Hot / Warm / Cold Wallets Best Practices
Wallet management requires special knowledge and skills. This document is intended to provide an insight and a guideline, but security should be First of all, admin should know what ‘hot’, ‘warm’ and ‘cold’ wallet denominations mean in the Peatio use case.
HOT WALLET: Can sign withdrawal transactions without the need for manual confirmation. A private key for hot wallet is stored in Peatio core.
WARM WALLET: Requires manual confirmation for signing transactions. A warm wallet should be a multi-signature wallet (at least 2-sig) and can be configured for more than 2 signatures based on your specified parameters. (If you plan on utilizing third-party service providers (BitGo, Xapo) for your “hot” and “warm” wallets, you should read their security recommendation.*)
COLD WALLET: Offline wallet. This means that the private key for this wallet doesn’t connect to the Internet. Most secure method of generating and managing cold wallets is by managing it offline and never connecting its private keys to the Internet.
Best practices for hot and warm wallets is to set them up with a recommended balance parameters. Recommendations per wallet type: Hot wallet: up to 5% of total funds
When the ‘Hot Wallet’ reaches the recommended maximum balance, all new deposits should be redirected to the warm wallet.
Warm wallet: up to 15% of total funds When the ‘Warm Wallet’ reaches the recommended maximum balance, all new deposits should be directed to the cold wallet.
Cold wallet: Remaining balance of the exchange. Approximately 80%. There is an increasing amount of options becoming available for to setting up a cold storage wallet. Each of these options requires a software or hardware cold storages from a 3rd party provider.
Cold wallet security best practices
- A cold wallet should be generated offline
- A cold wallet should be multi-signature
- Private key belonging to the cold wallet should never have access or referenced on the Internet
- Transactions signing on a cold wallet should be done offline. A signed transaction should be moved on a trusted computer with the use of a trusted USB flash drive. After that signed transaction can be propagated to the blockchain network.
- A cold wallet should be created with a use of 5 signatures. A multi-sig cold wallet should require 3 out of 5 signature to sign a transaction.
- Signatures to a multi-sig cold wallet should be stored in the following manner: Three signature should be stored on the cold storages hardware unit. Seeds for other two signature should be back up on two metal plates (each seed on a separate metal plate), those metal plates should be covered with untransparent wax. Seed from one of two plates should be used as a private key on a trusted computer that doesn’t have an internet connection. This protocol should be followed in case that one out of three signers is unavailable, so that a trusted computer can be used as a third signer.
Cold wallet creation schema
Following be links below you can find security recommendation for wallets and cold storages provided by:
*DISCLAIMER OF LIABILITY FOR THIRD PARTY PRODUCTS. As part of its services to the Customer, the Provider may provide recommendations for utilizing third party hardware, software and/or services (Third Party Services) OPENWARE DISCLAIMS ANY AND ALL LIABILITY, INCLUDING ANY EXPRESS OR IMPLIED WARRANTIES, WHETHER ORAL OR WRITTEN, FOR SUCH THIRD PARTY SERVICES. THE CUSTOMER ACKNOWLEDGES THAT NO REPRESENTATION HAS BEEN MADE BY THE PROVIDER AS TO THE FITNESS OF THE THIRD PARTY SERVICES FOR THE CUSTOMERS INTENDED PURPOSE.