Most of the time, when we think about privacy and security in the digital world, we conflate these two concepts. This is because most of the time, security means keeping your personal data private. When we are talking about crypto currency however, there is a distinction between these two things. Security means stopping people from stealing your funds, and privacy means stopping third parties from seeing how much currency you are holding. I will talk here about why this distinction is important, and what it means for you when dealing with crypto currencies.
I have previously talked about private and public keys, but in short, a private key allows you to sign transactions. Signing a transaction means that as far as anyone else is concerned, the transaction could not have come from anyone other than the signer. This is integral to crypto currencies. Nobody can sign a transaction, except for the person who has access to the private key. This is why hardware wallets are so important. When you use a hardware wallet, the private key is stored on the device and never leaves the device. The device will sign transactions for you, but it will never expose the private key to your computer or phone. This means that theoretically, malware cannot grab your private key and sign transactions that move funds out of your wallet. Any software wallet is theoretically exposed to malware stealing your private key, and therefore allowing thieves to empty your wallets of crypto currency.
However, your public key is also an important piece of information. Crypto currencies like Bitcoin are designed from the ground up to be traceable and transparent. If someone gets hold of your public key, they will not be able to sign transactions and steal your money with it, but they will be able to see all of your available balances, and they will be able to see all the transactions that you have made. This probably makes a lot of people uneasy because many people falsely believe that crypto currency is somehow more private than fiat currency. Actually, the opposite is the case. When it comes to regular crypto currency (as opposed to currencies that are deliberately designed with privacy in mind), all transactions are visible to the general public.
Hardware and software manufacturers more or less follow the principle that security is paramount, but privacy is a kind of luxury. In other words, stopping thieves from stealing your money is their business, but hiding your online monetary behaviour is not. So, it is important to understand what you are doing when you send and receive crypto currencies online.
In regards to security, the problem is easy to solve. You must use a hardware wallet. If you use a software wallet, you are always running the risk of a 3rd party obtaining your private key. This is unacceptably risky behaviour and can be avoided. But, the privacy problem is lot less easy to solve. Bitcoin has had BIPs added to it to improve anonymity, but since it was not designed from the group up to be anonymous, it will probably only ever be pseudo-anonymous. Anyone you give your public key to will be privy to everything you have done your crypto currency.
Some currencies have been introduced which have a concept of a private and public ledger. This theoretically means that if you choose so, a given transaction will not be viewable by the general public. Verge, for example boasts that it is
“a secure and anonymous cryptocurrency, built with a focus on privacy”.
Only time will tell if this is true or not. But, there are more fundamental problems to deal with. Hardware wallets are USB devices that talk using the HID protocol. Out of the box, this is not a secure or private protocol in the same way that HTTPS is a secure and private protocol. Hardware wallets do not encrypt the data that is sent between the computer/phone and the device. Everything is sent in clear text, and malware can listen in on this transfer. It’s important at this point to remember that these devices do not transfer the private key from computer to hardware wallet, but they do transfer things like the public key. So, it is possible that malware, or even simply web sites could intercept the public key coming from your device. This is what it is not a good idea to readily allow websites to access your hardware device. On top of this, your browser will not tell you when it is communicating with your hardware device.
It is conceivable that hardware wallets may encrypt transfer at some point, but is important to remember that if your computer is infected with actual malware, encryption would not be enough to stop the malware from reading the transfer. This is in the same way that malware would be able to read the transfer between your computer and a 3rd party of HTTPS. This is because the malware could obtain the means of encryption.
Software wallets are probably just as bad or worse when it comes to privacy. When you use a software wallet, it’s unlikely that 3rd party apps will access your public key because they will usually be talking to 3rd parties over the secure HTTPS protocol. But, this doesn’t stop a software wallet from sending your public key to its own server, and then forwarding that to wherever it likes. This means that your transaction information can be sold, or given away.
So, in short, hardware wallets greatly enhance your crypto currency security – i.e. reduce the risk of your funds being stolen, but they do not reduce the risk of 3rd parties getting hold of information about your accounts and transactions. In order to reduce the risk of this occurring, you should:
1) Keep your devices free of malware. This means keeping malware services up to date, and not installing software that you do not trust.
2) Not using, and not leaving open websites that you do not trust.
3) Preferring software and hardware which is open source. Trezor’s core software is open source, and while it does not off 100% privacy guaranteed, it does allow you to see exactly how the core software works.
4) Don’t hand your public key to anyone that you don’t have to give it to.