Tag: Paper Wallet

Over 50% Crypto Investors Backup Security Keys by Paper Wallets, Threatening its Vulnerability

by Blockchain News

New research conducted by Unstoppable Domains, Efani, and NGRAVE suggests that more than half of crypto investors, taking 54% of the respondents, store their security keys on a paper wallet amid intensified cyber attacks. 

More than half of crypto users (54%) continue to keep their backup on a paper wallet. Furthermore, 50% of respondents stated that if someone were to find their backup, their keys would be compromised, per the report.

The study scrutinized investors’ attitudes towards asset security in the crypto space. It was undertaken in 87 countries, with 2,000 people being surveyed. 

Ruben Merre, the CEO and co-founder of NGRAVE, noted:

“The results of our annual Security Self-Audit show that there are glaring gaps in the methods investors are using to ensure the security of their assets, especially at a time when high-profile and high-value breaches are becoming increasingly common. It is clear that there is much to be done to secure the crypto assets of investors the world over, if the industry is to avoid the hacks that we have seen in recent months.”

On the other hand, most respondents had a preference for exchanges. The research stated:

“62% of respondents store part of their crypto on multiple exchanges, while a third of people store more than 40% of their crypto on a single exchange, leaving them vulnerable to a single point of attack.” 

According to the study, the wallet of choice was a QR-code based hardware wallet, with 6 in 10 respondents using one. Furthermore, the use of these wallets also doubled from 10.4% to 21%.

Merre noted that despite 54% of crypto investors keeping their security keys in a paper wallet, this trend declined compared to 67% recorded last year as other options like social backups through Shamir Secret Sharing (SSS) were coming up. He added:

“This trend speaks in favor of the use of metal backups, which grew significantly from 15.8% to 25% over the course of the last 12 months.”

Merre believes investors ought to trust that their assets are secure and safe for mass adoption to happen in the crypto industry.

Some of the mistakes that should be avoided when securing crypto assets include not using a brain wallet, avoiding custodial wallet options, and not paying for a wallet, Blockchain.News reported. 

Image source: Shutterstock

Source

Tagged : / / / / / / / / / / /

Crypto wallets in 2021: From hot to cold, here are the options

by Cointelegraph

After another jump in the price of major cryptocurrencies at the end of 2020, crypto enthusiasts began to mine, sell and buy currencies with renewed vigor — which means that nowadays, the topic of custodying cryptocurrencies is more relevant than ever. But unlike the past bullish waves, this time many users are also concerned with how to protect their assets.

The blockchain industry is developing, and traders have become noticeably smarter, but scammers and thieves have also become much more agile. This is also indicated by the period appearance of news related to exploits and rug pulls, not only regarding ordinary users but also large exchanges, decentralized finance projects and even nonfungible tokens.

Fraudsters use a variety of tools, from hacking accounts to creating malware. Even well-known projects do not avoid this fate. For example, Trezor recently detected fake apps on Google Play, which affected some users. And at the end of December 2020, more than 270,000 clients of the popular Ledger wallet faced threats after their personal data was exposed by a hacker.

All of this suggests that crypto enthusiasts should be exceedingly careful when choosing how to store their assets.

Buying crypto goes mainstream

In 2021, Bitcoin (BTC) has firmly established itself as a commonly accepted investment instrument and store of value, and it is now being likened to gold. This became especially noticeable when institutional investors started to explore and invest hundreds of millions of dollars — sometimes billions — into BTC.

From Jack Dorsey’s Square recently spending a further $170 million on BTC to M31 Capital filing documents with the United States Securities and Exchange Commission to launch a new Bitcoin hedge fund, crypto is going mainstream. Furthermore, Grayscale Investment’s Bitcoin trust now manages over $37 billion in BTC, which suggests institutional investors feel confident in the instrument. All of these examples work to cement crypto as a viable investment option for retail investors as well.

Also, in addition to simply buying cryptocurrencies, new ways to earn money have appeared on the market, such as decentralized finance protocols that offer various blockchain-based financial services. In fact, this is a very good way to get a fixed income in cryptocurrency with rather high annual interest rates.

The rise of decentralized exchanges has simplified even further the process of owning and exchanging cryptocurrencies. This method of trading cryptocurrencies has been rapidly gaining popularity lately.

Such exchanges, like Uniswap, allow users to carry out transactions directly between wallets. This method implies that users have to know how to store crypto properly and transact through a third party.

