Losing crypto assets due to malicious actions of hackers and fraudsters is a very real threat. In this new extensive guide, I will share real cases of theft of Bitcoin and other crypto currencies, outline effective ways to protect wallets, and describe an almost 100% secure method of executing transactions step by step.
More than 10 years have passed since 2010 when the first cryptocurrency introduced by a developer or a group of developers under the pseudonym Satoshi Nakamoto became a real means of payment. Starting out as a technology primarily enjoyed by computer nerds, Bitcoin has become a popular means of payment with more than $1 billion in daily turnover.
At the same time, due to its decentralization and relative anonymity, Bitcoin has become one of the most coveted assets in the world of cybercrime.
After reading this advanced guide, you will learn everything you need to know about storing and using Bitcoin and other cryptocurrencies safely. When writing this article, I used not only my experience with Bitcoin but also the knowledge of an experienced hacker who spoke about the current methods of stealing cryptocurrency. Irbis, as he calls himself, also helped me put together a step-by-step guide to protecting against crypto-malware and phishing.
?Table of contents:
Within the framework of this article, I won’t reiterate the already discussed subjects of decentralization, blockchain, and the future of financial institutions. I will focus on the features of Bitcoin that make it vulnerable, and due to its vulnerability why it probably won’t become a reliable and secure way to make payments and store assets in the future.
We will analyze the inherent vulnerabilities of cryptocurrencies that can negate all the positive features of the blockchain. Next, we will look at ways to minimize these disadvantages to make the most of this useful evolving technology.
Even though Bitcoin was created by Satoshi Nakamoto as an independent payment instrument not controlled by traditional financial institutions, it has weaknesses used by cybercriminals:
All these features make Bitcoin highly attractive to cyber criminals. The lack of control over its movement by the authorities makes cryptocurrencies an ideal tool for settlements between hackers, malware software developers, rogue traders, and other participants in the world of cybercrime.
But the most important thing for us to keep in mind is the fact that Bitcoin is much easier to steal than, for example, money from a bank account.
This can be done in at least three different ways, which we will discuss further.
Given the increasing popularity of Bitcoin, I believe it’s imperative in today’s world to understand what technologies and skills cybercriminals are using in their pursuit of digital assets and how to effectively be able to protect yourself against them.
Countless number of articles dedicated to the benefits of cryptocurrencies exist on the Internet. The authors usually like to highlight the following main pros:
However, it is precisely as a direct result of its pros that its significant cons follow:
We are primarily interested in the technical features and how hackers steal Bitcoin. It is in these areas that many users have a noticeable knowledge gap. The knowledge we aim to provide in this article will help avoid most of the trouble.
So, what can we personally do to make sure that the disadvantages of cryptocurrencies don’t outweigh their advantages?
Keep reading and you will find out everything you need to know to use Bitcoin properly. We will provide comprehensive information on each of the points, supplementing it with step-by-step instructions and examples.
But first, we will show the dynamics of the development of cybercrime-related to Bitcoin, and analyze the largest cases of Bitcoin theft and extortion. The information provided will help better understand the nature of the threats that lie in wait for the owners of cryptocurrencies.
The year is 2021, which will go down in history as the year of record growth in the rate of Bitcoin and other crypto-assets. The beginning of large-scale penetration of cryptocurrencies into the life of society began in 2017 when the almost continuous growth of the Bitcoin exchange rate from less than $1,000 to $20,000 within one year gave birth to a new class of society - crypto millionaires.
These people, as a rule, bought coins even before most of us knew about them. Many got them almost for free by mining or bought them for $10- $100 a few years before the boom. Also, new cryptocurrencies began to appear, some of which showed an increase in the rate hundreds and even thousands of times over months or even weeks.
All this led to the fact that millions of people began to purchase cryptocurrency for passive earnings, trading on emerging crypto-exchanges, or investing in DeFi projects.
At the same time, few people still understand well how Bitcoin works, what dangers lie in wait for its owners, and how to use it safely.
As a result, the number of cryptocurrency thefts, which could have been easily avoided, is increasing every year.
