Cryptocurrency Exchanges, Wallets and Security: A Beginners Guide
Entering the Crypto World: A Beginner's Guide to Wallets, Exchanges & Basic Security
When stepping into the crypto sphere, newcomers often bump into concepts like wallets and exchanges. Picture centralized exchanges as bustling marketplaces filled with traders, while wallets are more like your personal cryptocurrency safes. Ready to dive in? Let's simplify.
Exchanges: What are They?
Exchanges are platforms where you can buy, sell, or trade cryptocurrencies. Think of them as stock markets but for crypto. These platforms can be either Centralized (CEX) or Decentralized (DEX).
Centralized Exchanges (CEX)
❍ Binance: It's like the Amazon of crypto - vast and varied.
❍ KuCoin: Think of this as a boutique store with a unique collection, especially small-cap tokens.
❍ Coinbase: Previously the gold standard, but has lately drawn mixed reviews.
❍ ByBit: Tailored for those who enjoy the thrill of day trading.
Registering and Security: Imagine signing up for a new email or social media account. That's how easy it is to register. However, for enhanced features and security, they ask for more details, called KYC (Know Your Customer). Remember, once you share this, it's with them forever. It's like trusting a bank with your personal details.
Revenue and Trading: While these platforms primarily earn through trading fees, they also have feature called 'leverage' and 'futures'. It's a bit like putting a bet on your favourite team but with varying odds. The higher the odds (or leverage), the more you could win – or lose.
Features to Know:
❍ Staking: Think of this as earning interest. Just by holding some cryptos here, you earn rewards.
❍ Orders & Trading Tools: Features like Limit Buy or Stop Loss are like setting automated commands for your trades. It's like pre-ordering an item before its release.
❍ Fiat Services: Need to change your crypto into regular cash? Or vice-versa? Some CEXs help with that.
However, using centralized exchanges has its risks. Imagine if a bank could see all your transactions or freeze your account without reason (which they can and do). That's the level of control CEXs have.
In Summary: Centralized Exchanges are like all-in-one supermarkets for all things crypto. They're great for quick trading and features, but remember, they have a lot of control, so tread wisely.
Decentralized Exchanges (DEX)
Using a DEX can be simpler than using a Centralized Exchange (CEX), but getting there can be a bit more complicated. For more information on how to get started, see the 'Wallets' section below and check out the tutorial video available in the Educational sector of your subscriber panel.
Funding Sources of DEX
A DEX is funded through three main sources:
1. Liquidity provided up front from projects seeking to list on them,
2. Liquidity Pools (LPs) and/or Farms offered by projects to increase the immediate liquidity of their protocol,
3. Transaction fees.
Until as recently as 2022, a DEX was generally limited to tokens listed on the same network they operate upon. For example, before their update to v2, PancakeSwap, the native DEX of BNB Chain, would only list tokens which function on the BNB Chain network. Most networks offer a native DEX. Some networks have more than one native DEX, so choosing the right one often comes down to factors such as liquidity depth and user base, even if others are technologically superior. In the midst of 2023, most gen2 DEX's have made critical updates to incorporate some form of multi-chain functionality, with cross-chain communication and transactions. Undoubtedly, this was to remain competitive in a market rolling out gen3 DEX's which implemented these functions as default.
Examples of Network Native DEXs:
❍ Ethereum | Uniswap
❍ BNB Chain | PancakeSwap
❍ Polygon | Sushiswap
❍ Cardano | MinSwap
❍ Avalanche | Pangolin
❍ Algorand | Tinyman
❍ Solana | Raydium
❍ Fantom | Spookyswap
❍ Kujira | FIN
When trading on a DEX you are actually 'swapping' one token for another. Search for the 'trade' or 'swap' options to access this feature. It's important to note that some DEXs do not offer limit buy or sell features, although some large DEXs like Uniswap, PancakeSwap, and Spookyswap have updated to include this feature. So, when you're 'swapping,' you're doing so at the current market price, not a price you may wish to enter or exit at, which may not be suitable for everyone.
There are three methods DEX’s use to complete a swap:
1. AMM (Automated Market Maker): AMM's rely on the liquidity provided of both tokens you're swapping between in an LP (liquidity pool), then the price is automatically set based on the value of each token in the LP pairing. Learn more about AMM here.
2. Order Book: CEX's generally use order books, but DEX's have started using them too. The price is guaranteed by the exchange, not liquidity provided by users or projects. Learn more about Order Book here.
3. Combination of the two: Modern Gen3 DEX’s like Kujira's FIN can combine aspects of both to prevent Front Running, Impermanent Loss, and increase efficiency in the trade/swap. Learn about Front Running here and Impermanent Loss here.
