status

How does Cardano protect digital assets?

Published 9.3.2023

In the past, there have been several cases of people losing their digital assets because hackers managed to exploit the vulnerabilities of blockchain wallets. It is important to note that this is not the fault of the blockchain itself, but of the team responsible for developing the hacked wallet. The security of your digital assets depends on choosing the right wallet and, most importantly, your behavior. Let's take a look at what Cardano as a network is responsible for in protecting digital assets, what wallet developers are responsible for, and what you can do.

TLDR

  • The Cardano network will not allow a third party to steal your property or restrict you from disposing of it.
  • Cardano separates user data (digital assets) from the provided services. The interface to the service (wallets) can be provided by any third party.
  • It is up to you to protect your digital assets through seed.
  • Cardano can never be hacked when it comes to protecting your assets and the right to dispose of them freely.

What's the difference between Cardano and Twitter?

The wallet is the interface to the blockchain. If you need to receive or send assets, you control the wallet in a similar way to, say, Twitter. Twitter is a social network. At its core, it's just a protocol that you access through a mobile app or web browser. That's the interface for you to Twitter. You can read other users' tweets and at any time you can write your own tweet for the whole world to see. Through the interface, you enter instructions that the protocol executes as you wish.

There is a fundamental difference between Twitter and a blockchain wallet.

Twitter is a centralized entity that is responsible for the protocol and infrastructure. The protocol is built on a client-server architecture. The company owns the servers that users connect to through an interface that is also supplied by Twitter. It can be said that Twitter has control over the protocol, the infrastructure, and also the interface. One implication is that you don't digitally own a Twitter account. You only have access to it through your login credentials.

How is blockchain different? Let's explain it on Cardano.

Cardano is a distributed network for which decentralized block production is essential. Blocks are produced by nodes that are owned by pool operators (SPOs). SPOs are controlled by ADA holders.

Why is this important when choosing a wallet? Because neither the Cardano network nor pool operators can own anything. The Cardano blockchain stores publicly available data and you can find all transactions in it. However, all digital assets (ADA coins or tokens) are always owned by a specific user.

In order to use Cardano, users need an interface, i.e. a wallet. Cardano as a network is not responsible for the interface. You could say that the network is a product of the team, and the team can also supply a wallet facilitating access to the blockchain. In the case of Cardano, there is a Daedalus wallet from the IOG team. Besides this wallet, there are many other wallets from third-party developers.

So, unlike Twitter, there are many independent third-party interfaces to Cardano. Cardano can be seen as a decentralized service that is run by independent entities. Wallets are only an interface to this service. The service itself cannot own anything. However, the existence of digital assets is dependent on the service.

Blockchain allows you to own digital assets and thus differs fundamentally from centralized services. Self-custody is the ability to separate user ownership from the operation of the blockchain. Users can own the assets and use the service at the same time. The service helps them transfer ownership to someone else. Neither the service itself nor those who maintain the blockchain can limit user ownership.

Cardano will not allow a third party to steal your property or restrict you from disposing of it. There's a catch. Your property can be stolen through your wallet. If a wallet contains a vulnerability that allows hackers to steal digital assets, it is the fault of the team responsible for the wallet, not Cardano.

Twitter is a centralized service. If hackers manage to attack the server, they can misuse the data of all users. The CEO of the company or some employees can decide to delete anyone's account if they like. User data can be misused for analysis, which the algorithm then uses to display targeted ads. Twitter owns not only the user data but also the interface. Twitter is a third party that is able to abuse its position.

I hope you understand the difference now. Cardano separates user data (digital assets) from the service (transaction networks, smart contract execution, etc.). The service itself is decentralized. The interface to the service can be provided by any third party.

This leaves users with the responsibility of choosing a wallet and understanding the basic principles of cryptography. This is actually what is most important in protecting your digital assets.

How to choose a wallet?

If you keep your private keys on a hardware wallet and know that your wealth is protected by a seed hidden in a safe place, you can skip the following section.

We could talk about wallets and cryptography for a long time. This section will certainly not be exhaustive. We will only go through the basic principles.

The protection of your digital assets is based on public key cryptography. Simply put, you have to keep a little cryptographic secret from everyone in the world. It is often referred to as private keys, but in reality, most users will only encounter the seed.

A seed is a set of several words (usually 12 or 24) from which a private key is generated. This key is then used to generate other sets of private and public keys. You can think of a seed (a set of words) as your private key. This is a secret that you need to keep carefully hidden in a safe place and ideally in multiple copies.

