[ 3 / biz / cgl / ck / diy / fa / ic / jp / lit / sci / vr / vt ] [ index / top / reports ] [ become a patron ] [ status ]
2023-11: Warosu is now out of extended maintenance.

/biz/ - Business & Finance


View post   

File: 82 KB, 600x337, ledger-nano-s-review.png [View same] [iqdb] [saucenao] [google]
16526419 No.16526419 [Reply] [Original]

Is storing my crypto on a cold wallet totally safe, or do I need to take additional security measures?

What are the remaining risks if there are any?

>> No.16526428

>>16526419
No one knows except ledger, it’s closed source

>> No.16526457

>>16526419

They are only a Wallet Paper generator. where generate addresses form one pair of seeds.

>> No.16526482

>>16526419
Use a hardware wallet, it's the most secure storage method since it prevents your private key from ever touching anything. Hide your backup seed phrase in a good spot. Do not use a PIN you have used before. If you successfully followed all these steps you are now at the highest reasonable level of security for one person.

>> No.16526499

If your curious, security beyond this would require a multi-signature solution to move coins as well as a way to verify identity with the other party or parties.

>> No.16526511

>>16526419
They are safe only if you use them as a cold storage. (keep safe the seeds words, the ledger has only 5 years life span but with the seeds you can buy another and you are good.)

>> No.16526540
File: 989 KB, 1125x2436, C5161E82-D0AE-4032-9B52-EF8368241A6A.png [View same] [iqdb] [saucenao] [google]
16526540

So many to choose from and a big range in price. Thoughts anyone?

>> No.16526547

>>16526511
This, they are very safe.
Never entet your seed phrase into a computer and you're fine.

>> No.16526552

>>16526511
What do you mean 5yr lifespan?

>> No.16526565

>>16526540

Nano X/S with Cobot to store the BIp39 seeds from the device. (the seeds won't burn in that way)

>> No.16526571

Post seed words in here and post screen cap so you won’t loose it.

>> No.16526579

>>16526552
The battery inside.

>> No.16526583

>>16526419
Cold wallets are a meme:
https://decrypt.co/12001/92-of-institutional-investors-still-leave-their-funds-in-exchanges

>> No.16526588

>>16526540
just buy trezor one. it works and will do everything you need it to unless you hold a bunch of shitcoins that it doesnt support.
it supports ether/erc20, bitcoin, and a few other decent alts. ledger is for degenerate niggers who hold shitcoins

trezor t is nice if you have the dough to burn though.

>> No.16526658

>>16526588
Trezor : the most hacked one.

>> No.16526723

>>16526583
> trust us goys!!!

>> No.16526724

>>16526511
So even if it was physically destroyed somehow, I would still be able to access my coins on a seperate device as long as I know my seed words?

Do you need to enter these seed words every time you want to access your cold storage wallet, or just when you are tranfering to a new one?

Also there is no way for a hacker to get my coins as long as they are in a cold storage wallet, right? They would need to physically steal the wallet from me, right?

>> No.16526755
File: 685 KB, 851x1030, cryptosteel-unlocked-with-letters-851x1030.jpg [View same] [iqdb] [saucenao] [google]
16526755

>>16526419
if your key is written on a piece of paper or even laminated shit could get fucky if your house burns down etc

i recommend a cryptosteel to store the key
see: https://cryptosteel.com/
https://cryptosteel.com/product/cryptosteel/

>> No.16526764

>>16526724
> So even if it was physically destroyed somehow, I would still be able to access my coins on a seperate device as long as I know my seed words?
yes

> Do you need to enter these seed words every time you want to access your cold storage wallet, or just when you are tranfering to a new one?
Only once when you set your device for the first time or reset it.

> Also there is no way for a hacker to get my coins as long as they are in a cold storage wallet, right? They would need to physically steal the wallet from me, right?
They need to steal and steal your pin code too, without pincode they can't do a thing.

>> No.16526788
File: 480 KB, 326x207, giphy.gif [View same] [iqdb] [saucenao] [google]
16526788

>>16526419
Why wouldn't you make a paper wallet. Free. Safer.

>> No.16526795
File: 13 KB, 280x293, 1538804058146.jpg [View same] [iqdb] [saucenao] [google]
16526795

>>16526540
Buy them directly through Trezor, don't risk getting scammed. Anon.

