In the vast digital expanse of cryptocurrency, Bitcoin reigns supreme as the pioneer and leader. As we continue to explore the ever-expanding frontiers of Bitcoin’s potential applications, one crucial aspect rises to the forefront: security. Beyond the terrestrial realm, the importance of Bitcoin security takes on a whole new dimension when we contemplate its use in interplanetary contexts.
While the idea of Bitcoin beyond Earth’s borders may seem futuristic, it’s a concept that holds significant implications for our species’ future in the cosmos.
Two main mistakes
1. Inadequate Backups: Failing to maintain secure and up-to-date backups of wallet data can lead to permanent loss of funds in case of device failure or data corruption.
2. Regret Transactions: Users may make regrettable transactions by sending funds to incorrect addresses, and these transactions may be irreversible.
Employ best security practices
Knowledge is your best defense. There are abundant resources, online communities, and educational materials available to help you understand the intricacies of cryptocurrency security.
Staying informed about the latest security developments and remaining vigilant is an ongoing commitment.
A list of attacks seen around BTC
Many of the attack forms are combined.
By comprehending security and taking control of your financial destiny in a decentralized way, you can navigate the exciting but challenging landscape of Bitcoin with confidence.
Your wealth remains under your watchful eye, protected by your understanding of the digital fortifications that keep it secure in the vast realm of decentralized finance.
Extra
Bitcoin has demonstrated remarkable reliability, boasting an uptime rate of 99.9985% since its inception in 2009. Since 2013, it has maintained a perfect 100% uptime rate for over 3,820 days.
Bitcoin has several attack vectors that can be exploited by a quantum computer.
Various algorithms, such as Shor’s algorithm (for integer factorization) and Grover’s algorithm (Search), pose significant threats to the Bitcoin protocol. These algorithms can potentially enable cryptanalytic (brute-force) attacks on different aspects of the known protocol.
I can identify three areas with vulnerabilities in the long run, and the communication layer, which is currently in the process of being addressed:
Mining Bitcoin
Wallets (Public Key Cryptography)
Lightning Network Data
Mining
Bitcoin employs the Nakamoto consensus, which includes Proof-of-Work (PoW).
Miners compete to earn block rewards by discovering nonces (hash values less than or equal to the target). Each block, with a block time of 10 minutes, contains a nonce and a block reward.
The PoW function utilizes SHA256^2, which could be susceptible to attacks in the future. It could be conceivable to utilize Grover’s algorithm for precomputations and hash discovery. You can review the setup in this paper and here.
Various proposals have been put forth to enhance the security of the PoW function. One idea is transitioning from SHA2 to SHA3, although this would effectively render the currently used ASIC mining hardware obsolete.
Alternatively, changing to a different quantum-safe PoW protocol is another option.
As of now, breaking SHA256^2 is not possible since quantum computers require more qubits for such an operation.
Wallets
First, it is important to understand how a wallet is constructed.
One common example is the P2PKH wallet.
Figure 1 – How a P2PKH wallet is created
a. Bitcoin uses ECDSA to derive a “public key” from the private key (a 256-bit number).
b. Next, the public key undergoes hashing using SHA256.
c. Following that, RIPEDMD-160 is applied.
d. The resulting output is converted using Base58 encoding.
e. Now, a public address is ready for use.
Figure 2 – Possible attacking vectors:
RIPEMD-160 (hash function) attacked via Grover’s algorithm
SHA256 (hash function) via attacked via Grover’s algorithm
Various proposals exist to enhance the security of private keys. These include transitioning from SHA2 to SHA3, using algorithms such as CRYSTALS-Kyber, employing x.509 certificates, and adopting Falcon 512 or less secure Lamport signatures. You can find further details here (https://par.nsf.gov/servlets/purl/10324007) and information about attacks on RIPEMD-160 and SHA256 here (https://eprint.iacr.org/2023/285.pdf).
It’s important to note that there are various BTC wallets with different public key encryption techniques, including alternative forms of encryption like Schnorr (P2TR) and some with less reliance on hashing functions like (P2PK).
