Whether you’re new to cryptocurrency or have years of experience, you’re probably still making one obvious mistake: keeping your assets on an exchange wallet. As the main gateway to Bitcoin and other crypto assets, exchanges such as Coinbase, Binance, Huobi and BitMex settle hundreds of thousands of transactions per day. No matter how trustworthy they may be, there are hidden costs, and hidden risks, to using exchanges.
The most important thing to understand about Bitcoin is that it is a custodial asset. This means that when you buy Bitcoin on an exchange, you must withdraw it to a cryptocurrency wallet which you control or you don’t really own it. If you leave your coins on your exchange account, where they were deposited after you bought them, they are still technically in custody of the exchange and at risk from a number of attacks.
To properly buy Bitcoin, to own it, you must have a wallet which only you control the keys to. Trezor is an example of a hardware wallet, a highly secure device that keeps your keys safe from online and physical attacks. There are also free, open-source wallets such as Electrum which let you keep your coins off an exchange, and are a great first step for anyone looking to improve their security.
Exchanges are a great way to easily and cheaply buy cryptocurrency, but they are constant targets of cybercriminals. Hundreds of thousands of Bitcoin have been lost to exchange hacks over the years and exchanges have no obligation to recover your funds, though some have chosen to pay customers back out of their own pockets or insurance funds.
At the heart of the issue is the Bitcoin address where funds are kept. When you buy Bitcoin on an exchange, the coins you bought are allocated to your account but are not necessarily transferred to your wallet. This helps the exchange save on fees and prevents the network from being strained by thousands of transactions each minute. You will be shown your funds in your ‘wallet’, but it is more like the numerical value of funds have been put in a spreadsheet next to your name.
The funds are instead kept in the exchange’s wallet, which they hold the private key and sole access to. Any profit you see as your asset appreciates is really the exchange’s: they could decide to keep the assets for themselves, but that would hurt their reputation. When you later withdraw your funds, which you should, the coins are released from the exchange wallet address and sent over the network to an address which only your wallet can unlock, with a key only you have access to. At this point, they are in your custody, and you have full control over what happens to them.
While exchanges remain the preferred way to acquire cryptocurrency, different types of exchange exist. The four mentioned at the beginning of this article are all centralized exchanges, under the control of one company. These operate under strict supervision of regulators and therefore are obliged to collect very sensitive data, such as your passport details, before allowing you to trade. Using a centralized exchange therefore exposes you to a second attack that could see your sensitive personal data stolen by hackers.
Decentralized exchanges also exist. These let you connect via a wallet address which you own the keys to, so any coins traded are sent directly to your wallet and straight into your custody. Trades are mostly carried out without human oversight, depending instead on smart contracts that settle trades between two parties. While this can feel safer from a data standpoint, Know-your-customer (KYC) and anti-money-laundering (AML) regulations still apply for larger deposits and withdrawals, exposing you to the same risk of data loss.
Peer-to-peer (P2P) trading has long been popular for more data-aware buyers, as they can help preserve privacy. KYC and AML are harder to enforce as the transaction takes place between two private individuals, and the decision to adhere to regulations (while still legally required, in most cases) is up to those individuals. Exchanges like Bisq serve to match sellers with buyers, without being involved in the actual settlement process. If using a P2P exchange, however, never agree to meet someone in person, as this exposes you to physical threats.
While it may seem that each option is a compromise, a fourth option exists: buy cryptocurrency directly from your Trezor hardware wallet, through Trezor Suite. Thanks to Invity, a company owned by SatoshiLabs, Trezor users can quickly, safely and easily buy cryptocurrencies from trustworthy exchanges and have their purchase sent directly to the wallet they hold the keys to. In a matter of minutes, you can buy Bitcoin at a competitive price and have it in your sole custody.
As the Bitcoin price hovers just under new all-time-highs, the fact of the matter is that it has been profitable to hold Bitcoin for 99.9% of the days it has existed. While cryptocurrency trading can be very attractive, it introduces very high amounts of risk that hodlers are not exposed to. For many people, the best way to protect a bitcoin investment would have been to simply buy it, secure it, and wait, rather than taking unnecessary risks in the hope of greater returns.
If you do decide to try your luck at trading, it is essential that you learn to manage risk. Never invest more than you can afford to lose, be very cautious about entering a position with all your capital, and be especially wary of lending against your position (known as leverage trading). While a bigger position may promise bigger returns, very few traders are capable of consistently making the right move, and today’s big win may very easily turn into tomorrow’s heart-wrenching loss.
As with buying cryptocurrency, any gains which you may make in trading are still under the control of the exchange. If you do make a profit, make sure you think about withdrawing at least a portion of it so you are not exposed to potential hacks or bad actors within the exchange. Send your profits to your hardware wallet and you will probably feel much better about any losses that may follow.
Exchanges make a lot of money from trading fees, so there is incentive to make their customers trade more, even if the customer is not competent enough to do so. Leveraged trades and options are two of the very complicated financial instruments which more and more exchanges now offer. These should not be used by anyone who is inexperienced, and even then they should be approached with a high degree of caution.
If you want to simply buy an asset and sell it at some point in the future, you can just use Trezor Suite, which lets you exchange coins directly from the secure desktop app, all under the protection of your Trezor.