Table of Contents
    Home / Crypto / Learn / Cold wallet: what is it & why use one?
    Learn 11 min read

    Cold wallet: what is it & why use one?

    Crypto software wallet connected to phone and computer, crypto cold wallet standing alone with a padlock.

    Key Takeaways

    • A crypto wallet is a device, document or piece of software that stores the private keys for your cryptocurrency. Different types of crypto wallet offer different benefits and limitation.
    • A cold wallet is one that stores your private keys in a completely offline environment. It cannot connect to the internet or sign smart contracts. This makes it perfect to act as a vault for HODLing crypto.
    • Cold wallets protect your crypto in two ways: by keeping your private keys offline, they prevent bad actors from obtaining them via hacking. And by never interacting with smart contracts, they protect the contents of your wallet from malicious smart contracts, which you might sign unwittingly.
    • A cold wallet might take the form of a simple document with your private key written on it, or might be an account within a hardware wallet dedicated to remain “cold” by never signing smart contracts.

     

    If you own crypto, you’ve likely heard of the cold wallet. Crypto wallets store your private keys, keeping your blockchain address secure. But what exactly is a cold wallet, and why use one? Here, we explain.

    Cryptographic keys sit at the heart of the entire cryptocurrency and booming crypto ecosystem, valued at a colossal $24Bn in 2024.

    Private keys enable you to own, secure, send and transact with your crypto assets – all without an intermediary. Every blockchain address is controlled by a cryptographic private key. Like a house key, this key gives access to the address and any data stored there, so keeping it safe is imperative.

    This is where crypto wallets come in. A crypto wallet is designed to secure your private keys, and by extension, your crypto. 

    There are different types of crypto wallet, each one storing your private keys in a slightly different way. For example, software wallets (or hot wallets) store keys in a software program on your computer or phone. Since they exist on a connected device and are always connected to the internet, your private keys are said to be ‘hot’. 

    On the other hand, hardware wallets store private keys inside a physical device that never connects to the internet.

    In this article, we’ll take a deep dive into a third storage option that’s perfect for HODLing: the crypto cold wallet. We’ll explore how it stores your private keys, its benefits and how it differs from software and hardware wallets.

    What is a crypto cold wallet?

    A crypto cold wallet is any storage option that both keeps private keys offline, and never interacts with smart contracts. 

    Why use a cold wallet?

    Cold storage protects your crypto against two major risks. 

    The first relates to cyber attacks that target your private keys. Your private key is similar to your online banking credentials; anyone who has it can access your blockchain address, and therefore your crypto. This is why securing private keys offline – out of reach of hackers – is so important.

    But increasingly, another attack vector is being exploited to gain access to your coins and tokens. Instead of stealing your private keys via brute force, bad actors deploy malicious smart contracts. They appear credible, and convince you to give access to the contents of your wallet under false pretenses.

    Let’s take a closer look at both these risks.

    Cold storage keeps private keys offline

    Your internet connection can be a huge vulnerability, because hackers can use it to access your device remotely. So if you’ve stored your private keys in a software wallet application on your device, they are at risk.

    The 2023 Atomic Wallet hack is a great demonstration of how online keys are such a risk. Hackers were able to exploit a weakness in Atomic software wallet, accessing users’ private keys via their internet connection. In total, around $35million of cryptocurrency was stolen from users. By contrast, keys stored in an environment that’s isolated from your internet connection would not have been accessible, no matter how sophisticated the hack.

    But hacks are not the only risk to your cryptocurrency. Simple human error offers bad actors big opportunies.

    A cold wallet never signs smart contracts

    Smart contracts form the basis of Web3. If you use dApps or decentralized crypto exchanges, you will certainly need to sign smart contracts. These allow your wallet to communicate with Web3 platforms and services. 

    Increasingly, bad actors are deploying malicious smart contracts that target Web3 users. With a little social engineering, these appear legitimate. However, they contain malicious code that will steal your crypto when signed.

    The 2022 OpenSea phishing attack is a great example of this scam in action. Users received an email asking them to sign a token approval smart contract. Token approvals are a very common feature of NFT marketplaces, enabling the exchange to move tokens from user wallets when they are sold. But in this case, the smart contract was from a bad actor, and contained malicious code. It gave approval to the third party to access users’ crypto wallets, draining their valuable NFTs. In this case, $1.7million of NFTs and tokens were stolen from victims’ wallets.

    No matter how secure your private keys are, signing smart contracts carries its own risk. But you can avoid that risk by designating a wallet to never interact with Web3. 

    By now, the purpose of a cold wallet should be clear. By isolating your private keys from the internet and from smart contracts, cold storage air-gaps your crypto from all types of digital risk.

    Types and examples of cold wallets

    Cold storage comes in different forms, so let’s talk about different types of cold wallet, and how they store your keys.

    Hardware wallet

    A crypto hardware wallet is a physical device that stores your cryptographic private keys. The device itself can’t connect to the internet, meaning your keys are inaccessible to hackers.

