Paper Wallets for a Digital Currency?
You may have heard Bitcoin experts say that the only way to be safe with Bitcoin is to print “Paper Wallets” and to keep your Bitcoins stored offline in cold storage. Many people’s first reaction is that this is ironic. The so-called digital currency of the future and the money of the internet can’t be safely handled online?
Well the facts are that your Bitcoin is always online – so is everyone’s. What you print out and keep safely offline (if you want maximum security) is actually just the private keys that enable you to spend your Bitcoin. The private key is just a big number which can be stored as a long string of characters (normally beginning with a 5) or as a QR code, just like a Bitcoin address, but if you see them side by side, you may notice that the private key is more dense (has more dots).
What’s the difference?
Imagine you own a car and you keep it parked on the public street. Is it ironic that the incredible invention of personal transport of the 20th Century is so flimsy and ethereal that it will completely vanish if the keys are kept conveniently in the ignition?
Cars are made for the road, but the keys which prevent people stealing your car should be kept safe. We accept and overlook the inconvenience of having car keys because we understand their role in securing our valuable vehicle. It’s often safe to leave your car unattended without fear of it being stolen (at least where I live) but only so long as you keep your keys safe.
With Bitcoin, the keys are not metallic, they’re digital, just like passwords (and just like car keys all will soon be). Unlike passwords, keys are randomly generated and much longer, but just like passwords, you have to keep them secret. If you keep your keys secret, even if your computer gets hacked, your Bitcoin is still safe. There’s no way to steal someone’s Bitcoin without having their private keys.
There is a problem these days with keeping computers safe from malware and viruses. Having meaningful amounts of Bitcoin unprotected on an internet-connected computer or smartphone is going to make that problem a lot more expensive for us potential victims. It is also presents a more profitable target for attackers. This problem will have to be solved but for now the thousands of years experience in physical security (safes, strongholds, armed guards etc.) that our civilisation has trumps our paltry half century of experience in computer security. We must resort to the physical world to provide the best security against online thieves.
One of the most convincing solutions to this security problem that is being developed now is a type of tiny computer known as a Hardware Wallet. These will be pocket-sized, special purpose and security-hardened devices – I expect them to ultimately be credit-card-sized. Smart-phones and laptops can certainly do the job of making convenient transactions, but it’s just too easy to be unknowingly tricked into installing some software with a hidden agenda which will sneakily grab your passwords or keys from under your fingers. Hardware wallets would permit no installing “apps” so their exposure to these dangers is incredibly low.
It’s still early days for Hardware Wallets so I can’t make any recommendations, however the Trezor is a much anticipated early mover in this innovative product category.