52
nestwallet.xyz | Prev. @ Draper Associates, Point72 | ksydaniel.com
@leinad520
Daniel Sangyoon Kimnestwallet.xyz | Prev. @ Draper Associates, Point72 | ksydaniel.com
Storing crypto on an exchange or a hardware wallet is risky. Instead, you should use a multi-sig setup.
I used to store mycrypto in hardware wallets like Ledger, but for large amounts, it is still risky. If somebody steals your LEDGER or its seed phrase, you are doomed. If a fire or earthquake destroys them, you are doomed. I used to keep two copies of seed phrases in different locations for this latter risk. But that poses another risk - what if somebody steals from my second location when I am not present, and I do not know until it’s too late?
The solution is to use a multi-signature wallet, which is a setup in which a threshold of devices must be confirmed to execute a transaction. I put this off for way too long but finally got around to it.
Bitcoin Multisig
For Bitcoin, there are two main providers I’d suggest -
Casa vs Unchained
Casa costs $250 a year (they also offer more expensive services, which I won’t go into here), while Unchained Capital offers a free tier of service. However, the latter requires KYC while the former does not.
How It Works
For Casa, there is an app. You control two of the keys; Casa controls the third. You need 2 of 3 keys to send funds out. Your mobile serves as one key, and a hardware device like a ledger as the other. For the key that Casa controls, you answer security questions that you’d re-enter if you want Casa to sign for you in the future. You would use this if one of your two keys was compromised. Casa would sign after a seven-day buffer. It is highly recommended you write down your answer to the security questions and put it somewhere safe.
You also have the option to use two hardware devices instead of the mobile.
Unchained Capital is mostly similar, but they only offer the two hardware wallet solutions, no mobile. Also, while they are free, they charge a $20 co-signature fee if you need to rely on their third key. Since they KYC, they don’t require security questions; hence you don’t need to worry about writing it down and storing it safely somewhere; instead, they can verify via a method like video call when you need them to sign. They have a 72-hour buffer period before signing.
While KYC has this convenience, a downside is that if Unchained’s data gets compromised, your identity and crypto holdings will be revealed. To be clear, your crypto would still be safe in such a scenario because you control two of the keys. Alternatively, the downside of Casa with no KYC is that you are responsible for storing the answers to your security questions safely.
Finally, for a higher fee, you can do more complex options like 5 keys and white glove service with either Casa or Unchained.
One mobile & one hardware wallet or two hardware wallets?
One Mobile & One Hardware Wallet:
With mobile, it’s almost always on you, so if somebody steals your hardware wallet, you’ll still have your phone with you, which some may argue adds a degree of safety.
If you choose to keep one of the hardware wallets in your residence, you can conveniently transact anytime using it and your mobile device.
- Alternatively, if you choose to keep your hardware wallet separate from your primary residence, you’d need to go there to transact, which is less convenient but arguably even safer.
Finally, if a natural disaster destroys your hardware wallet and phone, you can get back your mobile key from a cloud backup (more later), and use this with Casa’s key to recover your balance.
Two Hardware Wallets:
- While mobile can be convenient, the two-hardware wallet solution is a great option, too, and even more secure for those who don’t expect to transact much if kept in different locations.
- If kept in different locations, you’ll need to bring your first hardware wallet to your second location whenever you need to transact.
- See
here by Unchained for different setup ideas for two hardware wallets. The maximum security setup would involve four locations that each have one of your two hardware wallets and two seed phrases. Very secure, but at the cost of inconvenience. A middle ground solution is keeping each pair of hardware wallet + seed phrase in two locations.
Is mobile safe?
Yes. The mobile private key is literally on your device in a secure enclave that can’t be accessed by anyone, not even your mobile device manufacturer. This means that even if somebody stole your Casa login credentials and logged in on their phone, they still can’t sign because they need your exact mobile device.
What if I change or lose phones?
It is backed up to iCloud for iPhone and Google Drive for Android and can be re-established on a new phone.
Risk Scenarios:
- Somebody steals your two keys: If a thief somehow manages to steal two of your keys (whether it’s two hardware or one mobile and one hardware) and get through the security needed to use those devices, they’d still need to know your login to your multisig provider (Casa or Unchained). This is because signing a transaction requires two private keys, but also the three public keys (note: public key is different from your address; your address is derived from your public key through hashing). The three public keys are accessed automatically through your multisig provider when you log in to transact.
- Multisig provider goes down: You can send funds out using open-source software like ELECTRUM or Spectrum. This process is called Sovereign Recovery. For Casa, you’d basically export your mobile private key and seed phrase and re-establish your wallet on Electrum or Spectrum using your hardware device, mobile, and the Casa public key. For Unchained, you’d do the same using your two hardware wallets. Both Casa and Unchained provide detailed instructions on their website if this is ever needed.
Ethereum Multisig
For Ethereum, Casa offers an ETH vault that basically uses
Alternatively, you can use Safe directly, as it’s free to use, and you can hold any altcoin. It is the dominant DIY open-source multisig solution on Ethereum used by all decentralized orgs. They recently raised $100M on a $1B valuation. I got to be familiar with using it, as my most recent startup
The main difference to note between using Casa and Safe directly is that with Safe, you are responsible for safeguarding all your signer devices and their seed phrases, whereas with Casa, you can rely on them to hold one key (Casa key), while the mobile key will be held on your phone and accessed through their app without requiring you to write down a seed phrase (this mobile private key and seed phrase can be exported out, but you’d only do so for Sovereign Recovery).
For Safe, you can set it up however you want, like 2/3 signers, 3/5, 2/2, etc. Safe also has a mobile app that can serve as a key, but as I mentioned above, you’ll have to write down the seed phrase for it in a secure location if you choose to use it. The other signers can be hardware wallets, hot wallets (like Metamask), or a combination. The most important thing is to keep the seed phrases in separate geographic locations.
Let me know what you think
Hopefully, this was helpful as you think about safeguarding your own crypto. It’s a question I’ve thought a lot about, and it is important to have a solution that is immune to all the major risks - theft of a single device, natural disaster, or an exchange going down (a la FTX or the multitude of others).
Use this as a starting point, but I recommend doing your own research and choosing the setup that best fits your needs. Feel free to reach out to me directly if you have questions, and I’ll do my best to answer them.
Also published here.
Find Top Tech Jobs on HackerNoon
RELATED STORIES
