When you have Money you put it in a Vault or a Bank to have it secured there. When the Vault is breached and not insured you will suffer the losses. Same goes for the Money on your Bank if it gets robbed or damaged. With a Safe deposit Box your Bank may not know what’s in there so even if you have insurance you need to proof that they was there and you suffered the losses. Not ideal Scenarios in any case… This applys also when you have Two-Factor-Authentification enabled.
It can be similar with Cryptocurrency but there a ways to secure your digital assets so that only you are in Control over it. There is even Insurance that can verify your assets on-chain and cover it in Case of a loss. Nexus Mutual and Cover Protocol are two examples. Nexus Mutual had issues in the last few weeks: the CEO was hacked for worth of $ 8 Million and shed a bad light on the Platform, however the Company assured that the Platform was not affected. Even the Pros arte not save from such a elaborated attack executed by the Hacker.
To Secure your Keys you need to know the attack vectors. A common Scenario for loosing is the Hack of an exchange. If you keep your Funds there you have no control over what is happen with it after someone gained unauthorized access. In the First Post on this Blog about Bitcoin we Highlighted what a private and public Key is, in Short: who possess the private Key of a Wallet is able to do anything with that wallet. So if a Hacker is getting access to a exchange and is able to move funds and the exchange is not immediately reacting to it, that could be bancrupting the exchange what would result in no user getting paid back whatever they held on the exchange. A famous example is the Mt. Gox Hack from 2014, which was the biggest exchange at this time, handling over 70% off the Bitcoin Volume. Therefore the saying: Not your Keys? Not your Coins!
So you need to be able to get the private Keys of your Wallet. The easiest way for that is to use the native client from the Blockchain you want to secure your Keys, there are also Multi-Wallet Apps that can hold your Coins on your Computer. If you trade on a centralized exchange like Binance, Coinbase or FTX you cold move those funds to a Wallet on your Computer. However if your computer is or gets infected with malware, this will be enable the attacker to access the private Key stored on your Computer as well.
Private Key Security
There are however some ways to prevent this Scenarios. One is to have a Paper Wallet, this comes with a lot of other undesired downsides that are outlined here. The more robust Version of the Paper Wallet is to pierce your Seed Phrase on a piece of Steel. Some Companys offer sets where you can stamp them yourself or you know a trusted metal worker.
A new Form of Wallets are Smart Contract Wallets like Argent. Those let you choose guardians which can react if you loose access to your funds. Since they are running on the Blockchain, protocol risk are inherent. For maximum Security you need to verify the Smart Contracts which is a time consuming and tedious work that needs also a lot of knowledge in this field. In theWorst case a maliciously participant that has access to the Companys Development Environment could build a Backdoor in the Smart Contracts or weaken the Code to enable a exploit.
Hardware Wallets like Ledger or Trezor offer more Protection but this comes with limitations too. If you damage your Hardware Wallet and dont have a Backup, your coins may be lost forever! You also need to trust the merchant that there is no manipulation done to the device, which applys for the shipping as well. The recent Hack of the Ledger Web Shop Database also leaked a lot of Customer Addresses, so if you ordered your Hardware Wallet on your real Name to your real Address where you store your Hardware Wallet as well, thats not a good spot to be in…
You see to secure your Keys it depends a lot on Trust. I leave you with a xkcd Comic Strip that condense this Post in a simple Picture. To prevent this case you should get familiar with plausible deniability.
UPDATE: Right after making this Post, Blockchain Insurance Company Nexus Mutual CEO @HughCarp was hacked besides using a Hardware Wallet. Now he is asking the Community to donate to cover his personal loss, NXM states that no funds of the project was lost or in Danger. Users are discussing if this is an elaborated attack or just another “Boating Accident“…
UPDATE UPDATE: Soon after the Hack of NXMs CEO, another Insurance Protocol, (Cover Protocol), got exploited on its Token Price. However White Hat Hackers preventing the worst, since the exploit was widely used after it got public.
CONCLUSION: Never trust anybody! Not even yourself!