Don’t Let Anyone Know about your Bitcoins
Never advertise how many bitcoins you hold.
Bitcoin addresses are publicly viewable. If you put an address that holds 10 BTC on your social media, you are announcing to the world you have 10 BTC. If you boast about how many bitcoins you have, chances are you will become a target for thieves.
One way to ensure that no one can see your bitcoin wealth is to use Reusable Payment Codes. These codes replace bitcoin addresses, allowing you to use a single address to receive payments but keeps your entire transaction history private.
Encryption of your private keys, backup seeds, emails, and passwords is another measure you can take to improve the security of your bitcoins.
If you want to store bitcoins with a paper wallet, note the private key and public key and then encrypt them and destroy the original paper wallet so that no one will be able to decipher your keys.
Similarly, you can do the same thing for your wallet backup (24 word seed). Encrypting your passwords to your wallet or exchange account is also a good idea to provide an extra layer of safety.
Use Open Source Software
You can be confident in using open source software since the code is publicly available and is less likely to be vulnerable to exploits that can steal your cryptocurrency.
For example, if you are using a closed source bitcoin wallet, no one can see if there are any malicious elements that may steal your bitcoins. Always try to use open source wallets where possible.
Open source software also applies to other things you may use, such as your operating system. Windows is notorious for its susceptibility to viruses. Instead, use an open source operating system such as Whonix or Linux.
Some bitcoin wallets support multi-signature addresses, which are useful for keeping your funds safe as more than one private key is needed to sign a transaction.
A 3-of-5 multi-signature transaction would require 3 signatures out of a possible 5 to sign and process the transaction, which could be useful in the case of a business that handled bitcoins. If only 2 signatures were given, the funds do not move.
Multi-signature addresses are not just useful for businesses and individuals, but also for a bitcoin stash that is split between two people (a 2-of-2 multi-signature could be used to ensure that both parties agree before sending a transaction).
Some examples of bitcoin wallets that offer multi-signature addresses are;
- Armory: a desktop wallet that provides up to 7-of-7 multi-signature transactions,
- BitGo: this popular, multi-device bitcoin wallet has been around since 2013 and provides up to 3-of-3 multi-signature transactions,
- CoPay: an open source, multi-device bitcoin wallet providing up to 2-of-3 multi-signature transactions, and
- Electrum: one of the oldest and most trusted bitcoin wallets, provides up to 15-of-15 multi-signature transactions.
A novel way of protecting your bitcoins is to use time-locked transactions. Time locked transaction can be done in several ways:
- Using nLockTime
- Using nSequence,
- Using OP_CHECKLOCKTIMEVERIFY (OP_CLTV), or
- Using OP_CHECKSEQUENCEVERIFY (OP_CSV).
Consider nLockTime. You can secure your bitcoins by sending a transaction along with nLockTime specifying the minimal time at which the transaction cannot be accepted into a block.
Suppose you want to secure your bitcoins for one year, you can specify 365 days with nLocktime and those bitcoins cannot be spent until those 365 days are up. Since they cannot be spent, they cannot be stolen either.
An easy way to set up a time-locked transaction is to download a copy of the Coinb.in website on GitHub. You can then choose a public key associated with your bitcoin address and set the date (or block height) until which the transaction will be locked. Once locked, you will receive a 'redeem script', which can then be used to unlock the coins after the specified date (or block height).
Cold storage refers to the storage of cryptocurrency in an offline location. There are two types of cold storage; hardware wallets and paper wallets.
Hardware wallets store the private key required to make transactions inside a device that is not connected to the Internet. To spend cryptocurrency from a hardware wallet, you’ll need to attach it to a computer and run some software. The private keys are compartmentalised, protecting users from any malicious software or viruses that may infect your computer.
Some examples of hardware wallets include Ledger, OpenDime, and Trezor.
When you set up a hardware wallet, you’ll be asked to write down a 12/24 word seed that can recover your wallet if you lose the device.
Paper wallets are another method of cold storage that predate hardware wallets. One of the best ways to ensure your holdings are secure is to transfer your funds to a paper wallet and then lock it in a safe.
A more creative way to secure your bitcoins involves your seed or your private key. Get your seed or private key and make a piece of artwork out of the words somehow, destroying the paper with the seed or private key later.
Air Gapped Computer
If you computer is connected to the Internet, it may be very difficult to tell whether your wallet is reasonably protected. Any private keys stored on your computer could be compromised if you download a virus. To get around online threats such as hackers and viruses, you can use an air gapped computer to set up a cold wallet.
An air gapped computer is one that has never been connected to the Internet. You can create a wallet using BitKey which simplifies the process. There are also complicated protocols that can secure large amounts of wealth in bitcoin, such as the Glacier protocol and the Subzero protocol.