Wallet Security

Create wallets in a secured location

Your seed phrase is a list of 12-24 words from the BIP 39 Wordlist. When creating the seeds for a new wallet, find a quiet place with no one around and no security camera footage.

Do not store seeds on any device

Do not store your seed phrases on any device that is connected to the internet. If you don't have a metal storage handy, use pen and paper at least and invest in a fireproof casing (Google for it)

By extension: store seeds on metal storage

If the amount you're investing is significant, don't skimp on getting metal storage especially if you live in areas prone to natural disasters. Metal storage for seeds looks like a metal card with slots to insert your seed phrase

Example of what metal storage looks like

Example from Keystone. Other notable brands include CryptoSteel and Billfodl by Ledger

Use a hardware wallet

Invest in a hardware wallet once your investment feels significant to you. A hardware wallet is an external device that stores your private keys. This is considered more secure because your keys will be stored on an offline device which is more secure. Think of a hardware wallet like a 2FA. While hardware wallets do not prevent issues such as approving a malicious dApp, it helps by:

  1. Reducing the likelihood of you accidentally clicking Sign on an approval transaction for what you thought was a Metamask connection popup

  2. Preventing your keys from being accessed even if your device is compromised

These generally cost 90 USD to 200 USD. Notable brands in this space are: Ledger, Trezor, and Keystone.

Further reading:

Use burner wallets for NFT mints

When minting, always use a burner wallet without tokens or valuable NFTs. A burner wallet is a wallet created just for interacting with new dApps and this protects you by limiting access by malicious contracts to just assets in that wallet. After minting and confirming the NFT is not a wallet drainer, you can transfer the NFT to your "vault" wallet.

By extension: use different wallets for different dApps

To maximise security, use a new wallet for each dApp. This limits the impact area of a dApp to only tokens by the dApp. The downside of doing this religiously is massive inconvenience but if you are hodling millions this could be something worth doing.

Add known contracts/wallets to your address book

Metamask has an address book feature. Use it to label contracts and wallets that you know of. Most projects will list their contract addresses in their documentation, find it and add them to the address book so that if an unknown address turns up, you will know you are signing a transaction to a contract you have not interacted with before.

Revoke permissions regularly

Revoke token spending approvals from dApps you no longer use. This helps by preventing previously-legitimate dApps from exploiting these approvals. In the event that these dApps get compromised, your funds will still be safe.

Sites to revoke approvals from:

  1. https://revoke.cash/

  2. https://app.unrekt.net/

  3. https://etherscan.io/

  4. https://cronoscan.com/

PreviousGeneral Security EtiquetteNextBrowser Security

Last updated