Protect your Bitcoin! A Guide to setting up wallets and controlling your private keys.

in #bitcoin7 years ago


Protecting Your BTC

So, you’ve gone down the Bitcoin rabbit hole and you’ve made your first Bitcoin purchase, congrats! Now just leave that BTC on Coinbase and wait until the price hits $1 Million per coin, right?! If that’s your plan, you’re not only exposing yourself to significant risk, you’re also missing the point of Bitcoin.

The Importance of Financial Sovereignty

Bitcoin came into existence following the 2008 financial crisis, and this is no coincidence. In the Bitcoin “Genesis” block, the first block in the Bitcoin blockchain, Satoshi left a message (in Hexadecimal). “The Times 03/Jan/2009 Chancellor on brink of second bailout for banks”. This message served two purposes. First, it linked the genesis block with the day’s news headline to serve as a time reference. Second, it highlighted the unprecedented collapse happening in the global economy. Satoshi believed that the world needed better money, and he believed that people should have full control over that money.


Satoshi’s message to the world in Bitcoin’s genesis block
When you leave your Bitcoin on a private exchange, you are trusting that exchange. You are trusting that the exchange has taken appropriate measures to protect your Bitcoin. You are trusting that the exchange will pay you out when you decide to transfer or sell your Bitcoin. You are also trusting that the exchange actually has control of the Bitcoin that appears in your balance.

Deposit Insurance

This is the same trust that you are placing in the bank that holds your U.S. Dollars. Sure, the FDIC’s got your back for up to $250k, even if there is a bank run. But what happens when the FDIC isn’t there for you. Impossible, right? Well, if you’re the average bitconsult reader, you’re probably a U.S. citizen with access to reputable banking services in a relatively stable economy and have a hard time imagining this situation. However, you are not the average human. The average human does not have access to deposit insurance. For the lucky few with deposit insurance, banks simply close, limit deposits, or eliminate deposit insurance overnight during financial crises. This has recently happened in Greece, Cyprus, and a few other countries.


Scenes from outside a Greek bank in 2015
Payment Services as and Extension of Law Enforcement

Financial service companies often act as an extension of law enforcement. For the opportunity to serve as a money transfer service in the United States, credit card companies and PayPal are often forced or coerced by law enforcement to close accounts and freeze funds. There is perhaps no more fitting example than WikiLeaks. In 2010, the U.S. government forced Visa, MasterCard, Paypal and other companies to cease all transactions with WikiLeaks. WikiLeaks survived primarily due to Bitcoin donations. Ironically, perhaps, Wikileaks made a 50,000% return on their Bitcoin since 2010, which Julian Assange was happy to brag about.


Forcing WikiLeaks into BTC may have backfired…..
No matter your stance on WikiLeaks, it is concerning that law enforcement agencies can freeze payments and effectively shut down businesses by cutting off their funding, even before the company or individual is found guilty in court. This is just one example. Check out the rest of our pages and stay tuned for more posts on the power of financial sovereignty.

So, how do you truly take control of your money? In this post we’ll walk you through moving Bitcoin off of an exchange, and into your control.

Bitcoin Wallets and Keys

Disclaimer: For the sake of simplicity, we’re going to explain Bitcoin wallets and keys in a way that most users can relate to. If you’d like to learn the technically correct way that Bitcoin transactions and balances work, we suggest you read “Mastering Bitcoin” or contact us for consulting.

Bitcoins are stored in Bitcoin wallets. In order to access the funds in a Bitcoin wallet, the user needs to have access to the address’s Private Key. A private key can be thought of as a password that is needed to “log in” to the wallet. A Bitcoin private key is a string of 64 letters and numbers, looking something like this:

E9873D79C6D87DC0FB6A5778633389F4453213303DA61F20BD67FC233AA33262

If you control your private keys, you control your Bitcoin. If an exchange controls your private keys, the exchange controls your Bitcoin. If anyone else gets access to your private keys, they can steal your Bitcoin. It is incredibly important to generate private keys in a secure way and to properly back them up. It is recommended that most users purchase a hardware wallet, as they are safe and easy to use. For this exercise, however, we’ll walk you through setup of a Bitcoin web wallet, an easy, flexible alternative to holding your Bitcoin on an exchange.

Web Wallet Setup

First, we’ll need to select a web wallet provider. Different web wallets have different features. Some, like coinapult, require an email and password to set up. Others, like counterparty, don’t require any information. Let’s walk through setting up a counterparty wallet as it is very simple.

Head to https://wallet.counterwallet.io/#
Click “create new wallet”
You’ll be given a 12 word passphrase. This passphrase is needed to access your wallet. Write this down on paper, copy it, laminate it, stick it in a fireproof bag, and store it in a couple of secure locations.

