If you’ve been looking for a guide on best security practices with regards to cryptocurrency, you’re in luck. We came across this comprehensive (and entertaining) overview by @notsofast and felt it prudent to share with our users. We also recommend following notsofast on twitter for similar content.
It’s been a long time coming, but what with the massive rises in fiat-based prices and corollary public attention, it is high time I got down to business and got all expository on how to keep your cryptoassets safe.
First a little background on why security is so crucial. Bitcoin, altcoins, and cryptoassets (@ARKblockchain‘s epic umbrella term of choice) are different from other things of value that you may own. Because they are virtual, you can’t actually hold them– this concept you’re familiar with if you have a bank account with a balance and use credit or debit cards without actually holding fiat cash in your hands, purse, or pockets. But because they are decentralized and trustless, they are also not actually ownable— what I mean by this is, they are owned by everybody and nobody like some fucked up Schroedinger financial experiment. Through the properties of the cryptographic public/private keypair, a cryptoasset only confers you with the ability to spend it irrevocably, or also hodl it by not spending it irrevocably, I guess. Ownership of a cryptoasset is thus fickle like a secret– possession of a secret doesn’t mean you own and control that secret information exclusively. It’s that way with your private keys. Whomsoever knows the private key to “your” cryptoassets, by virtue of cryptography, also controls them and has an equal claim to them. Prisoners’ dilemma dictates that, if a private key is known by multiple people, the person who is first to exercise its spend ability, is entitled to the full benefits of that spend, to the exclusion of all the other knowers.
The bottom line of this is: you don’t own your cryptoassets unless YOU, and ONLY YOU, know your private key.! That key might be the actual private key of a bitcoin wallet address, or the twelve-random-word seed of a BIP-39-enabled wallet, or the PIN to your Trezor (which you should already goddamned know NOT TO EVER SHARE A PIN WITH ANYONE EVEN YOUR TRUE LOVE).