How would you rate your wallet’s security setup?

F Tier: asking to get drained

Everything in Hot Wallets

User has all their savings in a few hot wallets to engage with DeFi, claim airdrops, trade NFTs, sign transactions.
Their Seed Phrase is stored insecurely (e.g. on a post-it note, on a picture, in Notes App, on your desktop, etc.).

If you get drained you get no sympathy. Might as well walk around the city with thousands of dollars of cash sticking out of your pocket.

Why are you letting someone else hold onto your crypto? Did you not learn from Mt Gox and FTX? The whole point of Crypto is to store the keys yourself.
Well, at least nobody will steal your seed phrase this way and you’re less likely to get phished.
Even though you’re less likely to get drained, there’s still high risk of being restricted and losing access to your funds indefinitely.
If you try to move any meaningful amount you’re immediately flagged and potentially restricted.

You already have the crypto, might as well do it right (see A tier & S tier).

I mean, they can’t steal your seed phrase from interacting with DeFi apps, my friend at least do a good job storing your seed phrase.
Remember you can always sign a malicious transaction or get phished into approving the wrong smart contract (which is very common).

It’s like having a deadbolt on the front door but leaving the window wide open.

Store all your Seed Phrases & Private Keys in a Password Manager so it’s encrypted, isolated and backed up.
User has two wallets, one “Cold” wallet that doesn’t sign transactions in DeFi, it only interacts with the Hot Wallet.
Try to have as little as possible on the Hot Wallet, just what you need to execute transactions.

Now you’re being smart, but could do better. If you have $50K+ USD or 20% of your net worth in crypto I’d recommend more security.

Store your backup seed phrase (both for hard wallet & hot wallet) in a password manager.
Hackers will need your physical hard wallet device to access your savings.

Smart Wallets don’t even have a seed phrase, that risk is eliminated. Squads Protocol (Protocol underlying Fuse Wallet) already secures billions for protocols and has never been hacked.
Fuse Wallet needs both your actual phone and an iCloud key to execute a transaction. So even an iCloud hack can’t do anything, and it’s easy to restore from a new iOS device.

Now you’ve got a fool proof, long term setup. But imagine combining Fuse Wallet + a Hard Wallet into one mega-secure wallet setup.

A hacker would need both your Ledger device and physical phone to approve any transactions, so there are two “physical” keys.
The Ledger addition also makes it possible to set up a beneficiary if you pass.
You can set up ways to recover it using email or another wallet (as long as you have the Ledger device)

Congratulations you have now perfected wallet security. This setup is safer than your bank.

Have a smart wallet that requires 3 signers out of 4, one key with Ledger, one with KeyStone, and one with Trezor, and one hot wallet.
Even if there were an exploit with any of the hard wallets you are still safe.
This may be overkill for the average user, and you need to make sure you don’t lose any of the 3 hardware devices.

Tbh this only makes sense if you are a protocol. Overkill for your average user.

December 29, 2024