In the introduction to this one-stop beginners guide to web3 security, we looked at the basics of loss prevention.
So with that foundation set, it’s time to address wallet security and how to navigate the technical aspects native to Web3. Let’s begin with seed phrases, the keys to your kingdom.
Protect Your Seed Phrase
A seed phrase is a group of random words generated by your crypto wallet when you first set it up. It’s incredibly important to keep a record of your seed phrase safe because if you lose it, there’s no recovery function.
Storing these words on any device which has an internet connection is not recommended, as there are a number of attack vectors where hackers can view the contents of your files if your PC has been infected. Thus, storing on your computer notepad, within your emails, or even taking a photo of them will not suffice here. In short, barring the scenario where you need to recover the wallet, never type your seed phrase anywhere.
To ensure maximum wallet security, always write your seed phrase down using pen and paper and store it in a dry, non-hazardous area. If you want to double down, buy a fireproof safe and store half of the seed phrase there, with the other half in a storage lock-up in a separate location.
Additionally, there are products that will mitigate a catastrophe occurring with the fragility of the paper option – you can check out the ‘9 Best Crypto Metal Plates for Recovery Seed Key and Wallet Backups’ here.
Use Separate Wallets
You should never put all your ENS in one basket, as the old saying goes. The best way to protect your high-value assets is by using separate wallets and designating each wallet with a specific role. An example would look like this:
- Burner/Connector wallet. Only keep a small amount of liquid funds in these wallets and no NFTs that you regard valuable. Use this wallet for minting new NFTs, trading lesser-known coins on decentralized exchanges, or connecting to sites that you are not confident of in terms of security. The worst that can happen is the wallet gets compromised, but there is nothing valuable in there to take.
- Trading wallet. Use this to connect to trusted exchange sites (eg. ENS Vision, Opensea, etc) for the trading and/or short-term holding of assets smaller in value. It’s recommended you use a cold storage wallet for this but is not essential.
- Vault wallet. This is your coldest of cold wallets where you store your high-value grails and the bulk of your liquid funds. It’s imperative you use a cold storage option here. Think of this wallet exactly like a physical vault, things go in but rarely come out and are highly protected. It’s highly advised to never connect this wallet anywhere because we never take chances with the security of our highest value assets, even with trusted sites.
On that note, in the next installment, we will explore cold storage hardware wallets and the importance of their role.