Almost everyone entering DeFi is doing so in a ‘try it and see’ mode. While there is plenty of literature on best practices, they’re often overlooked when it comes to custody. Here's what to look out for.
Over the last couple of years, interest in DeFi has exploded. The Total Value Locked (TVL) in DeFi now stands at around USD 80 billion. This has grown from just over USD 10 billion, two years ago. For context, the current TVL is comparable to the market capitalization of the world's 20th largest bank.
Every time you transact in DeFi your wallet is interacting with smart contracts. For each transaction you provide a digital signature. You are proving ownership of the private key, without revealing the key.
Your private key is your “signing key” and is secret. Your public key, or wallet address, is a “verification key”. It is mathematically linked to your private key. A public key can be generated from a private key, but (ideally!) not the other way around.
If you are interested in understanding more about the mechanics, search around the subject “elliptic curve cryptography”.
A hot wallet is a piece of software providing crypto storage. It can be accessed from your phone or computer. Hot wallets are easy-to-use in DeFi, allowing holders to move assets and interact with smart contracts quickly. The principal consideration is they are connected to the internet. Private keys are therefore vulnerable; users are forgoing security for convenience.
A cold wallet is an offline storage solution for crypto. It can be a device or simply a piece of paper. A hardware wallet is usually associated with long-term investors who want maximum protection, but can also increase security when interacting with smart contracts.
The most popular method of engaging with DeFi is via the MetaMask plug-in. As a standalone, this is a hot wallet and your private key will be stored within the browser or app. On its own, this is unsafe and should only be considered for insignificant sums of crypto.
Introducing a hardware wallet, such as Ledger or Trezor, allows users to keep their private keys offline. The full functionality of MetaMask can be retained, including the ability to interact across multiple EVM-compatible blockchains from a single wallet.
The browser wallet plug-in provides access to decentralized applications (dApps), but transactions are signed on the device, ‘physically’. A better approach to self custody.
Unfortunately, this doesn’t provide immunity from human error. Holders of a hardware wallet still need to secure their private key or seed phrase, in case of loss or damage to their device. The private key should be recorded and stored offline - it should not be stored on a device with internet access.
If you’re invested in DeFi, and interacting with dApps, you should use a hardware wallet to sign transactions. Your private key will remain offline on the physical device.
A final point from personal experience: moving all your assets from numerous DeFi protocols, between a hot wallet and a cold hardware wallet, is arduous and expensive.
Start out safely!
DeFi remains high risk. Explore, learn and have fun, but size your investments accordingly.
Bringing digital assets to the world.
EQONEX is a digital assets financial services company focused on delivering a full, digital asset ecosystem that offers innovative, trusted, and transparent products and services.
© 2022 EQONEX Capital Pte Ltd
All rights reserved.