How does crypto exchange secure private keys?



I'm wondering on what is the current common apporach that is used by centralized crypto exchange to secure the private keys of the bitcoin wallets


Posted 2018-04-22T12:53:57.283

Reputation: 113



Exchanges typically have a split storage setup. They have a hot wallet and a cold wallet. The hot wallet holds private keys on an online server that can quickly send and receive Bitcoin for when people deposit and withdraw Bitcoin to the exchange. The hot wallet usually contains a small amount of Bitcoin, whatever the exchange operator things will be necessary in typical usage.

The majority of an exchange's coins will be held in a cold wallet. The cold wallet is a machine that is not connected to the Internet and holds the cold wallet private keys. Typically exchanges will send funds from the hot wallet to the cold wallet when the hot wallet has too many coins and send from the cold wallet to the hot wallet when the hot wallet does not have enough coins.

Note that the private keys may not actually be held on general purpose servers. The private keys may be contained in Hardware Security Modules which are connected to the servers. These HSMs are designed to store private keys and hold them securely. So while they are connected to online machines, the private keys are unlikely to be leaked even if the server is compromised.

Andrew Chow

Posted 2018-04-22T12:53:57.283

Reputation: 50 267


They don't share the private keys with anyone so there is no question of exchanging them.

They usually maintain a combination of hot and cold wallets. Hot wallets are online and contain enough coins to satisfy most withdrawal requests. Cold wallets contain the bulk of their coins and these remain offline. Human beings have to load coins from cold wallets to hot wallets after making sure that doing so is the right thing to do.


Posted 2018-04-22T12:53:57.283

Reputation: 2 414

My question really is, given that an Account in crypto exchange has a bitcoin wallet address, that means the crypto exchange also "owns" the private key for that address. So what is a common way to store that private key in the crypto exchange severs? – Grady – 2018-04-22T15:14:32.070

@Grady in the wallet file of whatever wallet software they are using. – Abdussamad – 2018-04-23T14:23:04.993