Keep Your Crypto #SAFU (CZ's Tips)

2020-02-25

As part of our commitment to help keep the crypto community safer and more secure, Binance CEO CZ (Changpeng Zhao) discusses many aspects of crypto security in detail on this blog.

Security is important. While that is obvious, the lack of security awareness among everyday people is painful to watch. It’s equally painful to see experts assume everyone has the same deep understanding of security issues, then design or recommend advanced setups that are hard to use and easy to screw up. Security is a broad topic, I am by no means an expert in many of the areas, but I have witnessed many of the security issues people experience. With crypto prices going up and the market buzzing with activity recently, a lot of newcomers are entering the crypto space again. In this article, I will try my best to use layman’s terms to explain some of the security concepts as they relate to holding crypto, including:

  1. A few basic security concepts

  2. Why and how you may, or may not, want to store coins yourself

  3. Why and how you may, or may not, want to store coins on a centralized exchange

  4. Some other topics

First, nothing is 100% secure. If our little planet gets hit by an asteroid, your funds are unlikely to be safe, no matter how you store it. Yes, you could store it in space, but let’s see how long that lasts, or if it is worth anything, once the Earth is gone. You probably won’t care at that point. This illustrates the point that what you are really asking for is, is it “safe enough?” 

So let’s define “safe enough.” For different people and purposes, it’s different. If you store $100 in your spending wallet, you probably don’t need ultra-high security. Your mobile phone wallet will likely do the trick. If you store millions of dollars or your life’s savings, then you will want to have some stronger security measures. For the rest of this article, we will assume it is a meaningful amount of funds you are trying to secure.

To secure your coins, you just need to do the following 3 things:

  1. Prevent others from stealing.

  2. Prevent yourself from losing it.

  3. Have a way to pass them to your loved ones in the event that you become unavailable.

Simple, right? Well, doing all three properly requires some knowledge, effort and diligence that is not known to or often ignored by most people.

So, let’s jump into it.

Why you may, or may not, want to store coins yourself

Your keys, your funds. Really?

Many crypto OGs will adamantly claim that it is only safe if you hold crypto yourself, while never considering how technical it is for an average person. Is this really the best advice for you? Let’s take a deeper look at this option now.

Let me ask you this first: do you know what a bitcoin private key looks like? If you are not so sure, then you should definitely keep reading.

A bitcoin private key looks like this: KxBacM22hLi3o8W8nQFk6gpWZ6c3C2N9VAr1e3buYGpBVNZaft2p

That’s it. It’s just a string of characters. Whoever has a copy of it can move bitcoins on that address, if any.

There is also the concept of a “seed phrase,” which is a set of 12 or 24 plain English words in a particular order. They can be used to generate a set of private keys. Many wallets use seeds. For the rest of this article, we will use the term “private keys,” but most of the procedures and recommendations apply equally to “seeds.”

Back on topic, to securely hold crypto yourself, you need to:

  1. Prevent others from obtaining your private keys; preventing hackers, securing your computers from viruses, the internet, etc.

  2. Prevent yourself from losing your private keys; having backups to prevent loss or damaged devices, and securing those backups.

  3. Have a way to pass your private keys to your loved ones in the event of a death. It’s not a pleasant scenario to consider, but as responsible adults to our loved ones, we must manage that risk.

Let’s look at each one in detail.

1. Prevent Others from Obtaining Your Keys

This is the obvious one. We have all heard about hackers, viruses, Trojan horses, etc. You don’t want any of these near the device you store your coins.

To achieve that with a decent degree of confidence, your device should never be connected to the internet and you should never download any files to that device. So, how do you use a device like that to send and receive crypto securely?

Let’s talk about the different devices you could use.

A computer is an obvious choice, and often the most versatile. If you choose to use a computer to store your coins, then you should never connect that computer to the internet, or any network at all. If you ever connect it to a network, there is a chance a hacker could get into your device, by exploiting a bug on the Operating System or some software you use. Software is never bug-free.

