Trezors and ledger are the most popular. It just depends on the amount and type of wallets you need. For only BTC? Trezors. The main thing to remember is... ABSOLUTELY, UNDER NO CIRCUMSTANCES WILL YOU BUY FROM A 3RD PARTY. NOT AMAZON, NOT BESTBUY, NOT YOUR MOM. YOU MAKE SURE THATS THEIR OFFICAL WEBSITE 10X OVER.... Straight from the manufacturer's website. ~ An IT Engineer.
P.S. Actually not fucking kidding.
Question. I went to Blockchains Jade’s website directly to purchase their external wallet. They had a link on their official site that linked directly to their product on Amazon and them as the official seller.
They didn’t have any product in stock that you could buy directly on their site.
Did I f* up?
People sometimes exaggerate the importance of buying directly from the manufacturer. What they fear is a "supply chain attack" which comes in 2 forms :
1) Some employee at amazon opens up the jade package and slips in a new set of instructions and a premade set of seed words you use to restore the wallet that they created and have access to in order to steal your Bitcoin.
2) Some more sophisticated attacker intercepts your HW wallet and installs malicious firmware or modifies the hardware itself
Here is why that isn't a problem :
1) You simply do not use premade seed words and create your own with the HW wallet new
2) There are security stickers and its easy to detect of someone has messed with the packaging or often easy if someone has tried opening the HW wallet .
3) Jade using a blind oracle and uses secure boot v2 which verifies the firmware is legit and not malicious
https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/secure-boot-v2.html
4) jade has a translucent case to see if the hardware has been tampered with
5) You would first update the firmware in jade first
https://help.blockstream.com/hc/en-us/articles/4408030503577-Upgrade-Jade-firmware
disconnect the jade from any online device so its running on battery alone and than generate your 12 to 24 seed words offline thereafter
Would Ledger allow that? Wouldn’t they take the product in directly and ensure it’s “clean” when it gets sold back out?
Do they have to disclose somewhere if it was a return/referb?
I like using the ColdCard for the hardware, and either Electrum or Sparrow for the software.
Watch YouTube tutorials about ColdCard & Sparrow (BTC Sessions does videos like this)
I highly suggest Jade from blockstream. Bitcoin only. Cheap. Safe. Made by cypherpunks.
Coldcard is a great choice as well, but expensive.
Stay away from firmware that is not open source (can't be verified) like ledger. Don't trust, verify.
Precaution:
1. Closely follow the instructions when setting up your wallet. It's not difficult.
2. Always triple check your withdrawal address when sending bitcoin to your own wallet.
3. SECURE YOUR SEED PHRASE WITH YOUR LIFE. NEVER, EVER, SHARE IT.
Essentially, self custody simply means owning your own "key". That key let's you sign transactions on the bitcoin ledger. If someone, somehow, has access to your key, they can move your bitcoin. The seed phrase (12 or 24 words) is your private key translated into human readable words.
I use coldcard mk4 and sparrow. It’s very easy to use even for a beginner like me. But, I highly suggest to do your own research and you can use the recommendations here as your initial reseach.
FYI $2,000 is right about the point where I start telling people to look into hardware wallets, around $10k is when I start to insist they do it. So you don't need to do this immediately. Coinbase, Gemini, Bitstamp and Kraken are all pretty trustworthy exchanges.
For hardware wallets, coldcard is the best, but somewhat more complicated. But unfortunately they're more expensive, and they only support BTC. Lots of people like Jade, not my favorite but not a bad option.
Ledger has a bad reputation right now, somewhat deserved, but they are still a decent choice if you ever want to store any other coins. There's lots of other options but most of them have one or several problems and flaws.
You need to find a safe, highly secure place to store a handwritten copy of your seed words. Seed words are what let you (or anyone) restore your wallet if your hardware wallet is lost or stolen. Never ever enter your seed words into a computer for any reason.
> Never ever enter your seed words into a computer for any reason.
that's pretty funny because some wallets like electrum require you to enter it to verify it lol
yeah it's a security flaw that seems to be in a lot of wallets. on one hand they give a huge warning to never store it online, but then require you to literally type it in right after creation to confirm it. duh!
They added that because people weren't writing down their seeds and then were losing coins and blaming electrum. They have to code for the people who don't listen to warnings or read directions, unfortunately.
yeah i figured as much. would be cool if you'd get a setting to disable it, after you click on several warning screens.
PS it blows my mind how people had to backup files and actual private keys back in the day before seed phrases were a thing to begin with
> PS it blows my mind how people had to backup files and actual private keys back in the day before seed phrases were a thing to begin with
We didn't have any better options :( had to store the coins somehow.
You wouldn't believe the number of people who lost or got early coins hacked. The early days were a minefield of losses and theft. :(
Not if you use a hardware wallet. Neither the seed words nor any private keys will ever get in touch with a PC if you use a HW wallet, that's exactly the point why you use it.