    A hardware wallet is not automatically a cold wallet, because it can still interact with smart contracts if you choose to. However, you can create a cold wallet within your hardware device by designating certain accounts to never interact with Web3.

    In short, a hardware device can host both cold wallets and non-cold wallets depending on how you manage them. And no matter what, your keys will always be offline.

    Paper crypto wallets

    A paper wallet is simply a piece of paper with your cryptographic private key written on it, or represented as a QR code.

    Storing your private key on paper removes the risk of being hacked. It also means you’ll never be able to sign a smart contract.

    But paper wallets come with risks of their own: anyone who has access to the paper will also have access to your blockchain address. This means you’ll need to give serious consideration to how the paper is stored, to avoid physical theft of your private key.

    Encrypted USB drives

    Securing your private keys on an encrypted flash drive is another popular cold storage option. A USB drive is another type of data storage device. Data stored there can be encrypted, meaning it can’t be viewed by a third party, even if they possess the device. 

    If you’re keeping your private key on an encrypted USB drive, make sure you store the device securely. It should be kept in a safe, secret location with no risk of water or fire damage.

    Air-gapped computer

    An air-gapped computer is one that has no possibility of connecting to the internet. With no internet connection and no way of signing smart contracts, air-gapped computers are an effective cold wallet option.

    Here again, data should be encrypted to ensure no one else with access to the computer can read your private keys.

    Sound wallets

    Sound wallets are the cold storage idea that never quite took off. They work by converting your private keys into audio files that can then be stored offline on a USB or CD. 

    Although sound wallets constitute cold storage, they pose their own security problems. The disc or USB drive must be safely stored to avoid a third party accessing your crypto. And any physical damage to the host device means your private keys are gone.

    Private keys: once online, it’s forever

    No matter what type of cold wallet you’re considering, it’s worth remembering one small detail. If your private key was generated online to begin with, you can never be completely sure that it’s secure.

    For example, say you’re using a USB drive to store your private keys. The keys were initially generated online, then moved to the drive.  Here, you have no way of knowing if a hacker accessed your computer or device when the keyw were first created. This renders cold storage pointless.

    The only way to use cold storage effectively is to generate your private keys offline from the very beginning.

    How to set up a cold wallet on a hardware device

    Let’s talk about how to set up your hardware wallet for cold storage. It’s important to remember that you can’t simply stop using an existing wallet to sign smart contracts. If you have ever used this wallet to sign a smart contract, the wallet is no longer truly isolated from the risk of malicious code. This is why creating a cold wallet always requires generating a fresh set of keys.

    1. Start by creating a new wallet on the blockchain of the crypto you want to store. For example, if you’re creating an Ethereum cold wallet, you’ll create an Ethereum-based account with brand new keys within your device.
    2. Clearly label this account as your vault wallet, cold wallet or inactive wallet so you’ll never use it accidentally for Web3.
    3. Send your crypto to this wallet. Yes, you’ll need to pay a transaction fee or gas fee. This is an unavoidable expense as you properly secure your crypto. 
    4. Finally, with your cold wallet clearly distinguished, all you need to do is never sign a smart contract with it. This completely removes the risk of signing malicious smart contracts. Meanwhile, your keys have been generated offline and will stay there.

    Crypto cold wallets: impenetrable vault for HODLing

    Whether you’re a Web3 degen, a savvy trader or a Bitcoiner HODLing for dear life, everyone needs a secure wallet. Using a cold wallet for your crypto holdings is similar to using a vault: it may not be very agile, but it is impenetrable.

    You might be wondering how you’ll access Web3 if you can’t sign transactions. After all, decentralized exchanges, NFT marketplaces, liquidity pools and a host of other Web3 options all rely on signing smart contracts.

    To do this, you’ll simply designate an active Web3 wallet. Meanwhile, the bulk of your crypto should remain in the inactive cold wallet, and you’ll only move exactly what you need into your Web3 wallet. This means if you ever sign a malicious smart contract, your loss is limited to the contents of that wallet. Your main holdings will remain safe. 

    Here’s to a happy and safe crypto exploration.

    Cold wallet FAQs

    Hardware wallet or cold wallet: what’s the difference?

    Many people believe hardware wallets and cold wallets are the same thing, but this is not the case. Even if your private keys are offline and in a hardware wallet, you might still be using that wallet to sign smart contracts

    Of course, you can set up a cold wallet within your hardware wallet. This simply means designating one wallet within the device to never interact with Web3. In effect, it becomes a vault for your crypto, while your other wallets sign transactions.

    What’s the difference between a hot wallet and a cold wallet?

    A hot wallet keeps private keys within software on your computer or phone. They are convenient for Web3, but leave your keys at risk of theft from hackers. You also risk signing a malicious transaction.

    On the other hand, a cold wallet keeps keys offline and never signs transactions.