Blockchain is a secure technology on Web3, but not 100% secure.
It is full of bad actors and scammers, like SBF, founder of FTX, who currently wears the crown of the biggest financial fraudster in history.
We sat down with Ohm Shah, Co-founder of Wallet Guard, over a Twitter AMA (listen to the full recording here) and asked him the tough questions about crypto security. No one could have predicted what happened to FTX. Nonetheless, the veterans in the industry would have had their suspicions and, perhaps, practiced the points highlighted in this article.
Here are the five ways to safeguard your crypto assets online, according to Ohm.
The brand new newsletter with insights, market analysis and daily opportunities.
Let’s grow together!
Use a self-custody wallet
A self-custody wallet allows users to serve as their own bankers. With a self-custody wallet, you store “private keys” that allow you to securely access your blockchain-based assets, such as cryptocurrency, Bitcoin, and Ethereum. The negative side of a self-custody wallet is that safeguarding your assets using these “private keys” relies solely on you.
Popular examples of self-custody wallets include Metamask and Coinbase.
Move your assets out of exchanges
Exchanges (like FTX) aren’t to be trusted. If you have money on a centralized exchange, it should be there temporarily. Move your money to a self-custody wallet.
Use a centralized exchange to onboard your money and offboard to your self-custody wallet. This way, you always control your assets, so something like FTX doesn’t happen to you.
Types of wallets
- Software Wallet or Hot Wallet. Like Metamask, a hot wallet is installed as a mobile app, accessed via a website, or installed as software on a desktop or laptop computer. The software stores your private keys used to access your cryptocurrency funds.
- Hardware Wallet or Cold Wallet. Like Ledger and Trezor. Hardware wallets keep cryptocurrency in offline or “cold” storage, meaning they’re not connected to the internet. They’re physical devices, typically resembling a USB stick, which functions as stripped-down, single-purpose computers.
According to Ohm, hardware wallets are better than software wallets because they have been battle tested and have been around for quite some time. Others include Lattice by Grid, Safe Pal, etc.
Cold wallets may be safer, but it depends on how you use them. For example, if you have a cold wallet and connect it to your Metamask, which you then use to connect to a random website, this eliminates the premise of your cold wallet and compromises its security.
Have two or more cold wallets
Two or more cold wallets, so one can be treated as a vault sending assets in and out, and you never connect it to Metamask, Overseas, etc. You only use it to send assets in and assets out. If you have another Ledger for semi-safe transactions, like a verified NFT collection or token, then you can use your other Ledger for a safer transaction.”
Make sure to buy Ledgers or Trezors on their official websites, not on Amazon or any other random sites, to avoid scammers.
Check out ledger.com/academy for self-custody learning materials.
Found in most software wallets and is easy to create. For example, on Metamask, click ‘Create New Account, ’ which gives you a brand new Ether address and a new private key associated with that account.
You can create as many burner wallets as you want. So for every new mint or investment, use a burner wallet to protect your assets better.
Even if a transaction ends up being a scam, the rest of your wallet is safe. Additionally, suppose that bought asset has been sitting in your burner wallet address for a couple of weeks with no bad actors interfering. In that case, you can transfer it to your cold wallet for permanent and safekeeping.
Securely store your seed phrase
Usually, a 24 set of words/phrases. You could split the seed phrase in two and put them in two separate safety deposit boxes. If you have a cold wallet like Ledger, they have an option for creating the 25th word in the seed phrase. You could memorize this phrase or put it into a separate safety deposit box.
“It may sound paranoid, but if you’re safeguarding a lot of assets, better safe than sorry.” Ohm.
Other ways to safeguard your crypto assets online include:
- Segregate your wallets – Have a cold wallet as a vault, and another cold wallet for safe transactions.
- Multi-signature wallets or MultiSigs – They require more than one private key to sign and authorize a crypto transaction or, in some cases, several different keys can be used to generate a signature. When one seed phrase isn’t enough to safeguard your assets, consider looking into multi-signature wallets to save and store your assets.
- Private Tokens – These cryptocurrencies preserve anonymity by obscuring money flow across their networks. They make it difficult to work out who sent what to whom – which is helpful if you don’t want anyone snooping on your financial activity. Examples are Monero or Secret Network Tokens.
Exchanges should be treated as an on and off ramp.
“If you’re moving money from your debit card onto crypto, it should be treated as an on-ramp where you buy the crypto and then send it to your self-custody wallet. Moreover, if you hold your assets on exchanges and you are an active trader, this comes with a certain amount of risk, like what happened to FTX.
Alternatively, consider putting your assets on decentralized exchanges or layer two blockchains.”
Self-custody wallets are the safer option for protecting your crypto and NFT assets. With self-custody wallets, only you have control and are the custodian of your own assets.
Obvious mistakes you should avoid in Crypto and NFT trading
A big mistake many people make is not understanding what they’re signing. A lot of scams have to do with signatures on self-custody wallets. Like phishing attacks.
However, self-custody wallets are the safest if done properly, especially if you understand that centralized exchanges are not 100% secure.
Tools like Wallet Guard help you stay safe by preventing phishing attacks and helping to keep your assets secure.
NFTs will be around for a while but are filled with scammers. Another common mistake is that people don’t really understand what a set of “Approval for all” is, and if you approve this, it can be used to steal your assets.
The most common scheme scammers use
- Impersonation accounts. They create look-alike accounts with similar followers and change one or two characters in the username or website URL.
- Fake tokens being put in your account. Seeing more tokens is exciting, but when you try to sell the fake tokens upon approval on the marketplace or exchange, that’s where you get compromised. If you see tokens you were not expecting, they are fake and most certainly a scam.
Eventually, security solutions will be integrated into wallets. Wallet Guard is currently developing a transaction simulator with Metamask to launch on the Ethereum blockchain.
Crypto and cyber security starts with you: Check the domains and websites you’re visiting, read smart contracts, and use burner wallets whenever you want to mint an NFT to not compromise your wallet.
“Blockchain technology, like a distributed ledger itself, is secure but dependent on the user…” Ohm.
How to safeguard your crypto assets on web3 boils down to proper wallet strategies and proper security hygiene.
Follow Wallet Guard’s Twitter page for the latest news, tips and tricks to keep your crypto asset safe.