FTX Contagion is Spreading. Here’s How to Keep Your Crypto Safe
Crypto investors have been reiterating the importance of storing coins in self-custodial wallets since the collapse of FTX. But self-custody can be intimidating, which is why we’ve put together a guide of best practices for keeping coins secure and on-chain.
Crypto Community Responds to FTX Collapse
The FTX crisis has left many crypto users wondering how they should store their crypto assets.
Before its sudden collapse last week, FTX had a reputation for stability and respectability. FTX and its chief figurehead Sam Bankman-Fried projected an image of strength by buying stadium naming rights, donating heavily to U.S. politicians, and acquiring crypto companies struggling with liquidity issues. Even crypto veterans were fooled into thinking it was relatively safe.
Now that FTX has collapsed, the industry is dealing with the fallout. A few major crypto companies, including Tether and Kraken, were quick to announce they were not impacted by the FTX blow-up; still, it remains possible they have exposure to companies that were. Crypto exchange Gemini has paused its Gemini Earn program after lending platform Genesis Global Capital declared it was suspending redemptions and new loans because of the market turmoil caused by FTX.
It’s still unclear how far FTX contagion will spread, but in the meantime, crypto users should seriously consider keeping their assets in self-custody. Unlike custodial wallets, self-custodial wallets do not require trusting a third party like Coinbase; nobody else can access your funds except you. However, this does place sole responsibility on you—if you lose your private keys, you won’t have any recourse. This guide offers an overview of self-custody options to help crypto users keep their funds safe.
Cold and Hot Wallets
Self-custodial wallets come in different shapes and forms, but an important distinction to make at first is between cold and hot wallets.
The term “hot wallet” refers to wallets that stay connected to the Internet. Crypto users typically connect to hot wallets for their on-chain activity. They can be connected to DeFi applications, NFT marketplaces, and other Web3 apps. They tend to come as browser plugins such as MetaMask and Keplr. A hot wallet is like a physical wallet in your pocket: it holds smaller amounts of money for day-t0-day spending, but it’s not a good idea to keep your life savings in it.
There are different types of cold wallets, but the most popular ones tend to be the Ledger and Trezor hardware wallets. Cold wallets differ from hot wallets in that they are disconnected from the Internet when you don’t use them, which makes them much more secure. However, cold wallets tend to be less convenient for everyday use, which is why it’s worth having a hot wallet or two for your on-chain activity.
Setting Up a Hardware Wallet
Ledger and Trezor are the industry leaders in terms of cold storage. Trezor offers two models: the $213 Trezor Model T and the $67 Trezor Model One. Ledger also offers two different products: the Ledger Nano X, for $160, and the Ledger Nano S Plus, for $85. All four of these wallets support a range of different blockchains, cryptocurrencies, and NFTs (though you will need a third-party application to view NFTs if you’re using Trezor). Take the time to see which one suits your needs best.
Hardware wallets are expensive compared to most crypto wallets (which tend to be free), but given that cold storage is universally recognized as the most secure way to store crypto, any person serious about keeping their funds safe indefinitely would be well-advised to have one. Consider it the cost of security.
Once you’ve decided which wallet to purchase, order one directly from the manufacturer. It’s very important not to buy a cold storage wallet second-hand because there is no way of knowing if it has been tampered with.
Once you receive your hardware wallet and set it up, you need to write down your seed phrase. A seed phrase is a string of 12 to 24 random words that can be used to retrieve your account if you lose your hardware wallet or your pin code.
Carefully write down your seed phrase on a piece of paper and keep it somewhere safe.
Do not use any digital device whatsoever to do this; storing your seed phrase should always be an entirely analog process. It is essential to never input your seed phrase anywhere in your computer, mobile device, or cloud services. Devices are susceptible to hacks, unauthorized screenshots, and keystroke monitoring. Don’t take photos of your seed phrase either; these can also be compromised.
From there, keeping your seed phrase safe in the physical world is entirely up to you. Some prefer to take advantage of the physical security of a bank by storing their seed phrase in a safety deposit box.
While keeping your seed phrase on a piece of paper is fine, some crypto users prefer using fireproof methods like engraving the seed phrase in metal (if you’re not willing to go to this expense, you might consider storing your device in a fireproof security bag if you’re concerned about fire damage). And since it’s never possible to predict all contingencies, it’s worth having a duplicate or two in case the worst happens, and your primary copy is lost or destroyed. Be sure to treat each copy with utmost care and discretion—you don’t want anyone stumbling on them.
Finally, acting as the final custodian of your money requires discretion. The fewer people who know about your wallet, the safer it is.
Making Your Own Cold Wallet
If you want to get your coins off-exchange and are worried that ordering a hardware wallet may take too long, you may try an alternative solution: setting up one of your Internet devices as a custom cold wallet.
To do that, you will need to get an old mobile phone (without a SIM card) or an old computer. Again, it’s best not to buy one from an unknown party—use an old one of your own if possible, or at worst, get one from a trusted friend or family member. Factory reset the device to make it as clean as possible. Connect the device to a home WiFi (not a public place’s network) and install an Ethereum browser wallet, preferably MetaMask. Write down the seed phrase.
Set up a second MetaMask account on a device you use regularly. Write down that seed phrase as well. Save that second MetaMask address on the account you created on your “cold storage” device. Then make your new cold wallet device forget the WiFi password (or place it out of range from the network), and turn it off.
By doing this, you will effectively create a hardware wallet secured offline. You will still need to occasionally connect to the Internet to send funds from your “cold” MetaMask wallet to your “hot” one, but this is at least one option for setting up a wallet with very few interactions with the Internet. MetaMask and Ethereum themselves have low chances of getting hacked, and if you only interact with your “hot” MetaMask account, there’s no reason for your “cold” MetaMask to get exploited by malicious smart contracts.
That said, this is only a temporary solution. Such a “custom-made” hardware device does not provide the same degree of security as a Ledger or Trezor device. Realistically, this method should only serve as a stop-gap measure until you can obtain a hardware wallet built specifically for the job.
Final Thoughts
Self-custody may initially seem intimidating, but it’s worth the time and effort. Regardless of what centralized companies do with their customers’ funds, self-custody wallets offer a way for users to store and access their assets safely under their own care without the fear of facing an insolvency crisis, withdrawal freeze, or legal process. That said, it’s also worth considering the points of failure in the assets you decide to store. Storing USDT or USDC in cold storage will do nothing to protect their value if Tether or Circle were to fail. While self-custody wallets burden users with the responsibility of keeping their crypto assets safe, they also grant them complete ownership over their assets, which serves as one of the core tenets of the crypto movement itself. As recent events have shown, there’s a good reason to follow the words of crypto’s favorite mantra: “not your keys, not your coins.”
Disclosure: At the time of writing, the author of this piece owned BTC, ETH, and several other crypto assets.