Alternatively, users also have centralized exchanges at their disposal; however, there are certain risks regarding the storage of funds. For centralized exchanges, this means that crypto in the platform’s accounts automatically falls under the custody of the exchange, which means that users don’t have full control over their assets. Thus, it is advised by most crypto commentators to store crypto in external wallets.

Examples of crypto wallets in 2021

Each user should remember some elementary security rules unrelated to cryptocurrencies themselves or the equipment that is used. The most important one is that users need to remember their password. It would seem obvious, but users regularly lose huge amounts of money simply because they forget passwords.

Blockchains do not have a password reset function, and there’s no support service to call on. Also, forgetting a wallet’s 12-word seed phrase or writing it down on a medium that gets lost easily is a mistake. The most effective recipe for protecting crypto assets is to be responsible for storing passwords and create a passphrase for the key.

In the case of online wallets, it is a little easier, and the effects of losing a password can be avoided because the keys are held by a trusted third party. The owner of the wallet does not control the keys, they simply login with a username and password. Thus, if their password is lost, they can contact support services, confirm their identity and reset the password. However, from the perspective of decentralization, this is not the perfect option, as the user delegates the control of their keys to a third party.

It is up to the user to decide what’s more important to them and if they indeed trust the company that hosts the gateway to their crypto holdings. Furthermore, any user should be responsible for their capital themselves because no crypto wallet or blockchain is responsible for forgetfulness or inattention.

There are several prominent types of wallets out there:

Hardware wallets

Hardware wallets represent a more sophisticated way to have a wallet, storing currencies on external offline devices. Some of the most popular solutions are Trezor, Ledger Nano X and KeepKey. These wallets usually come in a form of small flash drives and can support thousands of cryptocurrencies.

For example, Trezor offers two types of wallets, Trezor One and Trezor Model T, which can be purchased for $60 and $193, respectively. The Trezor One wallet has two control buttons, and the newly developed Trezor Model T has a touch screen.

The device is connected to the user’s PC using a cable. Security is ensured through the device, which stores the secret key and signs off on transactions offline within the device itself. If viruses are present on the user’s PC, it does not mean that they have access to the wallet. Naturally, in order to avoid losing money and being scammed, users should buy such wallets only through the official websites and make sure that the device is packaged as stated by the producer.

The process of connecting a wallet is quite simple: Users need to go to the official website, download an app and set up a new wallet. The main requirement is to write down and save a mnemonic phrase of 24 words then create and confirm a password.

Local wallets

Local wallets are the most popular type because they can be downloaded or installed onto devices. Users can enter such wallets only from the device on which they are installed. When using a local wallet, the owner has full control over their assets, as private keys are stored locally on the device without third parties having access to this information.

Today, some of the most popular local wallets are Jaxx, Exodus and Edge, which are examples of free multicurrency wallets that support a huge list of cryptocurrencies. In addition to a desktop version, these wallets tend to also have a mobile version. Most of such platforms have been integrated with the likes of ShapeShift and Changelly, where currency conversion is carried out directly within the app without switching over to a cryptocurrency exchange.

Private keys are stored exclusively on the owner’s device, and protection is provided by using a PIN code, with the option to copy private keys for storage offline.

Web wallets

Web wallets work with cloud storage, and users can access them from any device. Such wallets are just apps on mobile phones or can be accessed via websites, which is very convenient. For example, Matbea, Coinbase and BitGo are all web wallets and exchanges in one service. Matbea supports only seven major cryptocurrencies, which is not a broad range by today’s standards, but in terms of security, this wallet has a head start.

Most of these services make use of two-factor authentication: a code sent via SMS or email and a separate password. Even if a virus has settled on users’ PC, in no way will it be able to read the code from their mobile device to gain access to the wallet. And if a virus settles on a smartphone, it will not be able to read the password or email code. Files are regularly backed up, so even in the event of an accident or hard drive failure, users’ currency will be immediately restored.

Paper wallets

Finally, paper wallets are quite reliable, but due to the fact that their public and private keys are printed on paper, they are not used very often. But such wallets seem to be the most interesting way of using crypto. In fact, a paper crypto wallet is just a sheet of paper with a printed QR code that contains an encrypted address for storing cryptocurrency funds. QR codes first need to be scanned to carry out cryptocurrency transactions.