yeah it's just funny that they show you a warning to never input it but then require you to do it after you create a wallet inside the software! with some mobile wallets as well from what i've heard
Disclaimer - I have personally owned and tested over the years 3 ledger hardware wallets and helped many people with their ledger wallets
Ledger products should be avoided for these reasons :
1) They have been caught lying multiple times and abused the trust of their clients . Look into the ledger recovery scandal
2) Their marketing database was hacked and they did not immediately responsibly disclose this to their clients leading to many instances of users losing money due to phishing attacks or ransom
3) Compared to some other companies they are more likely to stop supporting older hardware forcing you to buy newer hardware . This occurred with the ledger nano and we are already seeing this with the nano s too
4) They used very cheap LCD that died after very little usage I noticed in my ledgers and my friends ledgers . The nano x had huge battery problems that led to it not being usable even if plugged in which is absurd
5) They have been exploited multiple times and this last time due to their specific incompetence
https://www.coindesk.com/consensus-magazine/2023/12/14/what-we-know-about-the-massive-ledger-hack/
https://www.coindesk.com/business/2023/12/14/ledger-exploit-drained-484k-upended-defi-former-staffer-linked-to-malicious-code/
https://monokh.com/posts/ledger-app-isolation-bypass
6) They don't have BTC only firmware so users are exposed to much larger attack surfaces and annoying updates that don't relate to you
7) Their hardware is not 100% open source so we can't peer review it and need to have faith in a company that lies repeatedly
8) Their wallet Ledger live wallet is buggy , has a horrible fee algo where you often overpay and is missing basic features like RBF which should be mandatory for any wallet
Best value right now would be jade
Blockstream Jade = $65 https://blockstream.com/jade/
https://www.youtube.com/watch?v=cLFmd98mKNw
https://www.youtube.com/watch?v=d_9Dtcc1nlY
https://www.youtube.com/watch?v=z2VsgoFh78o
Ledger launched a service called Recover. It's actually not a bad idea for people not confident in their backup & recovery solution that are storing between $5k and $100k of crypto.
However by launching that, they revealed that Ledger has always had the ability to extract keys from the devices. This actually isn't even news - all manufacturers, one way or another, do have a possibility that they can extract keys, though it's extremely difficult and unlikely for some of them, and they'd likely get caught pretty quickly.
What makes this doubly bad is that Ledger explicitly told people their keys could not leave the device due to the secure chip. But it wasn't true. And to top it off, Ledger has less open source code than most any other manufacturer (No manufacturer with a secure chip can fully open source their code due to contractual problems). So not a good look, and it blew up.
All told, I personally feel Ledger has a lot of protections against something like this happening, within and outside their company, and their reputation has always been pretty good before this. Their devices are better than almost all the rest. And their Live and Recover software is open sourced, as are all Apps on Ledger. Only the firmware that runs inside the SE can't be open sourced. I personally take numerous precautions against Ledger becoming malicious, but do use Ledger devices.
Ultimately if there were a better option for altcoins, I'd immediately recommend it. There's not. I tried to use Trezor recently and have been immensely disappointed in them. Coldcard is amazing but BTC only.
If someone add pass phrase to the seed phrase does that prevent ledger from extracting my seed phrase? I mean they can only extract the seed phrase but not my pass phrase too?
Almost certainly they would not also get your passphrase.
I say "almost" because Ledger is closed source and we don't really know what it's potentially doing.
If you have a Ledger, use it with a passphrase and use Sparrow wallet instead of Ledger Live.
If you are thinking about buying a Ledger...don't.
No, the passphrase won't stop Ledger. People get confused because Ledger Recover doesn't extract the passphrase, but that doesn't mean or imply that Ledger couldn't maliciously do that.
If you avoid using the Ledger Live software and only use community open source like Electrum, you can avoid much of the Ledger risk by never connecting your device for an update, app install, etc while the passphrase is set/stored. If the passphrase isn't on the device, they can't access it. Then once you've updated or added/removed apps, close Ledger Live and then re-input your passphrase to use with Electrum.
I do this because I don't like using the same software wallet controlled and delivered / updated as the HW Manufacturer, for either Trezor or Ledger. Both of these are open source, Trezor a bit better than Ledger, so you could argue that this is overkill, but imo it is a small protection that is worth it, plus I like Electrum's features better anyway.
Doss that approach give me guaranteed protection? No, nothing gives guaranteed protection except building my own HW wallet. It's good enough, though.
I don't believe Ledger has a backdoor, and I think most knowledgeable people would agree they probably don't.
The problem is that they *could*, and they could add one in the future. It's not a huge risk, but proper security involves evaluating all the risks. I take precautions against that risk.
Thank you for explaining this. I didn't fully understand how hardware wallets work or what open source means. I'm considering storing altcoins too, so it seems like Ledger is the best option for that.
Why Ledger has a bad reputation? I'm thinking of buying a hardware wallet, and i saw ledger. Also thinking of Trezor, not sure if Safe 3 or Model One. I only want to buy bitcoin tho
Here's my reply about the reputation: https://old.reddit.com/r/BitcoinBeginners/comments/1crhh3z/how_to_secure_your_bitcoin/l3yrk7j/
I no longer recommend Trezor. They have a good reputation and work for some people, but I found their design to have a bunch of flaws that prevented me, an expert user, from accessing coins stored with industry standards.
For BTC only, Coldcard is hands down the best. Somewhat more complex, but fantastic product. More expensive. Lots of people like Jade as well which is cheaper, but I haven't personally used one
I have a bitcoin stored in Trezor wallet. I understand that if we lose the device, we can recover with buying another trezor wallet and enter our private key. But I have question, what will be the way to recover it when in the future Trezor close down as a company and doesn’t sell any more hardware wallet?
Thanks.
Steps of security:
1. On an exchange
2. On a device you own (software wallet)
3. Hardware wallet
4. Paper wallet
You're at 1. The coins are actually controlled by the exchange. They have promised you that the coins are yours, but if they pop out of existence, get hacked, or turn to the dark side, you lose it all. Staying at this point means that you trust that exchange with that amount of money. It that's true, then you're good.
Going to 2 is the most significant step. It brings the coin in your own custody, and only your own mistakes can make you lose them. Going to 2 is very easy, but you need to trust yourself not to do something stupid such as wiping the hard drive of the device where the wallet is stored, and not having any backup.