Even though wallets use different techniques to generate addresses, all of them can potentially be compromised using the same algorithm employed for brute-forcing P2PKH.
Additional Information: The various mainnet wallet types can be distinguished by their addresses. Some start with 1, 3, bc1, or bc1p, while testnet addresses typically begin with m or n.
It would theoretically be possible to use Shor’s algorithm to break this (Discrete log problem), potentially allowing access to historical communications between Lightning Network nodes (I’m not entirely certain about this – Not much research about it?).
Currently, brute-forcing the used Diffie-Hellman key agreement in Noise is not feasible, as quantum computers require more qubits for such an operation.
There are various proposals, such as upgrading to CRYSTALS-Kyber, to enhance security.
Communication Layer (Privacy Update)
The communication (P2P) layer is currently transmitting messages without encryption. This needs to be updated to implement opportunistic encryption between nodes to address issues related to censorship, privacy breaches, and other potential attacks.
Currently, Bitcoin remains resilient against cryptanalytic attacks launched by quantum computing, thanks to the absence of practical quantum algorithms capable of breaking its security.
Bitcoin employs various algorithms with different security levels, each offering varying degrees of resistance to cryptanalytic attacks.
One factor to bear in mind is Bitcoin’s bandwidth, which serves as a limiting factor. Some of the proposed algorithms may require more memory per key, potentially affecting network performance (source: https://eprint.iacr.org/2021/781.pdf).
Bitcoin has the capability to implement new security standards through BIPs (Bitcoin Improvement Proposals), a process that has occurred multiple times throughout Bitcoin’s history (source: https://github.com/bitcoin/bips).
It’s important to acknowledge that this transition process takes time and can be met with significant controversy and resistance regarding BIP adoption rates. Therefore, the migration time to more secure standards should be carefully considered in light of the evolving threat landscape posed by quantum computers.
Note: While I don’t have formal education in cryptography, I’ve tried to provide some suggestions, and there are likely better ideas available for improving the Bitcoin protocol. There are still many years until it’s needed, but it’s always prudent to survey the landscape.
Tip: Use a Bitcoin address once and then change it. Most wallets let you generate new addresses after each transaction. Read more about keys and wallets here.
The big question is how will they change things? Here is a small introduction:
Quantum computing is built upon the principles of quantum mechanics and computer science.
Today, many are familiar with algorithms such as Deutsch-Jozsa, Grovers, Shor´s, QFT algorithms which were actually invented back in the 1990s. However, they are starting to have a significant impact today because quantum computers are becoming more powerful.
Transitioning from bits (0 and 1) to quantum bits or qubits (|0⟩ and |1⟩ = Basis state) represents a substantial shift.
A qubit can take various forms, such as a photon, an electron, trapped ions, superconducting electronic circuits, and more. A qubit is often represented as bra-ket, see more here. The vector representation of a single qubit appears as follows:
Figure 1 – Vector representation
v0 and v1 represent the weights/probability of the qubit.
Qubits can exist in many possible states. By adding two or more quantum states together, they form another quantum state known as a tensor state. This represents a quantum superposition of the original two states. Typically, a superposition state is expressed as α|0⟩+β|1⟩, where α²+β²=1. For instance, an example of a qubit superposition could be 0.6|0⟩+0.8|1⟩.
A qubit can be thought of as having a value of both 0 and 1 simultaneously, with the weights α and β being controllable. When a qubit is measured, it yields the bit 0 with a probability of α² and the bit 1 with a probability of β². After measurement, the qubit collapses into one of the basis states.
The process of measuring and collapsing from a superposition state to a classical state is determined by probability and the control of α and β weights.
Quantum entanglement is another concept where particles become entangled after being split, rendering them dependent on each other. This means that the quantum state of one particle can impact the other, even over long distances.
Notable experiments, such as those involving the satellite Micius and other developments in quantum internet, have demonstrated the phenomenon of entanglement. In quantum communication systems and quantum teleportation, this strategy is heavily utilized. However, these systems have not achieved faster-than-light (FTL) communication. Sending classical information via entanglement remains unattained, and it is believed that a hypothetical FTL particle, known as a Tachyon, would be required. Consequently, there is still no tachyonic antitelephone for interplanetary real-time communication. Bitcoin can still scale to the moon, read more here.
