- Exchanges: The exchanges do try their level best to secure their assets, but having a centralized architecture makes it worth the time of hackers trying to crack it. They work for small amounts but definitely not recommended for HODLing large amounts.
- Hot Wallet: They are constantly connected to the internet, in most cases, which may be susceptible to a malware attack. Secondly, for a successful HODL position, the user should have no to minimum interaction opportunities with the funds. Hence it is not advisable to keep the funds in a hot wallet on a smartphone or a PC which is usually very interactive.
- Hardware Wallets: This is the most preferred way to HODL today but certainly not the best HODL strategy available. HODLers would usually put away the wallet into a locker and the recovery phrase into another locker (maybe even the same). That works for most of the users if the size of their portfolio is not very large for them. Both the recovery phrase and the hardware wallet has a single point of failure and hence there is a possibility of data loss or data theft. Secondly, unlike Hardware wallet that is tamper-resistant, the recovery phrase is even more susceptible to attacks since they are there in plain text probably on a piece of paper.
- Multi-sig Wallet: In an ideal scenario, this is what every HODLer should use today. It requires some technical know-how to setup and requires you to use multiple wallets, if you are not choosing to buy a service for the same. Multi-sig setup is definitely one of the most secure ways to protect your assets but unfortunately there are still many blockchains that still do not support Multi-sig or there is a lack of standard implementation of Multi-sig in different Blockchains. Currently, it is just too much of a hassle especially if the user needs to do multi-sig with many coins, since they would need to configure their wallets accordingly.
Access Distribution To The Rescue
i. The seed phrase is completely encrypted and split into multiple shares
ii. The original seed phrase can’t be reconstructed without a minimum threshold of shares thus preventing a single-point-of-failure.
iii. Effectively tackles the $5 wrench problem.
Fig. Asset Distribution
Fig. Access Distribution
Steps to Remember while HODLing
Keep the watching address separately (usually the extended public key). Use open source tools like the Blockchain Public Address Manager Chrome Extension, a notepad document or any other cloud service to keep your watching public keys and addresses at a single place. This helps in keeping your address handy for accumulating the funds without the need to access the private keys. Note that, even if your watching public keys are stolen or hacked, it does not result in the lose of funds.
Keep the private keys as far as possible from yourself. Greater the separation, better is the security.
Do not overcomplicate the security of the funds since increasing complexity means increasing the difficulty to recover and inherit the assets in the future. A great resource around inheritance planning is Cryptoasset Inheritance Planning by Pamela Morgan.
Always use a threshold scheme like multi-sig or Shamir Secret Sharing to secure your assets. If you can handle the complexity of multi-sig and can judge the code base of the multi-sig implementation of assets that have multi-sig support on their Blockchains, only then think of setting up a multi-sig wallet using multiple hardware wallets of different manufacturers. On the other hand, if you want to keep using a hardware wallet, at least secure the seed phrase of the wallet using Shamir Secret Sharing to avoid a single point of failure on the recovery phrase.