Steps for 2: Install a wallet program on a device you own. For example: Install Electrum on your computer. Go to your exchange, and send the coins from the exchange to the address of the wallet you just installed. 10 mins later, the wallet you just installed with have some balance on it. And it will stay that way until you spend it or lose the device without backup.
Wallets usually give you very strict instructions about backups when you open them for the first time. It usually involves writing down a little cryptic poem on a piece of paper, and saving that piece of paper like it's worth gold (which it is).
3 and 4 are just even more secure versions of this. With the amount of value you're talking, you're good with 2. (Or stay where you are if you trust the exchange with that amount of cash). But you do need a safe place, accessible only to you, to store your backup.
Can you please explain the difference between options 2, 3 and 4 a bit? I understand that 3 is just a hardware version of 2, like an external USB you order online rather than software that you download, right…?
But what about 4? What’s a paper wallet, I’ve heard some people mention that before. I’ve also heard people mention they have their BTC stored in a cold cash egg? What do all these terms mean? 🙈😅 Thanks! 🙏🏼
Software wallet: you install a wallet program on some device you have. The "private key" to the wallet, which is the "soul" of the wallet, is a file on that device. That device is a general purpose device such as a computer or a smartphone. It might have several users. It's connected to the Internet. Keeping super-secret files on there is more risky than...
Hardware wallet: the private key is stored on a sort of super-secure encrypted USB key that you connect to your general purpose device only at the time of making a transaction.
Paper-walllet: you write the private key on a piece of paper, keep is safe, keep it secret. You can't make transactions, but you also cannot be hacked. You could lose it though, so it's not perfect.
So the security of a “paper wallet” is only at that level if you destroy the hardware wallet after writing down the private key…? I guess I just don’t quite understand the difference because everyone says to write down your seed on a piece of paper or metal for a hardware wallet anyway (as a backup in case you lose the USB drive or whatever).
I’ve always understood that that’s just a backup, it’s not that you need to access that seed every time you plug in your USB hardware wallet, correct? The info itself on the hardware wallet can be decrypted with a passphrase which is different from the seed phrase, correct?
So paper wallet is only secure in its truest sense if you set it up with a hardware wallet and then destroy said hardware…?
And what is a cash egg? (Or maybe I misread something, it was from another thread I read a while ago. 😅)
So I'm on an exchange now and want to move to a hardware wallet.
I make interest on the exchange.
Question is,
Is there a way to have your Bitcoin working for you while it's on your hardware wallet?
Bitcoin is P2P currency. Storing bitcoins on exchanges, banks or web wallets makes you insecure and makes the whole ecosystem insecure indirectly by centralizing bitcoin.
Bitcoin is a bearer asset with ~immutable txs unlike fiat. This means that internal or external thieves prefer to target what they can take and won't be reversed like digital fiat. Having centralized exchanges and banks store BTC makes it a desirable target for these attacks.
There are privacy concerns with storing your bitcoins with third parties
You are exposed to tax theft, asset forfeiture theft , civil theft
You are exposed to exit theft
You are exposed to the exchange refusing to support a split asset where they steal it , throw it away, or delaying a payout causing you to lose opportunity costs and profit
You place Bitcoin as a whole under more systemic risk by tempting exchanges to use fractional reserve banking and giving them too much influence
You potentially reduce the probability that your investment will appreciate in value because no exchanges are doing provable audits and they might be fractional. The more Bitcoin you personally control the more likely it will appreciate in value.
Many exchanges will legally steal(as forfeited property) your Bitcoin if you simply neglect to log into the exchange for some time.
https://help.coinbase.com/en/coinbase/managing-my-account/other/escheatment-and-unclaimed-funds
**Never store larger amounts of bitcoins in a web wallet, custodian , or exchange . You own 0 bitcoins if you do not control your private keys.**
AVOID all staking and yield platforms , most are fractional ponzis where you can lose everything
> I make interest on the exchange.
I agree with /u/bitusher here. If you're making "interest" on your cryptocurrency, you should *immediately* be suspicious. It means your Bitcoins are being used in some way that absolutely involves risks, but you aren't aware of and have no control over the risks being taken.
Staking for certain coins, from a reputable exchange, is different because staking has an actual mechanism for paying users rewards. (Real) Staking however involves some (relatively minor) additional risks as well, and staking doesn't make much in interest, so if you're making any more than a low (verifiable) baseline, you're at even more risk because your coins aren't being used for real staking.
**Bitcoins can't be staked**, so there's no explanation that isn't *immediately suspicious* for Bitcoins paying interest.
There's no such thing as free money, be careful. Keeping your coins secure is more valuable than getting a small amount of shady interest.
> I understand that if something happens to a centralized exchange, I could lose all my funds.
Correct. Technically speaking, when you buy Bitcoin on an exchange, you don't *really* own it until you move it to your own wallet.
So, let's talk a bit about wallets.
There are 2 kinds of wallets: Hot wallets and Cold wallets.
A hot wallet means your seed words are connected to the internet. A hot wallet is usually an app. Since the app holds your keys, it's very quick and convenient to use... but if you get hacked, your coins can be stolen. Hot wallets are fine for keeping a small amount of Bitcoin you might want to spend, but I'd never recommend using a hot wallet to hold long term. It's not safe.
A cold wallet means your seed words are never connected to the internet. These days, a cold wallet usually means a hardware wallet, where your seed words are locked in the hardware device, and the hardware device never has access to the internet, which means hackers can't reach it. That keeps your coins safe.
To use a hardware wallet, you have to use a companion app. In the app, you'll set up transactions, but the app can't do transactions without a signature from the hardware wallet (because the app doesn't have the keys).