A digital quantum computer is constructed using a set of quantum logic gates. These gates can include single-bit gates, two-bit gates, three-bit gates, and so on.
Figure 2 – Quantum gates
A single-bit gate takes a single qubit as input and produces a single-bit output. Quantum gates are reversible and unitary transformations that can manipulate the qubit’s state.
A quantum circuit is a sequence of quantum gates applied to qubits to perform a computation. Read this small article.
Figure 3 – Quantum computer properties and metrics used to asses resource costs of quantum circuits,
Quantum algorithms
Quantum algorithms have already demonstrated their ability to potentially surpass classical “secure” algorithms. A quantum register is a system consisting of a set of n qubits (multiple qubits) and is also known as the quantum counterpart of the classical processor register. It allows for the operation on multiple states simultaneously, specifically 2^n (where n represents the number of qubits), while a classical register can store only a single value from the 2^n possibilities.
With a classical 2-bit register, there are four possible states: 00, 01, 10, and 11. In contrast, a quantum 2-bit register can exist in all four states (2^2) simultaneously by utilizing quantum superposition of the four states: α|00⟩+β|01⟩+γ|10⟩+δ|11⟩. Measuring the register will yield one of the four states, with the specific probability determined by the weights.
Let’s assume that a 2-qubit system is constructed with α=0, β=0, γ= δ = 1/√2. In this case, there is no chance of measuring 00 or 01. There is a 50% probability of measuring 10 and another 50% probability of measuring 11.
Quantum parallelism is the capability to perform a large number of operations in parallel. For instance, with a quantum register containing 3 qubits and a 3-bit input gate (CSWAP), it can superpose 8 (2^3) states simultaneously and provide 8 different outcomes. In contrast, a classical computer would require 8 rounds of computation to achieve the same result.
It may sound easier than it actually is because when measuring the output quantum register, it provides one answer with certain probabilities, which is known as the measurement problem. If all eight answers are equally weighted at 12.5%, the quantum computer performs on par with a classical computer, as it essentially requires running all eight calculations separately, similar to what a classical computer does.
Quantum algorithms are designed in a way that assigns higher probabilities to the output weights, ensuring the “correct” answer is obtained with a high likelihood.
While it is possible to compute various functions and employ different types of gates in quantum computing, achieving optimal and validated conditions requires certification and benchmarking. Noise is a persistent challenge, although improvements are being explored (as referenced in https://www.nature.com/articles/s41566-023-01190-4).
Repetition of computations is often necessary to obtain accurate results, both due to errors in quantum computations and the probabilistic nature of results.
In essence, quantum algorithms can be viewed as hybrids that combine elements of both quantum and classical computation.
Quantum computers applications
Figure 4 – Quantum applications
Quantum computers combined with machine learning will create new forms of intelligent AI with better natural language processing and new capabilities.
Still experiencing noise and requiring extremely low temperatures?
Quantum computers need to undergo thorough checks to ensure the reliability of their results. To learn more, check this. This process includes identification (Tomography), PAC learning, estimation, certification (verification, self-testing), benchmarking, validation, and authentication.
It’s important to note that achieving a functional quantum computer and algorithm involves various forms of complexity, including measurement complexity (settings and circuit depth/entanglement implementations), sample complexity, qubit complexity, classical complexity (time and space), communication complexity, and synchronization complexity.
It’s worth understanding that the computational power of a quantum computer increases exponentially with the number of qubits.
However, quantum computers face challenges related to error rates and the need for extreme cooling, typically close to 0 Kelvin (except for photons), which currently makes them unsuitable for commercial sale (although new concepts are emerging). Nevertheless, they are currently available as Quantum Cloud as a Service (QCaaS), where users can access quantum computing services on a subscription or pay-per-use basis. Quantum as a Service (QaaS) is also possible through API integration with quantum computers.
Let´s talk more about the market
Numbers of participants in the quantum market have increased during the last years.