This method of storing cryptocurrencies is fairly safe, as the cryptocurrency is completely protected from the attacks of fraudsters. Along with hardware wallets, paper wallets are often referred to as “cold storage,” as they are completely isolated from the internet and cannot be hacked from the outside.

To create a paper cryptocurrency wallet, users need special software such as Bitaddress.org, which has an open-source code. The service creates a cold storage wallet using randomly generated numbers right in one’s browser. Secret keys remain with users and are not saved on Bitaddress.org’s servers.

WalletGenerator also works like Bitaddress.org, with users needing to move the mouse to increase the randomness of the key generation. The developers also recommend turning off the internet and running the generator from a local HTML file after downloading the archive from GitHub.

Hybrid solutions

There are wallets that combine several methods that were mentioned above. For example, Casa, developed in mid-2020, combines the functions of a local and mobile wallet, with developers outlining security as the main end goal.

When creating a wallet, the user does not need to enter and save a seed phrase or personal data, only email and name. In addition, the wallet does not track one’s location or data transmitted and is devoid of third-party analytics tools. The user is prompted to create a key that will be stored on the device, and the backups will be split between Casa’s own storage and Google or Apple cloud storage. Only the user has access to the key, which requires two-factor authentication.

Another wallet that provides a combined experience is Savl, a mobile wallet for Android and iOS that brings together a peer-to-peer platform, crypto wallet, messenger and cryptocurrency payment service. The wallet has been operating since 2020, and as in the case of Casa, the developers claim that special attention was paid to security and privacy.

When registering a user, the application generates a unique string of 12 words that is stored on the user’s device. No one except the user has access to it, not even the developers. Access to the app is protected by a six-digit PIN code that is set by the user.

Can a wallet be completely secure?

All crypto wallets are safe in their own way, if one chooses them carefully and understands why they are needed. Which wallet to choose depends on the specific person, but the main thing here is security and the ability to store private keys or seed phrases.

If a user needs to store a large amount of crypto, then it’s better to buy a hardware wallet. For those constantly trading on exchanges, users can store funds in wallets created on these exchanges so as to quickly make transactions and not have to pay a transfer fee. However, if the exchange is hacked and there is no insurance fund in place, crypto may be lost. For everyday use, web wallets are rather suitable. The popularity of this type of wallet is due to the ability to quickly and easily sell various cryptocurrencies and make transfers directly to an exchange.

Overall, cryptocurrencies were created on the premise of decentralization, which means each user controls their own funds instead of a centralized entity. Hence, no matter what method for storing crypto the user chooses, they must bear the responsibility for their funds.

Cointelegraph does not endorse any of the products mentioned in the article. Each user should do their own research in order to pick the product that works best for them.

Source

Tagged : / / / / / /

Bitcoin pizza all over again — delivery driver reportedly cashes in on $400 BTC tip

by Cointelegraph

A driver who held $5 in Bitcoin (BTC) as a tip for his pizza delivery services has reportedly resurfaced after seven years.

According to a post from Redditor btcbible, the Bitcoiner ordered a pizza on Dec. 28, 2013 and gave the delivery driver two options for his tip: a $5 bill, or 0.0069 BTC on a paper wallet. The value was roughly the same at the time, given the price of the crypto asset was $774.

However, the driver reportedly contacted btcbible this week for help on getting the funds into a hot wallet. With Bitcoin’s recent rise to a new all-time high of more than $58,000, the BTC is now worth roughly $400, an increase of more than 7,000% since the pizza was delivered hot.

“I let the pizza guy choose between $5 in fiat or BTC,” said btcbible. “Needless to say, he chose wisely. I’ve responded with instructions on how to import the private key via Electrum.”

Source: Reddit

The Redditor clarified that they were “not Bitcoin rich,” having liquidated the majority of their funds last year to buy a home. The Redditor said at the time that the driver “had heard of bitcoin from the news and grasped the general concept of it” but was “obviously still very new to it.”

The Reddit post is a reminder of one of the most iconic stories in the crypto space from Bitcoin’s beginnings. The first documented commercial purchase using BTC was an order for two pizzas in May 2010, when a programmer paid 10,000 BTC — now worth roughly $580 million — for a Bitcoin Talk forum user to send him two pies from a Papa John’s store in the United States.

The most recent Reddit post says that btcbible gave the delivery driver 0.05 BTC, or roughly $2,900 at the time of publication. Cointelegraph reached out to the Redditor for comment, but did not receive a reply.