Crypto storage of funds: how does it all work?

So you’ve taken the plunge and purchased some cryptocurrency on a reputable crypto trading platform, now you’ve got to decide what’s the best method of crypto storage that suits your needs. Perhaps your only focus is on the highest levels of security, or maybe you prioritise ease of access to make swift trades. To help you navigate this tricky terrain, we explore the different types of cryptocurrency storage and outline the best ways to keep your investments safe.

The FTX crash was a stark reminder of the importance of researching and conducting due diligence when selecting a cryptocurrency exchange - but it also highlighted the flexibility of choice you have as a crypto holder. Unlike traditional bank accounts that store fiat currency (e.g USD, Euro, GBP), the storage of funds in the crypto world is a much different enterprise and you have the sole responsibility of deciding where your funds are stored and the level of security you deem sufficient. So what’s the deal with crypto storage?

What is cold storage? 

Cold storage simply refers to any offline cryptocurrency storage. This means that the funds are not connected to a web server or stored on a computer that is connected to the internet. These cold wallets can provide a high level of security for cryptocurrency as crypto keys are kept offline, meaning hackers and bad actors cannot get access to these funds without physical access to the device. However, like any form of security, it is still susceptible to human error. 

Hardware Wallets 

While there are several different types of cold storage, the most typical are hardware wallets. These are typically small USB-type devices that support specific types of cryptocurrency (depending on the device). When sending and receiving cryptocurrency, the user is connected to the internet, not the device, which is used to provide a signature for a transaction or generate an address. It’s also important to note that the crypto itself is not stored on the hardware device, but the private key that unlocks access to the blockchain address where your cryptocurrency assets reside. So if the device is stolen, the bad actor will still need your PIN to unlock it and transfer the funds. As long as you have a secure backup of your seed phrase, you can recover your assets. Unfortunately, if both the device and the seed phrase are lost the funds cannot be recovered. 

Although hardware wallets are designed to offer high-level security, they’re not particularly convenient for users looking to make quick transactions and may be impractical for businesses where multiple people may need shared access to keys. Sacrificing speed for security means the process of accessing funds is rather cumbersome, plus there’s the initial cost of purchasing the device to consider. 

Key features: Hardware wallets

• Each hardware wallet can sign transactions for a specific set of cryptocurrencies, with some offering storage of up to 10,000 different crypto assets.

• The recovery seed (or phrase) allows you to recover crypto funds if the device is lost or stolen. 

• High-quality hardware wallets range between €45 - €200. 

• Hardware wallets allow you full self-custody of your asset, but this also means you’re also fully responsible for their safekeeping. So if you lose your recovery seed, someone has access to the medium where you record recovery phrases or someone steals the physical device, then your funds cannot be recovered. 

Paper Wallets 

Let’s start with the obvious question: how do you store a digital asset on a piece of paper? Well, you don’t. A paper wallet is just a piece of paper, but what is important is the information on it. Once you’ve completed the painstakingly slow task of securely generating a truly random private key, you can write or print out this key (typically a QR code with the random bits) to access your cryptocurrency assets. 

The main benefit of a paper wallet is that it’s truly cold storage. Bad actors can’t hack a piece of paper. However, the downside is that they are easily lost, susceptible to physical damage and can be physically stolen, so they’d need to be stored in a safe or locked compartment to guarantee safety. 

What is hot storage? 

Hot storage is online cryptocurrency storage and hot wallets are typically available as web-based, desktop, and mobile apps from centralised service providers. They are usually free to use and allow for speedy transactions as they are always connected to the internet. Hot wallets'  convenience, speed, and ease of use are their main USPs as they allow you to quickly send and receive crypto, which is particularly useful if you’re an active trader. Unlike cold wallets, there is no need to flit between offline devices and online platforms to make a crypto transaction. Also, similar to hardware wallets, hot wallets come with a recovery phrase that you can use to regain access to your crypto if lost.

Though hot wallets offer speed and convenience, storing crypto keys online means they are exposed to potential hacks. While the probability of such an event may be low, storing access to major crypto funds on a hot wallet may not be prudent. Many crypto holders will use hot wallets for small amounts, or if they require frequent and speedy access to their funds e.g. day traders. 

What is custodial storage? 

A cryptocurrency custodian is a security service provider that protects your crypto keys that provide access to these assets. The concept of a custodian is not new as traditional banks have offered their services to secure cash, securities, and precious metals for decades, but the concept is slightly different in the crypto world as there are exchanges and third-party custodians that can secure the keys that safeguard your assets. For any purchase you make on a cryptocurrency platform, the crypto will be stored on a custodial exchange wallet and the exchange holds the private keys - this form of custodial storage is mainly focused on enabling speedy trading. A custodial exchange wallet may use an exchange's proprietary technology or partner with a third-party custodian. Alternatively, a customer can use directly third-party custodians who specialise primarily in securely storing keys and tend to offer additional transparency, insurance and capabilities such as DeFi support. Bitpanda Custody, for example, offers insured, regulated and DeFi-capable segregated wallets for institutional investors, service providers, token issuers, and corporate treasuries.