So, how do you install software on a computer that’s not connected to the internet? You use a CD ROM or USB stick. Make sure it is clean. Use at least 3 different anti-virus software to scan the hell out of it. Download the software (OS and wallet) you wish to install to the USB stick, wait for 72 hours, check the news to make sure there are no security-related news or issues about the software you downloaded or the site you downloaded it from. There have been many cases where even official websites get hacked and the download package is replaced with a Trojan horse. You should only download software from official sites. Also, you should only use open-source software, to reduce the chances of back-doors. Even if you are not a coder yourself, open-source software is looked at by other coders and has a lower chance of having back-doors. This means you should use a stable version of Linux (not Windows or Mac) for your operating system, and only use open-source wallet software.

Once you get everything installed, you use a clean USB stick to do offline signing of your transactions. This varies by wallets and is out of scope for this article. Aside from bitcoin, many coins don’t have wallets that can do offline signing.

You also need to ensure the physical security of the device. If someone steals it from you, they could access it physically. For this reason, make sure your disk is strongly encrypted, so that even if someone gets a hold of your hard disk, they will not be able to read it. Different operating systems offer different encryption tools. Again, a disk encryption tutorial is out of scope for this article, there are plenty of those online.

If you can do the above well, you probably don’t need to read the rest of this article. If the above doesn’t sound like your cup of tea, then there are other options.

You could use a mobile phone. These days, a non-rooted/jailbreak phone is generally more secure than a computer, due to the sandbox design of mobile operating systems. There are too many versions of Android to keep track of, and so I generally recommend using an iPhone. Again, you should use one phone just for your wallet, and not mix that with your everyday usage phone. You should factory reset the phone by erasing “all content and settings.” Then just install the wallet software, and nothing else. You should keep the phone in airplane mode at all times except when using the wallet for transfers. I also recommend using a separate SIM card for the phone, and only using 4G to connect to the internet. Never connect the phone to any WiFi. Connect to the internet only when you are using the phone for signing transactions and software updates. This is generally fine if you don’t hold super big amounts in your wallet.

A few mobile wallets offer offline signing of transactions (via QR code scanning) so that you can keep your phone offline completely, from the time you finish installing the wallet Apps and before you generate your private keys. This way, you ensure your private keys are never on a phone that’s connected to the internet. This will prevent the case where a wallet App has a backdoor or sends data back to the developer, which has happened to multiple wallets Apps in the past, even official versions. But, you won’t be able to update your wallet Apps or OS. The way to do software updates is to use another phone, install the new version of the App on that, put that into airplane mode, generate a new address, back it up (see later), and then send funds to the new phone. Not so user-friendly. Also, there is a limited number of coins/blockchains supported by these wallets.

You also need to ensure the physical security of your phone. Even though latest iPhone disks are supposed to be fully encrypted, there are reports of devices that claim to be able to unlock iPhones when they have physical access to it, by cracking the pin code.

Hardware wallets

You could use a hardware wallet. These devices are designed so that your private keys never leave the device, so your computer won’t have a copy of it. The signing of the transactions happens on the device. But nothing is 100% infallible. Hardware wallets may have bugs in the firmware, software, etc. There are many different hardware wallets on the market. It is generally advised to select an older and more established brand as they have been more tested. From the 2 major hardware wallet brands, one has a few different reports on the fact that if a hacker has physical access to the device, they could extract your private keys easily. So, you would want to make sure you hold on to it securely. Also, almost all hardware wallets require interaction with a software running on a computer (or mobile phone) to work. Here, you still want to make sure your computer is clean and hacker/virus free. There are viruses that switch your destination address to the hacker’s address at the last minute, etc. So, do verify the destination address on the device carefully. And you still have to keep your computer secure. With hardware wallets, they do prevent some of the basic types of exploits to steal your private keys by hackers, but I still strongly recommend using a very clean computer just for it, that you don’t use for anything else, and with the firewall turned on to the max. Overall, though, hardware wallets are a good choice if you wish to store coins on your own. The tricky and often weakest part about hardware wallets is how you store the backups, which we will go over in the next section.

There are many other variations of wallets and devices. I won’t be able to go through all of them here, but the above are the most standard categories. Now that we have discussed how to reduce (not eliminate) the chance of someone else accessing your keys, we are about ⅓ of the way done on explaining how to store coins on your own.

