As there are many terms to such a large project like Elastos and the Cyber Republic, we’ve decided to build a growing glossary of terms that can help the less technically acquainted understand better what the tech means and the impact it could have. This week we’re focusing on Cold Storage.
Term: Cold Storage
“Cold storage is an offline wallet… With cold storage, the digital wallet is stored on a platform that is not connected to the internet, thereby protecting the wallet from unauthorized access, cyber hacks, and other vulnerabilities that a system connected to the internet is susceptible to.
“Private keys stored on a wallet connected to the internet are vulnerable to network-based theft. These wallets are known as hot wallets. With a hot wallet, all the functions required to complete a transaction are made from a single online device. The wallet generates and stores private keys; digitally signs transactions using private keys; and broadcasts the signed transaction to the network. The problem is that once the signed transactions have been broadcasted online, an attacker crawling the networks may become privy to the private key which was used to sign the transaction.
“Cold storage resolves this issue by signing the transaction with the private keys in an offline environment. Any transaction initiated online is temporarily transferred to an offline wallet kept on a device such as a USB, CD, hard drive, paper, or offline computer, where it is then digitally signed before it is transmitted to the online network. Because the private key does not come into contact with a server connected online during the signing process, even if an online hacker comes across the transaction, s/he would not be able to access the private key used for it.
The most basic form of cold storage is paper wallet. A paper wallet is simply a document that has the public and private keys written on it. The document is printed from the paper wallet tool online with an offline printer. The paper wallet or document usually has a QR code embedded on it so that it can easily be scanned and signed to make a transaction. The drawback to this medium is that if the paper is lost, rendered illegible or destroyed, the user will never be able to access his address where his funds are.
“Another form of cold storage is a hardware wallet which uses an offline device or smartcard to generate private keys offline. The Ledger USB Wallet is an example of a hardware wallet that uses a smartcard to secure private keys. The device looks and functions like a USB, and a computer and chrome-based app are required to store the private keys offline.”
Basically, imagine a bank that anyone could walk up to and try whatever combination of keys and pin numbers they wanted without being arrested. Whoever has the right pin could therefore access the funds whenever they wanted. In crypto, since everything is tracked and verified online, this is the case. Whoever holds the keys can access the funds associated with that key.
But in crypto, the probability of simply guessing a pin is so low that it’s close to impossible because of just how many possibilities there are, and almost always the reason that people lose their funds is because they gave the pin (private key) away to someone else (intentionally or not).
This is why “cold storage” is the most secure method of protecting your private key–ownership of your funds. Isn’t it ironic that one of the most significant advances in technology and finances of our lifetimes relies on a mechanism in which writing something down on a piece of paper is arguably the most secure way of ensuring security?
This means, of course, that it’s not so user friendly. If someone loses their sheet(s) of paper, or if someone needs to run a transaction, there are several steps to ensure that it’s done without revealing the private key from paper to blockchain.
Paper, while secure, is simply not functional for frequent transactions. This is why Ledger and other hardware wallets have solved this problem and they are also considered cold storage. They make it easy to have the private key never revealed, signing all transactions offline, and so you can always rest in peace–even using a compromised computer, along with your hardware wallet without ever revealing your private key to any network.