Take a look at the chart showing the Value of cryptocurrency theft worldwide from 2016 to 2020:
Image source - statista.com
As you can see, since 2018, the amount of losses ranges from $370 million to almost $1 billion.
According to other estimates, the number of stolen crypto assets in 2018 was more than $1.1 billion. Consequently, the growth dynamics of crimes related to Bitcoin maybe even worse.
Obviously, in 2021 this figure will become even higher than in 2018. Already at the time of writing this article, the Bitcoin exchange rate has exceeded $60,000, which is 3 times more than 3 years ago. At the same time, it has become much easier to acquire it, and, therefore, many more people have wallets with Bitcoin, Ethereum, Litecoin, Binance Coin, and other coins.
According to Reuters data, the equivalent of nearly $2 billion in cryptocurrencies were stolen in 2020.
Here's another interesting fact.
It's no secret that in recent years, many cybercriminals previously operating in banking (credit card theft, banking Trojans, etc.) have switched to ransomware. For those who don’t know what ransomware is, it is malware that encrypts all important data on a device (computer, smartphone, server on the Internet, or a company's local network) while aiming to further extort the data owner for a financial ransom.
Most often, it is a Bitcoin payment that is demanded for the decoding and restoring of crucial data. Moreover, the scale of the work of ransomware groups is staggering:
The dynamics of the increase in crimes involving Bitcoin and other cryptocurrencies are reflected in the following diagram:
Image source - blog.chainalysis.com
Please pay attention to the red column. That's an increase in the use of ransomware every year. And where there is ransomware, there is Bitcoin. In fact, in 2020 alone, the indicator has tripled. Growth will continue in 2021. If we add to this the theft of cryptocurrencies, it’s becoming apparent that cyber crime involving Bitcoin payments is quickly taking a leading role.
Ransomware is worthy of a separate article. However the scope of this article is Bitcoin theft and how to protect ourselves against it.
The main headache for ordinary users is stealers (malware used to collect sensitive information). As for cryptocurrency, such Trojans can not only steal keys and wallet numbers but also change the recipient's details on the fly. Such malware is often referred to as crypto grabbers. For example, malware ElectroRAT worked stealthily on thousands of computers, stealing data from crypto wallets while unsuspecting users were executing their transactions.
We will describe the stealer in more detail and provide an example of how it works.
In 2020, the US authorities tried to calculate the role of Bitcoin and other cryptocurrencies as a payment tool in committing various crimes.
According to them, about 1.1% of all transactions on the Bitcoin network were criminal. You may say – “That doesn’t seem so bad, does it?” I thought so too, but then I came across a document indicating that 3 out of 4 cases of money laundering were committed with the help of cryptocurrencies. According to Jonah Force Hill, Senior Cyber Policy Advisor for the Secret Service, the actual rate of crime related to cryptocurrencies ranges from 1.1% to 75%.
Why does the data vary so much, and what is behind these dry numbers?
All the available statistics are structured in a way that, they translate the amount of damage from Bitcoin, Monero, and other coins into fiat money, usually in US dollars. This greatly distorts the final numbers, since the calculation is often carried out without analyzing the crypto currency exchange rate, which can change several times in a short period of time.
Also, no one can reliably determine the scale of theft and extortion for four main reasons:
Bitcoin-related crime statistics vary widely, but most security experts see an increase in cryptocurrency-related cybercrime activity.
Using the example of the incidents described below, I want to clearly show how large-scale and dangerous hacker actions can be when it comes to Bitcoin or other cryptocurrencies.
To do this, I selected 5 attacks of different nature and nature, committed from 2014 to 2021. Cumulatively, they prove that today it isn’t the blockchain itself that is vulnerable, but the services and programs that connect it with the real world. Also, attacks on cryptocurrency holders regularly occur.
I'll start with two cases that will help dispel the myth about the invulnerability of "cold" wallets and expose the points of "hot" wallets susceptible to attacks.
As you know, the only way to protect any electronic information from theft is to disconnect it from the Internet. And it really works. It is absolutely impossible to steal the tokens that are stored in such a wallet, unless ...
This is the essence of the vulnerability of all electronic wallets - the need to use specialized software that connects the crypto user, his wallet and their transactions with the blockchain.