2. Prevent Yourself From Losing Your Keys

You could lose the device you use to store your coins or the device could get damaged. So, you need:

Backups.

There are many different methods here too. Each has pros and cons. Fundamentally, you want to achieve multiple backups, in different geographic locations, that other people can’t see (encrypted).

You could write it down on a piece of paper. Some wallets using seeds advise this, as it is relatively easy to write down 12 or 24 English words. With private keys, you could easily make a mistake with capitalization or illegible handwriting (O vs 0), and it would be very hard to figure out what went wrong later. There are some serious problems with a piece of paper though. They can easily be:

  • Lost - among other pieces of paper

  • Damaged - in a fire or flood

  • Easily read by others - no encryption

Some people use bank vaults to store paper keys. I generally don’t recommend this option for the reasons listed above.

Don’t take a picture of the paper (or a screenshot), have it synced to the cloud and think it is safely backed up. If a hacker hacks your email account or computer, they will find it easily. Plus, the cloud provider may have multiple copies of it stored in different places, and have employees that could view them. 

There are metal tags designed specifically to store backup of seeds. These are supposed to be nearly indestructible, which mostly solves the problem of being damaged in a fire or flood. But, it doesn’t solve the problem of lost or easily read by others if given physical access. Again, some people store these in bank vaults, usually together with their gold or other metal. I guess this is easy for people who are into metals to adopt. If you use this approach, you should understand its limitations and risks.

The approach I recommend is using a few USB sticks, but it does require a bit more technical involvement (the typical designed-for-experts fallacy). There are shock/water/fire/magnetic resistant USB sticks. You could store encrypted versions of your private key backup onto multiple of these USB sticks, and store it in multiple locations (friends or relatives). This addresses all the requirements at the beginning of this section, multiple locations, not easily damaged or lost, and not easily readable by others. The key here is strong encryption. For that, there are many tools on the market, and they evolve over time. VeraCrypt is an entry level tool that provides a decent level of encryption. The predecessor of VeraCrypt, TrueCrypt, was popular for a while, but was later revealed to have some security vulnerabilities through peer review, and development was discontinued. For this reason, it is recommended to do your own research and find the best and up-to-date encryption tools for yourself. It is also important not to give anyone a copy of your backup, even if encrypted. And it is recommended that you rotate your private keys (generate new ones and transfer funds from old to new ones) periodically.

3. Take Care of Your Loved Ones

We don’t live forever. A succession/inheritance plan is needed. In fact, crypto makes it easy for you to pass on your wealth to your heirs with less 3rd party intervention.

Again, there are a few different ways to do this.

If you use the low-security approach of paper wallet or metal tags, then you could simply share it with them. This has some potential drawbacks, of course. They may lack the proper means to hold or secure a copy of the backups, if they are young or non-technical. If they screw up on security, a hacker could easily steal your funds through them. Also, they could take your money away any time they wish. You may or may not want this, depending on your trust relationship with them.

I strongly advise against any sharing of keys between people, no matter the relationship, for the simple reason that if the funds are moved/stolen, it’s impossible to determine who moved it, or who got security breached. It’s just messy.

You could leave your paper wallet or metal tags in a bank vault or with a lawyer. But, as mentioned above, if any of the people involved gets a copy of the keys, they can move the funds without much trace. This is different from lawyers having to go through a bank to move your account balance to your heirs.

If you use the USB stick approach mentioned above, there are ways to pass on your wealth more safely. But again, it requires a bit more setup.

There are online services called Deadman’s switch. They ping/email you once a while (say a month). You have to click a link or login to respond. If you don’t respond over a certain period of time, they assume you are a “deadman” and send any number of emails where you pre-specify the contents and recipients. I will not endorse or vouch for any of the services, you should google them and test it out for yourself. In fact, Google itself is a deadman’s switch. Deep in Google’s settings, is an option to let someone have access to your account if you don’t access it for 3 months. Personally, I have not tested it and can’t vouch for it. Do your own testing.

