Secure Storage of Crypto Assets: Guide to Setting up Cold Wallet

By Prachi Kothari
19 Min Read

There is a common misconception that cryptocurrencies are stored in wallets. The truth is that blockchains store cryptocurrencies, not hardware or software wallet. The wallet only holds access in the form of keys to that blockchain. Two popular choices of wallets are hot and cold wallet. The difference between the two is that the former requires an internet connection to access the keys while the former does not. Cold wallet are further classified into hardware and paper wallets.

A cold wallet does not store your digital assets; instead, it holds access to your cryptocurrency. A hardware wallet is a portable, compact, physical device that resembles a USB stick that stores your keys. And a paper wallet retains a printout of your private key or a scannable QR code.

Keep reading to understand what a cold wallet is and how to set them up.

What Is a Cold Wallet?

One of the main reason of increasing interest in cryptocurrencies is because they are considered as the future currencies. There are more than 20,000 cryptocurrencies, and all are built on the blockchain. Cryptocurrency will serve as the standard form of payment in the Web3 space. We will be able to access this new digital economy in a few years with the help of virtual reality.

According to this report from Statista, cryptocurrency has been adopted by 56 countries. Global central banks have declared they will soon introduce the central bank digital currency (CBDC). The crucial concern now arising as we enter this new era is safeguarding our financial assets.

To deal in cryptocurrencies, users require a wallet that would give them access to various exchanges. There are two types of wallets; hot and cold wallets. In comparison, a cold wallet is more secure than a hot wallet. A hot wallet stores the private key in a browser extension or desktop application, making it vulnerable to internet scams. A cold wallet keeps the private key in hardware wallets, meaning they are not connected to the internet. The main concern in any cryptocurrency trading is protecting private keys.

Learn about the different types of cryptocurrency wallets, their features, and how to choose the right one for you with this comprehensive article.

To create a cold wallet, you must create an offline address without contacting the internet. A cold wallet consists of a private and public key pair. For simple understanding, a public key is your email address, and the private key is the corresponding password. Your email is safe as long as the password is unknown. The key pair is not exposed to the internet in a cold wallet, ensuring maximum security.

Different Types of Cold Wallet

Paper Wallet

As the name suggests, this cold wallet is made of paper. A paper wallet is a document with a pair of keys printed on it. These are the most basic and secure forms of cold wallets. The keys are removed from the network and the digital wallet whenever you decide to store your keys in a paper wallet. The best feature of this type of wallet is that it is nearly impossible to hack it unless someone physically steals the paper on which the keys are.

Explore the transformative impact of non-custodial wallets on user autonomy and security in Web3, elucidated comprehensively with this article.

However, the downside is; if the paper is lost, damaged, or made illegible, the users will never be able to access their funds’ addresses. To completely safeguard yourself, keep the paper wallet in a safe box or secure storage.

How to Set up a Paper Cold Wallet?

Setting up a paper wallet is easier than the other forms of wallet. Simply put, a paper wallet can be created by writing your public and private key on a piece of paper. However, that is not safe. Interestingly, there are no complex steps involved. Typically, paper wallet generator programs like BitAddress or WalletGenerator are used to make paper wallets. It is advised to run the program on a computer with malware and antivirus protection that is up to date.

The Steps Involved in Creating a Basic Paper Wallet

  1. Go to the BitAddress webpage, which is an open-source paper wallet creator.
  2. To generate a private key, navigate the website or enter random text.
  3. After receiving the private key, you must choose “Paper Wallet” and print the outcome. The public address on the left will allow you to store Cryptocurrencies there.
  4. By employing BIP38 encryption, users can add a passcode to the paper wallet to offer an extra layer of security.
  5. The paper wallet has the keys and QR codes printed out. Your device must be able to sweep or scan the paper wallet to use the codes, which would “transfers” the money.

