Self Custody 101: Hot Wallets vs. Cold Wallets
The debate between self-custody crypto solutions is rapidly evolving. Our last article in this series explained the seed phrase and why new custody solutions have started calling the recovery tool into question.
But to fully grasp the security advantages and drawbacks of the latest alternatives, users must first understand an older self-custody debate.
When it comes down to it, all self-custody options are divided into two categories: hot wallets and cold wallets. Both types have advantages and disadvantages; choosing one will depend on an individual’s specific needs and preferences. This guide will help weigh options and offer strategic ways to combine solutions.
Hot wallet vs. cold wallet
A hot wallet is connected to the internet and used for regular transactions such as sending payments or interacting with decentralized applications (dapps). They are primarily mobile or desktop applications and represent an easy self-custody option for investors.
A cold wallet, by definition, is a custody solution that stores funds entirely offline. Because sending crypto with cold wallets requires more steps than hot wallets, their primary purpose is to receive funds and provide secure, long-term storage. And although cold storage solutions use hardware wallets, not all hardware wallets are considered cold storage. If the hardware wallet uses Bluetooth or can automatically connect to the internet, it is vulnerable to many of the same threats as hot wallets.
Both hot and cold wallets offer the benefit of self-custody, where users hold private keys that allow them to move assets on their respective blockchains. When proper security measures are in place, either approach can be a safer option compared to centralized exchanges, which can expose users to additional third-party risks.
What’s the difference between the two?
The primary difference between cold and hot wallets is that users mainly use cold wallets for long-term storage and protecting coins, while hot wallets are used regularly. Thus, as their names suggest, funds in cold wallets are “cold” and largely untouched, while funds in hot wallets are “hot” because of their frequent use.
In a typical example, a cryptocurrency investor may set up a hardware wallet only used to receive funds designated for long-term investments. These funds are rarely transferred out and could lie “cold” in the wallet for several months or even years.
The same investor could set up a browser-based or mobile wallet to interact with dapps and smart contracts. Funds in this wallet are “hot” because of the risks associated with smart contracts and internet connection. A hot wallet ideally holds a lesser portion of a crypto investor’s portfolio – an amount they can afford to lose.
Centralized cryptocurrency exchanges are other entities that utilize cold and hot wallet solutions. Many centralized cryptocurrency exchange hacks have come from compromised hot wallets, underlining the risks associated with this storage method. Coinbase, for instance, claims to store up to 98% of customer funds in “guarded cold storage,” with a smaller amount kept in hot wallets to fulfill deposit and withdrawal requests.
Hot Wallets: Pros and Cons
- Hot wallets provide greater convenience, as they are primarily mobile and desktop-based apps.
- Hot wallets are free to use and are relatively easy to set up.
- They provide a seamless gateway to access opportunities in the Web3 economy (including NFTs, DeFi and gaming applications).
- Hot wallets are ideal for regular crypto trading and payments. They often provide third-party integrations for buying coins or even performing cross-chain swaps.
- Hot wallets generally allow investors to store more cryptocurrencies. Hardware wallets support fewer cryptocurrencies, as such functionalities take longer to build.
- Hot wallets usually provide a more intuitive user experience, including a portfolio tracker, dapp browser, NFT display, etc.
- Being connected to the internet exposes hot wallet users to a greater risk of security breaches.
- Users could suffer substantial losses resulting from malicious software updates or installing apps from unofficial sources.
Examples of leading hot wallet solutions
The most popular examples of hot wallet solutions include:
- Metamask: Ethereum development studio Consensys initially released Metamask in 2016. Since then, it has become the leading wallet for accessing Ethereum dApps and other EVM-compatible networks. Metamask is available as a browser extension and mobile app.
- Trust Wallet: Trust Wallet went live in 2017 and grew in prominence after the founding company was acquired by the leading cryptocurrency exchange Binance. Although Trust Wallet gained most of its initial market share as a mobile-first application, it has since expanded to offer a browser-based extension.
- Coinbase Wallet: Coinbase Wallet is a self-custodial crypto storage solution developed by crypto exchange Coinbase. Coinbase Wallet enables access to Web3 apps and basic functionalities such as sending and receiving many cryptocurrencies. The application is available as a browser extension and mobile application.
Cold Wallets: Pros and Cons
- Cold wallets provide unparalleled security as private keys are stored offline, sometimes in air-gapped devices and multiple locations.
- Cold wallets encourage long-term investments, which are historically profitable for cryptocurrency investors.
- Cold wallets lower the risk of physical crypto theft, as users do not usually move with private keys or hardware wallets.
