1. Hot wallet:
Refers to a wallet that is online and connected in some way to the Internet. It is a term that refers to coins that are not being kept in cold storage. Services and exchanges that are able to pay out withdrawals instantly can be said to be paying them from a "hot wallet". The term can also be used loosely to refer to keeping coins in an exchange where they can be withdrawn on demand. Its real-world analogy is keeping cash on a person: easy access, but the greatest risk lies in the unrecoverable theft in the event of an attack. Operating a "hot wallet" is also a risk to its owner because most computer systems have hidden vulnerabilities of some sort that can eventually be used by hackers or malware to break into the system and steal the cryptocurrencies. Keeping large amounts of coins in a hot wallet is a fundamentally poor security practice.
2. Cold storage:
Hardware wallet - a hardware wallet is a special type of coin wallet which stores the user's private keys in a secure hardware device.
Some advantages are:
- private keys are often stored in a protected area of a microcontroller, and cannot be transferred out of the device in plaintext,
- immune to computer viruses that steal from software wallets,
- can be used securely and interactively, as opposed to a paper wallet which must be imported to the software at some point and much of the time, the software is open-source, allowing a user to validate the entire operation of the device.
Risks associated with the hardware wallet include:
- malware swaps recipient coin addresses: a hardware wallet won't protect you from being tricked into sending coins to the wrong address. For example, malware on a PC could monitor for high-value transactions and then swap out the recipient's authentic Bitcoin address for an address controlled by the attacker,
- insecure RNG (Random Number Generator): hardware wallets rely on the security of an RNG, often embedded in hardware, to generate your wallet's private keys securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG,
- imperfect implementation: the security of all computing devices relies on the quality of their implementation,
- compromised production process: even a perfect software and hardware implementation of a hardware wallet would be vulnerable to a corrupt production process that introduces intentional or unintentional holes into the final product.
In summary, while not indestructible, hardware wallets can still be extremely useful, assuming you use a good one. Cold storage solutions, implemented with open-source software and general-purpose hardware, using a verifiable source of entropy such as physical dice may provide superior security for some use cases (e.g., long-term savings).
Paper wallet - in the most specific sense, a paper wallet is a document containing all of the data necessary to generate any number of private keys, forming a wallet of keys. However, people often use the term to mean any way of storing cryptocurrency offline as a physical document. This second definition also includes paper keys and redeemable codes. A paper key is a single key written on paper that is used multiple times like a wallet (this is strongly discouraged). A redeemable code is a single key intended to be funded and "redeemed" only once: these are commonly used for gifts.
3. Deep cold storage:
Refers to keeping a reserve of Bitcoins offline, using a method that makes retrieving coins from storage significantly more difficult than sending them there. This could be done for safety's sake, such as to prevent theft or robbery.
A simple example of deep cold storage is opening a safe deposit box and putting a USB stick containing an encrypted wallet file in it. The public (sending) addresses can be used any time to send additional bitcoins to the wallet, but spending the bitcoins would require physical access to the box (in addition to knowledge of the encryption password).
Deep cold storage would typically be used for holding large amounts of bitcoins, or for a trustee holding bitcoins on behalf of others. In such a case, additional precautions should be taken beyond a simple example of a single safe deposit box.