Looking ahead, I want to say that there is an effective, but somewhat time-consuming way to protect transactions at 100%. I will describe it at the end of the article.
Most token holders go the easy way and use whatever makes it easier to use cryptocurrencies. And that opens them to potential risks and cyber attacks.
One of the most popular hot wallets, Electrum, was hit by a successful phishing attack at the end of 2018, the consequences of which were also felt by users in mid-2019 and late 2020.
The attackers found a way to display to legitimate wallet owners messages, that appeared to be legitimate. According to those the intended victim needs to immediately download and install the Electrum update from the GitHub repository.
Image source - zdnet.com
The repository provided in the messages, of course, belonged to the attackers and distributed malware that steals cryptocurrency.
Moreover, this was done not by sending phishing emails or redirecting users to fake sites, but skilfully using a feature of the Electrum system. Fraudulent messages came directly from within the e-wallet network.
The essence of Electrum is that it is essentially a network of nodes on the Internet, united into a common structure. Moreover, everyone can launch their own node.
This is what the hackers did.
They distributed phishing messages through their node with the urgent request to update the client software from a domain similar to the real one. When updating, users installed a modified version of the Electrum wallet, which unlike the real wallet only a one-time password is requested, which is used when making a transaction. After that, the malware integrated into the software was able to transfer funds out of the affected wallets.
It is worth noting that the message looks strange, to say the least. There are 3 immediate red flags that you should not rush and update the app:
Even though the Electrum developers have introduced restrictions on the operation of nodes and created a blacklist of unreliable servers, cybercriminals continue to carry out similar phishing attacks.
Over the years, more than $22,000,000 has been stolen from the accounts of unattentive Electrum wallet owners.
In 2020, the systems of Ledger, the company that makes one of the most popular cold wallets, were breached by hackers.
The initial information came from an independent researcher who discovered vulnerability on the company's website.
Soon it was reported that hackers also managed to gain access to the personal information of wallet users.
Later in December, hackers made the database freely available on an online forum. It is also known that this data was previously available on the black market.
The following information leaked publicly:
Let me remind you that using cryptocurrency isn’t legal in some countries, the largest of which is China.
For a complete list of countries in which the circulation of Bitcoin is officially prohibited, see the end of the article.
Also it’s worth noting that quite often it’s simply impossible to legitimize the income received in cryptocurrency. Therefore, the leakage of data from crypto wallet holders can cause both immediate and real issues with the law and also potentially inviting others by , attracting the attention of blackmailers.
Cryptocurrency tokens were conceived as means of making payment and any other necessary transactions between parties who don’t trust each other without an intermediary. At the same time, in the real world, few people can handle blockchain transactions without third-party programs and systems. In fact, it would appear that the intention of the original creators was foiled since we still need to trust someone to use Bitcoin and other tokens. And it is in this bundle of platforms and services where vulnerabilities are most often found.
UPD: In 2021, the MINA blockchain protocol is actively developing. Unlike existing blockchains, MINA doesn’t need every node on the network to have a complete copy of all blocks since its launch. Instead, short (22kb) snapshots of all transactions are stored on the devices of network participants. Thanks to this, MINA can create a protocol where there is no need for client-server communication, which will significantly increase the reliability of the network.
The end of 2020 was full of hacking events. On December 12th, the British cryptocurrency exchange EXMO, headquartered in the UK, reported that unknown hackers stole about 6% of its assets, compromising hot wallets. According to official EXMO statistics, the daily trading volume of the exchange is 2,273 BTC (almost $52,000,000), and the number of active traders is 27,795.
The hackers were able to withdraw stolen funds to these addresses:
According to CoinMarketCap, Exmo is in the 30th place in terms of number of traders, liquidity, and volume of transactions. The exchange is especially popular in the Russian-speaking community.
According to The Block Research, EXMO appears to have lost $10.5 million worth of funds.
How are these attacks carried out?
There are two main ways to hack crypto exchanges:
To access any crypto wallets, it is enough to obtain the secret access keys. Most often, they are intercepted with the help of stealers. Installing such malware is possible not only through phishing but also through social engineering or the actual bribery of employees.
