Alex McCurry, Author at Global Trade Magazine

Hacking and social engineering have become increasingly prevalent in the world of Crypto, NFTs, and Web3 more broadly. While malicious strategies and tactics continue to become more innovative, human error remains the leading cause of compromised wallets. These errors usually stem from inexperience, but even the most seasoned investor can lose everything if not careful.

As you can see on this Twitter thread, hackers can be very deceptive and target tapping into your personal needs. Let’s talk about some best practices to help protect your digital assets.

First, do routine research on what types of hacks and compromises are transpiring in the space. It is essential to stay updated on common exploits to avoid falling victim to any sneaky tactics. Tactics are being deployed and tested by hackers on a daily basis, and being out of the loop could end up being a costly mistake.

Second, ensure you are using a hardware wallet or multi-signature wallet if you are in possession of valuable assets.

Each transaction requires multiple signatures, which may slow down the transaction process, but this provides a layer of security that hot wallets cannot offer. If you decide to use a multi-signature wallet, always keep in mind the number of signatures required to execute a transaction. In the event that multiple keys become compromised or lost, you will need the minimum number of required signatures to process a transaction and access your funds. An example of an entity that should employ a multi-signature wallet could be a DAO with a large treasury they’re trying to secure or even a collector with a valuable personal gallery. Still, everyone should at least have a hardware wallet if invested in Web 3 to ensure an enhanced level of security.

Third, frequently disconnect your wallet and remove signing approvals from websites you have connected to. An excellent tool for this is Revoke.Cash, see this article to learn more about Revoke.Cash and its benefits.

Finally, ensure that any seed phrase you have is written on paper and not kept online. When saved as a photograph, in your notes, or stored digitally anywhere, your private keys are vulnerable. This includes ICloud storage; if your private keys for Coinbase Wallet or Metamask are stored on iCloud, an iCloud exploit could make your wallet vulnerable.

Have your seed phrase stored in your camera roll? Think of how many apps have requested access to your photos, then ask yourself if you trust them to protect your information.

We recommend segregating your seed phrase’s storage, keeping half of the phrase in one secure location, and half in another. We recommend hyper-secure storage locations like bank safety deposit boxes as an example. Just remember that if you lose even one piece of your seed phrase and need to back up your wallet, you will not be able to recover it. This is why we also recommend memorizing your Seed Phrase, if possible, as the ultimate way to protect your assets.

It’s important to consider that this digital world is just emerging, and certain assets will be worth substantially more in the future. Furthermore, as this space is already filled with scammers trying to steal your precious assets, it would be wise to expect that they will only become more prevalent as blockchain adoption increases. All this to say, now is the time to focus on protecting digital goods, as being proactive could save you time and money down the road.

Some key takeaways are: upgrading your wallet to a hardware wallet or multi-sig, being 100% sure every signature you sign is the right one, revoking approvals frequently, storing your seed phrase offline, and never sharing your screen or seed with anyone.

Solidity.io will continue to inform you of notable events and valuable information in the wild world of Web 3. Continue to use us as a resource as you navigate this new digital world, and feel free to reach out at Solidity.io for any Blockchain development or security needs.

Alex McCurry is an American business executive, blockchain expert, investor, and the founder and owner of Solidity.io.

Over the years, the message of “Not your keys, not your coins” has been prevalent throughout the crypto community. However, in the wake of a multitude of recent high-profile centralized exchanges (CEX) and Crypto Banking collapses, insolvencies, and acquisitions, that phrase is emerging with a newfound vigor in the crypto community.

To understand the importance of this phrase, we first have to dissect what it means. Not your keys, not your coins refer to the importance of digital asset investors having control and sovereignty over the private keys to their crypto wallet(s). Your private key is essentially like your ‘seed phrase’; a random string of characters is the single point of access to your wallet. As a user, to send funds, sign messages, or recover access to your wallet, you must utilize your private key in one way or another. With non-custodial wallets like Metamask, Coinbase Wallet, and Trust Wallet, or hardware wallet providers such as Ledger, or Trezor, you are the only individual able to access your private keys upon the creation of your account.

These features are not the case with custodial wallets. Instead, custodial wallets are services where a centralized entity, such as an exchange, acts as the custodian for one or more sets of private keys on your behalf. Essentially, these entities operate similarly to banks, where they offer to manage your private keys securely. As a user, you make a deposit, and the exchange or entity keeps track of your balance(s) on an internal ledger. The risks in this are pretty obvious; unlike banks, crypto exchanges are often subject to far less regulation as it relates to the amount of collateral they need to keep, deposit minimums, audits, and what they do with the capital once it has been deposited.

Additionally, many of these exchanges/entities, such as Luna or Celsius, have used the practice of offering outlandish interest rates on the deposits they receive to entice deposits out of customers. As we have seen, this has not panned out very well for many of these major centralized providers, with an estimated over $40 billion in investor money lost between just those two examples. And there are many more similar stories.

On top of that, the major players that have managed to operate without having issues, such as Coinbase, Binance, and Crypto.com, carry similar risks. Although these entities are far more regulated than the two horror stories I’ve mentioned, they still operate under a custodial system. The glaring issue here is that these entities are not federally insured by the FDIC the way traditional banks are. This means that should any of these entities go insolvent, all of the uninsured creditors (meaning you) could potentially lose all of the money you have deposited.

Well, how does one protect themselves from these risks? The answer is to set up a secure, non-custodial wallet for your assets.

With a non-custodial wallet, you can securely manage the ownership of your private keys, reducing any potential counterparty risks. The single point of failure is you, the user. While this may be a bit scary and feel like a lot of pressure for many users, there are protections you can take to securely store and manage your private keys to mitigate risk as much as possible.

Recommendations we make for some products you can use to reduce risk include Ledger, Trezor, and Gnosis Safe. If you are interested in learning more about in-depth wallet security and best practices, feel free to check out one of our other articles on wallet security best practices and everything you need to know to keep your assets as safe as possible.

Alex McCurry is an American business executive, blockchain expert, investor, and the founder and owner of Solidity.io.

The Importance of Wallet Security in the Emerging World of Web3

most viewed today