Hardware Wallet

The second type of cold wallet is a hardware wallet. An offline device or a smartcard is used to store private keys offline that is password protected. A simple USB storage drive or a sophisticated device with a battery, Bluetooth, and other functions can be used as a hardware wallet. Like a paper wallet, keeping this USB device or smart card in a secure location is crucial because any loss or damage could prevent users from accessing their bitcoins.

Discover the top 8 best wallets to store Tether (USDT) and learn what to consider when choosing the right one with this comprehensive article.

One example of a hardware wallet that protects private keys with a smart card is the Ledger Wallet. The device resembles and works like a USB drive. The Ledger, TREZOR, and NGRAVE hardware wallets are some well-liked models. The offline storage of the private keys requires a computer and Chrome-based software. You can learn more about it here.

Air-gapped devices cannot connect wirelessly and are, therefore, more secure than those that can. Commercial hardware wallets are available from shops and vendors; many are water- and virus-resistant, and some even handle multi-signature (“multi-sig”) transactions. Multi-sig is a cryptocurrency signature technique that necessitates the use of private keys from many users to confirm a transaction.

How to Set up a Hardware Cold Wallet?

The most important step for setting up a cold wallet is to ensure that the device is purchased from the manufacturer directly to safeguard yourself from scams. Keep your cold storage in a secure location, and remember that if you lose it together with your seed phrase, you cannot recover your assets or funds. If you misplace your hardware wallet but keep your seed phrase, you can still retrieve your assets by purchasing a new hardware wallet.

  1. Connect your computer to the cold storage device.
  2. Download the software that comes with your cold storage wallet.
  3. A backup code or seed phrase will be sent to you. It’s better to keep this code offline and secure, out of sight and reach of others. Preferably, it should be noted on paper and kept in a safe.
  4. Each cryptocurrency (such as a bitcoin, Ethereum, or tether) type requires its wallet. Follow the directions to create a new wallet for each type of cryptocurrency you want to store.
  5. You’ll need to create a pin to access your device.
  6. Once you’ve created a pin, you can add cryptocurrency to your cold storage wallet by selecting receive, which will display the address of your cold storage wallet.
  7. Log into the exchange and transmit the digital assets to your cold storage wallet address to remove your cryptocurrency.

A Step-By-Step Guide to Set up a Hardware Cold Wallet

Ledger, is one of the most secure cold storage device and has sold over 50 lakh devices in more than 200 countries. Let’s take a look at an example to get a better understanding of how to set up a hardware wallet. 

Ledger nano

Step 1: Download and Install Ledger Live.

To download and install Ledger Live, visit Ledger Live. Install the application on your computer. Installing Ledger Live would not take more than a few minutes. Once the installation is complete, you will see a white circle with two curving blue lines on your desktop. Alternatively, they have a mobile app also.

Discover the top 9 SUI wallets for 2024 and streamline your digital currency management effortlessly with this comprehensive article.

Step 2: Create a PIN

To create a pin, launch the application. Next, a screen will appear with three options; get started with your Ledger device, restore the device from the recovery phrase, and use an initialized device. Choose the option that suits your requirements.

For new devices, choose “Get started with your Ledger device.” Then, select “Initialize as new device.” Following that, choose the Ledger Nano S and press “Continue.”

“Choose Your Pin Code” will now appear on the screen. Use the USB cable to connect the Ledger Nano S to your PC. Tapping both buttons on the Ledger Nano S signifies a “Select” or “Continue.” When we say “Press both buttons,” we mean simultaneously pressing both buttons on the Ledger Nano S.

Discover the safest options for managing your crypto assets securely outside of exchanges with top non-custodial hot wallets, all revealed within this comprehensive article.

To start, press both buttons at once. The screen on the Nano S would now show “Configure as a new device” press only the right button to select this option. The PIN code can be between four and eight digits long. It safeguards your assets in case someone else comes into possession of your Ledger device. Keep your PIN code in mind, or write it down. To “Choose a PIN code,” press both buttons.

