The difference between hot and cold wallets is simple:
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🔥" title="Feuer" aria-label="Emoji: Feuer"> Hot wallets can be stolen remotely
https://abs.twimg.com/emoji/v2/... draggable="false" alt="❄️" title="Schneeflocke" aria-label="Emoji: Schneeflocke"> Cold wallets require wrench attacks https://twitter.com/rasmuslange/status/1389551697568178184">https://twitter.com/rasmuslan...
It’s always important to remember that keys and wallets are often used interchangeably, so let’s get specific
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🔑" title="Schlüssel" aria-label="Emoji: Schlüssel"> A key stored on an internet connected device is hot
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🗝" title="Alter Schlüssel" aria-label="Emoji: Alter Schlüssel"> A key stored on a hardware wallet is cold* (more on that soon)
So a single-sig mobile wallet is hot, because the
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🔑" title="Schlüssel" aria-label="Emoji: Schlüssel"> is on your phone, and your phone is designed to be online 24/7
A single-sig hardware wallet is cold, because the
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🗝" title="Alter Schlüssel" aria-label="Emoji: Alter Schlüssel"> is on a device whose entire purpose is to never touch the internet*
A single-sig hardware wallet is cold, because the
For multisig, hot vs cold depends on how you setup the quorum. For a 2-of-3:
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🔑" title="Schlüssel" aria-label="Emoji: Schlüssel">
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🔑" title="Schlüssel" aria-label="Emoji: Schlüssel">
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🗝" title="Alter Schlüssel" aria-label="Emoji: Alter Schlüssel"> is a hot multisig bc a remote attacker can potentially steal two hot keys
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🔑" title="Schlüssel" aria-label="Emoji: Schlüssel">
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🗝" title="Alter Schlüssel" aria-label="Emoji: Alter Schlüssel">
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🗝" title="Alter Schlüssel" aria-label="Emoji: Alter Schlüssel"> is a cold multisig bc one of the cold keys must to be compromised to move funds
The internet is a one-way function that makes private data public. No going back!
So cold keys can become hot
But hot keys CANNOT become cold
A corollary of the Streisand Effect https://en.wikipedia.org/wiki/Streisand_effect">https://en.wikipedia.org/wiki/Stre...
The good news is that keys are infinite. There are more #bitcoin
https://abs.twimg.com/hashflags... draggable="false" alt=""> private keys than there are atoms in the universe
Always be careful with keys that are actively storing funds, but keep in mind that creating new keys is easy
Always be careful with keys that are actively storing funds, but keep in mind that creating new keys is easy
The two important pieces to long term key management are maintenance and recovery planning
https://abs.twimg.com/emoji/v2/... draggable="false" alt="👨🏭" title="Fabrikarbeiter" aria-label="Emoji: Fabrikarbeiter"> Maintenance - check in on your keys periodically so you know if they’re lost or leaked
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🚨" title="Polizeiautos mit drehendem Licht" aria-label="Emoji: Polizeiautos mit drehendem Licht"> Recovery - make a plan for what you would do in the event either of those happens
Before multisig both loss* and theft meant your money was gone
With effective multisig, your security is degraded but can be easily restored by replacing the compromised key
*loss = loss of all copies
With effective multisig, your security is degraded but can be easily restored by replacing the compromised key
*loss = loss of all copies
Put all this together and we have LOTS of tools to play with:
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🔑" title="Schlüssel" aria-label="Emoji: Schlüssel"> Hot keys
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🗝" title="Alter Schlüssel" aria-label="Emoji: Alter Schlüssel"> Cold keys
https://abs.twimg.com/emoji/v2/... draggable="false" alt="📟" title="Pager" aria-label="Emoji: Pager"> Hardware wallets
https://abs.twimg.com/emoji/v2/... draggable="false" alt="📱" title="Mobiltelefon" aria-label="Emoji: Mobiltelefon"> Phones and PCs
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🤖" title="Robotergesicht" aria-label="Emoji: Robotergesicht"> Servers
https://abs.twimg.com/emoji/v2/... draggable="false" alt="👨🔧" title="Man mechanic" aria-label="Emoji: Man mechanic"> Key Recovery Service
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🔏" title="Schloss mit Füllfederhalter" aria-label="Emoji: Schloss mit Füllfederhalter"> Multisig
https://abs.twimg.com/emoji/v2/... draggable="false" alt="⚙️" title="Zahnrad" aria-label="Emoji: Zahnrad"> Steel backups
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🏄♂️" title="Surfender Mann" aria-label="Emoji: Surfender Mann"> Cyberspace
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🥩" title="Stück Fleisch" aria-label="Emoji: Stück Fleisch"> Meatspace
https://abs.twimg.com/emoji/v2/... draggable="false" alt="⏳" title="Sanduhr mit fließendem Sand" aria-label="Emoji: Sanduhr mit fließendem Sand"> Timelocks and more, coming soon with
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🟩" title="Grünes Quadrat" aria-label="Emoji: Grünes Quadrat"> Taproot
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🟩" title="Grünes Quadrat" aria-label="Emoji: Grünes Quadrat">
If this sounds intimidating, our job at @CasaHODL is to make it simple
Sleep well knowing that your funds are safe and you’re in control
And if this sounds fun and exciting, you should come work with us! https://keys.casa"> https://keys.casa
Sleep well knowing that your funds are safe and you’re in control
And if this sounds fun and exciting, you should come work with us! https://keys.casa"> https://keys.casa