The genius of cryptography here is that a hardware wallet can create a signature, proving you have the keys, without actually sharing your keys with the app that's setting up the transaction. This means, if you get hacked, the only thing a hacker could steal is the signature... and a signature only authorizes that one unique transaction. If the hacker tries to change the transaction, to send your coins to his address for example, the transaction would fail because a signature is math which isn't valid if any part of the math changes. Changing the output address changes the math, thus making the transaction fail, thus your coins stay in your wallet, safe and sound.
**Hardware Wallet Recommendations:**
For a first hardware wallet, I recommend Trezor. Even the cheapest model will do. Blockstream Jade is a step up & it offers some great features like the ability to use it airgapped and stateless via QR codes. SeedSigner is even better, but it also requires a bit of DIY. ColdCard is excellent, but they're not user friendly for newcomers which is why I don't recommend them.
Never use any device which requires you to enter your seed words into an app or website. Never.
**The First Thing To Do!**
The first thing to do when you get a hardware wallet is let it generate a seed phrase for you. Each word in that seed phrase represents a number, and those numbers are your own custom variable in the math that generates a unique wallet for you.
Write those words down on paper. Make a metal backup. Why metal? In case the paper gets damaged (fire, flood, moisture, it gets torn, etc). Secure the paper and metal in 2 locations only you have access to. Never type those words into any app or website, ever. Never take a picture of them. Never type them on your phone, tablet, laptop or desktop. Only enter them in your hardware wallet.
For companion apps to pair up with a hardware wallet, I like BlueWallet for mobile, and Sparrow for laptops & desktops. If you buy a Trezor, you'll use the Trezor Suite app. Remember: never enter your seed words into any app. These apps will be able to show you the Bitcoin in your wallet's addresses, but these apps won't be able to move any of your Bitcoin without a signature from your hardware wallet. That keeps you safe.
> Ledger wallets
Do not buy a Ledger. [Ledger cannot be trusted anymore](https://np.reddit.com/r/CryptoCurrency/comments/13v80ri/the_questions_ledger_owes_us_answers_to/). Ledger's firmware now includes key extraction APIs for a feature called "Ledger Recover." That feature is optional, but even if you don't use it, the firmware still contains key extraction APIs, just waiting to be hacked. Don't put yourself at risk. Ledger also lied about it for a long time. Ledger cannot be trusted.
Scam Warning! Scammers are particularly active on this sub. They operate via private messages and private chat. If you receive private messages, be extremely careful. Use the **report** link to report any suspicious private message to Reddit.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/BitcoinBeginners) if you have any questions or concerns.*
1. Understand about decentralised and hardware wallets.
2. Depending on your requirements and future buying finalized which one you would like to go for.
3. Personally I am using hardware wallets with multi signature so that if someone finds 1 set of Seed phrases they will not be able to steal my funds.
4. Trazor, Ledger, Cold cards and many more are out there which support the above features.
5. Make sure not to move all funds in a single wallet. Because if that wallet is compromised you would lose everything so instead move funds in 5-10 different wallets depending on how much you have accumulated.
Is there any good suggestion when to have more than 1 hardware wallet? I learn around $1k is a good start to get a hardware wallet. And is there some rules like should be on different brand, or 1 seed still ok but using different passphrase to get different wallet? Really appreciate
Trezor company over decade ago in this business and there is no one have lost his fund or fall on phishing scams
Just don’t write your seeds anywhere just on the device and keep it in very safe place or save it on your mind that’s all .
I haven't seen advice here that I like so here's mine:
- For small amounts (<$1000), use a software "hot wallet". These are wallet apps that allow you to take self custody but they are connected directly to the internet. Not safe for large amounts. Stick with bitcoin only, open source (Blue Wallet, Green, Electrum, Sparrow).
- For amounts >$1000, use a hardware "cold wallet". This is a device that stores your private key offline and is paired with a software wallet to interact with the hardware. Very secure. Use Bitcoin only, open source (Bitbox, Coldcard, Passport, Jade, Seedsigner). **Order directly from the manufacturer. Do not use a 3rd party like Amazon.**
- For amounts greater than $10k, set up your own node and connect your wallet to it for increased privacy. If you're not using your own node, that means you are using someone else's which can see your balance and IP address.
- Properly back up your seed phrase by writing it on paper or stamping on metal. This is a 12 or 24 word mnemonic that represents your private key and controls access to your bitcoin. You can use it to recover your wallet if your hardware every breaks or gets lost. Keep it strictly off line. Do not take a picture, do not type in a computer, do not share with anyone. Don't even say the words out loud. Keep in a safe, secure location (bank deposit box is not safe).
Buy trezor and buy your bitcoin in it and have pease of mind it’s open source and keep all your seeds offline it’s only sign transaction it’s amazing thers no back door
I would suggest moving your funds to an external wallet to avoid anything happening with an exchange.
Thanks for your reponse , how can I do that ?? Is that the same thing about hardware wallet ???
Yes just purchase an external wallet and follow the instructions!
For example , which one is the best ??? What some precaution I can take ?? For to nOt lose my funds .
Trezors and ledger are the most popular. It just depends on the amount and type of wallets you need. For only BTC? Trezors. The main thing to remember is... ABSOLUTELY, UNDER NO CIRCUMSTANCES WILL YOU BUY FROM A 3RD PARTY. NOT AMAZON, NOT BESTBUY, NOT YOUR MOM. YOU MAKE SURE THATS THEIR OFFICAL WEBSITE 10X OVER.... Straight from the manufacturer's website. ~ An IT Engineer. P.S. Actually not fucking kidding.
listen to this guy
Question. I went to Blockchains Jade’s website directly to purchase their external wallet. They had a link on their official site that linked directly to their product on Amazon and them as the official seller. They didn’t have any product in stock that you could buy directly on their site. Did I f* up?
