Skip to main content

Crypto Wallets

Crypto wallets are at the forefront of digital identity innovation.

One of the most important decisions when starting out with crypto/web3 is choosing the right wallet to protect your assets and faciliate common exchanges of value.

Context

Wallet Types

Which wallet is best for your needs?

  • Burner Wallets
  • Browser (Hot) Wallets
  • Hardware (Cold) Wallets
  • Multisig Wallets
  • Social Recovery

Burner Wallets

Great for onboarding and batching transactions.

Generated on the fly in the browser.

Browser (Hot) Wallets

Hardware (Cold) Wallets

Multisig Wallets

Interface Packages

Account Abstraction intends to smooth onboarding exerience into Web3. Which blockchain does it best?

Wallet Best Practices

Dev Ops Course

Wallet and Key Management

  • Private Key Security Tips

Browser Hot Wallets

(MetaMask, Phantom, etc)

Hardware Wallets

(Ledger, Trezor, etc)

  • Air Gapped
  • Medium Value
  • Not good enough for a protocol dev
  • Prone to wrench attacks

Multisig

Using Multi-signature (MultiSig) wallets is critical if deploying a Smart Contract to secure digital assets under your trust.

Safe Example

Actionable Insights: Continuosly evolve and follow best practices

  1. Diversify risk: Use MultiSig wallets to distribute authority and eliminate single points of failure.
  2. Choose the right setup: Select a suitable M-of-N setup, such as 2-of-3 or 3-of-5, based on your security needs.
  3. Use multiple hardware wallets: Store private keys in different locations and use multiple hardware wallets from different vendors to enhance security.
  4. Segregate access: Keep private keys on separate devices and avoid storing all keys on a single device.
  5. Implement robust backup and recovery processes: Ensure secure backups of seeds and wallet configuration files.
  6. Monitor transactions: Regularly review transactions to detect any suspicious activity.
  7. Use secure communication: Employ encrypted communication protocols between authorized signers and the MultiSig wallet.
  8. Conduct regular security audits: Perform security assessments and penetration testing to identify vulnerabilities.

Risk Checklist:

  1. Single point of failure: Using a single hardware wallet or storing all private keys on one device.
  2. Compromised key holders: Losing or misplacing private keys or having key holders become uncooperative.
  3. Inadequate backup and recovery processes: Failing to securely back up seeds and wallet configuration files.
  4. Insufficient security measures: Not implementing robust security protocols, such as encryption and secure communication.
  5. Lack of diversification: Using the same hardware wallet or vendor for all signers.
  6. Inadequate monitoring: Failing to regularly review transactions and detect suspicious activity.
  7. Poor key management: Not securely storing and managing private keys.
  8. Inadequate security audits: Failing to perform regular security assessments and penetration testing.

Wallet Vendors:

Social Recovery Wallets

Setting up a Safe

Build your own Wallet

Post Deployments

https://github.com/Cyfrin/evm-wallet-and-post-deployment-course

Best practices for managing contracts post deployment.

Start with solid pre-deployment preparation to be attacked.

  • Monitoring
  • Forta Bot
  • Incident Response
  • Handling Bugs
  • Blockchain Sleuthing

Post

Wallet Architecture

What are fundamentals to wallet architecture?

Need to connect the dots across:

  • discovery
  • decision routing
  • game loading