“Cold” wallet and “Hot”, correct the misunderstanding

mibii - Jun 27 '23 - - Dev Community

Image description
Chief technology officer of Coinbase Balaji Srinivasan says :

“..giants could easily scan our devices to find and hand over private keys to authorities if they were ever ordered to do so.”

It is a time to reminder to all the basic of crypto wallets. What is the difference between a “Cold” wallet and a “Hot” one? Many people think that a cold wallet is — a hardware wallet and all software wallets are hot (not safe). This is not a correct understanding.

Using a hardware wallet means connecting it via a USB connection to a computer that has an internet connection. What are the technical details of what is happening? What data is exchanged between the hardware wallet and the computer via this USB connection? Only the developer of this hardware wallet knows for sure. If you are not a developer, you are unlikely to be able to answer this question. Users have to trust that no sensitive data really leaves the hardware wallet via USB to the computer and on to the Internet. Thus, a hardware wallet cannot be considered a cold wallet.

Then: ANY wallet, for example installed on your phone or computer WITHOUT INTERNET connection, is a “Cold wallet”. This role can be performed by any wallet on a device WITHOUT INTERNET CONNECTION. But launched at least once with the Internet turned on — the wallet — formally ceases to be cold.

But, you ask - how can my wallet work without internet? The Internet is NOT NEEDED to create an initial random seed phrase in your wallet, and generate a list of addresses associated with this phrase. You DO NOT need internat connection tto start reciving crypto currency. The Internet is only needed to prepare the transaction and broadcast the transaction.

(To be more specific when i says internet connection i mean connecting the wallet with blockchain node that is required for wallet ability of transaction preparation and sending — broadcasting).

Then — the only way for safe operation is to keep the confidential information OFF-LINE. (in our case confidential is — the private keys or the seed phrase)

You can use any popular crypto wallets, but make sure before that — crypto wallet is open source.
“So all web wallets suck and are scams?” No, web shells are just an interface to the main code of a program that can run locally in a browser or on a remote server (via internet). As you understand, the second option is categorically unacceptable for a crypto wallet. The wallet must work completely locally, except for tasks where the Internet is required to communicate with the blockchain. There are wallets that are created only to generate addresses (public and private keys), without the task of interacting with the blockchain.
And there are such web wallets. For example, the well-known “paper wallet’’
https://github.com/pointbiz/bitaddress.org meets these requirements and can be safely used offline, by downloading to your computer (or smartphone).
Also a well-known and reliable multi-currency web wallet, can also work locally in a web browser.
https://github.com/iancoleman/bip39

With mentioned wallets — OFFLINE — you can easy to generate the crypto addresses and start receiving assets by sharing you address with someone.

This is a real cold wallet if you run it at off-line.

But what is next — what if you need to send your assets from your cold wallet? How to send and keep you wallet address been cold after sending?

How to take only part of the funds, leaving the rest in this cold wallet.

To do this, you can use the https://github.com/coinbin/coinbin utility — it allows you to prepare a transaction and broadcast it.
In short, these are three steps

  1. form the necessary transaction, from where to where and other parameters here https://coinb.in/#newTransaction (performed online, use only your public address to prepare the transaction, DO NOT use your private key)
  2. sign the transaction here, https://coinb.in/#sign (to do this, you need to copy the received string in the previous step into a text file and transfer it to your offline device). For signing, we use the same utility, only on your offline device.
  3. the last step is broadcast — notifying the entire network about your transaction, here https://coinb.in/#broadcast (for this, insert the line obtained in the previous step into the window and press the button.

I think that for those who do not want to trust and are not ready to delve into the technical details of how a hardware wallet works, it is better not to use them at all. And to use the principles - there is an Internet connection - it means the wallet is HOT, there is no Internet connection - the wallet is COLD. Any of your wallets installed on the phone on which you turned on the Internet at least once - formally ceases to be a "Cold Wallet". Conversely, any wallet - an application installed on your phone or computer without the Internet - is a Cold (reliable) wallet. After all, you can safely sign transactions without an Internet connection, and then transfer them on a computer (phone) with the Internet.

By utilizing offline wallets and following the recommended three-step process for sending transactions, you can maintain the cold wallet status and securely manage our digital assets. It is crucial to remain cautious, stay informed about wallet operations, and make informed choices to protect our cryptocurrency holdings in the dynamic world of blockchain technology.
Further reading - Crypto wallet steps manually

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .