The other day a friend said she was ready to take the plunge into bitcoin, and asked me for any suggestions. I decided to compile some ideas into an article here. I’m gonna skip over all the technical blockchain stuff.
First, the basics. For the sake of clarity I am going to make a distinction between an address and a wallet. A cryptocurrency address is a string of numbers and letters similar to a bank account number. It’s safe to share with other people since it doesn’t give anyone access to the funds held in the address.
A cryptocurrency wallet is software or hardware that allows you to access the funds in your crypto address. Typically you will log into this wallet with a private key, and then you can send crypto away from this address.
A private key is a very long string of numbers and letters that acts like a password to authorize access to your wallet.
The most important thing to know is what it means to own your private key. Most people will buy bitcoin somewhere like Coinbase and at that point Coinbase will be in possession of your bitcoin. It’s best to move your bitcoin to a wallet where you own the private keys, since there have been several instances of exchanges losing funds.
Oftentimes people will talk about a hot wallet or a cold wallet. A cold wallet is one that has been physically separated from your computer, for instance onto a thumb drive or a Ledger device (I.e. a hardware wallet) or even a piece of paper, so even if your computer gets hacked your funds are safe (or SAFU as they say).
For funds that you want immediate access to, like for making purchases, you want a hot wallet which is riskier. For safety it’s best not to put more in the hot wallet than you intend to spend. When you plug your Ledger into your USB port and unlock your wallet, it goes from cold to hot.
When I create a new wallet (either hot or cold) I copy the private key to a text file and I also take a screenshot of the key (and QR code if there is one) and put that on TWO thumb drives, and put those drives someplace safe and fireproof. It’s good to keep a list of all your crypto addresses handy, so you don’t have to unnecessarily expose your private key information whenever you need to retrieve an address. You may even consider storing this list on a third remote device for an extra layer of privacy.
One mistake I’ve seen people make is they print out their private key and then manually type it in to access their wallet. The danger here is they mistake the letter O with the number 0, or the letter L with the number 1, an S for a 5, etc. They enter the wrong key and it connects to a wrong address and then they send funds to this address and end up losing the funds because the next time they try to unlock their wallet they aren’t able to recreate their mistakenly entered private key. I always copy and paste my private key — and then delete my clipboard items.
Another important point is that if you set up a new wallet sometimes they will give you 12 or 24 words in addition to or instead of a private key. This “mnemonic” phrase IS THE SAME AS A PRIVATE KEY and should be kept just as safe.
I recommend you create some practice wallets to get the hang of working with crypto and to develop a backup plan. Blockchains like TRON and Polygon are very inexpensive, with transactions costing just a fraction of a penny, and are great for newbies cutting their teeth.
Lastly, a feature of the blockchain is it is all public information, anyone can look up the balance and all the transfers in and out of every address. For your protection, don’t share the address of your cold wallet with anyone, especially if you have a lot of money in it. If you’re asking someone to send you money, give them the address of a hot wallet or a secondary wallet, and then when funds are received, move them to your cold wallet for storage. This won’t guarantee your privacy, but it will put one degree of separation between the public and your financial information.
A warning: Sharks patrol these waters. Because transactions are non reversible, there are countless scams going on that will take your money with no recourse. Common scams are the “Send me 1 bitcoin and I’ll send you 2 back,” “Redeem this token on our webpage and authorize us to access your wallet,” “You need to register your wallet by giving us your mnemonic phrase,” and “Stake your coins with us and earn 7% per day!” Use your smarts. There are no free lunches but sometimes you can find free candies.
You’ll notice I didn’t tell you how to buy bitcoin. That’s the easy part.
EDIT: Oh yeah one more important thing. If you’re interested in buying a Ledger hardware wallet, you should buy it directly from Ledger; do not buy a Ledger from Amazon because they mingle their inventory. The Ledgers that are for sale from all vendors are stored together on the same shelf. A malicious actor can pose as an Amazon store and supply them with fake devices, and then even if you choose to buy the device from the “Ledger store” at Amazon there is no guarantee that the device will be authentic.