>> No.16526798

Just download the Enjin app and use that wallet faggit

>> No.16526809

>>16526724
>Do you need to enter these seed words every time you want to access your cold storage wallet, or just when you are tranfering to a new one?
For the Ledger Nano S you enter a 4+ digit PIN to unlock it. IIRC it will wipe itself completely after 3 incorrect tries so then you would have to enter your seed again (which is done using the Ledger Nano S, not your computer - meaning you could use your Ledger on a malware infested computer or a stranger's computer without any worry of someone stealing your seed)


>Also there is no way for a hacker to get my coins as long as they are in a cold storage wallet, right? They would need to physically steal the wallet from me, right?
yeah what this anon says >>16526764
In the case that your cryptosteel was stolen the intruder would not need the PIN as the PIN is only for the Ledger Nano S's security. The intruder may be profoundly retarded in which case they would fail to use the cryptosteel as it stores only the first 4 letters of each word in your mnemonic key as each word in the entire set has a unique first 4 letters. As an extra level of security you could store the cryptosteel in a safe but even that could be breached potentially.

>> No.16526810

>>16526788
Because with a ledger you can store may coins with one BiP39 seeds.

>> No.16526813

>>16526755
all those tile keys are dogshit, they break way too easy and get fucked in fire. Stamped steel is the way to go

>> No.16526831

>>16526813
Stamped steel is certainly another option. I disagree however that the tiles are dogshit, from my personal experience. But to be honest, your way is probably cheaper (but probably less convenient).

>> No.16526834

>>16526813

Put them in a box and burry the box.

>> No.16526889

>>16526419
I had a Trezor just up and stop working on me, recently. I replaced and recovered it, but it was still nerve-wracking.

>> No.16526899

>>16526579
wjat tje fuck?

>> No.16527202

>>16526583
This report is stating that it's dangerous to leave your funds in an exchange. No shit. How does that suggest that cold wallets are unsecure?

>> No.16527362

>>16527202
anon's retarded and doesn't know what cold wallet means

>> No.16527382

>>16526579
There is no battery in the nano s brainlet

>> No.16527910

>>16526540
>>16526795

Amazon is known to mix inventories from manufacturer and 3rd party vendors. Research known scams, "...selling hardware wallets to users with a ‘pre-configured’ seed phrase hidden under a scratch card. The new user is told that he should scratch the card ... and set up the wallet with the compromised seed.”"

>> No.16527968

>>16527202
Because people with real money (I.E not you) deem them not worth using when the security on modern exchanges is more than good enough.

>> No.16527973

>>16526419

>> No.16528134

>>16526419
that's a hardware wallet which is not a cold wallet you brainlet

>> No.16528148
File: 231 KB, 1125x606, w.jpg [View same] [iqdb] [saucenao] [google]
16528148

>>16526540
use a paper wallet for cold storage you niglet!
hardware wallets are for actual use and that metal plate bullshit is not good for anything.

>> No.16528203

>>16526755
why would you write down your seed in plain text and only store it at one place?
secure redundancy dictates you use multiple sites many copies of which no site alone compromised can lead to a loss of wealth.
either use password encrypted paper wallets, or use shamirs on your seed.

i however do not recommend seed based hierarchic deterministic wallets for future use (ie cold store for generational wealth) because the quantum resistance can become an issue any year and if one private key of a hierarchy - even if no longer used - is compromised they all are.

crypto steel is the most retarded shit i ever saw.

>> No.16528250

>>16526809
this guy actually understands this shit.
however it's worth mention that the pin is snake oil security. it's fairly straightforward do take secure chips out of the resin and or grind them down and read the memory content with an electron beam probe. at which point the pin is absolutely worthless.

trezor has a better security model with the capability to use a strong passphrase that is worth something and decoy wallet. however it's not side channel hardened like nano.

in the end they are trinkets not advisable to use as col store but to use as a hot spend wallet storing no more than your monthly expenses.

>> No.16528261

>>16528134
A hardware wallet is a type of cold wallet. Cold just means it's offline.

>> No.16528275

>>16528261
hardware wallets are most definitely not offline or even airgapped when used.

>> No.16528284

>>16528261
btw a cold wallet is something you can't spend from but resistant to bit rot and em pulses and shit. if you can spend it it's not a cold wallet.

