Skip to main content

Wallets and Security

How many wallets and for what purpose?

Threats

Primary threat vectors you should be aware of to ensure the security of your digital assets:

  1. Malware Attacks Malware can infect your device and steal private keys or manipulate transactions. This includes keyloggers, Trojans, and clipboard hijackers that replace copied wallet addresses with those of the attacker.
  2. Phishing Attacks Phishing involves tricking users into revealing their private keys or seed phrases through fake websites, emails, or apps that mimic legitimate services. Always verify URLs and avoid clicking on suspicious links.
  3. Social Engineering Attackers may impersonate support staff or influential figures to deceive users into disclosing sensitive information. This can include fake technical support scams or social media impersonations.
  4. Physical Security Risks Hardware wallets, while generally secure, can be stolen, lost, or physically damaged. Ensuring the physical security of your wallet and having a secure backup of your seed phrase is essential.
  5. Fake and Modified Wallets There are risks associated with purchasing counterfeit hardware wallets that may contain malicious firmware designed to steal private keys. Always buy from trusted manufacturers and inspect the device upon receipt.
  6. Side-Channel Attacks These attacks exploit the physical properties of hardware wallets, such as electromagnetic emissions, to extract private keys. Protecting your wallet from physical access and using additional security measures like passphrases can mitigate this risk.
  7. Firmware Risks Outdated or malicious firmware can compromise the security of hardware wallets. Regularly update your wallet's firmware from official sources and verify the integrity of updates.
  8. Denial of Service (DoS) Attacks DoS attacks can disrupt the functionality of wallet services, especially those connected to online exchanges. While less common for individual wallets, they can affect access to funds on centralized platforms.
  9. Consensus Attacks For wallets involved in staking or mining, consensus attacks like 51% attacks can undermine the security of the blockchain network, potentially leading to double-spending or other fraudulent activities.
  10. Supply Chain Attacks These involve tampering with the hardware or software during the manufacturing or distribution process. Ensuring the authenticity of your wallet and its components is crucial to avoid such risks.
  11. Loss of Access Forgetting login credentials or losing access to your seed phrase can result in permanent loss of funds. Securely store your seed phrase offline and consider using multi-signature wallets for added security[12].

Selection Checklist

Crypto wallet comparison checklist:

  • Security
  • Type
  • Pricing
  • Ease of Use
  • Supported Coins
  • Functionality
  • Cross Chain Swapper | Phantom
  • Customer Support
  • Prevent Theft
  • Combat MEV

Marketplace

Everyone should have a single wallet and a multi-sig wallet, what is optimum onboarding journey to get there?

NameTypeOpen SourceOnboarding
PhantomHot
MetamaskHotOnboarding
Rainbowtrue
Klever
Gnosis SafeMultiSig
Immutable
TrezorCold
LedgerCold
Omni App?
Venly
Wallet Engine

Protocol Lists:

Metamask

twitter

Metamask for Developers

Protection

Additional security tools that can be used to validate a protocol to help avoid getting the rug pulled.

Attachments