Whether via exchange or third-party custodian, many people choose the crypto custodial storage option to safeguard their assets through secure key management as centralised platforms offer both convenience and security. Bitpanda possesses various licences and registrations with financial authorities and requires users to go through stringent know-your-customer (KYC) and anti-money laundering (AML) checks before they can trade on the platform.  

In recent times, there has been some negative press surrounding centralised exchanges with the prime example being the FTX collapse. This demonstrated that customers could be exposed to risk if an exchange goes under. However, it’s important to note that not all centralised exchanges are created equal and Bitpanda has always prioritised safety and transparency. We often conduct external audits that provide our customers with transparency and insight into how we manage the storage of funds.

Non-custodial storage 

Non-custodial, or decentralised exchanges, offer an alternative option for crypto storage as platform users can use offline hardware wallets to trade cryptocurrency and maintain self-custody of their assets. This way, crypto traders can rest assured that they will always have access to their funds regardless of the financial health of a crypto exchange. However, the disadvantages of using decentralised exchanges include: 

• Slower trades as all trades take place on the blockchain, unlike centralised exchanges that facilitate off-chain trading 

• More expensive trades due to higher transaction fees 

• Only trade crypto for another crypto; centralised exchanges offer conversion of fiat to crypto. 

Are your digital assets secure on Bitpanda? 

As we’ve covered above, where you store your digital assets truly matters. If you decide to store your digital assets with Bitpanda, you can rest assured that we place paramount importance on protecting our customers and recognise the inherent value of regulatory compliance. For nearly a decade we have, above all else, made one simple promise to our customers: you can trust us to keep your assets safe. 

Bitpanda remains one of the safest and most regulated platforms in Europe and the Bitpanda Group diligently follows European laws and regulations. We operate our businesses based on various VASP registrations as well as MiFID II, E-Money and PSD II licences amongst all our core markets.

Bitpanda Payments GmbH possesses a payment service provider licence under PSD2, recently becoming an E-Money Institute and Bitpanda Financial Services GmbH holds a MiFID II investment firm licence with strict customer verification processes that are fully compliant with AML5. We also operate in accordance with the EU’s General Data Protection Regulation (GDPR) with strict security measures that meet high international safety standards. 

Quick tips to keep your crypto assets safe

Take caution: Unfortunately, we humans tend to be the weakest links in computer security. Being cautious and using trustworthy sources and tools are your best bet when it comes to keeping your assets safe. Remember, if it sounds too good to be true, then it probably is. Also, asset keys of significant value should never be stored in a computer that may be compromised, so use all devices with caution.

Employ safe online practices: Free wi-fi is great, but be careful before accessing a network that you are not familiar with. Bad actors exploit unguarded networks, and websites may pose a serious risk to any hot wallet you keep on your phone or computer. Verify the validity of the network before joining to help keep your funds safe and never leave your devices unattended or lend them to anyone. Also, make sure to remove all funds from wallets stored on your devices before having them serviced.

Buy hardware from official sources: It’s important to always buy your crypto hardware device from an official hardware provider e.g. Ledger, Trezor etc. This will provide assurance that the device has not been tampered with. If you choose to store your crypto on a cold wallet then you are in charge of protecting your assets, so minimise risk exposure and buy official products from trusted sources.

Keep your software updated:  It’s vital to execute software updates as soon as they become available. Malware often exploits weaknesses in older versions of software and operating systems, so make updating your software a habit. 

Add Two-Factor Authentication (2FA) for extra protection: 2FA technology offers a low-cost and easy-to-implement layer of security for any online service that involves handling your cryptocurrencies. Installing an authenticator app to your device and enabling 2FA for services or applications means you will be asked to enter a six-digit code in addition to your password every time you log in. This adds an extra hurdle for any bad actors looking to exploit your account. It’s a small step, but it makes a huge difference. 

Find a trustworthy platform to buy and sell cryptocurrencies: Choosing a trustworthy trading platform can be a bit tricky, but there are a few key indicators that can help you determine the most suitable platform for you. Whoever you choose, it’s important that the platform is experienced and operates in a safe and regulated environment. They should be able to demonstrate sufficient liquidity and employ the latest security technology while also offering an easy-to-use, intuitive interface.

At Bitpanda, we provide a fast, safe and convenient platform for buying and selling digital assets. We support a wide range of fiat currencies and our platform lists various cryptocurrencies, commodities, metals, stocks and ETFs.  The safety of our customers and their assets is our top priority. To learn more about what we do to stay fully regulated and compliant, visit our security at Bitpanda hub.