Now that we’ve looked at some basic features of the crypto market, some of you might be eager to jump right in. If you’re interested in investing or trading cryptocurrencies, note that this process is very different than a standard stock or bond trading. The following two videos deep dive into this process and show you how we actually buy and sell crypto, why the process is unique, and what are the best practices to follow and common pitfalls to avoid. So how do we get cryptocurrencies? There are two major channels. One is the direct sale on the blockchain, and the other is the indirect transaction of the blockchain using a cryptocurrency exchange.
Let’s have an overview of these processes before doing a deep dive. Suppose you want to buy some Bitcoin, you generated your pair of public-private keys and store them in wallet. Somewhere out there is someone who has Bitcoins and is willing to sell it to you. Again, they’re identified by their wallet address which is their public key. Now, the much simpler channel to get Bitcoin from that seller is to talk to him directly. Maybe you already know each other, do business with each other, or you’ve discussed the transactions online, and you trust them. Then the process is very simple. You agree on a price, you give him the money, he transfers the Bitcoin.
The dollar transfer will be off the blockchain using traditional payment rails, cash, check, demo, or credit card. The seller will transfer the Bitcoin the same way that we discussed in the previous module by generating a transaction script to your address, signed with his private key, and broadcast it to the nose. When it gets recorded on the blockchain, the Bitcoins are yours. Simple as that. But this is not the most common way to buy cryptocurrencies, is it? How often do you find a person that you trust and who also has a stash of Bitcoins?
So while the first channel has been mostly reserved for payments and perhaps black market activities, most of the cryptocurrency trading is done on the crypto exchanges, which as its name suggests, is a platform that matches buyer and sellers that are unknown to each other and facilitate transactions between them. We’ll get into this process in much more detail in the next video. So if I to say here that most of the exchange transactions actually happened without involving the blockchain at all. The buyer would deposit fiat currency to the exchange, the seller would deposit the cryptocurrencies. This essentially gets some virtual balances in fiat money and crypto on the exchange just like a PayPal balance.
The buy and sell orders can be placed, and once the match is found, the transaction happens and the balances are adjusted instantaneously. Blockchain only gets involved for withdrawals, where the users want to take their cryptos out of the exchange and back into their own wallets. If this still sounds quite complex to you, don’t worry, we’ll make this clear step-by-step. For the rest of this video, we’ll examine the wallets, what they are, and how should we best use them, then we’ll deep dive into the cryptocurrency exchanges in the next video. Before we talk about buying and selling, the first order of business is to establish your identity and get a wallet.
Remember in our first module that your identity on the blockchain is a pair of public-private keys, and there are no restrictions on how many you can have which ones you use for which transactions. Recall that by design of the blockchain, these keys, specially your private keys, are your one and only claim on the coins or tokens. Remember we said that this is completely a single-factor security arrangement. If you lose your keys, you lose your ability to sign any transaction, and your coins therefore become useless. If someone steals your keys, you can also kiss your coins goodbye. Because right away, they can sign a transaction on your behalf, transferring the coins associated with these keys to their own address.
So this cannot be highlighted enough. Managing crypto assets is all about managing the keys. Because the keys are essentially very large random numbers, what we call wallet is simply a place to store the keys so that you can use them when needed. It doesn’t have to be an app, because you can print the numbers out and store them on paper. Many people do that. Other people use software to store and manage them, and many wallet software also have ad-on functions like generating and broadcasting transactions scripts and calculating the transaction fees. As we’ve reviewed before, each unit within your wallet consist of two numbers. A public key and a private key.
Each one is a long string of ones and zeros, which are often encoded in alphanumerical formats to make them shorter and easier to read. Your public key is your address, and you want to make that publicly available so you can receive coins with it. You can put that in your email signature, your website, and many wallet software can also encode a key into a QR code that people can scan for easier transactions. The other number, your private key, is your signature to sign transactions with. In this one, you want to keep absolutely secret because again, if it’s stolen or lost, your money’s gone for good. So managing your wallet means managing your key storage. So how would you do it?
