top | item 31341258

(no title)

chill1 | 3 years ago

I usually don't bother to login to comment, but I felt compelled in this case. The other replies include a lot of bad advice. You sound like you don't have much of experience actually using bitcoin (or cryptocurrencies). So the best (most secure and easiest) solution is to buy a hardware wallet and use the wallet app which they provide. I suggest either Trezor [1] or Ledger [2]. Do not buy a hardware wallet from secondary marketplaces or second-hand resale websites - buy direct from the developer's website only.

[1] https://shop.trezor.io/

[2] https://www.ledger.com/

For added opsec:

- Use a temporary email address on the order form (e.g. mailinator or similar).

- Do not ship the goods to your home address. Pick-up your order in-person at a drop-off spot, post-office, or have it delivered to your workplace.

A bit more information about hardware vs. software/app wallet:

- Hardware wallets protect your bitcoin and cryptocurrencies by keeping your private keys secure on a dedicated USB (or air-gapped) device. The private keys never leave the device.

- If you use an app on your phone or desktop computer, your private keys could be stolen by malware. This is the exact attack vector that hardware wallets are designed to protect against.

Good luck!

discuss

3np|3 years ago

This is good advice. Notably, you don't need to use the vendor wallet software either but can use either with e.g. Electrum.

If you really don't want to get a dedicated hardware wallet, the poor-persons choice would be to (in order of preference):

* In case you're really just holding and won't be wanting to transact with it anytime soon, a paper wallet can work. Generate it on an airgapped device and never let the private keys touch a connected device.

* Use a dedicated boot environment. For example: Set up Tails on a USB drive and boot into it on your laptop, or make a fresh install on a raspberry pi or similar. Use Electrum (or bitcoin core qt / cli), store the wallet file only on a separate encrypted USB drive. Don't use this OS install for other things. Prefer connecting only over Tor, I2P, or cjdns.

* A reputable smartphone wallet. A downside here is that you will have to be very diligent with your system updates and have to keep a peripheral eye on if the author gets acquired or goes rouge etc. You'd have to do your own research but Bluewallet seems decent.

* Ignore all the advice and access the keys on your PC anyway. It's possible to do safely but as noted above it has increased risks and requires a lot of diligence.

DebtDeflation|3 years ago

If this is what's needed to securely store (not even use) crypto then the future for crypto is even bleaker than I thought.

hnxs|3 years ago

What happens if ledger goes out of business? I recall users being able to access their funds when Ledger had a systems outage some time in the past few years.

chill1|3 years ago

With both Trezor and Ledger it is possible to use Electrum as the GUI (interface) app. So if they go out of business and/or stop supporting the specific hardware wallet model that you own, you can continue using it with Electrum. Alternatively, you can import the seed backup (12 or 24 words) into a new hardware wallet.

3np|3 years ago

The users weren't unable to access their funds. However, Ledger Live (their desktop and mobile app) uses nodes hosted by Ledger, so effectively this meant that non-technical users who relied on their hosted nodes couldn't access their funds.

One could (and should!) still use the same wallet with a self-hosted node, or a third-party one, by using the wallet with a different software (which is also officially supported; Ledger provides docs for doing so).