>> No.16528298

>>16528275
Really? How so, if you don't mind explaining? From what I understand, being offline is the whole point of hardware wallets.

>> No.16528332

>>16528298
no you plug them in when you use them. the point of the hardware wallets is they have a very narrow protocol interface with a potentially compromised system. of which they keep the private keys off of.

>> No.16528343

>>16526419
shouldnt rely solely on any form of local electronic storage, its not a matter of whether its safe from a security standpoint - its about what happens if the hardware fails.

hardware wallet is a good idea, but combine it with a paper wallet backup just in case.

>> No.16528366

>>16528343
read >>16528203 >>16528250
no it's not a good idea to use a hardware wallet for cold store at best it does nothing to improve your security at worst it's a physical attack vector.

secure redundancy! have many copies of your secrets at many locations but none of them should give access to your funds in itself!

one example of effortless security: put your pks in a password safe app use a good derivation algo with high iteration and a good strong passphrase. upload the shit to cloud keep local copies in a safe and on your person.

that's secure redundancy.

or use password protected hardware wallets have multiple copies at multiple locations, but use shamirs to break up your password and store them in a way that the attacker would need to access a lot of places simultaneously to get your shit on the other hand making inheritance a smooth sail. this includes a safety deposit box or a lawyer (you can put a piece or two in your will). and handing out pieces to relatives and safeguarding others. that's fucking secure redundancy. even if a site is obliterated you lose nothing.

>> No.16528398
File: 87 KB, 640x633, 463D8F33-47B4-4618-BDE0-270261CBE2B5.jpg [View same] [iqdb] [saucenao] [google]
16528398

Hardware wallets are for retards.

Download Coinbase wallet or Trust wallet, generate a wallet, transfer funds, and never ever jailbreak it. Done.

Why do you faggots over complicate things? Hackers can’t just magically hack your device if they don’t have physical access to it, and using trusted wallets to generate an address is safe if the company is trusted. (Coinbase and binance wouldn’t dare do any bullshit.)

>> No.16528409

Ledgers are fucking based for the price lock function alone.

Still got some BTC locked in at 17k and a good amount of ETH at $1130. I'm laughing all the way to the bank, dudes.

>> No.16528454

>muh cripto-professional device for sessoned cripto traders
Paper wallet + airgapped laptop for life. No black-box intermediary between the blockchain and myself.

Enjoy your "firmware update"

>> No.16528524

>>16528454
yeah but are your paper wallets encrypted?

>> No.16528543

>>16528524
No. Don't want an implementation of a decryptoion program black box me from my private key.

My paper wallet is laminated and enveloped with aluminium foil.

>> No.16528553

>>16526795
I second this

>> No.16528575

>>16528543
that's pretty fucking stupid m8
also bip-38 is pretty much a bitcoin standard. it's not some proprietary bullshit. it has a very robust implementation that works on an air-gapped computer booted from a live cd.

you can obviously try decrypting your keys and checking them before sending any funds to them.

i mean it's not like you can make a signature or assemble a tx without a software either. you need tools to use bitcoin. some wallets can import them right now, others will be able to import them in a few years. in fact you will be able to directly swipe your bip-38 wallet into your exchange account by 2023 imo.

>> No.16528601
File: 35 KB, 300x168, linnyxito_drawing_naruto_aburame_shino_guy_93350_300x168.jpg [View same] [iqdb] [saucenao] [google]
16528601

>>16526419
I keep my btc and fleta on ledger and never had any problems, just make sure that you have multiple paper backups

>> No.16528612

>>16528601
That's all you need really, long term gains, needn't be touched.
Holding BAT and ETH for everyday stuff

>> No.16528650
File: 191 KB, 491x498, 1546451098234.jpg [View same] [iqdb] [saucenao] [google]
16528650

>>16526419
Credit/debit card all over again, but just with new brainlets.
EVERYTHING IS ON BLOCKCHAIN.
It doesn't fucking matter if you print your "paper wallet" or this nanou ledger usb type thing.
All your btc is always on blockchain.
If someone can break your security measures they can take your btc and move them.
It doesn't matter if you print your key words for password or other shenanigans, if someone breaks your hash, they can move your btc, because BTC is always on a chain.
You can't convert btc to any other form, be it paper, usb or water.
What you do with nanouledger usb type thing is, you essentially, in simple words, you put your debit card into another debit card. Sound stupid right? Thats how it is, your btc wallet is access to btc on chain, but you put your access into tonanouledger usb type thing and make another wallet on top, while btc is still on chain.
If NSA can generate your hash by accident they can take your btc and move them, no goddman nanouledger usb type thing will help ya. BTC is always on chain and it can be moved no matter your infinite security layers.
Here a joke for ya.
There are still people who think that their cash is in a debit card they carry around.

