Paper wallets were considered the safest way for ordinary people to store their Bitcoin and other cryptocurrencies (I will use Bitcoin to stand in for all cryptocurrencies in the rest of the article) until around 2017. In addition, paper wallets were a convenient way to give Bitcoin as a gift. Then the advent of hardware wallets, such as Trezor, Ledger, and KeepKey, became the cool way to store your Bitcoin. Are paper wallets just a quaint historical footnote of the infancy of Bitcoin?

In this article, I will examine some of the advantages and disadvantages of the most common ways to hold your Bitcoin. Let’s start with the most familiar way for most people to hold their Bitcoin, namely holding your Bitcoin on an exchange. Exchanges make it easy to buy and sell Bitcoin and feel similar to a brokerage account for buying stocks and bonds. Since most people will buy their first Bitcoin through an exchange, just leaving the Bitcoin on the exchange will seem natural.

Unfortunately, the Mt. Gox story points out the risks of leaving your Bitcoin on an exchange. I will provide a quick overview of theMt. Gox history for those who do not know the story, but if you want to read an in-depth history of Mt. Gox check out this article, The History of Mt. Gox Hack: Bitcoin’s Biggest Heist. Mt. Gox was the first Bitcoin exchange in the world. It was located in Japan and started out life as a trading card (Magic: The Gathering Online) exchange. By 2014 it was handling 70% of all Bitcoin transactions. There were plenty of signs Mt. Gox was having computer and security issues, then in February 2014 the exchange closed its “doors” and announced that it had lost 750,000 Bitcoin (about $65 million at the time). The Mt. Gox bankruptcy is still ongoing at the time of writing this article. 

This might be a good time to review how a centralized exchange works. A block diagram of a centralized exchange is provided below.

 

The exchange takes deposits from its customers in the form of fiat or Bitcoin. When a customer deposits fiat, the exchange deposits the fiat in a bank (not shown) and creates an entry in its database, crediting the customer with the deposit. If the customer deposits Bitcoin, a transaction is created and sent to the Bitcoin Ledger that shows that a certain amount of Bitcoin has been transferred from the customer’s private address to the exchange’ private address. The exchange then records this transfer in its database. 

Because the customer’s fiat balance and Bitcoin balance are just entries in the database, purchases and sales of Bitcoin on the exchange are just changes in the entries in the database. This allows for fast execution of trades. While transfers of Bitcoin to and from the customer require sending the transaction to Bitcoin ledger and waiting for a certain number of confirmations, which can easily take 30 or more minutes. This would be way too slow for most professional traders. If you want to understand how the Bitcoin ledger works, check out this article on Investopedia. 

One of the advantages of exchanges is that transfers of Bitcoin between customers are very fast as are the purchases and sales of Bitcoin, since they merely involve database entries. However, because all the Bitcoin for the exchange is held in one or a few private addresses they make great targets for hackers. In addition, conventional databases are not nearly as secure as the Bitcoin ledger, which has never been hacked. This is why many Bitcoin experts suggest never storing more on an exchange than you are going to actively trade. 

The number one downside or risk of holding your Bitcoin on an exchange is that the exchange will be hacked or lose your bitcoin due to financial mismanagement. In addition, governments such as the United States may target your exchange. For instance, the US government targeted WEX and its predecessor BTC-e, making outrageous statements as justification for their actions that were easily proven to be lies. The result was that some of BTC-e fiat funds were confiscated causing the exchange to collapse. After the collapse of BTC-e, the WEX exchange was founded by some of the BTC-e founders, and they gave out special tokens to former BTC-e customers to try to make them whole. Unfortunately, the US government also attacked WEX and “protected“ its customers by making WEX insolvent. This despite that it is well known that the CIA used BTC-e to “launder” money, since BTC-e did not require KYC (Know Your Customer) for its customers. For more see
New Crypto Rumor Puts Russia FSB and American CIA as Double Agents in Bitcoin Exchange Scam?

Bitcoin was created because many people do not trust the banks, their government’s handling of the money supply, and they are tired of their government spying on their financial transactions when they are not criminals. KYC laws put innocent people at risk, as the recent Chinese hack of Equifax shows, for more see this Article. People legitimately complain that KYC laws make them more vulnerable to these sort of hacks of their sensitive personal information, while providing them no benefit. As Andreas Antonopoulos and others point out, cash, particularly the US dollar is the main tool of terrorists and money launderers. In addition, licensed banks are the biggest players in laundering money and governments almost always just give them small (token) fines, when they are caught. 

 *Risk of Loss due to the exchange being hacked or financial mismanagement;

 *Loss of Anonymity – many exchanges have KYC and even those that don’t may 

 keep some information on their customers;

 *Appropriation by Governments – governments may block your account or appropriate it

 and they also may block the whole exchange or steal their funds;

 *Limited Countries – most exchanges are only available in certain countries.

