Homecryptocurrency News

    Is it safe to keep crypto in an exchange?

    Is it safe to keep crypto in an exchange?

    Is it safe to keep crypto in an exchange?
    Profile image

    By CNBCTV18.COM IST (Published)

    Mini

    Your cryptocurrencies are only as safe as the tools you use to store them. And while exchange-generated wallets do offer a fair bit of security, they are not entirely full-proof. Over the last few years, hackers have been able to siphon millions of dollars from exchange-provided wallets.

    If you've just started investing in cryptocurrencies, storing your coins in the wallet provided by your exchange might seem like a convenient option. The coins you purchase are automatically added to the exchange-generated wallet, and you don’t have to worry about a thing, right?
    Well, not really. Your cryptocurrencies are only as safe as the tools you use to store them. And while exchange-generated wallets do offer a fair bit of security, they are not entirely full-proof. Over the last few years, hackers have been able to siphon millions of dollars from exchange-provided wallets.
    Take, for instance, the Mt. Gox hack, wherein 850,000 Bitcoins were stolen from the exchange in 2011, or the Coincheck heist, wherein $530 million worth of NEM tokens were stolen back in 2018. These hacks are two of the largest in crypto history.
    Also Read:
    Let’s look at some more reasons why storing your crypto in exchange isn't exactly ideal.
    1. You are not in control of your private keys
    Every crypto wallet has two keys – a public key and a private key. A public key is like the address of your wallet. It is used when someone wants to send coins to you. On the other hand, the private key is like the password for your wallet. You need to enter this key every time you wish to access your coins. This key ensures that only you have access to the wallet.
    However, when it comes to exchange-provided wallets, your private key is also known to the exchange. This is helpful if you forget your private key. Simply approach the exchange and they will provide you with another private key after validating and verifying your details. However, at the same time, it’s never advisable to share your private key with anyone. Therefore, an exchange having control of your private key is not something you would want.
    A recent case in point is the QuadrigaCX controversy, where the private keys of thousands of users were lost after the owner of the exchange passed away. Investors allegedly lost access to nearly $190 million worth of cryptos in the process.
    2. Exchange wallets can be frozen or blocked
    On some rare occasions, exchanges have been known to freeze or block user wallets. This often happens without much warning and can be frustrating for investors. Wallets can be frozen if there is some fraudulent activity on the platform or if, God forbid, the exchange itself goes bankrupt. Therefore, if you’re using a crypto exchange, you should know that your account could be frozen or closed at any time.
    Binance, one of the largest crypto exchanges, froze the accounts of several customers between late 2020 and mid-2021. Their development team didn’t even explain the reason behind the blocks. Back in 2020, users had also accused crypto exchange, Coinbase, of freezing wallets during a Bitcoin bull run.
    3. Fees
    Some exchange-generated wallets also levy fees on your transactions. While these fees are extremely marginal, usually between 0.1 and 0.2 percent, they can add up over time, especially if you are transacting frequently. And no one wants their hard-earned money to be wasted away paying fees!
    What is the alternative?
    Exchange wallets are known as custodial wallets. This is because an entity besides yourself has custody of the cryptos stored in the wallet. Therefore, instead of storing your crypto on an exchange, it makes sense to invest in a non-custodial wallet. These wallets hand over complete control, including the private key, to the wallet owner.
    There are different types of non-custodial wallets as well. Firstly, there are online non-custodial wallets. They are similar to wallets provided by exchanges - they can be accessed from anywhere using a private key. Some examples of web-based non-custodial wallets include MetaMask and TrustWallet. These wallets are perfect for smaller investors and for those who engage in frequent trades.
    However, if you have invested in large sums of crypto and wish to store them safely, a non-custodial cold wallet (hardware wallet) is your best option. These are physical wallets, often resembling USB sticks or external hard drives, that are not connected to the internet. This makes them almost impervious to hacks. These wallets also have private keys that only you have access to. They can’t be frozen or blocked either. And while these wallets do come with a heavy price tag, the peace of mind they provide you is priceless. Some examples of hardware wallets include Ledger and Trezor.
    However, do remember that, with non-custodial wallets, only you have access to the private key. Therefore, if you forget your private key, you lose all the coins stored in the wallet.
    If you still wish to use exchange wallets, here are some things to look for:
    - HTTPs: HTTPS is an encrypted, more secure version of the HTTP protocol. It ensures that your data is not captured or changed while being sent to a web server. All reputable cryptocurrency exchanges usually have a valid HTTP certificate and you’re web browser should notify you in case the site your visiting does not.
    - Two-factor authentication: This is like a two-step login process. It ensures that, even if the email or login details you’ve used are compromised, hackers cannot get access to your wallet. Exchanges with two-factor authentication will send a notification to your mobile every time you try to access your account. If you notice a login attempt that is not you, you can simply deny access from your mobile device.
    - Whitelisting IPs: Some exchanges will also allow you to whitelist the IP addresses you use to log into your wallet. At the same time, it will block any login attempts coming from unknown/non-whitelisted IP addresses. Some exchanges will take it a step further by allowing you whitelist certain withdrawal IPs too. This ensures that your coins cannot be withdrawn by anyone other than you.
    - Insurance: Look for an exchange that offers fund insurance. This ensures that, if the inevitable does happen, you would be reimbursed to some extent for any lost funds. Some known exchanges that insure their funds include Binance, Coinbase and Coinbase Pro, Gemini, Circle, etc.
    Check out our in-depth Market Coverage, Business News & get real-time Stock Market Updates on CNBC-TV18. Also, Watch our channels CNBC-TV18, CNBC Awaaz and CNBC Bajar Live on-the-go!
    arrow down

      Most Read

      Market Movers

      View All
      CompanyPriceChng%Chng