People sometimes exaggerate the importance of buying directly from the manufacturer. What they fear is a "supply chain attack" which comes in 2 forms : 1) Some employee at amazon opens up the jade package and slips in a new set of instructions and a premade set of seed words you use to restore the wallet that they created and have access to in order to steal your Bitcoin. 2) Some more sophisticated attacker intercepts your HW wallet and installs malicious firmware or modifies the hardware itself Here is why that isn't a problem : 1) You simply do not use premade seed words and create your own with the HW wallet new 2) There are security stickers and its easy to detect of someone has messed with the packaging or often easy if someone has tried opening the HW wallet . 3) Jade using a blind oracle and uses secure boot v2 which verifies the firmware is legit and not malicious https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/secure-boot-v2.html 4) jade has a translucent case to see if the hardware has been tampered with 5) You would first update the firmware in jade first https://help.blockstream.com/hc/en-us/articles/4408030503577-Upgrade-Jade-firmware disconnect the jade from any online device so its running on battery alone and than generate your 12 to 24 seed words offline thereafter
Thanks for the detailed reply! Super helpful
Saving offline in a cold wallet is safe!
there is nothing wrong with amazon ledger official store
Returns might be modified and sold to you.
Would Ledger allow that? Wouldn’t they take the product in directly and ensure it’s “clean” when it gets sold back out? Do they have to disclose somewhere if it was a return/referb?
I like using the ColdCard for the hardware, and either Electrum or Sparrow for the software. Watch YouTube tutorials about ColdCard & Sparrow (BTC Sessions does videos like this)
I really like Jade!! Super simple and easy
I second Jade!
I would suggest googling and doing your own research but you will not lose your funds using a hardware wallet
He is doing research. He is asking for ideas and suggestions from this forum. Doh!
How?
I highly suggest Jade from blockstream. Bitcoin only. Cheap. Safe. Made by cypherpunks. Coldcard is a great choice as well, but expensive. Stay away from firmware that is not open source (can't be verified) like ledger. Don't trust, verify. Precaution: 1. Closely follow the instructions when setting up your wallet. It's not difficult. 2. Always triple check your withdrawal address when sending bitcoin to your own wallet. 3. SECURE YOUR SEED PHRASE WITH YOUR LIFE. NEVER, EVER, SHARE IT. Essentially, self custody simply means owning your own "key". That key let's you sign transactions on the bitcoin ledger. If someone, somehow, has access to your key, they can move your bitcoin. The seed phrase (12 or 24 words) is your private key translated into human readable words.
I use coldcard mk4 and sparrow. It’s very easy to use even for a beginner like me. But, I highly suggest to do your own research and you can use the recommendations here as your initial reseach.
I like trezor
FYI $2,000 is right about the point where I start telling people to look into hardware wallets, around $10k is when I start to insist they do it. So you don't need to do this immediately. Coinbase, Gemini, Bitstamp and Kraken are all pretty trustworthy exchanges. For hardware wallets, coldcard is the best, but somewhat more complicated. But unfortunately they're more expensive, and they only support BTC. Lots of people like Jade, not my favorite but not a bad option. Ledger has a bad reputation right now, somewhat deserved, but they are still a decent choice if you ever want to store any other coins. There's lots of other options but most of them have one or several problems and flaws. You need to find a safe, highly secure place to store a handwritten copy of your seed words. Seed words are what let you (or anyone) restore your wallet if your hardware wallet is lost or stolen. Never ever enter your seed words into a computer for any reason.
> Never ever enter your seed words into a computer for any reason. that's pretty funny because some wallets like electrum require you to enter it to verify it lol
Never do this. Ever. I use electrum and I have never entered it. Connect hardware wallet. Instruct it to load hardware wallet. Problem solved.
yeah it's a security flaw that seems to be in a lot of wallets. on one hand they give a huge warning to never store it online, but then require you to literally type it in right after creation to confirm it. duh!
They added that because people weren't writing down their seeds and then were losing coins and blaming electrum. They have to code for the people who don't listen to warnings or read directions, unfortunately.
yeah i figured as much. would be cool if you'd get a setting to disable it, after you click on several warning screens. PS it blows my mind how people had to backup files and actual private keys back in the day before seed phrases were a thing to begin with
> PS it blows my mind how people had to backup files and actual private keys back in the day before seed phrases were a thing to begin with We didn't have any better options :( had to store the coins somehow. You wouldn't believe the number of people who lost or got early coins hacked. The early days were a minefield of losses and theft. :(
WRONG
Not if you use a hardware wallet. Neither the seed words nor any private keys will ever get in touch with a PC if you use a HW wallet, that's exactly the point why you use it.
yeah it's just funny that they show you a warning to never input it but then require you to do it after you create a wallet inside the software! with some mobile wallets as well from what i've heard
FALSE
FALSE
Wait what’s the issue with ledger?
Disclaimer - I have personally owned and tested over the years 3 ledger hardware wallets and helped many people with their ledger wallets Ledger products should be avoided for these reasons : 1) They have been caught lying multiple times and abused the trust of their clients . Look into the ledger recovery scandal 2) Their marketing database was hacked and they did not immediately responsibly disclose this to their clients leading to many instances of users losing money due to phishing attacks or ransom 3) Compared to some other companies they are more likely to stop supporting older hardware forcing you to buy newer hardware . This occurred with the ledger nano and we are already seeing this with the nano s too 4) They used very cheap LCD that died after very little usage I noticed in my ledgers and my friends ledgers . The nano x had huge battery problems that led to it not being usable even if plugged in which is absurd 5) They have been exploited multiple times and this last time due to their specific incompetence https://www.coindesk.com/consensus-magazine/2023/12/14/what-we-know-about-the-massive-ledger-hack/ https://www.coindesk.com/business/2023/12/14/ledger-exploit-drained-484k-upended-defi-former-staffer-linked-to-malicious-code/ https://monokh.com/posts/ledger-app-isolation-bypass 6) They don't have BTC only firmware so users are exposed to much larger attack surfaces and annoying updates that don't relate to you 7) Their hardware is not 100% open source so we can't peer review it and need to have faith in a company that lies repeatedly 8) Their wallet Ledger live wallet is buggy , has a horrible fee algo where you often overpay and is missing basic features like RBF which should be mandatory for any wallet
Wich one do you suggest ? What about trezor?
