TL;DR
A hot wallet is connected to the internet (like Phantom) for convenient trading, while a cold wallet (like Ledger) stays offline for maximum security of long-term holdings.
Hot wallets (Phantom, Solflare, Backpack) are browser extensions or mobile apps that stay connected to the internet. They’re convenient for daily trading — you can sign transactions instantly, connect to dApps, and manage tokens easily. The trade-off is security: since the private key exists on an internet-connected device, it’s vulnerable to malware, phishing, and browser exploits.
Cold wallets (Ledger, Trezor) are hardware devices that store private keys offline. To sign a transaction, you physically confirm it on the device. Even if your computer is compromised, the attacker can’t extract the private key from the hardware wallet. The trade-off is convenience — you need the physical device to approve every transaction, which is slower for active trading.
Most serious crypto users maintain both. Keep the majority of your holdings in a cold wallet for long-term storage. Use a hot wallet with limited funds for daily trading and dApp interactions. Transfer profits from your hot wallet to cold storage regularly. For maximum security, use a Ledger connected to Phantom — you get Phantom’s UI with Ledger’s hardware signing.