Saltar al contenido
Crypto Basics

Wallets: Hot vs. Cold — How to Choose and Set Up

septiembre 28, 2025

When it comes to storing crypto, the right wallet setup depends on two main things: how you use your funds and what you’re protecting against. This guide breaks down the difference between hot and cold wallets in plain English, helps you choose the best combo for your needs, and walks you through a safe setup—from start to finish.

TL;DR

  • Hot wallet = connected to the internet (browser/mobile/desktop). Best for day-to-day use and DeFi, but more exposed to online threats.
  • Cold wallet = keys stay offline (hardware wallet, paper backup, or air-gapped device). Ideal for long-term storage and larger amounts, though slightly less convenient.
  • Most users do best with a combo: a small hot wallet for spending + a cold wallet for savings.

What a Wallet Actually Is

Let’s clear this up: your wallet doesn’t hold coins. The blockchain does. What a wallet stores are your private keys—proof that you’re allowed to move funds from your crypto addresses.

  • Seed phrase: 12–24 words that can regenerate all your keys. This is your master key. Guard it with your life.
  • PIN/passcode: Just locks the wallet app/device from casual snoopers.
  • Passphrase (aka 25th word): An optional but powerful feature to create hidden vaults from the same seed. Advanced, but useful.

Hot vs. Cold: The Essentials

🔥 Hot Wallets (Software)

Examples: MetaMask, Rabby, Phantom, Trust Wallet, exchange apps.

  • Pros: Quick access, perfect for small payments, DeFi, and NFTs.
  • Cons: Connected to the internet = vulnerable to malware, phishing, and sketchy dApps.

Best used for: spending, gas fees, low-value tokens, and experimenting.

❄️ Cold Wallets (Hardware/Air-Gapped)

Examples: Ledger, Trezor, Coldcard, Keystone, BitBox.

  • Pros: Private key never leaves the device. Every transaction is confirmed on-device. Significantly reduces risk.
  • Cons: Costs money, slightly slower, and requires physical handling. Still needs strong backups.

Best used for: savings, long-term holds, NFTs you don’t want to lose.

The “3-2-1” Rule for Smart Wallet Setup

  1. Three types of funds:
    • Spending → hot wallet
    • Savings → cold wallet
    • Vault (life-changing sums) → cold wallet with extra security (multisig, passphrase)
  2. Two devices: Your cold wallet should never live on the same phone or laptop you use to browse crypto sites.
  3. One seed you never type: Generate it directly on your hardware device. Never type it into a keyboard. Ever.

Choosing the Right Wallet: What to Look For

  • Security model: Open-source firmware, secure chip, on-device screen confirmations.
  • Recovery options: Supports SLIP-39/Shamir backups? Can you add a passphrase or multisig?
  • Ecosystem support: Works with Bitcoin, Ethereum, Solana, Cosmos, etc.?
  • User experience: Does it warn you about risky transactions? Are prompts human-readable?
  • Vendor reputation: Do they fix bugs fast? Have they ever leaked seed phrases?
  • Accessories available: Metal backup plates? Tamper-proof packaging?

Hot Wallet Setup: Quick & Safe (10 min)

  1. Download from official source. Bookmark it.
  2. Set a strong passcode.
  3. Write down the seed phrase (on paper or metal—never digital).
  4. Turn on PIN/biometrics and auto-lock.
  5. Enable anti-phishing tools and transaction simulations if offered.
  6. Create multiple accounts (e.g., “Spending” and “Testing”).
  7. Start with a tiny amount of funds.
  8. Double-check addresses—watch for clipboard hijackers.
  9. Use a revoke tool to limit token approvals regularly.
  10. Keep everything updated (wallet, browser, OS).

Rotate your wallet immediately if your device is lost, infected, or you signed something suspicious.

Cold Wallet Setup: Safe and Solid (15–20 min)

  1. Buy new, directly from the official store or authorized seller.
  2. Inspect packaging for tampering.
  3. Set up entirely on-device. Let the wallet generate the seed.
  4. Write down the seed. Make two copies and store them securely.
  5. Add a PIN. Consider a passphrase for hidden vaults (advanced users).
  6. Install the official companion app (Ledger Live, Trezor Suite, etc.).
  7. Update the firmware before you send any funds.
  8. Add accounts for each chain you use (BTC, ETH, etc.).
  9. Confirm addresses on the device, not just on your screen.
  10. Send a test transaction to make sure everything works.

Optional: Hardening Your Setup

  • Air-gapped signing: Some wallets let you sign transactions using QR codes or SD cards—no cable needed.
  • Multisig: For treasuries or large savings, use 2-of-3 with different hardware wallets.
  • Shamir Backup: Split your seed into shares stored in different places—only if you fully understand how recovery works.

Good Wallet Hygiene (Hot & Cold)

  • Never type your seed into any website or app—not even once. If support asks for it, it’s a scam.
  • Double-check URLs. Bookmark official sites.
  • Use read-only/watch-only wallets for browsing or viewing balances.
  • Set up a separate browser profile or even a separate laptop for crypto use.
  • Review token approvals monthly.
  • Store backups in dry, disaster-resistant places—think house fire, not just nosy roommate.
  • Traveling? Only keep hot wallets on you. Leave cold wallets and real funds at home.

Common Mistakes to Avoid

  • Taking screenshots of your seed. (Yes, people really do this. Don’t be one of them.)
  • Funding before updating firmware.
  • Blind-signing unknown transactions. “Permit Everything” = red flag.
  • Using one wallet for everything.
  • Skipping test transactions on new addresses or networks.

Which Setup Fits You?

  • New to crypto/learning DeFi → Start with a hot wallet. Fund it lightly. Add a cold wallet later.
  • Active trader or NFT collector → Use a cold wallet for storage and hot burner accounts for dApps.
  • Long-term holder → Stick with a hardware wallet. Add a passphrase or multisig if storing large amounts.

Run a Recovery Drill (Just Once, Please)

  1. Set up a test wallet or fresh device.
  2. Select “Recover from seed” and enter your seed offline.
  3. Confirm you see the expected addresses and balances.
  4. Wipe the test device when you’re done.

Practicing now could save your future self from panic.

FAQ Highlights

Is a hardware wallet bulletproof?
Not exactly. It reduces risk drastically but doesn’t save you from phishing or approving bad transactions. You still need to read carefully.

Should I use a 25th-word passphrase?
If you want extra protection or plausible deniability, yes—but don’t forget it. There’s no recovery for a lost passphrase.

What about leaving funds on an exchange?
It’s convenient, but you’re trusting a third party. Great for short-term trades, not for savings.

Final Word

Hot wallets are about speed and convenience. Cold wallets are about safety and long-term peace of mind. Use both wisely. Separate their roles, learn how recovery works, and make sure you confirm every action on the device—not just your screen. Do that, and you’re already ahead of most people in crypto.