Is a wallet vulnerable to hacking if it’s always online?

This is what’s known as a “hot” wallet, right?

Funds (private keys) are not typically stored on the node. The node simply serves as a source of truth for the state of the blockchain. Attacks depend on where the keys are and where the signing happens. You can use something like a hardware wallet or paper wallet for better security (offline, or “cold” wallets). Though, to be fair, a lot of attacks depend on you or your machine being targeted specifically, and many attack vectors are highly theoretical and obscure.

Most successful attacks seem to be either fake/doctored software or a social attack (tricking you into installing some malware or giving up your private seed/keys). Keep in mind, however, the more value there is out there to steal, the more sophisticated attacks will get automated (bots, crawlers etc). So its not just the risk profile of today, but also tomorrow you have to consider. That’s why something like a hardware wallet or dedicated mobile device for key signing is a good idea. Even if your wallet is plugged into your server, whether your wallet is hot or cold depends on the hardware that stores the keys.

1 Like