Counterparty 12 word passphrase
The passphrase generated in this example is “beauty question tough carry hit outside break puzzle safe stab color tender”. We have not funded this account with any BTC, but you can paste the phrase into counterparty and prove that it’s a valid phrase.
You’ll have the option to save a custom URL to access this wallet more easily, click “no thanks”.
Enter your passphrase and click “Open Wallet” and you’re in! You should see a screen like this:

This is your Counterparty wallet
You now have access to you Bitcoin wallet, powered by Counterparty. Here you’ll see your BTC balance, a public address, and quite a few other options. To fund this account, you’ll send BTC to the address on your screen, “1HJNPwVMmwf4rRQhhMFjJWbQMKEaJQujcZ”. It is recommended to create a new address for every transaction for privacy purposes. Some wallets do this automatically.

In order to fund this account with BTC that you have stored on Coinbase, you’ll need to log into your Coinbase account, navigate to your BTC account, and click “send”.

Next, a send form will pop up. Simply paste in your web wallet address “1HJNPwVMmwf4rRQhhMFjJWbQMKEaJQujcZ”, review all of the information, and click “Continue”.


Coinbase transaction screen
Now confirm the transaction and you’re all set! Coinbase will do some internal work to prepare your transaction, but within a few minutes it should be propagated to the network. Coinbase will provide you with a transaction ID, which you can either click or post into a blockchain explorer. The transaction ID will show the amount transacted, fee paid, and number of confirmations. Your counterparty wallet should show the incoming transaction almost instantly, and will give you full access to the BTC once the transaction is confirmed by the network.

Setup Notes

Creating and funding a wallet is relatively easy, taking only a few clicks and about 5 minutes. However, a lot just happened! Let’s cover some important information before moving on.

Where’s your private key?!

When you set up the counterparty wallet, you were given a 12 word passphrase. This passphrase is also known as a mnemonic code. Put simply, Bitcoin incorporated these phrases (through Bitcoin Improvement Proposal 39, “BIP-39”) so that users could work with familiar words rather than a long string of letters and numbers. This seed can be used to access your wallet. If you need the private Key, however, simply click “Address Actions” then “Show Private Key”. The private key will be revealed.


Counterparty example private key
This private key should also be written down, laminated, and safely stored. Likely, you’ll never need to access this key, but it could be used to sweep your address balance into another wallet or to access forked coins.

What the Heck is “XCP”

You may have noticed an XCP balance next to the BTC balance. In addition to providing a web wallet, Counterparty also has its own coin, XCP. XCP currently trades for around $14 and lies just outside the top 100 cryptocurrencies. Counterparty is software built on top of the Bitcoin protocol. Using counterparty’s services, users can trade assets on a decentralized exchange, create their own assets, and much more.

If Counterparty goes down, do I lose my BTC?

Nope, counterparty creates wallets/private keys using the Bitcoin protocol. If access to counterparty is down, your private key or mnemonic phrase can be swept into another wallet provide and you can transact with your Bitcoin as normal.

Web Wallet Risks

Private Key Control

Not all web wallets are created equal. Some, like counterparty, allow you to transact and sign transactions locally, meaning your passphrase and private keys never leave your browser, and never go to counterparty’s servers. Some web wallets, like coinapult, actually still have control over your Bitcoin and don’t offer insurance in cases of theft. It’s important to research any wallet before sending any funds. Most wallets also give you the option to save a webpage and generate your mnemonic phrase offline. Some users decide to even generate these phrases on an air-gapped computer that has never touched the internet. When backing up your private key, NEVER save it on your computer or email it to yourself. Writing the key down is the safest backup.

Key Logging

Key loggers are nasty programs that can log all of your keystrokes. These programs often come in the form of trojans and can infect your computer. Most users access their web wallets by typing in their mnemonic phrase. If your computer is compromised by a key logger, a hacker can steal your passphrase through a key logger and access your Bitcoin. Counterparty has a built-in safeguard against this, allowing you to enter your passphrase by clicking an on-screen keyboard.

Choosing a Wallet

Wallet providers offer many different services, including:

Multisig Support – Create an account that more than one person controls. For example, you can create a 3 person account that you, your wife, and your son share. You can configure this wallet so that funds can only be spent if 2 of the 3 people agree to the transaction (2 of 3 multi-sig).
Fee selection – Most wallets try to determine an appropriate miner fee to add to your transaction by looking at the Bitcoin network and analyzing current network fees. Some wallets will give you the choice to increase your transaction fee in order to get your transactions confirmed more quickly. Some wallets calculate fees better than others. Always look at your fees to make sure they’re appropriate!
Key sweeps – The ability to input a private key from another wallet and claim those Bitcoin.
Segregated Witness (SegWit) Support – Supports SegWit addresses, which have lower fees than legacy Bitcoin addresses
Fork Support – If you control your own private keys, ultimately you can access coins created by any Bitcoin forks. Sometimes, your wallet provider will do the work and make the forked coin available to you. If not, you can sweep your private keys into a wallet that support the fork. However, be wary of replay attacks. It’s advised to move your BTC out of the wallet first and eventually move that BTC to a new address (with a new private key). If this confuses you, contact us!
Alt-coin and token support – Access to alternative coins as well at Bitcoin
Built-in exchanges – Some wallets have built in P2P exchanges that allow you to trade BTC for other cryptocurrencies
Types of Bitcoin Wallets

There are many different types of Bitcoin wallets, which all have their own strengths and weaknesses.