If you are thinking, “Oh great, I just put the private keys in the emails to my kids,” then please read this article from the beginning again.

You may be thinking, I could put the passwords I used to encrypt the USB sticks in those emails, this way, my kid or spouse can unlock them. This is getting closer, but still not quite. As you should not leave the passwords to your backups out there on a server on the internet. It significantly weakens security of your backups/funds.

If you are thinking, I could scramble/encrypt the emails that contain the passwords to the USB sticks with another password that I share with my loved ones, then you are on the right track. In fact, you don’t need the 2nd password. There is an old time-tested email encryption tool called PGP (or GPG) which you should use. PGP is actually one of the early tools that use asymmetric encryption (the same used in bitcoin). Again, I won’t include a full tutorial of PGP, there are plenty of them online. In summary, you should have your spouse and/or kid generate their own PGP private key, and you encrypt your deadman’s message to them using their public key, this way, only they can read the message contents and no one else. This method is relatively secure, but it requires that your loved ones need to be able to, with a reasonable level of confidence, keep their PGP private key secure, and not lose them. And of course, they need to know how to use PGP email, which is somewhat technical/cumbersome in itself.

If you can follow the recommendations shared thus far, then you have reached the basic (not advanced) level to store a meaningful amount of coins yourself. There are many other topics that we could discuss that may also address some of the issues mentioned so far, including multi-sig, threshold signatures, etc, but they probably belong to a more advanced guide. In the next part, we will look at:

Using Exchanges

When we say exchange in this article, we mean centralized exchanges that hold custody of your funds.

So, after reading the previous part, you may say, “darn, that’s a whole lot of trouble. Let me just store my coins on an exchange then.” Well, using an exchange isn’t risk-free either. While exchanges are responsible for keeping the funds and systems safe, you still need to follow proper practices to secure your account.

Only use big reputable exchanges

Yes, that’s easy for me to say, as Binance is one of the biggest exchanges in the world. There are some strong reasons for this though. Not all exchanges are the same.

Big exchanges invest heavily on security infrastructure. Binance invests hundreds of millions of dollars in security. It makes sense for our scale of business. Security touches so many different areas, from equipment, networks, procedures, personnel, risk monitoring, big data, AI, training, research, testing, 3rd party partners and even global law enforcement relationships. It takes a significant amount of money, people and effort to do security properly. Smaller exchanges simply don’t have the scale or financial means to do this. I may get some heat for saying this, but this is the reason I often say, for most regular people, using a trusted centralized exchange is safer than holding coins on your own.

There is counterparty risk. Many smaller/new exchanges are frequently intended to be an exit scam from the beginning. They collect some deposits and run away with your funds. For this same reason, stay away from “non-profitable” exchanges or exchanges offering 0 fees, heavy rebates and/or other negative profit incentives. If their target isn’t proper business revenues, then your funds may very well be their only target. Proper security is expensive and requires funding from a sustainable business model. Don’t skimp on security when it comes to your funds. Large profitable exchanges have no motive to perform exit scams. When you already run a profitable and sustainable billion-dollar business, what incentives would you have to steal a few million and live in hiding and fear?

Big exchanges are also more tested on the security front. Yes, this is a risk as well. Hackers target big exchanges more. But, hackers also target smaller exchanges equally, and some of them are far easier targets. Big exchanges typically have 5-10 external security firms they engage on a rotation basis to perform penetration and security tests.

Binance goes a step further than most exchanges in terms of security. We invest heavily in big data and AI to fight hackers and scammers. We were able to prevent many users from losing their funds even when they got SIM swapped. Some users using multiple exchanges also reported that when their email account got hacked, funds from other exchanges they used were stolen, while funds on Binance were protected because our AI blocked the hackers’ attempts to withdraw their funds. Smaller exchanges couldn’t do this even if they wanted to, as they simply don’t have the big data. 

Securing Your Account

When using exchanges, it is obviously important to secure your account. Let’s start with the basics.

1. Secure your own computer.

Again, your computer is often the weakest point in the security chain. If you can, use a dedicated computer for accessing your exchange account. Install commercial anti-virus software on it (yes, please invest in security), and minimal other junk software. Turn on the firewall to the max.

