Overview

Fireblocks Cold Wallet allows you to meet your regulator or insurer's strictest policies by signing crypto transactions using keys that are always held offline in cold storage.

Fireblocks delivers the most secure cold storage solution in the industry. Our secure MPC implementation prevents any device from being a single point of failure. Cold Wallet devices are air-gapped and completely disconnected from the internet and any other device. No operations require physical connections.

To ensure ease of use and speed of operations despite the device being offline, Fireblocks' solution uses a single round of communication between the Cold Wallet device and other online co-signers.

This process uses our MPC-CMP implementation. You submit a transaction on the Fireblocks Console, sign it with the Cold Wallet device, and send the signed transaction back. The Fireblocks Cold Wallet mobile app communicates with Fireblocks Console using a QR Animation.

How it works

The Cold Wallet signing process uses QR animations to transfer data securely between your offline device and the Fireblocks Console.

1. Access the dedicated offline signing panel in the Fireblocks Console to view pending transactions that require a Cold Wallet device.
2. Select a pending transaction to display a QR animation with the relevant data encoded.
3. Use the Fireblocks Cold Wallet app on your Cold Wallet device to scan the QR animation.
4. Confirm transaction signing using the Fireblocks Cold Wallet app.
5. Scan the resulting QR animation from your Fireblocks Cold Wallet app using your computer to complete the signature.

For detailed steps and a demo video, see Signing Transactions Using Your Cold Wallet Device.

Workspaces

Workspaces are designated as either Cold Wallet or Hot Wallet before creating them. You receive a Cold Wallet workspace only if your contract specifically includes it.

If you choose to use a combination of workspaces, you can switch between your Hot and Cold Wallet workspaces on the Fireblocks Console without signing out. Select Switch Workspace from the avatar menu.

The most efficient way to transfer assets between Hot and Cold Wallet workspaces is by using the Fireblocks P2P Network.

Comparing hot and cold workspaces

Definitions of cold storage and hot storage can differ. Here are some Fireblocks-related terms to help differentiate between the types of storage available:

• Hot workspace refers to a workspace where transactions may be initiated and signed automatically using an online connection. For example, a retail workspace with an API user connected to an API Co-Signer machine, where you trigger a transaction that signs automatically.
• Warm workspace refers to a workspace where the key shares remain online, and you may approve and sign transactions manually using the Fireblocks mobile app.
• Cold workspace refers to a workspace that holds most of your assets and has stricter security procedures, including workspace-specific Policies. You sign transactions using offline, air-gapped devices.

Best practices for workspace combinations

For the highest security and operational efficiency, Fireblocks recommends using multiple workspaces with a combination of hot and cold wallets.

• Maintain cold and hot workspaces where about 90% of all funds are held in Cold Wallet-managed vault accounts, and the remaining 10% is held in hot wallet-managed vault accounts.
• Use online signing for day-to-day operations. Use a Cold Wallet for operations that do not require frequent interaction, such as investments and staking.
• Use Cold Wallet for operations that require careful review before approval, such as transfers above a specific amount or between specific counterparties.