The beginning of 2021 was marked by an unprecedented rise in Bitcoin’s exchange rate. As well as during the previous bull market in 2017, the news background played a significant role in this. I especially want to highlight Elon Musk, announcing Tesla's purchase of $1.5 billion in Bitcoin. After this event, Elon Musk became associated with good news and positive developments in the world of blockchain technologies.
Scammers took advantage of this situation and were able to earn about $580,000 in just one week on a scam distribution of cryptocurrency on behalf of Elon Musk on Twitter.
The described situation took place in January and was reported in the news. But that didn't stop Cologne-based Sebastian from losing £ 407,000 on a similar scam.
He got a Twitter message about the "Dojo 4 Doge?" from what appeared to be the official Elon Musk Twitter account. The tweet included a link to a professionally executed website that featured “the Tesla team”. The page offered visitors the opportunity to send the site owners anywhere from 0.1 to 10 Bitcoins for a limited time to receive in return twice as much.
Sebastian checked the accuracy of the information as best he could, but this wasn’t enough to recognize the fraud.
Whale Alert specialists registered anonymous withdrawal of funds a few days after the transaction was completed. The information is available to anyone who knows the Bitcoin wallet number in question and they can look it up at https://www.blockchain.com/explorer.
Even though the victim can see the movement of the stolen funds in real-time, no one can stop it or return them to the sender. In my opinion, this is the main disadvantage of the blockchain. But otherwise, there would be no decentralization of Bitcoin.
In recent years, DeFi (Decentralized Finance) has become widespread. Simply put, it’s investing in projects using blockchain technology. Moreover, this became possible with the advent of the Ethereum network, and its new possibilities of storing not only information about the movement of coins but also implementing so-called smart contracts on the blockchain . Those became an important component of DeFi.
However, as with Bitcoin, DeFi has some of the inherent disadvantages of cryptocurrencies.
Namely, the need to transfer access keys or seed phrases to manage your wallet.
On March 15, 2021, the Cream Finance DeFi project and the PancakeSwap decentralized exchange came under DNS spoofing attacks. As a result, visitors ended up on fake sites, where scammers tried to find out their seed phrases and private keys to gain access to wallets and steal funds.
To spoof DNS, a hacker needs to either gain access to the site's domain or compromise the DNS servers through which users visit the site. It is quite difficult to do both, but not impossible. In the case of Cream Finance, the attacker most likely carried out a phishing attack on the administrator of the GoDaddy registrar where the project's domain was registered. Despite high safety standards, GoDaddy employees become victims of phishers twice in 2020.
DNS spoofing of domain records allows users to be redirected to a server controlled by criminals, where they can intercept any information sent by users. And the TLS encryption used in the https connection doesn’t protect against this kind of attack.
In the case of Cream Finance, hackers tried to intercept access keys to the wallets of the company and its customers. If successful, they could anonymously steal all funds from compromised addresses.
In the case of a well-prepared DNS attack, it is almost impossible to notice that the site has been compromised. The only way to figure out that there is a threat of theft is only by paying attention to unexpected requests for a secret key or seed phrases.
The last option on this list to steal crypto assets was the "gangster" method. It is done by physically attacking the owner of the cryptocurrency.
One of the most high-profile cases of such a robbery occurred in the Dutch city of Zuydeind.
According to the Telegraaf publication, in 2019, three unknown assailants, disguised as police officers, attacked the owner of the cryptocurrency when he was at home with his 4-year-old daughter. The criminals dressed in police uniforms tortured the investor in front of his little daughter, demanding to hand over the cryptocurrency to them.
Thierd H., 38, became the victim of a robbery raid. Robbers wearing masks and bulletproof vests violently tortured him, including using an electric drill on him. This also happened in front of a young child who is now undergoing psychological treatment.
According to the publication, the owner of the house was a bitcoin trader.
It is noteworthy that such crimes occur all over the world. There are also known cases of kidnapping with a ransom demand in cryptocurrency.
