For the past two weeks, you’ve been spending hours on the internet exploring the meanders of the crypto world, confronting yourself with cryptic jargon such as sats, shills, pump and dump. Reading white papers (or at least trying to), devouring exchange reviews and comparisons, not stopping talking about it until turning your friends off and dreaming of the day when you’ll finally own some. But that day didn’t come…
When did I screw up?
“Deeply convinced by crypto and its revolutionary potential, you decided to buy the asset you spotted during the two-weeks search. You also decided to opt for the CoinWeak exchange for its very low fees. That night was the night: you signed up for a CoinWeak account, using your email address. You chose your username and your most secure password. Then you went through the process of verifying your account: you sent a picture of your ID, provided your name, date of birth, country, physical address and phone number. Account validated! You funded it via bank transfer. Waited a bit… Your fiat hit your account! You were finally ready to dive in! Which you did right away. You entered the sum of money you wanted to convert. Validation. Done! You bought your assets! You were so excited that you couldn’t resist telling all your friends about it. You spent the rest of your evening thinking about what you could do now and your potential next moves as a true crypto owner. You went to bed with crypto dreams, leaving your freshly bought token on the exchange…
What you weren’t expecting is that the next day CoinWeak got hacked. You received the news while waking up. Scared, you rushed to check it out, thinking it was a joke. You tried to log in. The exchange was under maintenance. You had completely lost control of your assets and could do nothing but wait. Which you did. You stressed all day. At night, you realized you had lost everything, without even a chance or the power to do anything about it…”
These things only happen to
other people those who lose control
Buying and leaving your assets on an exchange means entrusting them to a third party. In other words, it means you are not fully in control of your assets, in terms of actions as you can’t do whatever you want with them, ownership (as you don’t really own them) and security (as they are vulnerable to hacks).
First, each time you want to interact with your crypto, you’re basically asking the exchange for permission to have access to it. Similar to a bank, you will need to wait till they process and approve your request. While the power of crypto lies in its decentralization and individual empowerment, leaving your assets on an exchange – or other online platforms – is like a reversion to the traditional banking system. Especially since you’re not the real person in charge of your funds. For instance, when you want to perform an action such as a transfer, the request goes through the exchange or the platform where you store your assets. You can be blocked from making a transfer or asked questions as to the purpose of it. Some limitations can also prevent you from sending over a defined amount of crypto, or your transfer can simply be denied. Besides, the third party platform could restrict your freedom of choice in terms of services or options, by simply not giving it to you. While most exchanges have a staking offer – a way of being rewarded for participating in the network ecosystem – they impose their validator. On the other hand,with Ledger Live you can choose whichever validator you want to delegate your stake to based on your evaluation of key criteria (percentage gain, reliability, validator values, opinions etc…).
In short, leaving your crypto assets on an exchange means letting them decide how your crypto is managed, according to their rules, not yours. It is giving the control of your assets to a third party, which is actually their real owner.
Buying and keeping your coins on an exchange means not owning them
When you buy your crypto through an exchange and just leave them on it, you don’t really own them. You wouldn’t have full control over them either. It’s actually the exchange that effectively owns your crypto because it owns the private keys to your funds.
What are private keys?
When you own 1 dollar, you either physically own 1 dollar in fiat currency, or you own 1 dollar on your bank account, with the bank being the intermediary to officially certify you actually have it (and to convert it in fiat whenever you need to). When talking about cryptocurrencies, there is no physical equivalent such as fiat, gold, diamond or work of art. It’s fully digital. To ensure trust among the network, cryptocurrencies work based on private and public keys. While your “private key” is yours and unlocks the right for you to spend the associated cryptocurrencies (and should therefore remain private), the public key is a public address where all users in the network can send cryptocurrencies. Conceptually speaking, if your private key were your bank account password, your public key would be your bank account number, such as an IBAN. Private and public keys together form the crypto system that in a sense virtually creates “tangibility” in the transactions, reporting in the code any transaction in an encrypted and immutable way. In other words, these keys prove that a spent transaction was indeed signed by the owner of the funds, and was not forged.
Therefore, when you own cryptocurrencies, what you really own is a “private key.” This gives rise to the saying: “Not your keys, Not your crypto”. This famous statement in the crypto community summarizes the issues with exchanges since by leaving your coins on an exchange, they own your private keys. Therefore, they also own your crypto.
If I don’t own my crypto, what do I actually have?
Keeping your crypto on online platforms is effectively equal to having an “IOU” (I owe you), not the crypto itself. A so-called IOU refers to “an informal document that acknowledges a debt one party owes to another”. Since they are informal, IOUs do not include any legal commitment about paying the debt or payment deadlines. “In essence, IOUs are nothing more than casual notes that people create in order to remind them they need to pay a debt in a future date” – Binance Academy.
On top of the lack of control and ownership of your crypto, the last – but not least – big risk of leaving your asset on an online platform is security. Exchanges are centralized and intermediary platforms designed to facilitate transactions. They’re not banks or vaults. If something bad happens to the exchange – a hack, scam, lack of liquidity… – and your crypto is gone. In most cases it does not have any legal obligation to refund your loss, while banks do have it (when the security breach is on their side). Besides, anyone who can figure out your login details would be able to access and steal your Bitcoins. You are not only vulnerable to the exchange hacks but also to your account being hacked. Unfortunately, these things happen all the time all over the world. To give you an idea, here is a complete and updated list of cryptocurrency exchange hacks, including the verified losses in coins, fiat and data. Despite the efforts made by exchange to reinforce their security, the number of hacks seem to keep increasing. In 2018, Coindesk announced “a record-breaking year for exchange hacks and funds lost”. It included the Tokyo-based Coincheck hack, victim of the biggest hack in the history at the time, losing an estimated $500 million worth of cryptocurrencies. In 2019, it was Cointelegraph‘s turn to report a new record of twelve exchange hacks over the year, with over $292 million and over 500,000 cases of customer’s personal data being stolen.
While the exact number of overall victims from both exchanges and individual accounts hacks is unknown, exchanges being susceptible to hacks is certain. As centralized intermediaries connected to the internet holding vast sums of crypto, exchanges and other online platforms are an “easier and more alluring target” for thefts. That’s why taking back control of your crypto assets is very important to correctly protect them.
How to take back control of my crypto assets?
You got it now: by leaving your crypto on an exchange, you don’t own your private keys – thus you don’t own your cryptos – and as such you don’t have any control over your own funds. The only way to become the sole owner of your assets and take back control is to ensure they are secure on your own, rather than outsourcing their security and storage to a third party. How? By using a cold wallet like the Ledger Nano X and Ledger Nano S.
Hardware wallets are physical devices used for storing your private key in an encrypted, offline environment. It means:
1) your assets are kept securely away from anyone who’s not the primary user
2) you ensure ownership and full control of your assets as you are the only one in charge of your money (no third party involved)
3) they won’t be vulnerable to online hacks or cyberattacks unlike exchanges and other hot wallets.
In short, storing your crypto investments on a Ledger hardware wallet ensures that you actually own the asset and have full control on it in a secure way.
If we go back to the whole buying process you went through with the CoinWeak exchange, a last yet crucial step was missing: the secure storage. As you only become the owner of your funds when you own your keys, you should transfer them to your hardware wallet to actually own and secure them. To ease the process and help crypto owners to take this final, vital step, Ledger’s team recently added a new Buy feature in Ledger Live. Thanks to the Coinify integration, the transaction is simpler and once you bought your favorite crypto through Ledger Live, it will immediately be sent to the safety of your hardware wallet. Taking back control and becoming a true owner of your money has never been this easy.