 *Ease of trading; 

 *Easy conversion into fiat;

 *Familiarity – plus it does not require learning much about the mechanics of Bitcoin;

 *Low Responsibility – taking delivery of your Bitcoin requires a level of responsibility and

technical sophistication that most people are not used to.

There have been a number of new developments in Bitcoin exchanges since the Mt. Gox fiasco. There now are insured exchanges, regulated exchanges, decentralized exchanges and smart contract trading platforms, all of which are trying to solve many of these problems. However, any centralized exchange is always at risk, even if it is regulated and even if it is insured. In addition, holding your Bitcoin in an exchange is sort of against the whole point of Bitcoin, which allows you to be your own bank. 

 The first hardware wallet, the Trezor One, was introduced in July 2014. The promise of hardware wallets is that they are easy to use, but never expose your private keys online. Hardware wallets are based on a Bitcoin technical proposal called BIP39. If you want to see the BIP39 Github page CLICK HERE. One the key points of hardware wallets is that they use a “seed phrase” that allows your to recover your wallet, even if you lose the physical device. The seed phrase is 24 words that are used by the wallet to deterministically create all your private and public keys. These are called deterministic wallets and the most common deterministic wallet is a hierarchical deterministic wallet. 

 Besides, generating and managing your private keys, hardware wallets sign transactions with your private keys, without you having to remember or enter your private key. This is quite convenient as private keys are extremely long combinations of characters. The hardware wallet owner just has to plug their hardware wallet into their computer, enter their pin on the device and select send in the associated application to transmit Bitcoin to another person. The device automatically signs the transaction with their private key and then transmits the transaction information. The user’s private key is never exposed to the internet. 

 In order to receive money from another person, the owner of a hardware wallet only needs to show the person sending them Bitcoin a QR code (or a public key). This does not require the hardware wallet be plugged in to a computer or for their computer to be online. Note that this is true for all Bitcoin wallets.

 Hardware wallets solve two major problems. One is that they make it easy for a nontechnical person to send Bitcoin to another person and the other is that hardware wallets make it hard to lose your private keys. It is likely that more Bitcoin has been lost by owners forgetting or losing their private keys than all the Bitcoin that has been stolen or lost by exchanges. As a result, an important consideration in securing your Bitcoin is to make sure you are not likely to lose or forget your private keys. 

 However, hardware wallets do come with their own risks. One of the simplest risks is losing or having someone steal you seed phrase. Losing your seed phrase is akin to losing your all your paper wallets, except if you still have your hardware wallet you can immediately transfer all Bitcoin to a new wallet. Then you can wipe your hardware wallet and reboot the device with a new seed phrase. I will not describe how to do this here, because there are many excellent articles on point, which can explain how to do this better than I can. 

Another risk is that you lose your hardware wallet. You may be tempted to think that hardware wallets are not hackable so you are okay, but this is not the case. This youtube video 35C3 – wallet.fail details a number ways in which hardware wallets can be hacked. All the hacks they discuss require having physical possession of the hardware device. The most insidious are those that involve tampering with the hardware wallet before you receive it. These cases are not theoretical, actual cases have occurred and people have lost the Bitcoin they put on their hardware wallet. 

 Another little discussed risk is that these devices are somewhat distinctive and therefore may attract attention and signal that you have Bitcoin. Especially, in more repressive and corrupt countries this may become very important. Even Australia has passed a law that requires you provide them with the keys to unlock any cryptographically information you have. 

 *Ease of sending a transaction – you do not need to enter or know your private keys; 

 *Your private keys are never exposed to the internet;

 *Some exchanges have integrated hardware wallets, making it easy to use these exchanges;

 *Lower technical sophistication is necessary to operate a hardware wallet safely.

 *Risk of loss/theft of your seed phrase, which gives anyone with it access to all your wallets

 on your device; 

 *Risk of tampering with device. This risk seems greatest before you receive your device;

 *Flag – these devices are somewhat distinctive and “advertise” that you are a Bitcoin holder.

A paper wallet is a piece of paper that contains both the private and public address for a Bitcoin “wallet”. They are considered very secure, because if they are correctly made the private key is never exposed to the internet. One of the downsides of paper wallets is that they are not as easy to use/create as an exchange or a hardware wallet. Here is an article, A Beginner’s Guide to Bitcoin Paper Wallets, that describes how to create a secure paper wallet. 

 

Paper wallets are considered “cold storage” because the private keys (addresses) are not ever exposed to the internet. Of course, this makes it critical to safely and securely these pieces of paper from theft and destruction. Most people suggest that you make multiple copies of your paper wallets and store them in several different locations. It is also recommended that you use multiple paper wallets rather than putting all your funds into a single wallet. This way if one wallet is somehow compromised, you do not lose all your funds. This is an advantage over hardware wallets, where the seed phrase provides access to all your wallets on that device. 