We’ve all watched exciting Hollywood films where criminals kidnap a victim, but they are caught during the physical transfer of the ransom. Imagine what criminal groups and individual kidnappers are capable if the risk of being caught at the ransom drop is no longer a factor since the transfer of cryptocurrency cannot be controlled or traced by any law enforcement agencies.
I predict an increase in the robbery of Bitcoin owners with its further spread in society.
Often, the victims of robbers are people who blog on the Internet or otherwise advertise their income.
To minimize the risk, it is important to remain anonymous and avoid leaking information about your name and address.
Leakage of personal data is also possible when crypto exchanges and DeFi projects are hacked. Unfortunately, international rules force their owners to comply with KYC / AML. This means that user data is stored on those companies’ servers. Consequently, there is no full guarantee of the personal data of all owners of Bitcoin and other tokens who may not only store them in cold wallets but also invest them or trade on the exchange.
It is known that Bitcoin coins can be stored in several ways:
It is believed that the safest way to store Bitcoin is the so-called cold wallet. This is an external medium that stores a pair of values - the private and public keys of the Bitcoin wallet. It is this method of storing assets that crypto traders and crypto exchanges use to avoid the theft of large amounts of Bitcoin and other cryptocurrencies.
Pros of a cold wallet
Cons of a cold wallet
The most common type of cold wallet today is hardware or e-wallet.
The principle of operation of a hardware cold wallet is similar to the principle of operation of a regular flash drive. The external non-volatile medium stores data for managing transactions of blockchain addresses owned by the user. Typically, one such wallet supports multiple tokens.
There is also a simplified analogue of a cold wallet - a paper wallet. This is a small piece of paper on which the private and public keys are written. But this method also has a weak point - the need to generate keys on a third-party service.
So, in February 2021, it more than $6,000,000 in Bitcoin were stolen from paper wallets created using the BitcoinPaperWallet service. A hacker obtained unauthorized access to their site and installed a backdoor malware able to obtain generated keys
As you can see, there are several hardware wallets out there today. How do you choose the best hardware wallet for Bitcoin and other cryptocurrencies and tokens?
You need to understand that invulnerable wallets don’t exist. In fact, they are all good for storing coins. As I said, a potential weak point for any cold wallet may appear while a transaction is executed.
Consider 3 options for signing transactions with hardware wallets:
Unfortunately, no matter how reliable the wallet is, hackers can steal coins and tokens at the time of transaction if a Trojan is in the control device's system.
Below I will provide step-by-step instructions for checking the system for Trojans.
The most common Bitcoin wallets are the so-called hot wallets. Unlike cold ones, they don’t require an additional device and have wider functionality and capabilities.
The pros and cons of hot wallets are listed below, except for the so-called fat wallet, which is a complete blockchain node. I will tell you more about this type of wallets separately.
Pros of a hot wallet
Cons of a hot wallet
The most popular is the web wallet. Also, quite often they use a light or, as it’s also called, a thin wallet. The strongest technological one is a full-fledged thick (warm) wallet. Below I will provide a brief description of each of them along with a comparison.
Do you own Bitcoin, Ethereum, USDT, or other coins and tokens and often operate with small amounts and change addresses?
Then a web wallet is the best choice!
Through the web interface, you can create an unlimited number of wallets for an unlimited number of coins and tokens without having to monitor the performance of your computer (smartphone).
Even if you have a thick wallet that stores bitcoins, you can easily create web wallets, transfer coins to them and use them for transactions in which you would not want to reveal the main address to others.
But I don’t recommend using such wallets for storing large balances. After all, the web interface gives only remote access to the storage, which is in the hands of a third party - the web wallet operator. There is no guarantee that it won’t be hacked or something won’t happen that could lead to a loss of funds.
In the next section, you will learn about the most reliable and secure way to store Bitcoin today.
Blockchains consist of a certain number of full copies of all mined blocks since the launch of the coin. Anyone can install their own Bitcoin node on their computer or server and thus avoid any unreliable intermediaries between their wallet and the blockchain.
Each such copy (node) works concurrently with all other nodes. Making a transaction on one node triggers a chain of synchronizations with the rest of the blockchain nodes. In this case, the transaction falls into a new block, which is mined by miners. As soon as the next block is mined, the transaction will be confirmed and will forever become part of the blockchain.
