet.
Generate a wallet
The first step is to generate a wallet. The key here is to generate it offline. First, choose a trusted software wallet to generate the wallet. Make sure to disconnect the network when generating. It is generally believed that a wallet should be abandoned once the private key of the wallet is compromised.
Here’s an interesting example: Institutions holding huge amounts of cryptocurrencies have stringent security measures. Since software wallets are generally open source, institutions will first ask security experts to audit all the code of the software wallet to ensure that the code has no backdoor in it. Then they find an obsolete computer, install the software wallet , and generate a wallet. Finally, they destroy the computer. Of course, there is no need for individual users to get so complicated. It’s suggested that we choose established software wallet, e.g. a wallet that’s in operation for as at least 3 years, and is decentralized and open source. It is safe to use this type of wallet to store our encrypted assets.
Does the wallet distinguish between hot and cold?
You may have also learnt that there are cold wallets and there are hot wallets. A cold wallet means that the private key of the wallet has never been exposed to a networked device. The paper wallet we mentioned earlier is a cold wallet. Software wallets are generally hot wallets, because there is no way to make a transfer without connecting to the Internet.
Here’s a practical security measure. We can use multiple ways to store our encrypted assets.
For coins that are large in amount and expected to be held for a long time, use cold wallets. For coins that are traded frequently, use exchange wallets. For other coins, use more than one software wallet, or generate multiple addresses in the same software wallet, and store the coins in a decentralized manner to make sure that the amount in each wallet will not be too large. (For a detailed operation tutorial, see the BitKeep Tutorial).
Note that the address of the wallet is equivalent to the public key, and it will not affect the security when the public key is exposed. You can transfer assets in your wallet and rest assured. These wallets all take the approach of cold storage. But if you need to make a transfer to other people, you should generate a new wallet, and enter the private key to transfer. Once the transfer is complete, discard the the wallet (private key).
It needs to be added here that most of the software wallets have been enhanced in terms of security. They do not store private keys, but encrypt the keys and put them in the Keystore file.
For each transfer, you need to decrypt the Keystore file with a password to access the private key. In the same time, a software wallet will not upload a private key or a Keystore file to the connected servers, but only keep it on our phones. Such measures increase the security of the software wallet, but it also means that if something goes wrong when your mobile phone, the wallet developer won’t be able to retrieve your private key, and your assists in the wallet is, of course, lot forever.。
To sum up, do not put too many coins in one wallet, generate wallets offline, and store them in cold storage.