Play your games, web surfing, downloads, etc on a different computer. Even on this computer, have the anti-virus running, and firewall to the max. A virus on this computer will make it much easier for the hacker to jump to the other computers within the same network. So keep it clean.

Avoid downloading files

Even if you don’t host your own wallet on your computer, I would highly recommend you to not download any files to your computer, or phone. If people send you a word doc, ask them to send you a Google doc link instead. If they send you a PDF, open them in Google drive in a browser, and not on your computer. If they send you a funny video, ask them to send you a link to it on some online platform. Yes, I know it’s a lot of trouble, but security isn’t free, and neither is losing your funds. View everything on the cloud. Download nothing locally.

Also, turn off “automatically save photos and videos” in your instant-messaging apps. Many of them have default set to download gifs and videos, just not a good security practice.

Keep up with Software Updates

I know all the OS updates are annoying, but they often do fix security exploits that are recently discovered. Hackers monitor these updates too and often will use those exact security exploits to get into computers of the people who are lazy with updates. Wallet software or exchange Apps generally follow the same practice. So, make sure you always use the latest versions.

2. Secure your email account.

I recommend using a Gmail or Protonmail account. These two email providers tend to be stronger on security than others. We have seen a higher number of security breaches on other email platforms.

I strongly recommend setting up an unique email account for each exchange you use, and make it hard to guess. This way, if another exchange has a breach, your account on Binance isn’t impacted. This will also reduce the amount of phishing or targeted email scams you get.

Turn on 2FA for your email service. I highly recommend using Yubikey for your email accounts. It is a strong way to prevent many types of hacks, including phishing sites, etc. More on 2FA later.

If you live in a country with reported SIM swap cases, then don’t associate your phone number as a recovery method for your email account. We have seen many SIM swap victim’s having their email accounts passwords reset and hacked as a result. In general, I don’t recommend binding phone numbers to email accounts anymore. Keep them separate.

3. Secure your passwords.

Use a strong and unique password for each site. Don’t bother trying to remember the passwords. Use a password manager tool. For most people, LastPass or 1Password will probably do the trick. Both are well integrated into browsers, mobile phones, etc. Both claim to only store passwords locally, but syncs across devices using only encrypted passwords. If you are more serious, then go for KeePass, or one of its variants that fits your OS. KeePass only stores information locally. It doesn’t sync across devices and has less mobile support. It is open-source, so you don’t have to worry about backdoors, etc. Do your own research and choose a tool that fits you. But don’t try to “save time” here by using the simple, or worse same password, everywhere. Make sure you use a strong password, otherwise, the time you save may cost you a lot in funds.

With all of these tools, if you have a virus on your computer, you are toast. So, make sure you have a good antivirus software running.

4. Enable 2FA.

It is highly recommended that you enable 2FA (2 factor authentication) on your Binance account right after you sign up, or right now if you haven’t done so. As the 2FA code usually lives on your mobile phone, it can protect you to some extent against a compromised email and password.

2FA doesn’t protect you against everything though. You could have a virus on your computer that stole the email and password, and by monitoring your keystrokes, it can also steal your 2FA code as you enter it. You could be interacting with a phishing site, and enter your email, password, then 2FA code on the fake site, and the hacker uses that to login to your real account on Binance at the same time. There are many potential situations here; we can’t list them all. You still have to keep your computer clean, and beware of phishing sites (more on this later).

5. Set up U2F.

U2F is a hardware device that generates a unique time-based code that’s also domain-specific. Yubikey is kinda the de facto device for this. (Although many hardware wallets can also act as a U2F device, they are a bit less user-friendly, requiring installing of apps, and many more clicks to navigate.) 

U2F offers three big advantages. One, they are hardware-based so it’s almost impossible to steal the secret stored in the device. Two, they are domain-specific. This protects you even if you are inadvertently interacting with a phishing site. And lastly, they are very easy to use.

For the above reasons, I strongly advise you to bind a Yubikey to your Binance account. It offers one of the best protection against hackers stealing your funds. 