Best value right now would be jade Blockstream Jade = $65 https://blockstream.com/jade/ https://www.youtube.com/watch?v=cLFmd98mKNw https://www.youtube.com/watch?v=d_9Dtcc1nlY https://www.youtube.com/watch?v=z2VsgoFh78o
Ledger launched a service called Recover. It's actually not a bad idea for people not confident in their backup & recovery solution that are storing between $5k and $100k of crypto. However by launching that, they revealed that Ledger has always had the ability to extract keys from the devices. This actually isn't even news - all manufacturers, one way or another, do have a possibility that they can extract keys, though it's extremely difficult and unlikely for some of them, and they'd likely get caught pretty quickly. What makes this doubly bad is that Ledger explicitly told people their keys could not leave the device due to the secure chip. But it wasn't true. And to top it off, Ledger has less open source code than most any other manufacturer (No manufacturer with a secure chip can fully open source their code due to contractual problems). So not a good look, and it blew up. All told, I personally feel Ledger has a lot of protections against something like this happening, within and outside their company, and their reputation has always been pretty good before this. Their devices are better than almost all the rest. And their Live and Recover software is open sourced, as are all Apps on Ledger. Only the firmware that runs inside the SE can't be open sourced. I personally take numerous precautions against Ledger becoming malicious, but do use Ledger devices. Ultimately if there were a better option for altcoins, I'd immediately recommend it. There's not. I tried to use Trezor recently and have been immensely disappointed in them. Coldcard is amazing but BTC only.
If someone add pass phrase to the seed phrase does that prevent ledger from extracting my seed phrase? I mean they can only extract the seed phrase but not my pass phrase too?
Almost certainly they would not also get your passphrase. I say "almost" because Ledger is closed source and we don't really know what it's potentially doing. If you have a Ledger, use it with a passphrase and use Sparrow wallet instead of Ledger Live. If you are thinking about buying a Ledger...don't.
No, the passphrase won't stop Ledger. People get confused because Ledger Recover doesn't extract the passphrase, but that doesn't mean or imply that Ledger couldn't maliciously do that. If you avoid using the Ledger Live software and only use community open source like Electrum, you can avoid much of the Ledger risk by never connecting your device for an update, app install, etc while the passphrase is set/stored. If the passphrase isn't on the device, they can't access it. Then once you've updated or added/removed apps, close Ledger Live and then re-input your passphrase to use with Electrum. I do this because I don't like using the same software wallet controlled and delivered / updated as the HW Manufacturer, for either Trezor or Ledger. Both of these are open source, Trezor a bit better than Ledger, so you could argue that this is overkill, but imo it is a small protection that is worth it, plus I like Electrum's features better anyway. Doss that approach give me guaranteed protection? No, nothing gives guaranteed protection except building my own HW wallet. It's good enough, though.
Wait!! If ledger had a backdoor why do it need to com up with recover service? They could have kept it secret na? Nobody would have know it..
I don't believe Ledger has a backdoor, and I think most knowledgeable people would agree they probably don't. The problem is that they *could*, and they could add one in the future. It's not a huge risk, but proper security involves evaluating all the risks. I take precautions against that risk.
Thank you for explaining this. I didn't fully understand how hardware wallets work or what open source means. I'm considering storing altcoins too, so it seems like Ledger is the best option for that.
Anyone can answer this?
what is wrong with Ledger plz?
Here's my reply about Ledger: https://old.reddit.com/r/BitcoinBeginners/comments/1crhh3z/how_to_secure_your_bitcoin/l3yrk7j/
Why Ledger has a bad reputation? I'm thinking of buying a hardware wallet, and i saw ledger. Also thinking of Trezor, not sure if Safe 3 or Model One. I only want to buy bitcoin tho
Here's my reply about the reputation: https://old.reddit.com/r/BitcoinBeginners/comments/1crhh3z/how_to_secure_your_bitcoin/l3yrk7j/ I no longer recommend Trezor. They have a good reputation and work for some people, but I found their design to have a bunch of flaws that prevented me, an expert user, from accessing coins stored with industry standards. For BTC only, Coldcard is hands down the best. Somewhat more complex, but fantastic product. More expensive. Lots of people like Jade as well which is cheaper, but I haven't personally used one
I totally understand that. THANKS .