DEXs are also useful for accessing Liquidity Pools (LPs) and Yield Farms to generate passive income in a decentralized manner. More about this will be covered in Part Four ‘Decentralized Finance’.
Disadvantages of Using DEXs:
1. Risk of Swapping Incorrect Token: There's a risk that the token you're swapping to isn't the token you think it is. Most DEXs aren't as diligent as CEX’s in verifying the authenticity of the contract added to their network (unless they’re Semi-Permissioned like Kujira). So, it may appear that you’re swapping your $USDT for $APE, but you're actually authorizing a protocol to drain your liquidity when you authorize the swap before swapping. Always source the token/coin contract address from CoinMarketCap first, not from social media or websites. CoinMarketCap independently assesses the contract before listing it. Learn how to identify and avoid Uniswap scams here.
2. Phases of DEX Swap: A DEX swap often comes in two phases, or three phases if it’s your first time visiting the site. Phase One is agreeing to connect your wallet to the DEX. Phase Two is authorizing the DEX to move your assets. Phase Three is confirming the trade/swap. Phase Three often incurs Gas Fees if it is an EVM network like Ethereum or BNB Chain. As this payment goes to the miners to complete the transaction, it can often be quite high (especially during peak usage periods), and this fee is not included in the swap price. Prior to completing Phase Two, please ensure a maximum limit is set. Because should the DEX you're connecting to ever become compromised an unlimited setting could result in your entire wallet being drained.
DEX Aggregators operate like a DEX, but use 'Bridges' or other forms of cross-chain communication architecture (such as provided by Axelar or LayerZero) to enable token swaps from one network to another, sometimes to a different token on another network. The difference between a DEX and DEX Aggregator? The DEX Aggregator's primary function is to route through numerous DEXs, preferably with the deepest liquidity for maximum efficiency (reduced fees/slippage), instead of listing tokens directly. This will reduce gas/gwei fees, but sometimes increase slippage fees due to routing through multiple DEX's to complete a transaction.
Bridging is the link between different networks, enabling transactions and liquidity to flow both ways. For example, a project built on BNB Chain wanting to open a liquidity pool with $ALGO (native token of Algorand) could use a bridge between the two networks to offer LP pool pairings with both $BNB and $ALGO, such as $SCLP/$BNB LP & $SCLP/$ALGO LP. It is a much-needed utility in crypto as interoperability is critical for the future of crypto. However, bridges have proven to be especially vulnerable to hacks. All the major successful hacks in 2022 were exploited through bridges.
Examples of cross-chain bridges:
❍ LayerZero | Provides underlying architecture for cross-chain communication between EVM networks. Utilised by SpookySwap, Woo Network, Stargate Finance and many others.
❍ Axelar | A Cosmos Layer 1 chain which provides underlying architecture for cross-chain communication between EVM and Cosmos ecosystems. Utilised by the likes of SpookySwap, Satellite, QuickSwap, ApeSwap, Stargate Finance and many others.
❍ Aptos | Aptos to EVM bridge
❍ Orbiter Finance | Starknet to EVM bridge
❍ Layerswap | Starknet, CEX, Fiat, and EVM Bridge
❍ WanChain | Bitcoin to multiple EVM bridge
If you own a MetaMask wallet and frequently use multiple networks, a DEX Aggregator would be a simple and useful method for moving your assets across those networks. DEX Aggregators are generally compatible with several networks, the more, the better.
Examples of DEX Aggregators:
Most DEX Aggregators are built across the Ethereum Virtual Machine (EVM) networks, which are built upon the Ethereum smart contract blueprint/framework, making them easily interoperable. There are more bridges being built between EVM-based and non-EVM based networks, so hopefully, we will soon see DEX Aggregators adding enacting swaps between all major networks for complete integration.
Pros and Cons of using DEX Aggregator:
1. Swap Efficiency: Usually offers the best slippage for a swap as it will route through the DEX with the deepest liquidity to offer the best price match possible.
2. Network Bridging: It provides an opportunity to bridge your assets across multiple networks.
1. Increased Gas Fees: It sometimes incurs higher gas/gwei fees as it occasionally needs to route through multiple DEX's to complete the trade/swap.