Thus, a thick hot wallet allows you to interact directly with the Bitcoin (or other coins) blockchain.
This method would be an ideal solution for storing and transferring cryptocurrency, if not for five disadvantages:
But still, if the listed disadvantages aren’t decisive, then I recommend using this particular type of wallet.
A hot fat wallet allows you to be as independent as possible from intermediaries and avoid vulnerabilities in third-party software.
Below I will describe step by step the process of installing your own hot wallet and you can easily deploy it on your computer, subject to the minimum technical requirements.
Finally, another way to store Bitcoin and often other coins and tokens is to open an account on a crypto exchange.
Pros of crypto exchanges for storing Bitcoin
Cons of crypto exchanges
From my experience, I will say it makes sense to use cryptocurrency exchanges to store coins when you need to frequently trade crypto or exchange it for fiat money, or if you need to hide the history of transactions. But at the same time, there are exchanges where operations with fiat aren’t available.
It is important to understand that exchanges aren’t suitable for the long-term storage of funds. If you don’t log into your account for a long time, then identity verification may be required.
But against all the shortcomings of this method, there is the most important advantage of keeping Bitcoin on a crypto exchange for storage - when withdrawing, the transaction history is completely lost. This is because the exchange's money is stored in a limited number of addresses. Therefore, traders' coins are mixed with others resulting in a complete loss of the ability to track previous transactions.
This, by the way, is used by scammers who steal cryptocurrency. However, I want to warn you that the exchange will instantly block your account if it receives information that the coins may be of criminal origin. Cybercriminals open accounts for dummies. That is why the verification procedure has recently become tougher and more complicated. Most often, this requires a webcam to compare the new user with the scanned documents sent to them.
It is also important to know that exchanges don’t like it when users carry out a lot of deposit and withdrawal transactions, but at the same time, they use little of the main functionality - trading crypto. If this is abused, then the account can be blocked.
Using a cryptocurrency exchange to store Bitcoin is convenient if you need to hide the source of funds for future transactions. But at the same time, the exchange is the riskiest way to store coins and tokens.
Before describing the process of installing a hot fat wallet with its own node, you must do two things:
Desktop computers and laptops running the following OS are suitable for installing the Bitcoin Hot Fat Wallet:
The technical requirements for all of these platforms are the same:
The most important step in preparing for installing a hot wallet is checking and cleaning the system from malware.
Spyware Trojans are especially dangerous. They are capable of transmitting to the hacker's control server all user actions (keystrokes, cursor moves, and mouse clicks) and, which is especially dangerous, all sorts of temporary files that can be used to access the wallet while bypassing the password.
Ideally, it's best to use a freshly installed system.
If you are installing Windows or Linux yourself, then don’t download it from torrent sites. It isn’t uncommon for hackers to use torrents to distribute malware. They post hacked free versions of Windows and at the same time can infect the system with a Trojan that will give remote access to the system without the user's knowledge.
If you are installing a Bitcoin wallet (or a wallet of any other coin) on an already used system, then follow 3 simple steps to check and protect Windows:
To 100% secure transactions from hacker attacks, it’s better to use two computers. One will have a node connected to the network and a transaction control panel, and the other will have an autonomous (disconnected from the Internet) copy of the wallet without a full Bitcoin node for signing transactions. Read more in the next chapter.
The most widespread and time-tested hot fat wallet for Bitcoin is Bitcoin Core. This is free software that combines two modules:
If you see the window shown in the figure below, then follow the additional steps described below the screenshot. If the window doesn’t appear, then go to step 2.
The crux of the problem is that Windows recognizes the blockchain code as dangerous. In fact, this isn’t the case and has been confirmed by many experts.
Pay attention to the Discard blocks after the verification setting. This is a very useful option that will allow you to clear most of the occupied space, since Bitcoin Core will calculate the necessary parameters for past transactions and delete all old blocks from the database, leaving only about 2 GB of data.
In this case, the functionality of the wallet won’t be affected in any way.
Pay particular attention to the complexity of the passphrase. It should be both long, complex, and at the same time easy enough for you to remember.