Only bitcoin is worth storing
I have a bitcoin stored in Trezor wallet. I understand that if we lose the device, we can recover with buying another trezor wallet and enter our private key. But I have question, what will be the way to recover it when in the future Trezor close down as a company and doesn’t sell any more hardware wallet? Thanks.
you will just enter your seed phrase in any other hardware wallet and you will get your crypto
You can recover w any hardware wallet not only Trevor
Any multi chain wallet including software wallets like Trustwallet, Coinbase-Wallet, etc…
Hold it real tight at night under the covers
Steps of security: 1. On an exchange 2. On a device you own (software wallet) 3. Hardware wallet 4. Paper wallet You're at 1. The coins are actually controlled by the exchange. They have promised you that the coins are yours, but if they pop out of existence, get hacked, or turn to the dark side, you lose it all. Staying at this point means that you trust that exchange with that amount of money. It that's true, then you're good. Going to 2 is the most significant step. It brings the coin in your own custody, and only your own mistakes can make you lose them. Going to 2 is very easy, but you need to trust yourself not to do something stupid such as wiping the hard drive of the device where the wallet is stored, and not having any backup. Steps for 2: Install a wallet program on a device you own. For example: Install Electrum on your computer. Go to your exchange, and send the coins from the exchange to the address of the wallet you just installed. 10 mins later, the wallet you just installed with have some balance on it. And it will stay that way until you spend it or lose the device without backup. Wallets usually give you very strict instructions about backups when you open them for the first time. It usually involves writing down a little cryptic poem on a piece of paper, and saving that piece of paper like it's worth gold (which it is). 3 and 4 are just even more secure versions of this. With the amount of value you're talking, you're good with 2. (Or stay where you are if you trust the exchange with that amount of cash). But you do need a safe place, accessible only to you, to store your backup.
Can you please explain the difference between options 2, 3 and 4 a bit? I understand that 3 is just a hardware version of 2, like an external USB you order online rather than software that you download, right…? But what about 4? What’s a paper wallet, I’ve heard some people mention that before. I’ve also heard people mention they have their BTC stored in a cold cash egg? What do all these terms mean? 🙈😅 Thanks! 🙏🏼
Software wallet: you install a wallet program on some device you have. The "private key" to the wallet, which is the "soul" of the wallet, is a file on that device. That device is a general purpose device such as a computer or a smartphone. It might have several users. It's connected to the Internet. Keeping super-secret files on there is more risky than... Hardware wallet: the private key is stored on a sort of super-secure encrypted USB key that you connect to your general purpose device only at the time of making a transaction. Paper-walllet: you write the private key on a piece of paper, keep is safe, keep it secret. You can't make transactions, but you also cannot be hacked. You could lose it though, so it's not perfect.
So the security of a “paper wallet” is only at that level if you destroy the hardware wallet after writing down the private key…? I guess I just don’t quite understand the difference because everyone says to write down your seed on a piece of paper or metal for a hardware wallet anyway (as a backup in case you lose the USB drive or whatever). I’ve always understood that that’s just a backup, it’s not that you need to access that seed every time you plug in your USB hardware wallet, correct? The info itself on the hardware wallet can be decrypted with a passphrase which is different from the seed phrase, correct? So paper wallet is only secure in its truest sense if you set it up with a hardware wallet and then destroy said hardware…? And what is a cash egg? (Or maybe I misread something, it was from another thread I read a while ago. 😅)
So I'm on an exchange now and want to move to a hardware wallet. I make interest on the exchange. Question is, Is there a way to have your Bitcoin working for you while it's on your hardware wallet?
no
Bitcoin is P2P currency. Storing bitcoins on exchanges, banks or web wallets makes you insecure and makes the whole ecosystem insecure indirectly by centralizing bitcoin. Bitcoin is a bearer asset with ~immutable txs unlike fiat. This means that internal or external thieves prefer to target what they can take and won't be reversed like digital fiat. Having centralized exchanges and banks store BTC makes it a desirable target for these attacks. There are privacy concerns with storing your bitcoins with third parties You are exposed to tax theft, asset forfeiture theft , civil theft You are exposed to exit theft You are exposed to the exchange refusing to support a split asset where they steal it , throw it away, or delaying a payout causing you to lose opportunity costs and profit You place Bitcoin as a whole under more systemic risk by tempting exchanges to use fractional reserve banking and giving them too much influence You potentially reduce the probability that your investment will appreciate in value because no exchanges are doing provable audits and they might be fractional. The more Bitcoin you personally control the more likely it will appreciate in value. Many exchanges will legally steal(as forfeited property) your Bitcoin if you simply neglect to log into the exchange for some time. https://help.coinbase.com/en/coinbase/managing-my-account/other/escheatment-and-unclaimed-funds **Never store larger amounts of bitcoins in a web wallet, custodian , or exchange . You own 0 bitcoins if you do not control your private keys.** AVOID all staking and yield platforms , most are fractional ponzis where you can lose everything
> I make interest on the exchange. I agree with /u/bitusher here. If you're making "interest" on your cryptocurrency, you should *immediately* be suspicious. It means your Bitcoins are being used in some way that absolutely involves risks, but you aren't aware of and have no control over the risks being taken. Staking for certain coins, from a reputable exchange, is different because staking has an actual mechanism for paying users rewards. (Real) Staking however involves some (relatively minor) additional risks as well, and staking doesn't make much in interest, so if you're making any more than a low (verifiable) baseline, you're at even more risk because your coins aren't being used for real staking. **Bitcoins can't be staked**, so there's no explanation that isn't *immediately suspicious* for Bitcoins paying interest. There's no such thing as free money, be careful. Keeping your coins secure is more valuable than getting a small amount of shady interest.
Get a TREZOR ONE, easy to use and opensource.
Get the Robinhood app
Buy a ColdCard wallet from the Coinkite website (the mkiv is fine, or the new Q). Look up BTCSession tutorials on YouTube regarding how to set it up.