2. Not the Safest Method: Bridging, especially between EVM networks, has proven to be vulnerable to hacks.
Choosing the right type of wallet for storing and managing your digital assets is crucial for both security and ease of use. In the cryptocurrency world, wallets are categorized into several types: Custodial, Non-Custodial, Hot, and Cold. Let's explore these in detail:
In Custodial wallets, the protocol owns the rights to the wallet's contents, and you're issued a public key to access it. A KYC (Know Your Customer) process is usually required, making them popular with fintech (financial technology) and banking services as well as centralized exchanges (CEXs). These wallets offer the convenience of being managed by a third party but come with the risk of freezing or confiscation of your assets by the service provider. Remember, "Not Your Keys, Not Your Crypto!"
These are wallets where you own the rights and no one else can freeze or confiscate your assets. During setup, you're given a mnemonic phrase, secret key, or private key. This key phrase usually consists of 12 to 24 words and is the ultimate backup for your wallet. Write it down, or use a metal wallet such as those provided by SecuX, and store it securely.
Metal wallets have the advantage of generally being tamper resistant, element proof (fire and water) and hardened, usually built with titanium. Though this additional security comes with a cost to consider.
Do not store it digitally to avoid hacking risks. Whoever has access to this key phrase can access your wallet and the assets within it.
Hot wallets are software-based wallets and can be accessed via a web browser, mobile app, or desktop application. While they offer quick access and are convenient for regular transactions, they are less secure and are susceptible to hacking.
Examples of Web Browser Extension Hot Wallets:
❍ MetaMask – The most widely used browser extension hot wallet, compatible with all EVM Networks.
❍ Blockwallet – A superior version of MetaMask, for all EVM networks.
❍ Eternl – The no.1 Cardano browser extension hot wallet.
❍ Keplr – The leading browser extension Cosmos ecosystem wallet (not compatible with Brave).
❍ MyAlgo – Compatible with all tokens developed on the Algorand network.
❍ Exodus Wallet – Compatible with multiple networks (EVM & Non-EVM), similar to a custodial wallet on a centralised exchange.
❍ Solflare – Compatible with tokens developed on the Solana network.
Using Mobile Devices for Hot Wallets:
While mobile devices are incredibly convenient and most people carry one at all times, the fact is they are not the most secure platform for storing cryptocurrencies. They are susceptible to a variety of attacks including phishing attacks, malware, and even physical theft. Even with the best security practices, there is always a risk involved in storing cryptocurrencies on a mobile device.
That being said, if you must use a mobile device for cryptocurrency transactions, here are some tips to improve your security:
1. Use a Secure Device: Ensure your device is up-to-date with the latest security patches and updates.
2. Enable Two-Factor Authentication: This adds an extra layer of security by requiring not only a password and username but also something that only the user has on them, like a piece of information only they should know or have immediately at hand - like a physical device.
3. Use Secure Connections: Avoid using public Wi-Fi networks when accessing your wallet or making transactions.
4. Regularly Update Your Wallet App: Make sure your wallet app is up-to-date to ensure you have the latest security features.
5. Do Not Root or Jailbreak Your Device: This can expose your device to additional security vulnerabilities.
Even with these precautions, it is still recommended to only store a small amount of cryptocurrency on mobile devices or hot wallets. Larger amounts should be stored in cold storage or hardware wallets.
Examples of Mobile dApp (Decentralised Application) Hot Wallets:
❍ Exodus Wallet (Multiple EVM and non-EVM network compatibility)
❍ SONAR (Kujira and Cosmos ecosystem)
❍ Rainbow (Ethereum and EVM wallet)
❍ Trust Wallet (Ethereum and EVM wallet)
❍ Coinomi (Multiple EVM and non-EVM network compatibility)
Web wallets are another type of hot wallet that are accessible via a web browser. These wallets are convenient for quick transactions and are often user-friendly. However, they come with similar risks to mobile hot wallets as they are also online and potentially susceptible to hacks. Examples of web wallets include: •
❍ MyEtherWallet (Ethereum and EVM wallet)
❍ WalletConnect (Ethereum and EVM wallet)
❍ Coinbase Wallet (Ethereum ERC20 wallet only)
❍ Guarda Wallet (Multiple EVM and non-EVM network compatibility)
❍ Electrum Wallet (Bitcoin only)
Remember, when using any type of hot wallet, whether it is a web wallet, mobile app, or browser extension, it is essential to practice good security hygiene. Never share your private keys or seed phrases with anyone, backup said private keys and seed phrases, and always double-check the address you are sending funds to.
These are hardware wallets and are the most secure for an individual. They come at an upfront cost and are not as convenient for frequent access. These wallets utilize multi-factor authentication and need the physical device for accessing the wallet.
