Skip to main content

Why bother with a local "PC" based Wallet?

When people ask me how I store my coins, I explain that I keep my high volume coins (meaning I may trade them) in my "Exchange" account, and I keep my buy-and-hold coins in either a PC based wallet or on my KeepKey.

A Keepkey is a USB hardware device that you plug in to your USB port to transfer to and from, and when not in use you store it in a safe place, such as a locked drawer or a home safe.  Keepkey is not the only hardware wallet out there.  In fact Ledger makes a very good wallet, but they are constantly sold out and the wait list is often months to get one.

The reason I store them the way I do is for security. I don't trust online wallets to keep my coins as safe as I can when I store them locally.  Just this week there was a hack of the ETC online wallet site "ClassicEtherWallet.com".  The hackers used social engineering to get control of the site and made off with user's coins.  You can Google for more info on that or see a summary here:

https://www.bleepingcomputer.com/news/security/classic-ether-wallet-hacked-users-report-massive-losses/

Why not always store in a PC Wallet?  Well, if you are going to trade the coins, that means you have to transfer the coins from you wallet, back to your exchange, wait for the transfer to be confirmed, do your trade, and then reverse the process.

Perhaps the bigger hassle is you need to keep PC based wallets in sync with the parent blockchain.  Sometimes those blockchains are huge (like for ETH) and it can take days to sync a wallet for the first time.   I used to use a Mist based wallet to store my ETH (now my Keepkey supports it) and if I didn't use the wallet for 2-3 days, it could take an hour or more for it to pull in all the recent transactions to get the blockchain in sync.

Synchronizing the blockchain also means you have to have enough free drive space to store the blockchain.  In the case of ETH, that is currently about 82Gb in hard drive space which isn't insignificant.

The problem with just leaving them all at the Exchange you use to do your trading is basically the same as storing them in an online wallet.  The Exchange could get hacked, or it could go out of business, or both, as in the infamous case of Mt. Gox.  When Mt. Gox got hacked, the hacker(s) made off with over 800,000 bitcoins.  That's over a half a billion dollars. Mt. Gox had no way to cover those losses, so they went belly-up.

On the flip-side, if you do store your coins locally or on a hardware device, then the security is totally up to you.  If you store them on your laptop and it gets stolen, you are no better off.  Or, if you forget your password / pass phrases, you are equally damaged.

That being said, keep in mind that most if not all wallets can be recreated from the private key.  So if there is one thing you want to take care of, it is the private key to each wallet you use.  Very often those private keys are created by you entering a long set of words when you create the wallet.  My advice to you is, the very first thing you do after creating your wallet is to write down those words on a piece of paper (and/or put them on a thumb drive) and store THAT in your safe.  That way even if your hard drive crashes or your laptop is stolen, you can recreate the wallet and recover your coins.

(image credit: www.nordic-vikings.net)

Comments

Popular posts from this blog

Troubleshooting a Discourse Update on DigitalOcean: Resolving Unresolvable Errors

For the past three years, I've maintained a Discourse server on a DigitalOcean Droplet. Recently, I decided to update it with some of the latest Discourse features. What I anticipated to be a straightforward update process turned into several days of frustrating setbacks. The version of Discourse I was running was already three years old, so I assumed that running the built-in "Update" feature would suffice. However, after clicking the update button, the progress bar sluggishly crawled forward over the next half hour, only to display the dreaded message: "Error – Update Failed." The logs provided little to no help, but based on my experience with other software updates via GIT, I suspected that the failure might be due to the repository head still being called "Master." In recent years, there has been a shift away from using "Master" as the repository head, with "Main" becoming the preferred term. Despite trying several methods ...

Ethereum Merge - So What?

Artwork by Steven Grundy The long awaited Ethereum "Merge" is finally upon us.  I've heard people say "So what".   So what?  I think they don't understand the implications of the merge.  Either that or they really are betting against Ethereum. I think this upgrade is probably the biggest thing for Ethereum since smart contracts first came out.  This change has the possibility of upsetting the apple cart in terms of Ethereum and BTC.  That's a big claim, but I really think it's possible. The Ethereum Merge has been set for the week of September 19th, 2022.  The merge is when the Ethereum execution layer will be joined with the new proof of stake consensus layer.  What does that mean and why should I care? What it means is that Ethereum will be changing from an energy intensive Crypto coin like all others to a 99% more efficient crypto coin like only a few have done.  Right now Ethereum is mined just like BTC and a host of other Crypto cur...

Yelp api via Coldfusion and oAuth

What should have been a fairly easy implementation turned into several frustrating hours. I was using the old Yelp API that is accessed simply by passing your yelp key in the url. But, I wanted to take advantage of some of the new functionality only available in their API version 2.0. Unfortunately Yelp API v2 requires an oAuth key/signature type access. Having already written similar code to access the Amazon web services with a signature I thought this would be a simple as reusing some existing code. Man was I wrong. Turns out a "correctly" implemented version of oAuth is much less tolerant than AWS is. Simple things, such as what characters in the URL must be encoded, invalidated the Yelp signature. After much searching and screwing around with various proposed implementations it became clear that the easiest and best implementation was to use the Java library provided by Yelp and simply access it from Coldfusion. To make this process easier I've consolidated th...