Du kannst diesen Artikel auch auf Deutsch lesen.
Security is one of the most important aspects of Bitcoin self-custody. For many people, storing Bitcoin is the first experience of holding anything valuable in a digital form, and this presents very unique challenges. It’s only natural that many look for the most secure way to safekeep their funds.
This blog post was inspired by a growing trend of complex security recommendations given to beginners, and seeks to grow users' confidence in simple, yet safe self-custody solutions.
Making a compromise on your self- custody security sounds counterintuitive, but is a necessary tradoff to keep your coins accessible.
Security and Usability
Generally speaking, security and usability are negatively correlated. The more secure something is, the less accessible it naturally becomes. Take for example a bank vault - it’s highly secure, but also much less accessible than having your valuables underneath your mattress.
The same is true for Bitcoin security. A custodial wallet is incredibly convenient for spending money. But it’s much less secure than for example a multisig wallet made up of hardware wallets.
If we look at figure 1, we can see where different types of wallets fall in terms of usability and security. Keep in mind that the figures are based on our own evaluation and that usability is something that can be quite subjective. For example, we have discussed why we think airgap is not a higher security level in a dedicated blog article.
Not all methods of self-custody follow the trend of trading usability for security, shown as the dotted line. A well designed hardware wallet can improve security without compromising accessibility. A federated e-cash wallet is almost as easy to use as a custodial wallet, but improves on its security a lot. Solutions that make positive trade-offs are found way above the trend line.
On the other hand, let’s take the example of a hardware wallet that is set up to brick as soon as the user types in a wrong password. This could be described as “more secure” , but as it compromises so much on usability, it greatly increases the risk of losing access to your funds. On the chart such a solution would be found far below the trendline.
The security paradox
More security does not always mean that you are less likely to lose your funds. At a certain point, you cannot increase the security of a wallet without sacrificing usability to such a degree that it becomes more likely to lose access to your wallet.
For example, you could create a wallet with an incredibly long passphrase that no computer in the world would ever be able to crack. But by doing so, you exponentially increase the risk of falsely writing down the passphrase or mistyping it during the first unlock and thus losing access to your funds later on.
The same is currently true for multisignature wallets. A while ago, we wrote an entire blog post about the potential pitfalls of multisig wallets. These setups can be really secure, but when not used correctly, losing access to your funds becomes a real risk. It’s enough to lose one of the cosigners extended pubkeys to make the wallet inaccessible. While there definitely are set ups that require the additional security of multiple signers, in practice multisig is often less secure for inexperienced users due to its complexity.
You also don’t want your storage solution to fall on the left side of Figure 2. Those are solutions that seem convenient to use, but compromise on security in many ways that could lead to a loss of funds, such as through a scammy custodian or a malicious app developer.
Regular single-signature hardware wallets are positioned in a sweet spot, where the security is already at an incredibly high level, and the chance of losing your funds is lower than with any other type of wallet or set up.
Confidence in simplicity
Implementing more and more mechanisms that inspire a false sense of security in wallet users is not the right way to bring new people into self-custody. Many times we’ve witnessed beginner Bitcoin users being pushed into choosing optional passphrases or multisig solutions, without any consideration about the actual benefit or potential harm of these options.
When self-custodying Bitcoin, it is essential for people to trust their own setup and capabilities. Too often we see users follow recommendations based on security edge cases that are highly unlikely to ever become relevant. This way, they end up overcomplicating their setup, with the potential consequence of losing funds, and ultimately having fewer people custodying their coins.
It is false to assume that by making a wallet harder and harder to access, one increases its security. Hardware wallets prove the dichotomy of security vs convenience wrong, by making bitcoin accessible and secure at the same time. We have received countless positive reviews about how easy it is to use the BitBox02.
The BitBox02 is designed in a way that provides an incredibly secure and convenient solution for almost all use cases. It still offers expert features like multisig or passphrases, but they should only be used by those who already have a good understanding of how these features work and what the risks are.
Don’t own a BitBox yet?
Keeping your crypto secure doesn't have to be hard. The BitBox02 hardware wallet stores the private keys for your cryptocurrencies offline. So you can manage your coins safely.
The BitBox02 also comes in Bitcoin-only version, featuring a radically focused firmware: less code means less attack surface, which further improves your security when only storing Bitcoin.
Shift Crypto is a privately-held company based in Zurich, Switzerland. Our team of Bitcoin contributors, crypto experts, and security engineers builds products that enable customers to enjoy a stress-free journey from novice to mastery level of cryptocurrency management. The BitBox02, our second generation hardware wallet, lets users store, protect, and transact Bitcoin and other cryptocurrencies with ease - along with its software companion, the BitBoxApp.