Hardware Wallets

Hardware wallets are the best option for most users. The most popular wallets are made by Ledger and Trezor. To spend Bitcoin from a hardware wallet, simply plug it into your PC, enter your PIN, open the wallet’s application, and send the funds. Most hardware wallets generate a 24 word passphrase that must be written down and backed up. The key to hardware wallets is that the private key and passphrase never leave the wallet. You never need to enter your private key to access your funds. This eliminates the risk of keylog attacks. If you lose your hardware wallet, the passphrase can be used with a different wallet or a replacement hardware device to access your coins. Most hardware wallets cost around $70-$100, well worth the investment.


Trezor’s Hardware Wallet
Exchange Wallets

This is what you’re using on Coinbase. With exchange wallets, you do not control your own private keys. The exchange holds your Bitcoin, usually in a “hot wallet” that is commingled with other users’ coins. When you deposit BTC to an exchange wallet, the exchange will give you a deposit address. The exchange is responsible for ensuring that coins sent to this wallet are credited to your account. When choosing an exchange wallet, check their reviews/track record and ensure that their coins are backed by insurance. Exchanges have failed in the past, and even some current exchanges, like Bitfinex, are acting a bit shady.

Mobile Wallets

Mobile wallets like Mycelium are available on Android and iOS. When you create a mobile wallet, the software generates a seed phrase, which you should write down as a backup. Android and iOS are not the most secure systems, so only a minimal amount of BTC should be stored in these types of wallets. Many users treat mobile wallets like the cash wallet in their pocket, never holding more than a couple hundred bucks.


An example Mycelium mobile wallet
Desktop Wallets

The original Bitcoin wallet was a desktop wallet. The Bitcoin Core wallet contains a copy of the entire Bitcoin blockchain and serves as a fully-validating node. By running a full node, you are contributing to the strength of the Bitcoin network! Downloading and installing the Bitcoin Core wallet is easy, but it will take a few days to download (sync) the entire blockchain. The wallet interface is also not as user-friendly as some of the other options. As an alternative, there are desktop wallets like Electrum that do not require syncing with the entire blockchain. With these type of wallets, you have the option of writing down your private key, or backing up your wallet file.

Paper Wallets

Paper wallets are a no frills option for storing Bitcoin, and are popular for Bitcoin gifts. Similar to creating a web wallet, paper wallets can be generated online or offline in seconds. These addresses become “real” once they receive a transaction and are added to the Bitcoin blockchain. Never buy a paper wallet from someone. If they generated the private key, they likely have a copy and can steal your funds.


BTC Paper Wallet
Tips for Protecting Your Bitcoin

Two-Factor Authentication

Whether you hold your Bitcoin on an exchange or wallet, you should add two-factor authentication (2FA) to your account, if it is available. Two-factor authentication requires that you verify ownership of the exchange account or wallet by providing a code in addition to your normal login credentials. The best two-factor authentication is Google Authenticator. Google Authenticator is an app that provides new 2FA codes every 20 seconds. Many exchanges allow you to choose the account actions where 2FA is required. It is suggested to enable 2FA for Bitcoin withdrawals at a minimum. With 2FA enabled, even if a hacker got your Coinbase login credentials, they cannot withdraw BTC from your account without the constantly-changing 2FA code, which can only be accessed from your phone.


Google Authenticator 2FA
Additional 2FA Tips

When setting up 2FA, you’ll be given a recovery code, which is needed to restore authentication services should you lose your phone. Write down your recovery 2FA codes on paper, laminate them, and store them in a safe. The same precautions should be taken to protect your 2FA recovery codes as your wallet seeds and private keys.

Many users store website and email passwords on their phones. If your google authenticator is also on your phone, then your BTC can be stolen if your phone is stolen. It is incredibly important that lock your phone with a strong PIN/password to prevent a thief from draining your exchange accounts and mobile wallets if they nab your phone. Some exchanges also use email/SMS 2FA as an extra safeguard. If you access that email account on your phone, however, the thief will have easy access to your email as well. Text Message (SMS) 2FA is not as safe as google authenticator and is not recommended.

In the event that your phone is lost or stolen, you should immediately lock it and wipe the contents, as outlined here for Android.

Conclusion

Bitcoin was designed to provide users with financial sovereignty. Users can take full control of their Bitcoin by controlling their own private keys. If you hold your own keys, you do not need to trust a third party that can lose or freeze your funds. Moving coins off of an exchange may take a bit of effort, but the peace of mind is well worth it. The process can be a bit overwhelming for first-timers, so we suggest an intro consulting session to get your funds properly secured. Contact us for help!

Sort:  

Congratulations @bitconsult! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

Award for the total payout received

Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!