5 Mistakes To Avoid With Crypto Hard Wallet Safety

31 Aug 2021

1-five-mistakes-to-avoid-with-crypto-hardware-wallet-safety-ngrave-hardware-wallet-cold-security
logo-ngrave-perfect-key-hardware-wallet-cold-security2
NGRAVE The first end-to-end security solution to manage your crypto.

5 Mistakes To Avoid With Crypto Hard Wallet Safety

So you’ve been a very good boy or girl, and Santa’s brought you a shiny new crypto hardware wallet. You deserve a pat on the back for taking full responsibility for your crypto.

  • Article Quick Links:
  • #1 - Never share your Seed
  • #2 - Don’t store your Seed online or on a piece of paper
  • #3 - Don’t use your hardware wallet in public
  • #4 - Your device is the source of truth
  • #5 - Do a regular device check-in

Now don’t shoot yourself in the foot by making one of these five common mistakes of crypto hardware wallet safety.

#1 - Never share your Seed

Cryptocurrency is a hugely disruptive technology. Its potential impact has been compared to that of the internet. If you are an active crypto investor, congratulations, you are early. Your crypto portfolio could be very valuable in the future, so buying a cryptocurrency hardware wallet - the most effective means of safely storing it - is likely to be one of the wisest investments you could ever make.

But you now own something more valuable than each of the individual coins you may be storing, it's called your wallet Seed. That 24 word recovery phrase provides ultimate access to all your funds, because that is how Hierarchical Deterministic wallets (HD for short) work. So consider it to be as valuable as your entire portfolio, and protect it accordingly.

That means never, ever, sharing your Seed with anyone. The device manufacturer has no reason to ask for your Seed; an exchange, wallet, DEFI/CEFI service, DAO has no reason to ask for your Seed; if your future-self travels back in time saying they’ve lost their Seed, you still shouldn’t share it.

There is no circumstance under which you should legitimately need to share your Seed with anyone. Seer that mantra into your brain, tattoo NSYS behind your eyelids, paint it on your bedroom ceiling, so it's the last thing you see at night, and first thing in the morning. Never share your Seed. Hopefully we made that clear.

No rendering definition for component text-content-newsletter found.

#2 - Don’t store your Seed online or on a piece of paper

You now, hopefully, consider your Seed to be as valuable as your whole crypto portfolio. You know there’s no circumstance where you should ever share it (see above), but you have no choice but to store a copy of it somewhere.

You might be tempted to write it in a word doc, or text file, but that in essence, breaks the golden rule of sharing, because by storing it online, it could be accessed and malicious software could track your keystrokes.

Taking a photo and storing that in the cloud fa0ils the test for the same reason. Don’t store your Seed online, store it offline.

Yes, you could try and create a Sherlock Holmes style memory palace and just keep it in your head, but the risks are too great that you’ll simply forget it.

Some cryptocurrency hardware wallet manufacturers, who we won’t mention, ship their device with pieces of paper on which to write your Seed. Given your Seed is equal to the value of your entire crypto portfolio, are you happy to give it the same level of security that you would to a shopping list?

At the risk of stating the obvious, here are some of the reasons paper isn’t a secure way to secure a valuable piece of information:

  • It is destroyed by fire1 (paper’s ignition temperature is around 218-246 celsius, dependent on the age & thickness)
  • It doesn’t mix well with water, either directly, or from a damp or humid environment;
  • It can be easily destroyed or discarded by accident
  • It can easily be consumed by insects2, pets or a rodents3
  • It can be easily lost down a crack in a floor board, or just mislaid
  • It is easily damaged by exposure to sunlight4

There is no easy solution to the Seed storage conundrum, as ultimately you will have to trust an offline medium, but you can do better than paper, such as punching the 24 words into a stainless steel plate.

Better still, if you buy an NGRAVE COMBO you’ll get a two step stainless steel system - GRAPHENE - where each element is useless on its own, and only together reveals your Seed.

#3 - Don’t use your hardware wallet in public

You are probably used to living your life on the go, thanks to your smartphone. You might want to treat your hardware wallet the same, taking it with you, just in case you need to make transactions on the go. This is a bad idea for a number of reasons:

  • You open yourself up to public wifi which isn’t secure
  • The physical risk vectors to your device multiply on the move; including accidental loss/damage or theft.
  • Someone can always be watching you directly, or on CCTV

You could mitigate loss/damage by buying a second device and using your Seed to create a clone, but this essentially doubles the risk that someone can access the credentials that allow you to access your device.