>> No.16528694

It's not secure
https://www.youtube.com/watch?v=JD7XFrCbxrA

>> No.16528828

>>16528650
>if someone breaks your hash, they can move your btc
wat?
>If NSA can generate your hash by accident they can take your btc and move them
it would take a post dyson civilization more time than how long the universe exists statistically. fucking brainlets just don't get the math.

>> No.16528888
File: 41 KB, 249x249, 1530142306157.jpg [View same] [iqdb] [saucenao] [google]
16528888

>>16528828
>mfw I generated binances private key and became a multi-billionaire

>> No.16528933

Have ledger nano and was not happy that after an upgrade I could have LESS wallets on the ledger. I now have 2 Ledgers. I also have a Keepkey and am much happier with the Keep Key. I am no expert and dont know which is more secure but the Keepkey is a more quality product by far.

>> No.16528946

>>16526764
Or when you update your software (firmware)

>> No.16528962
File: 213 KB, 250x263, 6ABC47E0-DE14-4FD0-A0A1-B01C9135E0F3.gif [View same] [iqdb] [saucenao] [google]
16528962

>>16528888
tHoSe diGiTs!!!!

>> No.16529136

>>16526540
trezoor

>> No.16529203

>>16528933
hahahahaha lol
https://thenextweb.com/hardfork/2019/12/10/cryptocurrency-shapeshift-keepkey-wallet-cold-hacker-voltage-attack/

>> No.16529265
File: 795 KB, 500x600, 1566208366703.gif [View same] [iqdb] [saucenao] [google]
16529265

Show of hands. Who trusts Binance with their holdings? I'm on the fence.

>> No.16529266

>>16526419
I would go with a trezor as they are open source. Also, make sure you use a passphase aka the 25th word. I've seen a devise that can find the seed words, but also with the 25th word you have have multiple wallets from the same seed.
I have the ledger s also for shitcoins. I would avoid the X as it doesn't work with thinks such as MRK/kyber.
>>16526755
I have stainless steel plate that I engraved personally. Kept in a safe thats well hidden.

>> No.16529277
File: 499 KB, 2100x3150, FBC43879-6E3C-4602-9439-D0B8B20101AA.jpg [View same] [iqdb] [saucenao] [google]
16529277

>>16528398
Good god that's some rancid bait

>> No.16529294
File: 29 KB, 480x478, CA613D98-34EE-4F20-AF4C-223E039768AD.jpg [View same] [iqdb] [saucenao] [google]
16529294

>>16528888

>> No.16529296
File: 3.90 MB, 517x776, 1562540507184.gif [View same] [iqdb] [saucenao] [google]
16529296

What about metamask? It's free and more convenient.

I don't think it's really more hackeable than a cold wallet.

>> No.16529481

>>16527968
It's important to differentiate between the exchange's security, and your own security.
Sure, the exchange could be secure, but it doesn't take more than a weak password and SMS 2FA to breach it.

Cold wallets on the other hand require physical access.

>> No.16529525

>>16529296
aaaaaaaaa my linkies

>> No.16529546

>>16526419
>trusting chink hardware

>> No.16529613

>>16526419
Opsec is still very important, and can compromise you

>> No.16529627

>>16526482
>Hide your backup seed phrase in a good spot.
Like what? I'm keeping at home literally under the mattress. It's retarded but I have no better ideas

>> No.16529741

>>16528148
enjoy losing all your crypto in a house fire.

>> No.16529798

>>16529627

Don’t know if it’s the best method, but this is mine:

>Split the 24 words into 3 pieces, ABC.
>In location 1 you store AB,
>In location 2 you store BC
>In location 3 you store AC
Now you only need 2 pieces for the key, and if one gets discovered its useless on its own.