Figure 5 – Number of Q-organizations
Most companies are based in hardware components, software and quantum communications and security.
Investments in this sector are also experiencing significant growth.
Figure 6 – Quantum tech investment
Another significant indicator of the quantum computing market is the number of patents. The number of patents has been steadily increasing over the past few years. It is also interesting to track various patent categories, their issuance year, the country of origin, and the associated companies. You can find a detailed table in this report.
Figure 7 – Most active applicants in the field of quantum computing
Figure 8 – Patenting activity related to quantum computing
There is also an informative report available on quantum simulation, and perhaps one on quantum communication will be published in the future. Alternatively, you can conduct a search on your own. You can access the quantum simulation report here.
Additionally, in 2018, Gartner produced an intriguing graph that, while speculative, provides an overview of the various impacts quantum computers may have.
Figure 9 – Qubit timeline
Development in quantum processors
Figure 10 – Development in quantum computing processors – Open question, feel free to answer in the comments section
Most manufacturers use circuit-based quantum processors (CBQP), while others employ Annealing quantum processors (AQP), analog quantum processors (AP), or photonic quantum processors (PQP).
It’s often mentioned that a (digital) quantum computer is constructed using quantum logic gates, as illustrated here:
Figure 11 – Examples of how to make quantum devices
Some companies, however, concentrate on employing (digital)-analog quantum computers that emphasize quantum annealing and quantum simulation.
Figure 12 – The figure gives and overview of the highest number of qubits a company have in a quantum computing system and their technology. Note that many companies have many models of quantum computers with lower amounts of qubits.
Companies are currently in a race to add more qubits, with frequent updates on the horizon.
The urgency to change
The urgency to initiate and complete the transition to quantum-safe cryptography depends on the security requirements and risk tolerance of individual organizations and can be assessed using three simple parameters:
Figure 13 – Urgency to change
• The shelf-life time: The number of years for which the data should be protected.
• The migration time: The number of years required to safely migrate the systems that protect that information.
• The threat timeline: The number of years before relevant threat actors could potentially access cryptographically-relevant quantum computers.
Organizations will not be able to protect their assets from quantum attacks in time if the quantum threat timeline is shorter than the sum of the shelf-life and migration times.
So, what are the solutions?
A. Post-quantum cryptography, conventional hardware, computational assumptions
B. Quantum cryptography, new quantum infrastructure, “unconditional” security.
R&D focused on quantum resistance will strengthen option A. Currently, there is already a range of potential algorithms available, but their implementation is not straightforward. Some important considerations include migration overhead and complexity, scalability issues, large key sizes, and speed, especially when dealing with resource-constrained devices.
You can explore the latest quantum-resistant ideas from NIST here.
Satellite-based communication and quantum repeaters will enhance option B. You can find more information here.
Quantum computing – a whole new way of crunching numbers that’s like nothing you’ve seen before. At the heart of this amazing leap forward are these tiny things called “qubits.” Unlike regular computer bits that are either 0 or 1, qubits can be 0, 1, or both at the same time. It’s like they have a magic power! And when qubits team up, they can solve crazy-hard problems faster than anything else out there. Whether they’re made from photons, supercool materials, trapped ions etc., qubits are the rockstars of computing’s future. So get ready to dive into the world of qubits and discover the wild possibilities they’re unlocking – things are about to get mind-bendingly exciting.
This is a research list of some types of qubits and methods with qubits.
NB: There might be some duplicates of concepts.
3D Qubits: Quantum bits arranged in three dimensions for addressing qubit connectivity and scalability challenges.
4D Qubits: Quantum bits using multiple quantum states in higher dimensions for advanced computations.
Antiferromagnetic Qubits: Quantum bits using antiferromagnetic materials and spin states for quantum operations.
Atomic Ensembles: Quantum bits formed from atom collections, studied for quantum communication and computation.
Atomic-Ion Hybrid Qubits: Quantum bits combining different ion types for quantum processing.
Atom-Light Interaction Qubits: Quantum bits arising from interactions between atoms and light, explored for qubit control.
Bosonic Qubits: Quantum bits using bosonic states for exploring non-traditional quantum processing.