How would you store your keys and they get secured? If you think about it, there are two ways to do this. One way is to do it yourself and store it on your own device, which we call local storage. The other is to store it in the cloud. Within local storage, there are two further variants, hot storage and cold storage. Hot storage is probably the one you’re most accustomed to. You store the keys as a file on your computer or phone, maybe password-protected, or you use a wallet software app on your computer to store and manage the keys. It’s called hot storage because your computer or phone is accessible to the internet.
It’s very convenient because every time you need your keys, it’s there. But it’s not a very secure way to store a large number of keys or high value of keys because your computer or your phone represent a single point of attack. For a reasonably sophisticated attacker, this is a very easy target.
So hot storage is a convenient but insecure way to store your keys. It’s very similar in that aspect to carrying cash in a wallet. You want to carry some, but you probably don’t want to carry too much. The other variant is called cold storage. As the name suggests, this means storing the keys completely offline and segregated from all internet activities. A simple way would be to print the keys out or put them in a secure USB drive, then lock them away in your safe or safe deposit box, presumably with a backup somewhere in another safe in case the house burns down.
For high value of keys, now there are specialized service providers that essentially convert Cold War nuclear bunkers into storage facilities and store client’s keys there. Another way to cold storage is the brain wallet, which means either remembering the keys out right or encrypting the keys with the passcode and remembering the passcode. So if you think about it, cold storage is much more secure. There’s no way to penetrate the security online. The only way to get the keys is to physically break into these safes and bolts or to physically coerce you to give up the passcode. But at the same time, this is not very convenient.
Because when you want to use these coins, you need to dig up the keys physically from the vaults or use some complicated algorithms to retrieve them. So in this sense, if a hot storage is like carrying cash in your wallet, cold storage is like locking away your cash in a bank vault. Less convenient, but more secure. Of course, you don’t have to do this by yourself. You can choose to store your keys in the cloud. That is uploading the keys
to Dropbox which I don’t recommend or putting them in an encrypted secure cloud storage service. Oftentimes, large crypto exchanges like Coinbase also offer cloud-based wallet services. Once the keys are uploaded to the cloud, the provider can then choose to store them either hot or cold. Many providers do both, keeping some keys hot and the majority of the high valued keys in cold storage. Cloud storage is, therefore, a bit more convenient than doing cold storage yourself. But you better have a lot of trust in the cloud provider, because in this case, security is entirely dependent on the provider. If they’re breached, all the keys will be gone.
So consequently, the three ways to store keys leads to three best practices that I recommend in crypto asset management and all that boiled down to one simple advice. Manage your keys almost exactly like you manage your cash. Well, what are the best practices in managing cash? Well, first, you obviously don’t want to carry around bills in huge denominations, loss of $100 bills. Because losing each one, will be a relatively big loss. The crypto counterpart of that is you don’t want to use one key for all your transactions. If all the coins are associated with a single address, then if it’s lost or stolen, all the coins will be gone.
So just as you would carry dollar bills and other bills in smaller denominations, you want to spread out your coins to many keys. Ideally, using a different key for each transaction so the loss will be spread out even if you lose some keys. Second, obviously, you’re not going to walk around carrying all your wealth in your wallet. You will most likely only carry some daily spending cash in your wallet and put the bulk of your wealth in banks and investments. The same thing holds for crypto.
If you have a lot of crypto assets, you probably want to only keep a small fraction of that in hot storage for transaction purposes and the bulk of the wealth that you don’t need immediately should be in cold storage for better security. Finally, if somebody walks up to you saying that he’s selling the most advanced secure deposit box that you can keep all your cash in, you probably would view that with some suspicion. Same thing here for crypto. If you go with a cloud storage route because security is entirely dependent on the provider, you should vet the storage provider very carefully and thoroughly check their reputation, credentials, track record, and security practices.