Crypto
3 min read

Cold Wallet

A crypto wallet that stores private keys offline, isolated from the internet. Hardware wallets and paper wallets are common forms. Cold storage is the safest option for long-term holdings.

How cold storage works

The defining property is that the private key never touches an internet-connected device. Two main forms:

  • Hardware wallet — a dedicated device (Ledger, Trezor, GridPlus, Keystone) that holds keys in a secure element. The wallet plugs in or pairs to a computer or phone for signing transactions; the key never leaves the device.
  • Paper wallet — keys (or a mnemonic phrase) printed or hand-written on paper, stored physically. Used to be common; less so now because hardware wallets are more practical and less error-prone.

In both cases, signing a transaction requires physically interacting with the cold device. An attacker who compromises your computer can't drain a cold wallet — they'd need physical access to the device and your PIN, or knowledge of your seed phrase.

When to use cold storage

The general rule: any holdings you're not actively using should be cold. The threshold depends on your situation, but for most users, the practical cutoffs are:

  • Small amounts you actively trade — fine on a hot wallet like MetaMask or in custodial accounts on a CEX.
  • Larger holdings or long-term positions — should be on a hardware wallet.
  • Major balances ($100K+) — many users move to multi-signature setups or specialized custody solutions.

The trade-offs

Cold storage prioritizes security over convenience:

  • Pros — strongest available protection from remote attackers (phishing, malware, exchange hacks). The most established form of self-custody.
  • Cons — physical loss or destruction of the device requires recovery from seed phrase. Day-to-day transactions are slower (require physical signing). Onboarding has a real learning curve.

The seed-phrase recovery dependency is the major operational risk. If you lose the device and the seed phrase, the funds are unrecoverable. Most cold-wallet horror stories involve seed phrases that were lost, written down incorrectly, or stored together with the device.

Best-practice setup

A common setup for serious cold storage:

  1. Buy a hardware wallet directly from the manufacturer (not from Amazon or third-party resellers — supply-chain attacks have happened).
  2. Initialize the device offline; never enter the seed phrase into anything connected to the internet.
  3. Write the seed phrase on paper or stamp it on metal. Store it physically separated from the hardware wallet.
  4. Optionally, use a 25th-word "passphrase" — adds another factor; protects against seed phrase compromise alone.
  5. Test recovery on a separate device before sending meaningful funds.
  6. Keep small amounts on a hot wallet for active use; keep the bulk in cold storage.

Multi-sig as an upgrade

For higher-value holdings, multisig wallets distribute signing authority across multiple devices/people. A 2-of-3 multisig requires any two of three keys to sign — meaning a single compromised or lost device doesn't lose funds, and a single compromised seed doesn't grant access. Services like Casa, Unchained Capital, and Safe (the smart-contract multisig) make multisig more accessible than it used to be, though the operational complexity is higher than single-device cold storage.

What cold doesn't protect against

A few risks that cold storage doesn't address:

  • Phishing during signing. Even a cold wallet signs whatever transaction the connected app sends to it. If you authorize a malicious transaction in your hot wallet's interface, the cold wallet will sign it. Verify what you're signing on the device's screen.
  • Insider threat / coercion. Physical custody concentrates risk in your physical security. High-value holders increasingly use distributed multisig setups and other operational protections.
  • The seed phrase itself. A photo of the seed phrase on a phone, an online password manager entry, a cloud backup — all undermine cold storage. The whole point is to keep the seed offline.

The defense in depth model — cold wallet, distributed seed backups, multisig where appropriate, careful operational hygiene — is what serious crypto holders use. Each layer addresses a different failure mode.