 Wenjo asks, why do paper wallets behave differently from hardware wallets? Meaning that if we send a portion of the balance to some other wallet, the remaining balance does not reflect correctly, or is lost. Thus, we need to send the remaining balance to another address. That's a really great question, Wenjo. The reason paper wallets are different from hardware wallets is because hardware wallets are built on hierarchical deterministic wallets, or HD wallets, whereas paper wallets are one private key and one public key. A hierarchical deterministic wallet is built upon a seed, usually backed up as a set of 12-24 English words. This seed is used to generate an enormous number of keys. In fact, it can generate for each user at each account level more than two billion private keys in sequence. These can all be generated from the same seed. Not only does this wallet generate two billion private keys for receiving, it also generates another two billion private keys in parallel for change addresses. The hardware wallet, or any hierarchical deterministic wallet, even if it is a software wallet or a mobile wallet, any wallet that you are likely backing up as 12-24 English words is a hierarchical deterministic wallet. It will generate a new address for every transaction you do, it will also generate a new change address for every transaction you do, and it can generate billions of these addresses all from a single seed without any problems whatsoever. That is the fundamental difference, because a paper wallet, on the other hand, has one key which generates one address. What that means is that when you spend from a paper wallet, some strange things can happen. The other big difference, of course, is a paper wallet only exists on paper. A hardware wallet has the opportunity to be backed up as a mnemonic phrase, and it has a very specific process for importing that mnemonic phrase. This process is defined in BIP39, the Bitcoin Improvement Proposal 39. A hardware wallet imports the seed in such a way that it can regenerate all of the keys and addresses. A paper wallet, on the other hand, if it is used to spend, if you decide to make the paper wallet hot in order to make a transaction, you can import it a number of different ways into a software wallet to actually spend it. Some wallets will import it as a private key, and if you import it as a private key, what that means is that your software wallet will spend directly from the private key that is on the paper wallet, and you have to consider what happens to change. Theoretically, all wallets should be smart enough to notice that when you have imported a private key from an external source, the change should go back to that private key, so as to ensure that there are no problems. However, most wallets don't do this. In fact, if you import a private key from an external source, most wallets assume that you are no longer using that private key. They will spend from it, and they will return the change to a different address that is managed by the software wallet, not the address that is on the paper wallet. What that means, and what we have seen in practice, is that a lot of people don't understand that this is happening, because they don't understand that change is being generated from a transaction. What they do is download a software wallet on their mobile phone, use it to import their paper wallet, spend a small amount, and when they are finished, put the paper wallet back in a safe, assuming that the rest of the money is still on there, and delete the software wallet they use to make the spend, because they assume that it is no longer needed. However, what just happened is that there is no money on the paper wallet, because the rest of the money went into a change address. That change address was generated by the software wallet and is not the same as the paper wallet address. As a result, the paper wallet is now empty. The software wallet that contained the change address has now been deleted, and the money has been lost. This has happened numerous times. The problem with paper wallets is that the user experience is counter-intuitive. If you know exactly what you are doing with the paper wallet and you use it correctly, then you can make a paper wallet work for you. The problem is that for 99% of people who do not have the technical expertise to understand how the UTXO set works, how change addresses work, how paper wallets work, how wallet import works, and how transactions work. Paper wallets end up being very dangerous. They are a cheap and easy way to do cold storage security, but they have a lot of associated risks. They require you to set up a secured computer in order to generate them, and to set up a secured printer in order to print them out, all of which introduces risks that most users can't handle. By comparison, the hardware wallet has a user experience that is intuitive, that 99% of users can manage very securely, where a paper backup of the mnemonic seed is sufficient for cold storage, and there is no chance of losing money due to a change address. As a result, for 99% of users, hardware wallets are a far, far superior solution to paper wallets. People keep insisting on making paper wallets. If you try to do this, please be very careful. Make sure you understand in every transaction where the change went. If possible, try to follow the advice that is given, which is, load a paper wallet once, and when you spend it, spend it all by moving it to a different address or different wallet, and destroying the paper wallet. Assume there will be any money on it. Solomon asks, Among the various Bitcoin clients and wallets, which of them is top-notch for coin storage and transactions, which one can have and maintain? Solomon, honestly, I have been changing Bitcoin wallets on average once every six months. Part of the reason for that is because, while there is a lot of development in the space of cryptocurrency wallets, these wallets are often not maintained long-term. Many of the companies that make wallets fail to develop sufficiently robust business models, and they either go out of business or they stop maintaining the wallet and get distracted by other features, like trying to do ICOs or trying to build various capabilities outside of the core wallet. Maintaining a wallet in crypto is very, very difficult. The space is constantly changing, and wallet developers need to constantly keep moving along with the standards. That requires funding. So far, I have found that many of the wallets are not keeping up. I do use a number of mobile and desktop wallets, but for the most part, I use a combination of hardware wallets plus desktop software wallets and mobile wallets that work with these hardware wallets. So, keep in mind that what I use to store my keys on and to sign transactions is almost always a hardware wallet. I do have a mobile wallet with just a tiny amount of petty cash, like about $100, that I use for doing transactions where I'm out and about. But really, most of my crypto is on hardware wallets that I keep separately. I access these hardware wallets through a variety of desktop and mobile software wallets. Think about where you store keys and sign transactions, hardware wallets, as separate from the software you use to construct transactions and sync with