Is the cryptocurrency in your Solo 401k safe? The answer is yes if you use the basic protocols that blockchain technology provides. It should be safe using the distributed ledger technology and the encryption process every crypto transaction undergoes. However, you should be aware that crypto is not a government-backed currency and therefore it does not have the protection of the Federal Deposit Insurance Corporation (FDIC). That means if a cryptocurrency fails or your account is compromised, the US Government will not cover the loss the way it would if a bank failed. Read more for best practices for security.
In this article, we explain cryptocurrency security best practices that keep your cryptocurrency safe from hackers and other thieves.
Public and Private Keys: Best Practices
At the heart of cryptocurrency technology is cryptography. Public and private keys work much the same as other online account names (or numbers) and passwords but with significantly better security. A public key is like an account name because it lets one person direct a crypto transaction to another person. Importantly, it does not allow the originating person to complete the transaction. Your private key completes the transaction. Thereby requiring both parties to the transaction to agree on the transaction.
An important feature of a public key is to verify a transaction after the first person has requested it. The second person can see what is being requested before authorizing the transaction. The private key authorizes the agreed transaction. Unless there are exceptional circumstances that you agree with, your private key should never be shared with anyone else. But losing that private key can be like losing cash. Once it’s gone, it cannot be retrieved. An exception might be sharing your private key with a spouse or trusted guardian but you must first be absolutely sure you want to do this. This agrees with the philosophy that you should have full control of the assets in your Solo 401k .
In a nutshell, a crypto wallet is your public key (aka user address). By knowing the encrypted address of your wallet, other network users can send crypto tokens to you. But you need your private key to confirm the transaction. It’s similar to another person having your email address to send you a message but without your password, the other person cannot access the other messages and functions inside of your email account.
Cryptography Methods for Cryptocurrencies
Cryptocurrency uses several different cryptography methods. The most common are symmetric encryption, asymmetric encryption, and hashing. All use secured encryption consisting of random letters and numbers. This is important when senders have access to your wallet (more about wallets below). Unlike an email where a sent message automatically appears in your mail folder, cryptography requires that you must first decrypt the message before you actually receive it in your wallet.
Symmetric Encryption
Probably the most popular because it is easy and effective encryption. A message (or crypto-token) is sent with a single public key in which the key can be identical or different between parties. The receiving party decrypts the transaction with a private key once it is received and verified.
Asymmetric Encryption
This usually involves two keys. One to encrypt the message and a different one to decrypt the message – these are the Private and Public Keys. The public key verifies sent transactions. In order to decipher the message or transaction, you need a private key. The public key authenticates that the transaction is intended to happen (foils hackers). The private key allows the transaction to happen. Be aware that a lost private key cannot be replaced. Conversely, if a private key becomes public, any transaction in the wallet can be authorized. Also, due to blockchain technology, once a transaction is authorized, it cannot be reversed by the wallet owner – it becomes unretrievable unless the next account holder in the chain (possibly a hacker) initiates a new transaction.
Hash functions
Hash functions (aka one-way encryption) are algorithms that use no key. Instead, a fixed-length hash value (random numbers and letters) generates based on the text making it impossible for either the contents or length of the text to be recovered (the transaction only goes one way). Hash algorithms provide a digital fingerprint of a file’s contents to verify its authenticity. The passwords transform into hash values so if a security breach occurs, the password stays protected. A hash value cannot be reverse engineered to get to the original text. This method protects the file from viruses or intruders.
A Simple Example of Private and Public Keys at Work
The two main purposes of public and private keys are identification and confidentiality. The process works like this:
- Sender acquires the intended recipient’s public key.
- Public key encrypts and sends the information.
- The recipient uses their private key to decrypt the information.
Although it may sound complex, a real-life example is relatively simple. Jack (the sender) wants to send Jill 4 Bitcoins to purchase a real estate property for his Solo 401k. Jack accesses his Bitcoin account using his private key. Jill provides her public key to Jack, which he uses to encrypt the transaction to send the Bitcoin to Jill. She finally completes the transaction when she uses her private key to decrypt the transfer. Jill is the only person who knows her private key and is the only person who can complete the transaction. An intruder cannot access Jack’s transaction.
