What are cold wallets and how we implemented them online

Posted on feb 26, 2020

In the usual sense, a cold cryptocurrency wallet is a hardware-software complex that provides secure storage of information that is needed to access funds on the wallet (in particular, sending). Hardware cold wallets are the most reliable storage tool today, protection is provided using the owner’s biometric data or additional data entered by him. Owning a hardware cold wallet is justified if you have a considerable amount of cryptocurrency, you are going to store them for a long time without implying frequent transactions.

In general, wallets are of the following types:

• 1. Software - software that is installed on a computer. The use of such can be complicated by the need to download and check the entire block chain, which requires impressive free disk space, as well as processing power, so that the chain check does not drag on for weeks. However, there are light options that do not require loading all block chains.
• 2. Mobile wallets - in general, it means the same as software, only naturally in its light form, or with the option of working the main software on the server side, and a mobile device is only a means of outputting information. Some mobile wallets have the option of cold storage.
• 3. Hardware wallets - a small device with a display and several (optional) buttons for management. Usually connects to a PC via USB or communicates with a mobile device. Provides secure storage of private keys in encrypted form. The most famous representatives of this species are considered to be Ledger Nano S, Trezor and KeepKey. Such hardware will cost the buyer from $ 70 to $ 239 excluding delivery. Delivery should be added to this, since such funds should be bought only from official distributors, since a hand-held purchase does not guarantee no interference with the apartment complex and further safety of its operation.
• 4. Paper wallet - a pair of keys (public and private) printed on paper, storing a private key outside the Internet adds security, but the paper medium is not very durable and can be exposed to external influences (water, fire, sunlight). Such wallets should be protected and, if possible, duplicated for storage in several places. However, anyone who gets this wallet in their hands will be able to use the funds for them. Which is actually not safer than just storing cash at home or in a cache.

As we have already found out, the security of a cold wallet is guaranteed by the fact that the private key (in open or encrypted form) that is used to spend money is stored outside the network, or on a device that does not have access to the network.

We have developed a mechanism that allows, as far as possible, in terms of security, to approach the storage of coins in a cold wallet, but to maintain the convenience of an online wallet. For each of the cryptocurrencies in the wallet, the second version of the wallet is available - cold. Its peculiarity is that the private key is not saved when creating the wallet, but is immediately encrypted using AES-256 (a symmetric block encryption algorithm that is accepted as the encryption standard by the US government). The key for decoding the private key string remains on the server side and the encrypted string is sent to the client. In this case, it turns out that the private key was not transmitted in clear text over the network and was not stored anywhere in the clear.

After the client should save the received string in several reliable places. It is worth noting that getting the received string into the hands of an attacker will not allow him to use the funds without having access to the owner’s account. Indeed, decoding AES-256 in the foreseeable future is impossible.   The account owner can observe all incoming operations in the wallet without entering this line. When it becomes necessary to use the funds, the owner will need to enter this line at the stage of creating the transaction (as well as the payment password). After a successful transaction, this wallet will be moved to hot, the decoded private key will be saved. To continue safe storage, the owner should create a new cold wallet and send funds to it.

At the moment, this function is available for Bitcoin wallets, in the future this type of wallet will be available for all new cryptocurrencies in the account.

Create wallet