 If you have paper wallets, you will probably want to check their balances. This is why I created the app Paper Wallets Checker. This app does not require you provide your private addresses and in fact will not let you enter a private address. In addition, the app is written in javascript, which means the server never sees or keeps any information on you. This app also makes it easy to check multiple addresses at once, unlike most Bitcoin blockchain explorers. 

Paper wallets are an easy way to give a gift of Bitcoin. You can easily add more funds to your paper wallet by giving someone your public key or associated QR code. Spending (sending) Bitcoins from a paper wallet is not easy and can be fraught with dangers. I looked up a number of articles on how to send Bitcoin from your paper wallet. I was not impressed enough with any of the articles to recommend them. While it is not easy, it is possible to send some or all of your Bitcoin from your paper wallet in a manner that is arguably as safe or safer than from a hardware wallet. Perhaps, I will write an article on point at a later date. 

 *Inexpensive to create;

 *Your private keys are never exposed to the internet;

 *If you create multiple wallets, no one can find out all your keys from a single phrase;

 *Easy way to give Bitcoin as a gift.

 *Risk of loss/theft/destruction of your paper wallets. Paper wallets are essentially bearer

 bonds;

 *Requires significant technical knowledge;

 *Spending (sending) your Bitcoin from your paper wallet is complicated and time

 consuming.

I thought I would quickly cover two other methods of storing your Bitcoin. You can store your Bitcoin on your phone if you download a wallet app. Cell phones by definition are almost constantly connected to a network and therefore the internet. In addition, the NSA and other spy agencies have been in bed with the telecom industry almost since its inception. As a result, the cell/telecom networks are not secure and the same goes for your cell phone. 

 In my opinion, you should never store more than spending money on your cell phone. However, there are two phones out on the market now that have built in hardware wallets, the HTC Exodus and the Sirin Lab Finney. I think these are innovative new cell phones, and much more secure than a standard cell phone. However, it is probably cheaper and can provide better security to use a hardware wallet and a computer 

 A number of companies have introduced debit cards that are funded with or “store” Bitcoin. Often these debit cards are associated with an exchange. They certainly make spending your Bitcoin more convenient. In general, they are probably no safer than a standard debit card, so you should only keep small amounts of Bitcoin on them and only for short periods of time. 

 I have worked on a number of security issues over the years and people will often ask “am I perfectly safe now?”. The short answer is NO NO NO. You are never “perfectly” safe, as long as you are alive. Security is about layers and trade-offs. For instance, it makes no sense to spend $100k on a physical safe to protect diamonds worth $10k. 

 In the case of Bitcoin, one of the trade-offs you need to consider is that in general the safer your Bitcoin is from hackers, the more likely you are to lose or forget how to access your Bitcoin. The safest way to store your Bitcoin would be a brain wallet in which you just memorize your private address and never write it down anywhere. Private address are 33-34 of numbers and upper and lower case letters. I don’t know about you, but I would be very likely to forget this and ideally you should have a number of wallets all of which you would have to memorize. 

 For most people there is not one right way to store your Bitcoin. For small amounts you that you are likely to spend soon a wallet on a cell phone might be fine or a crypto debit card. Its sort of like the cash you keep in your wallet. For larger amounts that you want to store for longer periods of time then perhaps a hardware wallet is the answer and for even larger amounts that you do not intend to use at all a paper wallet may make more sense. 

 Two other points that people often forget when talking about security is to consider: 1) who is most likely to steal your Bitcoin, and 2) most of the time it is not a fundamental flaw in the security system that fails, but simple careless mistakes - human errors. For instance, if you write down your PIN to your hardware wallet and keep it in your physical wallet, then a thief does not have have to crack your hardware wallet it they get your PIN from your physical wallet. 

 It is a sad fact that when police are investigating a murder, they first look for someone emotionally close to the victim. The same is somewhat true when it comes to theft. So be very careful, who you share information with about your Bitcoin. It is considered rude to ask how much Bitcoin someone has and you should never answer that question. Be even more careful who knows how to access your Bitcoin and again this may depends on whether it is a small amount that you are likely to spend soon or a large amount in long term storage. Finally, remember you cannot spend your whole life being paranoid. The point of life is joy and if you are paranoid all the time you cannot feel joy.

 Paper wallets are not dead and are part of a useful strategy for storing your Bitcoin. They may be even more important in countries with highly repressive governments. I only discussed a basic Bitcoin paper wallet, however there are many ways to make them even more secure. Perhaps I will discuss these in another post.