You should also bind your Yubikey to your Gmail, LastPass and any other supported accounts, to keep them safe as well.

6. Stop using SMS verification.

There was a time where SMS verification was promoted, but times have changed. Given the increase in SIM swaps, we recommend you not to use SMS anymore and rely more on 2FA or U2F described above.

7. Set up a withdrawal address whitelist.

We highly encourage you to use the Whitelist feature on Binance for withdrawals. This allows fast withdraws to your approved addresses and makes it much harder for hackers to add a new address to withdraw to.

8. API Security

Many of our users use APIs for trading and withdrawals. Binance offers a couple different versions of APIs, with the latest version supporting asymmetric encryption, meaning we only need your public key. This way, you generate your private key in your environment, and just give us your public key. We use your public key to verify the orders are yours and we never have your private key. You must keep your private key safe.

You don’t necessarily have to backup your API key the same way you would when holding your own coins. If you lose your API key in this case, you can always create a new one. You just gotta make sure no one else has a copy of your API keys.

9. Complete L2 KYC.

One of the best ways to keep your account safe is to complete the level 2 KYC. This way, we know what you look like. We can use advanced automated video verifications when our big data risk engine detects anomalies with your account.

This is also important for the “if you become unavailable” situation. Binance is able to help family members access the account of their deceased relatives, with proper verification.

10. Physically secure your phone and devices

Again, you should keep your phone secure. You probably have your email App, the Binance App, and your 2FA codes in it. Don’t root or jailbreak your phone. It significantly reduces its security. You should also keep your phone physically secure and have proper screen locks on. The same goes for your other devices. Make sure they don’t fall into the wrong hands.

11. Beware of Phishing attempts

Beware of phishing attempts. These typically come in an email, text message or social media, with a link to a fake site that looks like Binance. There it will invite you to enter your credentials, and the hackers will use that to access your real Binance account.

Preventing phishing only requires diligence. Don’t click on links in emails or social media sites. Only access Binance by typing in the URL or using a bookmark. Don’t share your email with other parties. Don’t use the same email on other sites. Be careful when strangers (especially guys named CZ or similar) suddenly talk to you on Telegram, Instagram, etc.

Overall, if you stick to the above recommendations, then your Binance account should be relatively secure.

So, which is better?

I generally recommend people to use both centralized exchanges and their own wallets. If you are not so tech-savvy, then I recommend a larger portion on Binance and a spending wallet (TrustWallet) on your own. If you are technically strong, then adjust the portions.

Centralized exchanges do go on maintenance once in a while, and if you have to make a transaction just then, it is handy to have a separate wallet available.

A Few Other Topics

There are many scams out there. 

People create fake social media accounts that look similar to popular accounts, such as @cz_binance_, and try to talk you into sending them funds. Just remember one rule, don’t send people money unless you wanted to do the transaction first. Always use 2 different channels to verify to make sure the person you are sending to is the right person. 

If CZ suddenly approaches you and somehow, through some very convincing story, asks you to transfer some coins to him, please report that account immediately.

If your friend suddenly sends you a text message asking you to send them crypto for an emergency, call them to verify, or ask them to send a short video for verification. Assume their IM account just got hacked, or someone just stole their phone.

YouTube Scams

Scammers on YouTube have gotten smart with edited fake videos of CZ doing airdrops, etc. Again, just report it when you see it.

Social Scams

Don’t fall for giveaways where you have to send some coins to some address first, and you will get more back. You won’t.

Remember one simple rule: be cautious when sending crypto.

Never click on links in emails

NEVER click a link in an email and then enter your username or password on the site. That is always a trap. For that matter, never follow a link on a social media site, then proceed to login either. 

Think of them as, by default, links to phishing sites. Just don’t use them.

Always type in the URL manually to your favorite crypto exchange. Learn to spell Binance.com properly, or use a bookmark.

In closing

You got to the end of this article, I salute you for that. I hope this article helps you understand security more to better safeguard your funds. If you follow the recommendations described here, you should be in good shape to hold your funds relatively securely, either by yourself or on Binance.

CZ