It’s a simple three-step process based on encryption secured by a private key that you own physically. Your private encrypted key gives you the right to manage your digital assets and authorize any transactions.
Cryptocurrency Security Best Practices
The greatest threat to your cryptocurrency is through your crypto wallet. However, a crypto wallet does not actually hold the cryptocurrency. Your crypto wallet only contains your public and private keys, which allow you to transact or trade cryptocurrency online. If you have more than one cryptocurrency account, you should have a corresponding number of crypto wallets.
But because your crypto wallet contains your private key, you must protect it from cybercriminals. Gaining access to your crypto wallet can enable a cybercriminal to access your cryptocurrency. Here are ways to protect your assets.
Cold wallets
Do not connect to the internet. Also known as a hardware wallet, it is a physical device that keeps your cryptocurrency completely offline. When you acquire cryptocurrency, you’ll have the option to leave it in the exchange where you bought it, or you can move it into another storage system called a cryptocurrency wallet. Technically, leaving your cryptocurrency on the exchange is okay. The “hot” wallet can be accessed over the internet using your phone or computer.
Most cold wallets look like USB drives. An offline wallet helps protect you from hacking and online attacks. But you can also risk losing your cryptocurrency. There is no backup to this form of storage; if you misplace your wallet, you lose access to your funds. If you do use a cold wallet, be sure to purchase it directly from a manufacturer instead of secondhand. Otherwise, the device may be at risk.
Use multiple wallets
There is no limitation on the number of wallets that you can own or how you manage them. Having multiple wallets for different purposes can add to your overall security. You can divide your holdings between wallets to minimize risk to your total holdings. Or if you want to actively trade cryptocurrency, you may want to keep working capital in a hot wallet (online) but the bulk of your holdings in a more secure cold wallet (or multiple cold wallets).
Secure your cold wallet
Even with a cold wallet, you want to keep it up-to-date with the latest virus definitions using a strong anti-virus and firewall. At some point, you’ll need to plug your cold wallet into the internet like a USB drive. Also, use a randomly chosen password to access your wallet and change the password often. Don’t use a password associated with your social media or other devices. Use separate passwords if you have multiple wallets.
Always use secure internet access
Best practice: never make cryptocurrency transactions over public Wi-Fi networks. This may become more of a concern as more businesses begin accepting crypto. If you find a need to use public Wi-Fi, use multiple wallets with one holding small amounts for public Wi-Fi transactions. Even when accessing your home network, use a VPN (virtual private network) for additional security. A VPN changes your IP address and location. This keeps your browsing activity safe and private from threats.
As you know, sophisticated thieves will try to steal your cryptocurrency just as they try attacking your bank accounts and credit cards. However, you have the knowledge needed to protect your cryptocurrency with private and public keys as well as how to safeguard your crypto wallets.
Contact a Nabers Group team member today to see if the Solo 401k is right for you. We’re happy to answer your questions about crypto assets and help you put together a plan so you can move forward thoughtfully, efficiently, and in full control of your retirement funds.
For even more insights about investing in crypto and how it fits with your Solo 401k, check out these other links:
- Crypto Education Series: Part I – Bitcoin Basics
- Crypto Education Series: Part II – Bitcoin In Your Solo 401k
- Grow Your Gains Tax-Free with Roth Solo 401k Crypto Education Series: Part III
- Crypto Education Series: Bonus – Bitcoin FAQ
- Bitcoin Fireside Chat
- Cryptocurrencies Are Not Fiat Currencies
- How to Invest Your Solo 401k in Crypto
- Start Investing with your Solo 401k: Buy Cryptocurrency
- How to Open a Coinbase Prime Investment Account For Your Solo 401k
- Open a Kraken Exchange Account for Your Self-Directed Retirement Funds
- How to Invest in Crypto With Your Retirement Account
- 10 Crypto Coins to Consider Adding to Your Solo 401k
- Grow Crypto Gains Tax-Free with Roth 401k