Lets say you put one in the safe, bury one and put the last one in a bank box. Your now safe vs robbery, burned down house and fraudulent bank

>> No.16529814

>>16529798
yes this is rudimentary security measure but it would be better to shamir it like 3 of 5.

>> No.16529831

>>16528888
binance has many many private keys and any decent exchange only uses multisig wallets. even if by some cosmic accident you would generate one it wouldn't get you anywhere.

>> No.16530258

>>16529831
why not? If you generate the key, you have the holdings. does not matter what wallet they use.

>> No.16530421

>>16528650
>the only anon in this degenerate thread who gets it.

>> No.16530624
File: 200 KB, 1024x412, how_to_lock_exchange_rate-1024x412.png [View same] [iqdb] [saucenao] [google]
16530624

>>16528409
Ledger pricelock is buggy. When you go to sell it's probably going to error. Sorry bro. Should have used Trezor pricelock.

>> No.16530747

>>16529265
Trusting chinks, even once ?

>> No.16530760
File: 423 KB, 1772x1864, Pen-and-Paper.jpg [View same] [iqdb] [saucenao] [google]
16530760

>>16526419
>blocks you're path

>> No.16530960

I put my paper seed in a ziplock bag and burried it somewhere only I know where it's at. I'll retrieve them in 2028 and my wife agrees it's the smartest option no matter what happens to the price.

>> No.16531021

What about coinbase with a hardware key?

>> No.16531081

>>16530258
no a multisig wallet needs n keys

>> No.16531090

>>16530960
fucking stupid

>> No.16531114
File: 25 KB, 270x360, 1571262763038.jpg [View same] [iqdb] [saucenao] [google]
16531114

>>16530960
You know condensation can still get inside a ziplock bag during hot/cold weather changes?

>> No.16531228
File: 33 KB, 486x396, eb6468916c8a11ba82dad1c5a914f1d001b5d0043e757aa4d394a31f6c8fef03.jpg [View same] [iqdb] [saucenao] [google]
16531228

>>16531114
You think I only used one single ziplock? I bagged it three times.
>>16531090
Why is this a stupid idea?

>> No.16531233

gps apps running on your phone at all times know.

>> No.16531494

>>16526419
Just use a hard disk and back up wallet.dat file... no risks if you have a disk failure and you have a back-up of that file.

>> No.16531587
File: 23 KB, 409x406, 9db0e41e8b5df84d11aecf470d9231990a19ec8f5fcf0935cfaba698c8d23fbf (2).jpg [View same] [iqdb] [saucenao] [google]
16531587

My Coinbase password is literally password, fuck you pussies

>> No.16531734

If hardware wallets can be recovered, doesn't that mean your keys are being stored on Ledger's/Trezor's network? Doesn't that kind of defeat the entire fucking purpose?

>> No.16531823

>>16531734
you have to understand that every private key (2^256) is already on the blockchain. The hardware wallet is only the tool to gain access to the coins by randomly creating a key, or importing a known key with holdings in it.

So you can randomly create a key on the ledger and put crypto on it. Then throw the ledger away, buy a new one, and import your known key into it again.

>> No.16532239
File: 18 KB, 221x203, 8AE8A00B-DBE0-449D-9AD0-B9387AE7C1B3.jpg [View same] [iqdb] [saucenao] [google]
16532239

>>16531587
>trace IP
>get home address
>get first and last name
>get email
>enter password
>profit???
wat do

>> No.16532256

>>16526419
All it's storing is the key, that's what a wallet is, a key, nothing else. Bitcoins actually don't exist, the public ledger that is hosted concurrently accross all bitcoin nodes just keep track of imaginary balances connected to bitcoin addresses. Your cold wallet holds the key to a certain address. It's the safest method, as it is impossible for somebody to get your key unless they physically get your usb.

>> No.16532470

>>16526419
just buy the cheapest notebook, cut all the wifi/ethernet cable on the motherboard, install an encrypted linux os in an sd card, generate the seeds in the notebook with no internet, store the sd card with a protective case in somewhere protected. you can generate the payment on your main pc with internet. after generating it transfer it to the notebook with a usb flash drive and sign with your private key. then broadcast from your main pc.

>> No.16532492

>>16526540
unironically just download a smartphone wallets like green wallet. The known one have never been hacked.