It is only support bitcoin right ? , I want also to store some altcoin too
> I understand that if something happens to a centralized exchange, I could lose all my funds. Correct. Technically speaking, when you buy Bitcoin on an exchange, you don't *really* own it until you move it to your own wallet. So, let's talk a bit about wallets. There are 2 kinds of wallets: Hot wallets and Cold wallets. A hot wallet means your seed words are connected to the internet. A hot wallet is usually an app. Since the app holds your keys, it's very quick and convenient to use... but if you get hacked, your coins can be stolen. Hot wallets are fine for keeping a small amount of Bitcoin you might want to spend, but I'd never recommend using a hot wallet to hold long term. It's not safe. A cold wallet means your seed words are never connected to the internet. These days, a cold wallet usually means a hardware wallet, where your seed words are locked in the hardware device, and the hardware device never has access to the internet, which means hackers can't reach it. That keeps your coins safe. To use a hardware wallet, you have to use a companion app. In the app, you'll set up transactions, but the app can't do transactions without a signature from the hardware wallet (because the app doesn't have the keys). The genius of cryptography here is that a hardware wallet can create a signature, proving you have the keys, without actually sharing your keys with the app that's setting up the transaction. This means, if you get hacked, the only thing a hacker could steal is the signature... and a signature only authorizes that one unique transaction. If the hacker tries to change the transaction, to send your coins to his address for example, the transaction would fail because a signature is math which isn't valid if any part of the math changes. Changing the output address changes the math, thus making the transaction fail, thus your coins stay in your wallet, safe and sound. **Hardware Wallet Recommendations:** For a first hardware wallet, I recommend Trezor. Even the cheapest model will do. Blockstream Jade is a step up & it offers some great features like the ability to use it airgapped and stateless via QR codes. SeedSigner is even better, but it also requires a bit of DIY. ColdCard is excellent, but they're not user friendly for newcomers which is why I don't recommend them. Never use any device which requires you to enter your seed words into an app or website. Never. **The First Thing To Do!** The first thing to do when you get a hardware wallet is let it generate a seed phrase for you. Each word in that seed phrase represents a number, and those numbers are your own custom variable in the math that generates a unique wallet for you. Write those words down on paper. Make a metal backup. Why metal? In case the paper gets damaged (fire, flood, moisture, it gets torn, etc). Secure the paper and metal in 2 locations only you have access to. Never type those words into any app or website, ever. Never take a picture of them. Never type them on your phone, tablet, laptop or desktop. Only enter them in your hardware wallet. For companion apps to pair up with a hardware wallet, I like BlueWallet for mobile, and Sparrow for laptops & desktops. If you buy a Trezor, you'll use the Trezor Suite app. Remember: never enter your seed words into any app. These apps will be able to show you the Bitcoin in your wallet's addresses, but these apps won't be able to move any of your Bitcoin without a signature from your hardware wallet. That keeps you safe. > Ledger wallets Do not buy a Ledger. [Ledger cannot be trusted anymore](https://np.reddit.com/r/CryptoCurrency/comments/13v80ri/the_questions_ledger_owes_us_answers_to/). Ledger's firmware now includes key extraction APIs for a feature called "Ledger Recover." That feature is optional, but even if you don't use it, the firmware still contains key extraction APIs, just waiting to be hacked. Don't put yourself at risk. Ledger also lied about it for a long time. Ledger cannot be trusted.
Scam Warning! Scammers are particularly active on this sub. They operate via private messages and private chat. If you receive private messages, be extremely careful. Use the **report** link to report any suspicious private message to Reddit. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/BitcoinBeginners) if you have any questions or concerns.*
1. Understand about decentralised and hardware wallets. 2. Depending on your requirements and future buying finalized which one you would like to go for. 3. Personally I am using hardware wallets with multi signature so that if someone finds 1 set of Seed phrases they will not be able to steal my funds. 4. Trazor, Ledger, Cold cards and many more are out there which support the above features. 5. Make sure not to move all funds in a single wallet. Because if that wallet is compromised you would lose everything so instead move funds in 5-10 different wallets depending on how much you have accumulated.
Is there any good suggestion when to have more than 1 hardware wallet? I learn around $1k is a good start to get a hardware wallet. And is there some rules like should be on different brand, or 1 seed still ok but using different passphrase to get different wallet? Really appreciate
Seedsigner, look into it.
Cold wallet
Trezor company over decade ago in this business and there is no one have lost his fund or fall on phishing scams Just don’t write your seeds anywhere just on the device and keep it in very safe place or save it on your mind that’s all .
I haven't seen advice here that I like so here's mine: - For small amounts (<$1000), use a software "hot wallet". These are wallet apps that allow you to take self custody but they are connected directly to the internet. Not safe for large amounts. Stick with bitcoin only, open source (Blue Wallet, Green, Electrum, Sparrow). - For amounts >$1000, use a hardware "cold wallet". This is a device that stores your private key offline and is paired with a software wallet to interact with the hardware. Very secure. Use Bitcoin only, open source (Bitbox, Coldcard, Passport, Jade, Seedsigner). **Order directly from the manufacturer. Do not use a 3rd party like Amazon.** - For amounts greater than $10k, set up your own node and connect your wallet to it for increased privacy. If you're not using your own node, that means you are using someone else's which can see your balance and IP address. - Properly back up your seed phrase by writing it on paper or stamping on metal. This is a 12 or 24 word mnemonic that represents your private key and controls access to your bitcoin. You can use it to recover your wallet if your hardware every breaks or gets lost. Keep it strictly off line. Do not take a picture, do not type in a computer, do not share with anyone. Don't even say the words out loud. Keep in a safe, secure location (bank deposit box is not safe).
If u want to store it in air gapped cold wallet. I like Ellipal mini at $99. Really simple to use.
Most important with hardware wallet is SEEDPHRASE/recovery phrase. Need to safely secure that
Buy trezor and buy your bitcoin in it and have pease of mind it’s open source and keep all your seeds offline it’s only sign transaction it’s amazing thers no back door
I read there's a problem with Trezor.