I recommend choosing short rhymes or sayings as passphrases. It is almost impossible to brute-force passphrases longer than 8-9 characters, and there is no need to store a long password on a disk or a piece of paper.
A real example of the encryption strength of such passphrases. About 10 years ago, the FBI caught a Russian hacker. He had an encrypted section of his laptop. The specialists were unable to crack or guess the password. When the hacker decided to cooperate and gave out the password, it turned out it was a popular Russian rhymed verse, typed with errors and punctuation marks.
So, we checked the system and installed our wallet, which doesn’t need intermediaries and is protected by cryptography.
Is this enough to store Bitcoin securely?
In most cases, yes, but it still doesn't provide 100% protection.
How to make sure that no hacker can steal our coins?
Use multi-signature (multisig).
In this case, transactions must be signed in two different wallets located on different computers. Moreover, you may not even have access to this second wallet. It can be owned by someone you trust.
Bitcoin Core since version 0.17.0 supports the partially signed bitcoin transactions (PSBT) framework BIP 174. And since version 0.20 (2020), it also supports edmulfunctionsti.
There are several types of multi-signatures:
However, this method has a significant drawback - using multi-signature isn’t easy, since you need to use the command line. There is no multi-signature support in the Bitcoin Core GUI.
There are quite a few examples of a practical application of multisig with Bitcoin Core using the command line on the Internet.
Redditor u / Pantamis has published a step-by-step guide on how to set up a Cold wallet bundled with Bitcoin Core to achieve almost 100% transaction security. Here is an adapted version of multisig version.
The following describes how to implement multi-signature with k of n setup. If you don’t want to spend time learning each of the steps provided, you can use the command at the end of the instructions.
DONE! You should get the same addresses as Electrum and you can create addresses to receive crypto in Qt! To send money, simply go to the send section, use the new coin control feature, and export a partially signed transaction. You can use HWI or Electrum to sign it with your hardware wallets.
Note: you can import more or less 2000 addresses of each type. If you import less, rescanning the blockchain will be faster, but you may need to repeat the commands described above later when all addresses have been used once. If you import more, then rescanning the blockchain will take longer.
If you like doing things in one shot you can do the last two steps in one big command: importmulti '[{"desc": "wsh(sortedmulti(k,[path1]xpub1.../0/*,[path2]xpub2.../0/*,...,[pathn]xpubn/0/*))#check_sum0", "timestamp": birth_timestamp, "range": [0,2000], "watchonly": true, "keypool": true}, {"desc": "wsh(sortedmulti(k,[path1]xpub1.../1/*,[path2]xpub2.../1/*,...,[pathn]xpubn/1/*))#check_sum1", "timestamp": birth_timestamp, "range": [0,2000], "watchonly": true, "internal": true}]'.
I would like to point out that the multi-signature method described above should only be used if you need to achieve a paranoid high level of transaction security. It is much easier to use Bitcoin Qt or Electrum, where this functionality is available without the command line. But at the same time, it is worth accepting the additional risks of third-party software.
Today, it is clear that Bitcoin and other cryptocurrencies, tokens, and other blockchain-based technologies have firmly entered our lives. This brought the new possibility to make payments anonymously and securely, to invest or simply store your funds.
But the pros of blockchain are also its cons. If the traditional financial system has developed reliable ways to counter cybercrime, then Bitcoin, on the contrary, contributes to it.
Most hackers and scammers have turned their attention to cryptocurrencies. This is due precisely to the anonymity of the blockchain and the impossibility of exercising control over transactions. In reality, if your funds get to the hacker's wallet, then no one except the hacker himself can return them.
Based on all this, I urge you to not be afraid to use this incredibly convenient and promising technology but to take the necessary measures to protect your wallets and transactions.
To summarize the recommendations, it is important to adhere to the following rules:
____________________________________________________________________________________________
If this article has been useful to you, please answer in the comments what new information you discovered for yourself after reading it. If you think the information isn’t complete, then please write your opinion on what can be improved. You can also ask any questions about the topics discussed in the article, I will be glad to answer to everyone.
Dean Chester.
Also read:
Leave a comment