Chiral Spin Qubits: Quantum bits using electron spin chirality, explored for unconventional quantum capabilities.
Quantum Cellular Automata Qubits: Quantum bits used in cellular automata for computation.
Quantum Chaos Qubits: Quantum bits exploiting chaotic systems for innovative quantum processing.
Quantum Dot Arrays (Semiconductor Quantum Dots): Quantum bits from arrays of semiconductor quantum dots, enabling controlled electron states.
Quantum Dot Molecules: Quantum bits formed by coupling quantum dots to create molecules, exploring new qubit states.
Quantum Dot-Anharmonic Oscillator Hybrid Qubits: Quantum bits combining quantum dots and anharmonic oscillators for qubit control.
Quantum Dot-Atom Hybrid Qubits: Quantum bits formed by coupling quantum dots and individual atoms, combining their unique properties for quantum processing.
Quantum Dot-Cooper Pair Box Qubits: Quantum bits based on the manipulation of Cooper pairs in superconducting quantum dots for quantum computation.
Quantum Dot-Majorana Hybrid Qubits: Quantum bits combining quantum dots with Majorana zero modes for topological qubit manipulation.
Quantum Dot-Microwave Resonator Qubits: Quantum bits using the interaction between quantum dots and microwave resonators for qubit manipulation.
Quantum Dot-Polariton Hybrid Qubits: Quantum bits utilizing the interaction between quantum dots and polaritons, allowing for strong qubit-field coupling.
Quantum Dot-Quantum Point Contact Hybrid Qubits: Quantum bits using the interaction between quantum dots and quantum point contacts for qubit control.
Quantum Dot-Quantum Well Hybrid Qubits: Quantum bits combining quantum dots and quantum wells for unique qubit properties.
Quantum Dot-Rydberg Atom Hybrid Qubits: Quantum bits created by coupling quantum dots and highly excited Rydberg atoms, exploring novel qubit states.
Quantum Dot-Single Photon Interface Qubits: Quantum bits utilizing quantum dots as interfaces between single photons and matter for quantum tasks.
Quantum Dot-Spin Qubits: Quantum bits based on the coupling between quantum dots and electron or nuclear spins, providing controlled qubit operations.
Quantum Dot-Topological Insulator Hybrid Qubits: Quantum bits formed by coupling quantum dots and topological insulators for unique qubit states.
Quantum Electrodynamic Qubits: Quantum bits with strong qubit-field coupling for energy exchange.
Quantum Hall Effect Qubits: Quantum bits exploiting quantum Hall effect for unique processing.
Quantum Matrix Product State (QMPS) Qubits: Using matrix product states for qubit storage and manipulation.
Quantum Nanotube Qubits: Quantum bits based on carbon nanotubes for versatile quantum information processing.
Quantum Repeaters with Spin Qubits: Quantum bits in repeaters for long-distance quantum communication.
Quantum Repeaters: Quantum systems enabling long-distance quantum communication, vital for secure transmission.
Quantum Reservoir Computing Qubits: Quantum bits used in reservoir computing for machine learning.
Quantum Simulation with Qubits: Using qubits to simulate quantum systems for complex problem-solving.
Quantum Thermodynamics Qubits: Quantum bits studied within the quantum thermodynamics framework.
Quantum-Dot Cellular Automata (QCA) Qubits: Quantum bits utilized in quantum-dot cellular automata systems for computation and information storage.
Quantum-Dot Molecule Cluster Qubits: Quantum bits formed by clusters of quantum-dot molecules, exploring collective qubit properties.
Quantum-dot Spin-Qubit Array Qubits: Quantum bits forming arrays of quantum-dot spin qubits for scalable quantum information processing.
Quantum-Dot-in-Buckyball Qubits: Quantum bits using quantum dots in buckyballs for novel quantum states.
Quantum-Dot-in-Nanowire Qubits: Quantum bits using quantum dots in nanowires for versatile control.
Quasiparticle Qubits: Quantum bits based on quasiparticles in condensed matter systems, offering quantum processing potential.
Qubit Sensors: Quantum bits serving as high-precision sensors for various quantities.
