Wallets and Security

Comparison | Mind Map

How many wallets and for what purpose?

Context

• Wallet Engineering
• Onchain Apps
• Crypto Toolkit
• Airdrops

Threats

Primary threat vectors you should be aware of to ensure the security of your digital assets:

1. Malware Attacks Malware can infect your device and steal private keys or manipulate transactions. This includes keyloggers, Trojans, and clipboard hijackers that replace copied wallet addresses with those of the attacker.
2. Phishing Attacks Phishing involves tricking users into revealing their private keys or seed phrases through fake websites, emails, or apps that mimic legitimate services. Always verify URLs and avoid clicking on suspicious links.
3. Social Engineering Attackers may impersonate support staff or influential figures to deceive users into disclosing sensitive information. This can include fake technical support scams or social media impersonations.
4. Physical Security Risks Hardware wallets, while generally secure, can be stolen, lost, or physically damaged. Ensuring the physical security of your wallet and having a secure backup of your seed phrase is essential.
5. Fake and Modified Wallets There are risks associated with purchasing counterfeit hardware wallets that may contain malicious firmware designed to steal private keys. Always buy from trusted manufacturers and inspect the device upon receipt.
6. Side-Channel Attacks These attacks exploit the physical properties of hardware wallets, such as electromagnetic emissions, to extract private keys. Protecting your wallet from physical access and using additional security measures like passphrases can mitigate this risk.
7. Firmware Risks Outdated or malicious firmware can compromise the security of hardware wallets. Regularly update your wallet's firmware from official sources and verify the integrity of updates.
8. Denial of Service (DoS) Attacks DoS attacks can disrupt the functionality of wallet services, especially those connected to online exchanges. While less common for individual wallets, they can affect access to funds on centralized platforms.
9. Consensus Attacks For wallets involved in staking or mining, consensus attacks like 51% attacks can undermine the security of the blockchain network, potentially leading to double-spending or other fraudulent activities.
10. Supply Chain Attacks These involve tampering with the hardware or software during the manufacturing or distribution process. Ensuring the authenticity of your wallet and its components is crucial to avoid such risks.
11. Loss of Access Forgetting login credentials or losing access to your seed phrase can result in permanent loss of funds. Securely store your seed phrase offline and consider using multi-signature wallets for added security[12].

Selection Checklist

Crypto wallet comparison checklist:

• Security
• Type
• Pricing
• Ease of Use
• Supported Coins
• Functionality
• Cross Chain Swapper | Phantom
• Customer Support
• Prevent Theft
• Combat MEV

Marketplace

Everyone should have a single wallet and a multi-sig wallet, what is optimum onboarding journey to get there?

Name	Type	Open Source	Onboarding
Phantom	Hot
Metamask	Hot		Onboarding
Rainbow		true
Klever
Gnosis Safe	MultiSig
Immutable
Ledger	Cold
Omni App	?
Trezor	Cold
Venly
Wallet Engine

Protocol Lists:

• Ethereum Wallets
• Solana Wallets

Metamask

twitter

Metamask for Developers

• FAQs
• Wallet Docs
• Onboarding

Additional Toolkit

Additional security tools that can be used to validate a protocol to help avoid getting the rug pulled.

• Chain Patrol
• harpie.io
• Quill Audits
• Rug Pull Checker
• tholos

See crypto toolkit for more essential tools.

Links

• Which Wallet Checklist
• Awesome Web3 Rug Check
• Cyfrin Wallet Guide
• The Defiant