Examples of cold storage wallets include:
Our final wallet type is arguably the most secure, but least convenient for everyday use. It requires multiple private keys to authorize a transaction. It is often used to divide responsibility among multiple individuals or devices. For example, a 3-of-5 multisig wallet would require any three out of five private keys to authorize a transaction. This can be particularly useful for an organization, or family/friend collective investments, to ensure that no single person can move funds without the approval of others.
Some commonly used multisig wallets are:
❍ Electrum – A simple Bitcoin desktop wallet which supports multisig function.
❍ Armory – A more advanced Bitcoin desktop wallet that provides advanced features like multisignature.
❍ Safe (formerly known as Gnosis) – The most widely used multisignature wallet due to its network versatility.
The security of your wallet is of utmost importance. Here are some tips to ensure the safety of your wallet:
1. Backup Your Wallet: This is the most important step. Ensure you back up your wallet's essential information, like private keys or seed phrases, in multiple secure locations.
2. Use a Secure Password: Always use a strong and unique password for your wallet with numbers, letters, and special characters at least 10 digits long. Avoid using easily guessable passwords like "123456" or "password".
3. Enable Two-Factor Authentication (2FA): This adds an extra layer of security. Even if someone knows your password, they won't be able to access your wallet without the 2FA code.
4. Update Your Wallet Software Regularly: Keeping your wallet software up to date ensures that you have the latest security enhancements.
5. Be Wary of Phishing Attacks: Be careful not to enter your private keys or seed phrases on phishing websites. Always double-check the URL to make sure you are on the official website.
6. Revoke Access: When using cross-chain communication protocols such as multi-chain DEXs, DEX Aggregators or Bridges you revoke your access upon completing your activity. This ensures that should a future exploit of hack of the protocol you used occurs, your wallet is safe. More information on smart contract access revokes here.
Examples of Wallet Revoke protocols:
Note: Using these revoke tools come with a small fee paid in the native gas coin of the network, such as $ETH on ERC20, $BNB on BEP20 etc. So be sure you have sufficient allowance to pay fees before using these services.
Note: Even with the highest security measures, there is always a risk involved in online transactions. For that reason, it is advisable to:
1. Only keep cryptocurrency in a custodial wallet on a centralised exchange whilst you’re actively trading.
2. Keeping only a small amount of cryptocurrency in your hot wallet for daily use.
3. Withdraw from both custodial and non-custodial hot wallets to a cold wallet or multisig for long term secure storage.
In the rapidly evolving landscape of cryptocurrency, understanding the various types of exchanges and wallets is crucial for both newcomers and seasoned investors alike. This guide aimed to provide a comprehensive overview of the key elements, namely Centralized Exchanges (CEXs), Decentralized Exchanges (DEXs), and various forms of wallets including hot, cold, and multisignature (multisig) wallets, as well as important considerations for wallet security.
Centralized Exchanges (CEXs) serve as the traditional entry points to the cryptocurrency markets, offering ease of use, speed, and a wide range of assets. They are regulated entities that require users to go through a Know Your Customer (KYC) process. However, they come with a downside—centralized control—which means that users have to trust the platform's security measures.
Decentralized Exchanges (DEXs) represent a shift toward empowerment of individual users, eliminating the need for a central authority. This brings increased privacy and control but requires a better understanding of the technologies involved. While DEXs can offer a safer environment due to their decentralized nature, the responsibility for security falls squarely on the user.
Hot Wallets are software-based wallets that offer ease and convenience, making them suitable for daily transactions. However, they are vulnerable to various security risks, particularly if they are installed on devices with inadequate security measures.
Cold Wallets, on the other hand, are hardware-based and the most secure means of storing cryptocurrency long-term. They are not connected to the internet, which minimizes their exposure to hacks. Their only downside is their lack of convenience for regular transactions.
Multisignature Wallets are designed for situations that require approvals from multiple parties before transactions can be made. These add an extra layer of security but are often more complex to set up.
Wallet Security is an overarching concern that applies to all types of wallets. Essential best practices include strong password policies, regular backups, two-factor authentication, and a vigilant awareness of phishing threats.
In conclusion, the choice between CEXs and DEXs, or hot and cold wallets, largely depends on your individual needs, technical proficiency, and risk tolerance. Security is a shared responsibility that requires ongoing vigilance, irrespective of the platforms or wallets you choose to use. With the right mix of security measures and a clear understanding of the pros and cons of each option, you can navigate the complex world of cryptocurrency with greater confidence and efficacy.
We sincerely hope you found value in the content provided. Your feedback is incredibly important to us as it helps us to improve and provide more relevant content to our audience. If you found this content valuable, please consider supporting us by leaving feedback here, and subscribing to access the full scope of our content.