Rare Earth Ions: Quantum bits using rare earth ions with extended coherence times for quantum networking.
Semiconductor Qubits: Quantum bits utilizing semiconductors for versatile qubit control using spins or charges.
Silicon Qubits: Quantum bits utilizing silicon’s compatibility and potential for large-scale quantum systems.
Single Electron Qubits: Quantum bits based on the properties of individual electrons, explored for quantum information processing.
Skyrmion Qubits: Quantum bits using skyrmions for unique quantum processing.
Soliton Qubits: Quantum bits based on stable wave-like soliton solutions, investigated for quantum tasks.
Spin-Cooper Pair Qubits: Quantum bits utilizing the coupling between electron spins and Cooper pairs in superconducting circuits for qubit manipulation.
Spin-Orbit Qubits: Quantum bits utilizing spin-orbit interactions for new possibilities in qubit manipulation.
Spin-Triplet Qubits: Quantum bits utilizing the spin-triplet states of electron spins in certain materials for quantum information manipulation.
Spin-Valley Qubits in 2D Materials: Quantum bits utilizing spin and valley properties for quantum tasks.
Squeezed Phonon Qubits: Quantum bits using non-classical phonon states for quantum information.
Squeezed State Qubits: Quantum bits utilizing non-classical light states for enhanced measurements.
Superconducting Flux Qubits: Quantum bits exploiting magnetic flux for longer coherence and robust quantum operations.
Superconducting Nanowire Qubits: Quantum bits using superconducting nanowires for improved coherence.
Superconducting Qubits: Quantum bits using superconducting circuits for rapid processing, scalability, and control.
Surface Code Qubits (Error-Corrected Qubits): Quantum bits using surface code error correction for reliable computation.
Synthetic Qubits: Quantum bits created by manipulating interactions between different quantum systems, introducing new qubit possibilities.
Time-Bin Qubits: Quantum bits based on time properties of photons, significant for secure quantum communication.
Topological Exciton Qubits: Quantum bits relying on topological exciton properties for robust quantum tasks.
Topological Insulator Qubits: Quantum bits using topological insulators for unique electronic states.
Topological Photonic Qubits: Quantum bits in topological light states, robust against noise and valuable for quantum communication.
Topological Quantum Walk Qubits: Quantum bits using topological quantum walks for robust computation.
A basic principle in understanding wallets for your digital assets is custody.
Before explaining custody let´s talk about private keys – read this great explainer.
A private key is a 256-bit number that can be represented in several ways like a hexadecimal number or 64 characters, but there are also smaller formats as seen in the explainer article.
When BIP-32, HD (Hierarchical-deterministic) wallets became a thing back in 2012, things became easier for the regular user instead of generating keys for transactions and not being able to have a watch-only wallet. HD wallets made it possible to generate unlimited private and public keys from an extended key. This meant you after the implementation could have more addresses connected to the same masterseed. Read more here BIP-32. There have been some problems but they got fixed, read BIP-44, BIP-49 and BIP-84.
You can make your own random private key, by tossing a coin or use a generator. Read more here
The private key is Important since it gives the owner complete control over their digital assets on a specific blockchain address. To execute crypto transactions, you need the private key.
A private key is needed to create a public key and hereafter a Bitcoin wallet address – see more here.
Public keys can be shared with others, so they can send BTC to your wallet or check your BTC balance. Private keys should NEVER be shared since they gain total control over the funds associated with them.
Note: You cannot derive the private key from the public key even though they are cryptographically linked – Read more here (remember that BTC have moved from ECDSA to Schnorr signatures):
Most people will deal with a seed phrase to access their BTC wallet. A seed phrase represents the private key in an easier-to-manage format. The seed phrase will access/restore a BTC wallet, the wallet can contain thousands of private keys.
You don´t need a seed phrase if you have the private key, but seed phrases often make things easier if you have BTC placed in different wallets under the same Masterseed or if you often need to move assets instead of using the 256-bit number.
Remember a seed phrase, a recovery phrase and a mnemonic phrase is considered the same thing.