- Cold storage solutions rarely require software upgrades, making them more immune to new security issues.
- Cold wallets also encourage greater privacy as associated addresses mainly receive funds and have fewer trails on the blockchain.
- Users require a less proactive approach to secure funds in cold storage than a hot wallet.
- Cold-storage wallets are not free to use. Getting a decent hardware wallet could cost between $50-$300.
- Cold storage wallets could be more convenient. Users must currently go through several steps to sign transactions.
- Investors must replace cold storage wallets in the event of a loss to guarantee security.
Examples of cold wallet storage solutions
- Ledger: Ledger is a leading provider of cryptocurrency hardware wallets and has sold four million devices since launching in 2014. The company currently offers the Ledger Nano X, Ledger Nano S Plus and Ledger Stax. Although these devices offer varying functionalities, they keep cryptocurrencies in secure cold storage.
- Trezor: Trezor wallets are cold-storage hardware devices developed by Czech-based startup SatoshiLabs since 2014. The wallet currently comes in two variants, the Trezor Model T and Trezor One. The latter offers fewer features, as it was Trezor’s flagship product. Yet, both provide secure offline storage for cryptoassets.
- Paper wallets: This method involves generating a pair of public and private cryptographic keys printed on paper. The user transfers funds to the associated address and safely puts away the paper wallet until a future date when they choose to move the assets. The advent of hardware wallets has made this cold storage method archaic. Yet, it comes in handy for long-term storage or gifting cryptocurrencies.
A closer look at the wallet comparison
Cryptocurrency investors make several tradeoffs when choosing between a hot and a cold wallet. Both wallets have unique strengths that determine what’s best for individual users. This section presents a head-to-head comparison of cold versus hot wallets.
Cold wallets provide the highest level of security for cryptoassets. They store private keys offline, eliminating most online vulnerabilities. Bad actors must gain physical possession of the cold storage device and the owner’s consent to move funds. There is also an additional hurdle if the wallet utilizes a multi-signature feature where several entities must sign a transaction before it is approved.
Learn more about multi-signature and MPC wallets in our explainer on seed phrases.
In stark contrast, hot wallets are susceptible to online attack vectors, including device malware, malicious smart contracts and software upgrades. For example, an unprecedented hack that affected 9,231 Slope Wallet users directly resulted from a software upgrade that allowed attackers to steal private keys holding approximately $4.1 million worth of assets. The losses later affected even users who merely imported (to a different wallet) a seed phrase created with Slope Wallet.
But both hot and cold wallet users risk falling victim to phishing attacks such as those perpetrated through email and social media platforms. The attack was traditionally only a threat to hot wallets. But a recent Trezor malware hack proved this to no longer be the case.
Cold wallet solutions are usually expensive to set up. The cheapest hardware wallet devices cost around $40 and offer minimal functionality. Users must acquire a mid-budget-sized device for about $100 to enjoy a relatively high-quality experience.
Most hot wallets are free to use and available on respective app stores for Android and iOS users. They are also easy to set up and offer a superior user experience to cold storage solutions.
Being mobile and desktop-native applications make hot wallets more convenient than cold wallets. For cold storage solutions, the user must physically possess the device and pass through several security steps to validate transactions. In most cases, the screens are relatively small and barely display a few lines of text.
However, hot wallets are mobile and routinely come in the shape of smartphones, tablets, and PCs. Features such as fingerprint authentication, QR codes, and advanced transaction fee customization make hot wallets more convenient for signing transactions. This is especially helpful if users want to send payments frequently or interface with smart contracts.
Hot wallets are more interoperable with Web3 applications and smart contracts. Users immediately find the option to connect to dapps using these wallets. In contrast, most cold storage wallets do not provide functionalities for new-age crypto innovations such as NFTs and DeFi protocols. For instance, some do not support sending and receiving NFTs or liquidity provider (LP) tokens.
Most hot wallets come equipped with a dapp browser, NFT display, staking portal and gaming hubs. Cold storage solutions are not designed for such use cases and thus provide fewer user interactive opportunities.
The most experienced investors combine cold and hot wallet solutions to ensure the best security for their cryptoassets. Such a combination is advantageous, especially for investors with diversified portfolios who need to explore Web3 applications.
Cold wallets are essential to protect funds in the long term, while hot wallets are helpful for anyone who needs regular engagement. Users can decide to create multiple hot wallets for different purposes. For instance, the best security practice is to create a new “burner wallet” for participating in NFT mints. Users may also create specific wallets for interfacing with DeFi protocols or gaming applications. This diversification protects against losing funds to a single hot wallet breach.