Our Blog

Full-stack development and intelligence for blockchains

What to do when you lose your (crypto) keys

Remember the last time you lost your wallet? Like, the physical wallet you have, with bank cards and IDs?

It’s a terrible feeling, isn’t it? Such a hassle. You need to call your bank, block your cards, get new cards, new IDs, and you lost 40 bucks you had in there as well! It’s a shame, but... it’s not catastrophic, just an inconvenience.

 

emil-kalibradov-KuMq_oN-Q-g-unsplash (2)

 

The story is a bit different if you lose your crypto wallet. Maybe you forgot your password, your hard drive crashed, or your phone got stolen. What do you do then? There’s no bank you can call to help you out, you’re on your own!

In this blog post, I’ll be walking you through all the smart things to do so you can make sure that losing your crypto wallet doesn’t turn into a disaster, but instead just another inconvenience.

If you’re a casual crypto and blockchain user you might have a wallet or two. Perhaps one on your computer and another on your phone? If you’re a blockchain developer, you might have many more, randomly created when you started all those projects you’ve got going. How do you maintain a secure backup of all these wallets?

There are a few basics behind how wallets work. We need to understand these in order for us to be sure we can maintain wallet backups and security. Firstly, let's touch on what exactly a crypto wallet is.

What makes a blockchain wallet?

A blockchain wallet is made up of two things: A private key, and a public key derived from the private key.

The public key is, public. This is what you give to anyone who needs to send you coins or tokens. This is the public address people can see you’re using when making a transaction. Of course, there’s no direct identity tied to this public address, so we might not know who’s behind the address. But the address remains public anyway.

The assets you hold in your wallet aren’t actually stored in the wallet. They are on the blockchain, in the public ledger. The ledger tells us that your public address is the owner of the various coins and tokens you have. That also means you can have multiple installations of the same wallets on different devices, and use them across those without too much hassle. And it also makes it easy to restore a wallet, assuming you have the private key.

I said initially that the public key is derived from the private key. That means that with the private key you can create the public key. The private key is used to sign the transactions, and these can then be confirmed with the public key. Keeping the private key private is essential, otherwise, someone might use your private key to steal your funds.

Keeping the private key private is also what makes it a little bit of a challenge to keep safe. You need to store it so that others can’t easily find and see it, while at the same time remain available to you when disaster strikes.

Good ideas for backing up your private wallet key

So, you’ve got this wallet, and inside the wallet, you find the private key. How exactly you find the private key depends on the wallet software you’re using, so you should refer to the documentation on how to find it.

But because all wallets interact with the same system, they all essentially have the same type of private key. That also means that you can start using a different wallet provider, without moving your assets, simply by giving the new wallet your private key.

It might be that you have a type of wallet where things are managed by some third party, like for example Dapper. This makes it easier for you, but it also means you’re trusting the third party not to abuse or neglect their responsibility to keep your private key private. That’s a tradeoff you’ll need to consider, but if you decide to manage the private key yourself, you also need to manage the backup of this.

Examples of wallets where you’ll need to manage this process are for example MetaMask or a Ledger hardware wallet. While a hardware wallet gives you some added security around how transactions are executed, making it harder for attackers to hack you and steal from your wallet, it doesn’t manage the private key backups for you.

So what traits are we looking for when backing up the private key?

  1. It needs to be separate from the device on which your wallet is located
  2. It needs to be stored in a different physical location than where your wallet is
  3. It needs to be difficult for someone to gain unauthorized access to your backup
  4. If someone were to find your backup, it shouldn’t be obvious to them what they’ve found
  5. When you need your backup, you need to know how to find and use it

Let’s go through these points.

The first point is about storing your backup outside of the device on which your wallet is installed. This is simply because you want to avoid your backup disappearing when your wallet does, like when your laptop or phone dies or is stolen. This is good advice for any backup, really. This also applies if you store the backup on an external hard drive, but the hard drive is connected to your laptop, for example. You’re then still at risk of, say, a virus or ransomware deleting or encrypting all your files, including those at the external hard drive.

The second point is similar. If you store the backup on a USB stick that you otherwise never connect to any computer (to avoid a virus or similar deleting it) but then your house burns down, you’ve lost both your laptop and the backup. To prevent this, you must place the backup somewhere else, a different location from where your wallet is located.

Point three should be fairly obvious. If your backup is left out in the open, it’s pretty much the same as publicly announcing your private key. The backup is not of much use if that happens. Maybe you can put the backup in a safe? Or a bank box? Maybe also encrypt it with a password you’re certain you won’t forget?

Point four is a bit subtler. Because the private key isn’t “big”, as in, you can easily write it down on paper, you should think about how it’s presented. Maybe you shouldn’t write, in big letters, “SUPER SECRET CRYPT WALLET.txt”, or similar! Then, if someone looks at the content of the file, or the paper you wrote it down on, it doesn’t immediately stand out as a private key.

For point five, we need to take into account all the points above. Because when you actually need the backup, you don’t want to find yourself in a position of, firstly, not being able to locate or gain access to your backup, and secondly, not being able to remember the super clever hiding mechanism you came up with on point four. In short, ensure you make sensible choices above, and maybe practise restoring your wallet a few times.

So, with that said, what to do when you lose your crypto keys? You simply rely on your backup and restore the wallet. Because you have a good backup, no?