A seed phrase is often 12-24 words. A 12-word seed phrase is often considered fine regarding security and is easy to remember. A 24-word seed phrase contains more combinations and therefore has a higher level of security.
With BIP-39 you can actually generate a mnemonic phrase. This is generated from these 2048 words. – Many wallets use this format for making a seed phrase to backup the private key/s.
Let´s talk custody.
In Bitcoin there is no customer service, no support team or online database, so this puts responsibility on users of the network. As an individual you are in total control of your private key/s and seed phrase and if you lose it, you have lost your funds, so you got to back it up.
Remember that: A seed phrase gives access to all private keys in a wallet. A private key only gives access to one crypto account. A private key is concealed inside your wallet, but your seed phrase is managed by you. If you lose your seed phrase to anyone they will have access to your assets and you should consider them gone (but the transactions can be tracked).
Some people don´t like this aspect, so they use a centralized custodian to help managing their private key/s.
See the differences in this table:
Custodial wallet
Non-custodial wallet
A custodial wallet holds your private-key/s.
With a non-custodial wallet, you are in control of the keys.
You don´t have full ownership and someone can move your digital assets.
You have full ownership, only you can move your digital assets.
You depend on a third party.
You depend on yourself (self-custody) and your hopefully good backup strategy.
Examples of what can go wrong with a custodial wallet:
You put your Bitcoin in a Centralized exchange (CEX) and get interest for your Bitcoin or leverage the BTC. Many examples have shown this is often not a good idea. Centralized protocols have not used full reserve principles and often heavily leverage or mingle with peoples funds.
You put your Bitcoin in a centralized Bank or exchange (CEX). If the bank or exchange collapse often your funds do as well. Many banks are still not working out of a full reserve principle and often leverage investments.
You put your BTC in a browser or web-based wallet. You are not in control of your keys since they are hold by a third party + hackers easier can hack a wallet connected to the internet.
You put your Bitcoin in a hardware wallet with a recovery email, so they have your private-keys/s and KYC data. You’re not in full control of your coins.
When you buy into an ETF. A third party holds your key/s which make it less flexible and you have no direct control of your digital assets.
Not your private key/s, not your coins.
Non-custodial wallets
There are different forms of self-custody and wallets for this, but first of all – Start by not having your private keys or seed phrase online.
Having your keys online is a massive attack vector and security risk. The best way is to use cold storage in some form for bigger amounts of BTC aka decoupled from the internet and no keys stored in mails or in the cloud. Some go even further and have different levels of cold storage to increase security – Think about air-gapped devices and good old sneakernets.
Examples:
The Best solution is to download a full node so you can verify all the rules of Bitcoin (All transactions, verifies transactions, accepts blocks and broadcasts), to check if you have received coins. – here you are directly linked to the bitcoin p2p network and download the full blockchain.
A Lightweight wallet don´t verify all the rules of Bitcoin(Block headers), so there are a number of security downsides, but is sometimes used for smaller amounts of BTC.
NB: For Lightning Network (LN) it is also recommend to download a full node to verify transactions, not for all transactions like in the Bitcoin Network, but the ones interacting with the node. With a LN Node you also have full custody of your BTC and contribute to the network + you can route payments and earn Sats.
You still need to protect your seed phrase. Some protect their seed phrase with a passphrase.
Different wallet types
Cold storage offline wallet:
The cold wallet generates and stores private keys on an offline air-gapped pc. Payments are received online with a watch only wallet. Unsigned transactions are generated online, transferred offline for signing. The signed transaction is transferred online for broadcasting to the BTC network. It´s non-custodial so you have to back up the seed phrase.
Multisig wallet:
A multisig (multisignature) wallet is a wallet with 2 or more private keys and seed phrases. So, to access or send BTC from a multisig wallet +2 private keys need to be entered instead of a singlesig wallet. This is often used by people who like higher form of security like businesses or couples and is one of the building blocks of Lightning network (Lightning payment channel). Many provide solutions like 2-of-3 multisig (Multisig m-of-n). It´s non-custodial so you have to back up the seed phrases. You could go deeper and look at collaborative custody with multisig.