Use the left and right buttons on the Ledger device to scroll between the digits. To select a number, press both buttons. Repeat this process for all the remaining digits.

If you want a PIN code with fewer than eight digits, scroll down to the checkbox after your desired final digit and then confirm by pressing both buttons. Scroll to the “x” at the bottom and click both buttons to remove a number. Press both buttons on the Ledger Nano S to “Confirm your PIN code.” Next, re-enter your pin following the same procedure.

Step 3: Write down Your Recovery Seed Phrase

This is the most crucial step. The message “Write down your recovery phrase” will appear on the Ledger Nano S screen. You must write down the whole 24-word recovery phrase that the Ledger gadget generates on paper. This recovery phrase, also known as a “seed phrase” is a picture of a “Master key” that you may use to access and control your crypto assets.

Never snap a photo of the seed phrase, type it into a computer or a phone, and never enter it into any online-connected device. Your ability to keep the seed phrase offline will determine how secure your Ledger Nano S is.

The seed phrase is your only resort to regain access to your crypto assets in case the gadget is destroyed, lost, stolen, or reset. In such a scenario, enter the seed phrase into a new Ledger Nano S, a different hardware wallet, or even a software wallet.

Explore the top cryptocurrency cold wallets, safeguarding your digital assets from cyber threats and hacks, with this comprehensive article.

The first word, “Word #1”, will appear on the Ledger Nano S screen. Press the right arrow to move to the next word after you have written this word down with its position, #1. Do this for each of the 24 words. Each word must be written down in the correct sequence. So, take your time and proceed with caution during this process. The next stage involves verifying each word on the Ledger Nano S.

Step 4: Verify Seed Phrase on Nano S

Once you log in to Ledger Live, you can perform an extra, optional validation. You will have to enter the full seed phrase again to ensure that you have copied it down accurately as a “recovery check.” Even if just one letter is incorrect, you won’t be able to utilize your seed phrase to recover or access your crypto assets.

“Confirm word #1” will appear on the Ledger Nano S screen. Scroll through the words using the left and right arrows until you find the right word, ranked #1. To confirm word #1, push both buttons at once. Do this for each of the 24 words. Press both buttons when you reach the final word, and then press both buttons once again to “Confirm your recovery phrase.”

The Ledger Nano S screen will display “Your device is now ready” once you’re finished.

Security Concerns Regarding Cold Wallets

Even though cold wallets have a reputation for being very secure, they are not completely risk-free. These are some risks regarding cold wallets:

Hardware Wallets

  • Physical devices have an inherent risk of being lost, stolen, or damaged. A seed phrase can reduce this risk since owners can recover digital assets if the wallet is lost or damaged.
  • There are fault-injection attacks, in which errors are introduced to alter the intended behavior of the wallet making it unusable. A wallet can operate abnormally, allowing access to the recovery seed by manipulating voltage modulations (either above or below the intended voltage). The hardware wallet must be in the hacker’s possession for this attack vector to work.
  • Suppose the device is not purchased from an authorized dealer or from the manufacturer. In that case, it could expose the device to an attacker. The attacker can change the wallet’s firmware diminishing the security of the device.
  • A hardware wallet is physically secure and well-defended against viruses. However, an attacker may still utilize social engineering to access the user’s private key (e.g., phishing emails).

Paper Wallets

  • Internet connectivity is the greatest threat in a paper wallet creation process. The private keys are at risk when generating them using the internet. If a hacker gained access to the BitAddress website, they could quickly acquire all the private keys generated using the system.

Conclusion

Different crypto wallets serve different purposes. A paper wallet is free of cost, while a hardware wallet costs anywhere between $50 to $300. If you are confused about which type of wallet to use, here is a simple analogy:

A hot wallet is like your purse or wallet; it is useful for quick, everyday transactions. At the same time, your cold wallets are your bank account; a place where you keep your savings that you do not plan on using for a long time. A cold wallet is more secure than a hot wallet.