Every wallet, whether hardware or software, will generate a seed for you. You should make sure that only you can see the seed. This also applies to computers that may have malware installed on them trying to obtain the seed.

Never save the seed in digital form, i.e. as a file or as a screenshot. If you choose this option, be sure to encrypt the data carefully and save it on a disk that is not connected to the Internet. The preferred solution is to copy the seed onto paper or a metal plate and then carefully hide it so that it is neither damaged nor revealed to unauthorized people.

A hardware wallet is always the best possible solution as it can generate seeds without an internet connection. The seed is only displayed on the screen and you copy it. The most widely used hardware wallets are Ledger and Trezor.

Software wallets are always a risk if you let them generate seeds. Even if you copy the seed physically on paper, you can never be sure what has happened or will happen on your computer.

For most users, the ideal solution is a combination of a hardware wallet for generating the seed and connecting it to one of the software wallets. There are a number of quality wallets in the Cardano ecosystem and it is up to the user's preference which one they choose.

Another important factor in choosing a wallet is whether it is open source. Open-source projects are generally considered more secure, as everyone can make sure that there are no critical vulnerabilities or backdoors in the source code.

There have been several cases in history where seeds have been accidentally sent to the internet by wallets. In one case, the seed was even stored in the cloud. Be aware that if you are choosing a wallet, you need to trust the team responsible for it. Open-source projects allow for external control, which increases trust.

Your digital assets will only be protected if you protect the seed and make sure that no third party has accessed it when it was generated and subsequently when using the wallet. As long as you keep the seed protected, you can always access the assets again.

Not your keys, not your assets

Users can make one crucial mistake. They choose a centralized service as their interface to Cardano. It's also called a custodian service. In this case, it's similar to using Twitter to manage your digital assets. From a blockchain perspective, whoever owns the private keys (seed) owns the assets.

If you send assets to a centralized exchange, you lose control over them. The private keys will be held by the exchange, not you. In this case, Cardano is unable to protect your assets. The exchange uses servers that can be hacked to store information. The CEO of the exchanges or some of their employees have access to the private keys and can steal them at any time. The exchange may go bankrupt or be forced to stop withdrawals by government authorities.

If blockchain networks are wrapped in centralized services, their relevance will be essentially lost. It's like using Twitter. You can never be sure when someone will cancel your account for no reason. If you hold private keys to your assets, no one can cancel your account. Even if some SPOs or the IOG team wish it, no one will steal your assets. Why? Because they don't know cryptographic secrets.

Private keys are not disclosed even when sending transactions. Cardano, through the nodes, verifies only the digital signature and if it is valid, the transaction is included in the blockchain. This transfers ownership of the assets to someone else.

Cardano can never be hacked when it comes to protecting your assets and the right to dispose of them freely.

Think of it as Twitter not being able to cancel your account, delete your tweets for no reason, or prevent you from reading other users' tweets. You can create an account, or multiple accounts, on Twitter at any time, and you don't have to ask anyone for permission. No regulator would be able to shut down or stop Twitter. Twitter would be available everywhere.

If Twitter were a blockchain, it would allow essentially 100% freedom of speech. That would have its positives and maybe negatives. Twitter isn't like that, and that's why it's unfree. Cardano and other blockchains allow us to create a free financial world in which we can own value without trusting third parties and freely dispose of it at will. Learn to use this advantage. You only need one thing to do this. Understand the importance of self-custody and learn to protect your seed.

Conclusion

Cardano is a necessary condition for the existence of ADA coins and tokens. These digital assets are always owned by whoever holds the private keys to them. Cardano cannot own anything, because it cannot autonomously hold cryptographic secrets. Only a human can do that through a seed. Cardano cannot be hacked. Hackers can try to attack the PoS consensus or the nodes. Even if they succeed, they can't steal your assets. Basically, no one can steal your assets through Cardano. It's only possible through vulnerabilities in the wallet that hackers can exploit. So it's up to you to choose the right wallet, ideally a hardware wallet. Although hackers manage to steal assets from some users through their wallets, everyone else remains very well protected because they protect themselves through seeds. This is important to understand.

Cardano must remain decentralized, be economically sustainable in the long term, and be able to produce blocks. If this is met, protecting the value is up to the users.

Featured:

Related articles

Did you enjoy this article? Other great articles by the same author