Paper wallets are often touted as being one of the most secure ways to store your cryptocurrency. But while it’s true that they offer advantages over hot wallets, paper wallets also have some notable security drawbacks.
Let’s look at some of the reasons why you shouldn’t use paper wallets for your coins.
1. Malware Risks
Paper wallets are easy to create and free to use. As such, they’ve become one of the most popular ways for people to store their cryptocurrency.
Predictably, that’s led to a rise in interest from malware creators. There are three primary ways malware can put you at risk.
Read Private Keys
Some malware can read a paper wallet’s private keys during the creation process. It will then send the keys back to the hacker’s server over the internet.
The commonly-heard advice is to download the creation tool and make your wallet while offline. In practice, that has little effect. The malware will still be able to read your private keys, and it will send them as soon as a connection is re-established.
Other people will tell you to use an Ubuntu Live CD. But it’s not foolproof. Malware lurking in the BIOS could still attack you.
Hijack the Creation Process
Using a process called “backdooring,” malware can hijack the creation tool. It will provide you with a private key that is already known to the hacker.
When it’s time to move your coins out of your paper wallet, you are at risk from keyloggers. They can read the private key as soon as you enter it into your computer.
Again, performing the process offline won’t help. At some point, you will have to go online to log the transaction on a blockchain.
2. Printing Risks
The printing process is another procedure that’s fraught with security risks.
If you use a Wi-Fi-connected printer, your computer will send the file from your machine to the printer in an unencrypted format. In theory, it means anyone who’s listening to the network can see the file and steal it.
No network is safe, but you need to be especially wary of public networks such as those in schools, offices, and libraries. Firstly, they are more likely to have hackers on the network. Secondly, all printouts are centrally logged in the IT team’s database.
The safest way to print your paper wallet is to disconnect both your computer and printer from the network and use a USB cable to connect them.
Unfortunately, you still wouldn’t be 100 percent safe. Some printers will retain a copy of the printed files on their hard drives. If someone with enough know-how were to get their hands on it, they could extract the data and access your wallet.
The only way to completely guarantee privacy is to write out the keys by hand. However, it’s a tedious process and carries the risk of making mistakes.
3. Address Reuse Issues
Address reuse is a growing problem in the crypto community. It occurs when people use the same address for multiple transactions.
By reusing an address, you put your (and the coin’s future owner’s) privacy and anonymity at risk. Because private keys sign transactions, it becomes easier to study the history of an address and link multiple transactions back to a single person.
Address reuse is especially prevalent among paper wallet users. The hassle of setting up multiple addresses in a secure way leads many people to take shortcuts.
4. Destruction of Unused Wallets
People mistakenly assume that once an address on a paper wallet is no longer in use, they can destroy the physical copy of the wallet.
Technically, it’s true. You’re not going to lose your coins by doing so. However, it’s there’s a chance you made need that information again in the future.
For example, as crypto becomes more mainstream, governments around the world are increasingly looking at ways to regulate and tax the industry. You might need to prove prior ownership of an address for taxation purposes.
There are also more practical considerations; if a blockchain forks, you might suddenly find your old address has a balance on a different chain.
Bitcoin addresses aren’t like bank statements; there’s no central entity to fall back on. It is your responsibility to log your transaction history reliably and securely.
5. BIP38 Passwords
Some paper wallets are compatible with BIP38 passwords. A BIP38 password allows you to encrypt your private key with a password of your choosing.
Using BIP38 passwords has a couple of issues. Firstly, there’s a chance you lose it, forget it, or copy it down incorrectly. The various crypto forums and communities are littered with people who have lost access to their coins after a password issue.
On a more technical level, it’s also possible to argue that BIP38 passwords reduce the security of your wallet. BIP38 reduces the 256-bit private key down to a simple password. The password becomes the only thing protecting the wallet rather than the full entropy from the creation process.
6. Raw Private Keys
Paper wallets expose private keys to users. This puts coins at risk, especially if the person is not familiar with how to use private keys.
One of the most significant issues occurs when someone imports a paper wallet into a deterministic wallet. People often destroy the paper wallet’s private key with realizing it does not become part of the new wallet. By the time they notice their error, the Bitcoin is gone for good.
7. Physical Damage and Loss
Finally, paper wallets can get damaged. Paper degrades, and ink fades over time. And that’s before you worry about risks such as fire and flood. If you’re disorganized, even something as simple as remembering where you filed your wallet might be problematic in the distant future.
You can take precautions against regular wear-and-tear by laminating the paper. Perform the lamination process in your own home; if you do it in a shop, someone could photograph your documents without you realizing.
If you hold a serious amount of crypto, you could try using a luxury service such as Xapo. It stores clients’ crypto in an underground Cold War bunker in Switzerland.
Use a Hardware Wallet Instead
Instead of using paper wallets, the widely-accepted best solution for storing your Bitcoins is to use a hardware wallet.
We found the Ellipal Cold Wallet 2.0 to be great in his review.