Do you know how to keep your bitcoins safe?
That’s a pretty serious question, and one that has been on every bitcoiner’s mind since the purchase of two pizzas in 2010 proved that the internet currency had value.
And given the number of bitcoins that have been hacked or had their private keys lost over the years, it’s still one we struggle with.
One of the earliest answers to this question was the Casascius coin. This was a physical coin minted with the Bitcoin B on it. When you purchased a Casascius coin, it came preloaded with a set amount of bitcoins, 1, 10, 25, 100, or 1000. Really, the coins were loaded onto a bitcoin address, and then that address was printed and put in the coin behind a holographic, tamper-resistant seal. The coins were little more than preloaded, one-time use cold wallets. Once the seal was broken and the coins moved, the coin essentially just became a hunk of metal (which can nevertheless be bought for hundreds of dollars on eBay).
Despite their ‘cool’ factor and solid security model, Casascius coins ceased production in November 2013. Mike Caldwell, was told by the government that he was in violation of money transmitter laws and was liable to prosecution and he wisely decided to stop production.
These days, the prospects for securing bitcoins is quite a lot better than they were in 2013. Desktop, mobile, and hardware wallets have all made great advances in both usability and security. But there is something about being able to hold a coin in one’s hand knowing it’s loaded with Bitcoin.
The folks at MyFirstBitcoin.de have revived the idea of the physical bitcoin and are trying to do it one better as well. They reached out to me to see if I would do a review of their coin. Here is what I found out.
How they avoid money transmitter laws
The easiest way to avoid the money transmitter laws is not to have the coins preloaded. The MyFirstBitcoin coin is made of metal like the Casascius coins, but the private key is hand-lasered onto the back of the coin, and that key is then covered by a tamper-resistant sticker with the public key showing. The whole thing is then encased in an attractive plastic cover.
Once the coin is delivered, the new owner will load it with whatever amount of bitcoins they wish. Unlike the Casascius coins, the MyFirstBitcoin coins can also be reused as additional public-key stickers are provided to re-cover the private key.
How they ensure the private key is secure
This was a big issue with the Casascius coins. Mike Caldwell created the wallets that he used in his coins. This meant he knew the private keys. Now, I have not found a single claim that Mike ever swept any wallets, but it is simply bad practice to let anyone else handle your private keys.
MyFirstBitcoin get around this issue by letting you create your own keys. The first step in the ordering process is to generate a random key using software created by Bitaddress.org. You are then asked to add a passphrase to the private key. This means that although the people at MyFirstBitcoin will necessarily know the private key in order to create the coin, even they would not be able to access any coins loaded as they wouldn’t know the passphrase.
In fact, to make this even more secure, you can take your computer offline while you are creating your keys and passphrase to be 100% sure that no one will know how to access your coins. This is something I would definitely recommend doing. I was surprised to discover that as part of the process I was shown both public and private key on my screen. This is good in that you have full control and can back up the key immediately, but it’s also best to keep that off of a live connection.
One additional note, since the private key is passphrase protected, the owner will need to be very careful about remembering or backing up that passphrase as if it’s lost, there is no help center to call. Those coins would likely forever be locked in the private key on that coin.
How to transact with the coin
Really the idea is for this to be cold storage and not an active wallet. Since extra public key stickers are provided (they can’t be removed without tearing), it’s possible to reuse the coin. Still, it’s not great practice to reuse private keys once coins are moved off them. I personally would consider this a solid long-term cold wallet solution and not use it for transactions.
Why not just use a paper wallet or hardware wallet?
Outside of the fact that it just kind of feels cool to hold a physical bitcoin, the coins are specifically created to be durable. Since the private key is hand-lasered on the coin, it can sustain fire and water damage and still be usable. The outer plastic shell is just really to keep it scratch free and to keep the public key sticker from fading or wearing.
The durability of the coin counts for a lot. When I first got into Bitcoin, I tried keeping some on paper wallets, but those always made me nervous. I was all-to-aware of how easily some accident or catastrophe could destroy those slips of paper. I now use two hardware wallets, one for ‘on hand’ money and one for cold storage. But I also have to worry about those – in a fire they would be destroyed, their components can be wrecked by water, or they might just stop working as devices are sometimes prone to do. I have to backup even my hardware wallets. At least with the MyFirstBitcoin coin, I don’t have to worry about components degrading.
Further, as long as you let your loved ones know the passphrase, in the event that you have an unexpected accident, your loved will be able to retrieve the stored coins.
I’ve been walking around for a couple of weeks now with my MyFirstBitcoin coin, and just psychologically, I enjoy it. If I had loaded it with more BTC, I would of course put it in a secure location.
As a cold storage device, I think it is a solid option. The price, 99 euros, seems a bit pricey to me, but then each coin is also hand crafted, which is a nice feature. If they were a bit cheaper, I could see getting a set of them and using them to gift bitcoins to people.
I think the only real complaint I have about the coin is that I would like to generate my own set of keys, passphrase locked, and provide them to MyFirstBitcoin. I could do this with any number of services, including Bitaddress, or with my Electrum wallet. But this would also give me the option of using a segwit address.
Overall, I quite like having the MyFirstBitcoin, and will be making it part of my cold wallet storage plan.