the blockchain, which could be a full-node software like Bitcoin Core or any one of the highly capable software wallets. I really quite like Electrum as a desktop wallet, but your mileage may vary. Ian asks, what about the new Bluetooth-enabled wallet? He mentions one of the hardware wallet manufacturers that has Bluetooth capability. In fact, there are a number of hardware wallets that have various forms of connectivity, other than just plugging in through USB. I haven't studied the security of such wallets, however, I would be personally concerned about storing my funds on a device that has wireless connectivity. Wireless protocols are very rich in terms of their features and have been found to contain many bugs in the past. They can also be accessed by more than the device you just plugged it into. That increases the exposure and attack surface of a hardware wallet. That doesn't mean it's not secure, it just means that I would not necessarily trust that particular type of hardware wallet, one that has Wi-Fi or Bluetooth connectivity in addition to USB, for cold storage. I might trust it for a warm wallet, for having most of my spending money. I wouldn't trust it for the very important cold storage where I might have my savings account, if you like. Christina asks, regarding desktop wallets and storing funds, what if your hard drive computer fails? This is a great question, Christina. As I mentioned in the previous answer, I make a big distinction between the software I use to construct transactions and sync with a blockchain, which is called a wallet, and the device I use to store keys and sign transactions, which is also called a wallet, so that's a bit confusing. I use hardware wallets to store my keys and to sign transactions, because that gives me the highest degree of security. It also allows me to make paper backups of the mnemonic freezes in order to achieve resilience and continuity in case something happens to me. That means I don't trust the software that's running on my desktop. In fact, I don't trust my desktop at all to be secure. I always assume that both my mobile, smartphone, and my laptop have already been compromised. I don't trust these devices. I assume that they've been compromised in such a way that any information stored on them can be accessed. Keys for bitcoin wallets can be accessed, etc. I use hardware devices for second-factor authentication, for signing bitcoin transactions, and things like that, so that I don't rely on the security of my laptop and desktop devices and mobile devices in order to protect me from loss. Essentially, I don't put keys on online devices, ever. All of my keys are on offline devices. With the slight exception of a mobile wallet I use for about $100 worth of spending that I keep on my smartphone. What if your hard drive computer fails? It doesn't matter. There are no keys on it. In fact, nothing of importance is ever stored on my laptop that I don't have encrypted backups elsewhere, that isn't stored in multiple locations, and that I cannot recover. If I lose my mobile device or my laptop, or if it's damaged in any way, I can recover. In the case of my cryptocurrency keys, I have multiple copies of mnemonic phrases that I can recover onto other devices, including for the petty cash $100 that I have on my mobile smartphone. I have a backup of that mnemonic phrase, too, even though it's not a lot of money. It wasn't hard to do. Therefore, if I lose these devices, I can recover from the seeds. In fact, when I upgrade my mobile phone or my laptop every two or three years, I don't copy the information over. I use the opportunity to do a recovery exercise where I rebuild all of the data on my laptop and mobile phone from backups, ensuring that the backups are working. I still have the old laptop and the old phone, so if the backups aren't working, now is a good time to find out. That way, I can test my backups when this happens. One thing I would like to point out, a few people will tell you that one way to store backups of keys is to use encrypted drives, encrypted thumb drives, password managers such as KeePass or other online encrypted mechanisms. This is not a good idea. There's a reason it's not a good idea. First of all, if you do backup on Google Drive or an encrypted archive in an encrypted file or using TrueCrypt or something like that, or if you backup using a password manager, what you're doing is creating an online copy of your keys. It is encrypted, but that encryption and its security depends on a lot of factors, including when you run that software decrypted in order to access your keys on a laptop. If that laptop has been compromised, then you've exposed your keys and lost your money. Secondly, the process of encrypting and decrypting these files happens on said laptops, which again, if they're being compromised, you lose money. Finally, if you do these encryptions, you still have the problem of how do you backup that password so that you don't lose the password or encryption key that secures that encryption? Essentially, you've just recreated the problem of backup. You've just pushed it one step further instead of backing up your crypto keys. You're now backing up your encryption keys for your cryptocurrency encrypted files. Again, you have to back those up. What form do those take? Well, the best form of a backup for cryptocurrency keys is a 12-20 form mnemonic phrase. If you are concerned, you can use an additional passphrase and back that up separately. It's much easier to remember, record, and recall phrases like 24 English words that you write down on paper in your own handwriting and put in a secure location. For example, back up an alphanumeric password of arbitrary length that you may or may not have generated with sufficient entropy. There are so many pitfalls in trying to roll your own security, trying to do security in a way that is not compliant with the standard, because there are many risks that you may not be aware of. So be careful when you hear about suggestions like this. Do not back up your keys online. Do not use encryption to back up your keys online. Use the recommended mechanism. In the case of hierarchical deterministic wallets, that is, to write down the 24 words. Do not cut them up into separate pieces. Do not store them in pieces. Do not try to hide them in a fancy way, encrypt them, obfuscate them, hide one in each page of a book or something like that. Write the 24 words in sequence in one place and store them. Then make another copy in another place. If you are concerned about the physical security of your environment and you think someone might be able to access these, then use a passphrase, write that down, too, and store it in another location, separate to where you store your seed. But that is excessive. In 99% of the scenarios that most of us face, the greatest risk is risk of loss due to computer hardware failure, due to natural disaster, flood, fire, etc., or just accidental loss and damage to your backups. Therefore, the best thing you can do, the best balance is your security and risk against theft, versus your security against accidental loss, is to follow the instructions of standards like BIP39 and make a paper backup of the 24 words in your own home. That is sufficient for 99% of the users of cryptocurrency.