Hardware wallet:
A hardware wallet is a flash drive-like device HD-wallet designed to store BTC. The physical device stores the private keys offline and approve transactions when connected to the internet and the blockchain. They can be connected via Bluetooth to your phone or via desktop application. It´s non-custodial so you have to back up the seed phrase. Often people will enable a pin or passphrase to their hardware wallet.
Mobile wallet:
A mobile wallet is a HD-wallet which generate private keys stored on your phone. It´s non-custodial so you have to back up the seed phrase. These wallets are convenient when using Bitcoin on a daily basis. The most advanced wallets connect to Lightning network.
Desktop wallet:
A desktop wallet is a HD-wallet which generate private keys stored on your host computer (desktop/laptop). It´s non-custodial so you have to back up the seed phrase. These wallets often offer more security than mobile wallets.
Paper wallet:
A paper wallet is a wallet where you write down your private key, public key and Bitcoin address on a piece of paper. You would probably need a Bitcoin wallet generator like this in some form if you don´t want to calculate by yourself. BIP-38 change things so it became possible to add a passphrase to Bitcoin private key, read more here.
Paper wallets are vulnerable and do not tell about how much BTC you have received, here you need wallet software in some form. It is a decentralized way to store your BTC, but not that safe for beginners.
Metal case:
A metal case is a way to store seed phrases, passphrases etc. You will imprint/write your secrets in steel, which is fire and water proof. This mean you have a solid backup that will be hard to destroy. People use these in many different ways for the all-mentioned wallets but also in complicated systems to increase security with a physical secure offline option.
Encrypted storage:
Encrypted storage comes in many forms, but here you see examples of making private keys based on real physical things, so you eg. via a photo can access your seed phrase or private key. Institutions also make algorithms to store private keys in different secure ways. You will see private keys and seed phrases incorporated in all sort of things the more secure the better. Some use biometric secure warehouses and different techniques even to get to the big vault that secure the seed phrase/s, others will implement a chip, make a multisig wallet with seed phrases placed in outer space for back up, use biometrics etc.
How do people do?
Always consider you own security, it´s okay to be a little paranoid about your money. Start by thinking about what you want. Do you want to have a little BTC to buy a whisky or a mocktail, maybe consider getting a Lightning wallet. A wallet with self-custody so you own your keys. If you are a larger buyer, think about what you want with your investment. Always think about a backup plan for your relatives if something should happen for you. With a private non-custodial wallet your seed phrase is your money, if you die and nobody know about your seed phrase the money will be “frozen” in the Network.
Remember there are many ways to secure your BTC and you will find a good way or you should talk to a pro.
For big spenders you will often see 50/50 storage (offline/online).
The bigger the amounts of BTC the more sophisticated systems for securing BTC private keys, seed phrases and pass phrases.
Example: 6 wallets in different layers from hot to colder. You could have 3 hot wallets, with each 2-4-7 % BTC reserve. 3 cold wallets with 17-25-45% BTC reserve.
If the 2% wallet gets drained because you are on a spending spree then you will use the 4% and then to 7%. Some will have much lower margins.
You run into a problem. You need to spend more, but to get more you need to get your cold wallet with 17% BTC reserve. This wallet is not connected to the internet so BTC will need to be moved from a clean external pc or hardware wallet to the hot wallet. You would fill up the 2% wallet and then move on if more BTC is used for refill. The second cold wallet with 25% BTC reserve would be stored even colder maybe using multisig and multiple devices. The third cold wallet with 45% of the BTC reserve use even more sophisticated methods to make sure nobody enters the biggest reserve.
People often make systems an automate them, so their hot wallets can automatically work in order of % of reserves and also refill in proper order. Rebalancing wallets or making more wallets is also things to consider. Some also use time-locked contracts like PTLC and HTLC in their systems.
Note: Printers and other online apparatus connected to devices with BTC wallet/s is potential attack vectors. Being online is dangerous. You would not walk around with all your physical cash on the street, like you would not have all your Bitcoin online in the same wallet.
If you sell or buy big amounts of BTC, you will make smart strategies to build a wallet system that is secure and working.
