Hot and Cold Wallet Storage

Summary

A party maintains keys in 2 wallets. One of the wallets, referred to as the hot wallet, stores frequently used keys and is connected to the Internet. Another wallet, referred to as the cold wallet, stores infrequently used keys and is kept offline.

Context

As a blockchain network participant, o party can rely on so-called “wallets” to manage its accounts and interaction with the blockchain. A party has multiple keys.

Problem

A party’s wallet is vulnerable to malicious attacks leading to key theft. If compromised, an attacker can use the key to issue transactions in that party’s identity. How to prevent the compromisation of keys?

Forces:

  • Security – A key may be hacked when being stored in a device, especially when connected to the Internet.
  • Usability – Some keys may be frequently used by blockchain participants while other keys may be used infrequently or might act as backup.

Solution

Users can choose to store keys in 2 types of wallets, namely hot wallet and cold wallet. Hot wallet typically refers to the blockchain gateways that are connected to the Internet.

Hot and Cold Wallet Storage Pattern

Hot and Cold Wallet Storage Pattern

Through a hot wallet, a user is able to directly issue transactions to the blockchain. Hence, a hot wallet typically holds frequently used keys. Cold wallet refers to key storage that is kept off-line to minimise potential attacks. Thus, a clod wallet typically contains rarely used keys. A cold wallet can be any device disconnected from the Internet or even a paper recording an entity’s keys.

When a key stored in the cold wallet is required to sign a transaction, the user needs to connect the cold wallet device to a computer and copy-paste the key in the relevant field. It is also possible to automate the migration of keys between the 2 wallets based on their frequency of use, e.g., least recently used and most frequently used. Also, a certain key can be marked as critical such that it primarily stays in the cold wallet. When it is required to sign a transaction it can be copied to the hot wallet. However, as soon as the transaction is signed it should be deleted from the hot wallet. In certain application settings, blockchain platforms, and wallet implementations, it is also possible to sign transactions entirely on the cold wallet and use the hot wallet to issue/relay the signed transactions to the blockchain.

Benefits

  • Secure storage – Cold wallets are isolated from the Internet; hence, provide secure storage for keys.
  • Usability – Such a secure storage also preserves the usability of keys, as once a cold wallet is connected to the Internet (either directly or via a middleware), a party can utilise those keys.

Drawbacks

  • Security – Hot wallets store one’s secret keys online hence are more vulnerable to theft. A cold wallet becomes more vulnerable as soon as it is connected to the hot wallet to copy/migrate a key.
  • Usability – Cold wallets are more secure than hot wallets but less convenient to use, as the user has to connect to the cold wallet.

Related patterns

  • In master and sub key generation pattern master key can be kept in the cold wallet while sub-keys can be stored in hot wallet.
  • Key sharding pattern could be used in a wallet application to split and merge a key to minimise its compromise.
  • When being integrated into wallet applications, predefined delegates in delegate list pattern can replace key ownership of a compromised key.

Known uses

  • MyEtherWallet is a hot wallet with a graphical interface for instant payment and withdrawal in Ethereum.
  • Trezor is a cryptocurrency hardware wallet, designed to store and encrypt users’ coins, passwords, and other digital keys. It is a single-purpose computer with independent memory to save all private data.
  • Ledger provides hardware wallet products to stores users’ private keys in a secure hardware device, protecting the cryptocurrencies.