Wallet management requires special knowledge and skills. This document is intended to provide an insight and a guideline, but security should be First of all, admin should know what ‘hot’, ‘warm’ and ‘cold’ wallet denominations mean in the Peatio use case.
HOT WALLET: Can sign withdrawal transactions without the need for manual confirmation. A private key for hot wallet is stored in Peatio core.
WARM WALLET: Requires manual confirmation for signing transactions. A warm wallet should be a multi-signature wallet (at least 2-sig) and can be configured for more than 2 signatures based on your specified parameters. (If you plan on utilizing third-party service providers (BitGo, Xapo) for your “hot” and “warm” wallets, you should read their security recommendation.*)
COLD WALLET: Offline wallet. This means that the private key for this wallet doesn’t connect to the Internet. Most secure method of generating and managing cold wallets is by managing it offline and never connecting its private keys to the Internet.
Best practices for hot and warm wallets is to set them up with a recommended balance parameters. Recommendations per wallet type: Hot wallet: up to 5% of total funds
When the ‘Hot Wallet’ reaches the recommended maximum balance, all new deposits should be redirected to the warm wallet.
Warm wallet: up to 15% of total funds When the ‘Warm Wallet’ reaches the recommended maximum balance, all new deposits should be directed to the cold wallet.
Cold wallet: Remaining balance of the exchange. Approximately 80%. There is an increasing amount of options becoming available for to setting up a cold storage wallet. Each of these options requires a software or hardware cold storages from a 3rd party provider.
Cold wallet security best practices
Cold wallet creation schema
Following be links below you can find security recommendation for wallets and cold storages provided by:
*DISCLAIMER OF LIABILITY FOR THIRD PARTY PRODUCTS. As part of its services to the Customer, the Provider may provide recommendations for utilizing third party hardware, software and/or services (Third Party Services) OPENWARE DISCLAIMS ANY AND ALL LIABILITY, INCLUDING ANY EXPRESS OR IMPLIED WARRANTIES, WHETHER ORAL OR WRITTEN, FOR SUCH THIRD PARTY SERVICES. THE CUSTOMER ACKNOWLEDGES THAT NO REPRESENTATION HAS BEEN MADE BY THE PROVIDER AS TO THE FITNESS OF THE THIRD PARTY SERVICES FOR THE CUSTOMERS INTENDED PURPOSE.