No rendering definition for component text-content-related-posts found.

#4 - Your device is the source of truth

Cryptocurrency hardware wallets are the safest form of storage because they are offline, prioritising security over convenience. Device manufacturers do, however, make every attempt within that crucial parameter to make transacting relatively painless by offering companion mobile or desktop Apps that can be connected to the device.

The NGRAVE ZERO, for example, has a mobile app LIQUID, to sync all accounts and enable transactions, via QR code. The use of a second application layer introduces a security vulnerability known as the Man In The Middle Attack where the device hosting that secondary application - your laptop or mobile - is compromised.

In order to send or receive transactions using your hard wallet, you need to share address details, often using chat services and/or your device clipboard. The Man In the Middle attack uses the remote access they have gained to intercept/replace the shared address details with details of their own choosing.

If you are using an address for the first time, the only way you can know with 100% certainty that transaction detail hasn’t been altered, is by treating the detail on the screen of your hardware wallet as the source of truth, and visually double-checking it against the original address detail.

Most crypto hardware wallets come with limited screen space and poor quality screen resolution, making it hard to visually confirm the transaction information and rule out this threat.

The NGRAVE ZERO is designed with this in mind, featuring a large high density colour capacitive LCD touch screen, with high brightness.

#5 - Do a regular device check-in

Crypto hardware wallets are designed to provide cold storage for your coins. They act as secure offline vaults that you can put somewhere safe, providing peace of mind that your funds are safe.

If you are prone to impulse trading, or constantly checking your balance, cold storage has the added benefit of putting your funds out of sight and out of mind. There is, however, a danger in taking that approach too far.

Many hardware wallets require pins or access credentials to enable the owner to access the device. These are separate to the Seed which enables anyone/anywhere to access the funds without being in possession of the device. If you don’t regularly use your device, the risk that you forget the device access pin increases, in which case your Seed is your only hope of recovery.

In order to mitigate your forgetfulness, you may be tempted to write down the access pin, which is just as bad as writing down your Seed - breaking rule no.2. You can avoid this by simply doing a device check-in, maybe once a month.

Better still choose a device that uses Biometrics (your thumbprint) for access, rather than a conventional pin. This is the approach taken with the NGRAVE ZERO.

Beyond acting as a memory prompt, the regular check-in will provide the basic visual confirmation that your device is where it should be, and has not been moved by accident or bad intent.

The check-in can also confirm that your device is functioning properly and will recharge the battery. Like any piece of technology, there is always a risk that a component may fail, and though your Seed is your ultimate fail-safe, you shouldn’t have to resort to that.

A hardware wallet has its own operating system, known as firmware which gets regularly updated to patch any potential vulnerabilities or to improve usability and support new coins or blockchain upgrades. Your regular check-in should include a firmware update as this will improve function and security, but paradoxically, the act of being online to access firmware updates can, in itself, expose you to threats, depending on the firmware security employed by the device.

Look for the highest level of firmware/OS security known as Evaluation Assurance Level (EAL). It runs on a scale from 1-7, with EAL7 the highest.

The NGRAVE ZERO secure firmware is rated EAL7 - for comparison banks and governments are typically EAL5 certified - and firmware updates will be cryptographically protected and only available through the NGRAVE website.

Owning crypto is a smart move. Owning a cryptocurrency hardware wallet to store your crypto, is an even smarter move, but as we’ve hopefully demonstrated, there are plenty of pitfalls even once you’ve made the move to cold storage. The key is to not be complacent. Be aware of the common security mistakes made using, and owning, a crypto hardware wallet device, and your funds will be that much safer.

logo-ngrave-perfect-key-hardware-wallet-cold-security2
The first end-to-end security solution to manage your crypto.
NGRAVE

NGRAVE is a digital asset security company and the creator of the world’s most secure cryptocurrency wallet, NGRAVE ZERO. NGRAVE ZERO was developed in collaboration with a world-renowned team of cryptography and security experts.