Blockchain Security: How to Protect Your Crypto Wallet
A crypto wallet is a bridge between an individual and the world of crypto. These wallets are the containers for the myriad of virtual assets out there, and they are as varied as the crypto they store. One of the reasons people are hesitant to invest in crypto is security risks. While there are risks involved in dealing with crypto, safety practices are easy to implement and there are millions of people safely transacting in the crypto space.
What to keep in mind when choosing a crypto wallet?
When first selecting a wallet it’s important to consider its security features, who developed the wallet, and whether you have access to your private keys. Before using a new wallet try to find available information on its security features. Some wallets just have password protection whereas others encrypt all the data on a device. Some wallets offer much higher security than others but require more setup. For example, the Daedalus wallet is a Hierarchically Deterministic (HD) wallet, meaning you can create an unlimited number of addresses per wallet and it is very secure; however, to use this wallet users need to create a full node on their computer.
Additionally, when looking at the company/team behind the crypto wallet one should make sure it’s developed by a reputable project rather than an anonymous team that might be planning a scam. This has happened various times in the past, and last year fake Ronin wallets scammed many new Axie Infinity users.
As a saying in the crypto space goes, “not your keys, not your coins.” This refers to knowing if you are in control of your private keys because otherwise you are entrusting your digital assets to a third party. Owning your keys also means being responsible for their security.
Deciding on a crypto wallet also depends on what you plan to use it for. Are you planning on doing daily transactions? Then you need to compare fees of wallets and look at if the wallet has charting options or an exchange it can connect to. Or is it mainly for HODLing? Then it would be important to look at which wallets give the best returns and are more secure.
Another big difference comes in when deciding between a software wallet (hot wallet) or a hardware wallet (cold wallet). A hot wallet is an online crypto wallet, be it an app on your phone or browser extension. A cold wallet stores your crypto on a device that can be plugged in to use, much like a USB, and a good example of this is a Ledger crypto wallet. It is an offline wallet that is inaccessible when not plugged in, making it more secure for storing crypto long term.
Which Browser/App/Hot wallet is the safest for day to day use?
Metamask is one of the most widely used wallets and it works similarly to most others. The Ethereum-based wallet, which reached more than 10 million monthly active users in August, is a browser extension that includes a key vault, token wallet, token exchange, and allows you to communicate with decentralized applications (which is ultimately the point of a crypto wallet). However, these wallets are most frequently targeted by malware and are susceptible to key loggers and other malicious software on the web.
Trust Wallet is also very popular, especially among mobile users. Binance — one of the top crypto exchanges — acquired the wallet in 2018 and it is now Binance’s official wallet. Trust Wallet keeps most of its currency on cold storage servers. So it’s like having a cold wallet as a service, as strange as that may sound. With no fees for swapping and using Dapps, this is a good day to day wallet. The only unavoidable fees are for processing blockchain transactions but here you will always pay fees, miners need to validate transactions.
Keeping in mind that some networks have higher transaction fees than others i.e Ethereum network has some of the highest costs for transactions, but others like Binance Smart Chain, Polygon, or Avalanche have lower fees.
If I connect my wallet to a platform/app, what are the dangers and can I protect myself?
One of the most common dangers are users that get caught by information-stealing phishing attacks. Fraudsters would make a copy of a legitimate crypto website (exchange, DeFi project, marketplace etc.) with misleading names to lure users to connect their crypto wallet. By using account credentials to log in attackers can steal that information and use it to gain access to the victim’s account. Users should ensure they are always using the correct URLs and not connect the wallet to suspicious dapps. Users should also ensure that their wallets have Two Factor Authentication and strong unique passwords enabled to create another layer of security. Some wallets also have biometrics enabled, making it very difficult to log in without a fingerprint.
Websites posing as “the next big crypto project” might also be fake. In situations like these, it’s a good standard practice to see if the team have made themselves public or decided to be anonymous. Another thing to look out for is the project’s own wallet, what kind of transactions it is making, and what are the sources of funding?
How do I make sure I don’t become vulnerable with my wallets when transacting on web3?
Individuals who most commonly fall victim to malware are those that frequently use unsafe websites and download files from questionable sources. Malware picked up from such places is programmed to find crypto extensions and copy sensitive information. Some malware can infect a browser’s clipboard and when copying and pasting addresses it will substitute the attackers’ address.
8 basic tips to secure your wallet
- Avoid using exchanges with low security ratings.
- Don’t re-use e-mail and crypto account passwords.
- Use two factor authentication.
- Separate cryptocurrencies from personal/work accounts.
- Avoid using public Wi-Fi when accessing your crypto accounts.
- Make sure software is up-to-date.
- Be aware of the latest threats.
- Use VPN.
This article has been provided by Hacken as part of the security campaign for the PAID Network community.
Hacken is a fully-fledged cybersecurity ecosystem founded in August 2017 by cybersecurity experts, Big Four professionals, and white hat hackers. Hacken provides B2C, B2B, and B2G cybersecurity services to clients belonging to the blockchain, Defi, and NFT ecosystems from Europe, Asia, and North America.
Hacken in figures:
>800 clients, including THORSTARTER, ConstitutionDAO, XTblock, Paribus, to name a few
>80 partners including Avalanche, Polkastarter, CoinMarketCap, Weld Money, CoinGecko, Solana Foundation, Simplex, to name a few
23/50 top crypto exchanges are Hacken clients
>$10B in users’ assets saved from being stolen by hackers
Strategic goal: Get a 20% share in the Web 3.0 cybersecurity market by 2024.
PAID Network seeks to redefine the current business contract, litigation, and settlement processes by providing a simple, attorney-free, and cost-friendly DApp for users and businesses to ensure they #GetPAID wherever they are in the world.
PAID technology leverages Plasm to operate on both Ethereum and Polkadot ecosystems. PAID makes businesses exponentially more efficient by building SMART Agreements through smart contracts to seamlessly execute DeFi transactions and business agreements.
For any questions for the PAID network, please feel free to reach out to us on: