How to: Crypto Safety & Management

Welcome to our Crypto Insider for March 23rd, 2022 – FREE Edition.

By popular demand, we’re bringing you the smartest insight, analysis, and investing tips for all things Crypto.

Today, we’ll be going over some common hacks and dangers to be aware of, and the things you can do to better protect your cryptocurrency. Forewarned is forearmed, and all that.

Let’s go!

How to Manage Your Cryptocurrency Safely

Why the bad rap?

It’s no secret that cryptocurrency has gotten a bad rap, and a big part of it is the many hacks and compromises that have happened involving various coins.

There have been hacks involving over 7 figures of funds in the past couple of years.

One of the most recent and public ones involves the fast-rising crypto.com, which now owns the naming rights of the previously known Staples Center, in which $34M worth of crypto was taken.

It serves them right for having one of the worst named sports arenas in the world.

Some dangers of Cryptocurrency

Cryptocurrency can get hacked in dozens of other ways, but below are the three most common risks that result in users getting their money stolen. And you definitely need to know about them.

1. Smart Contract Exploits

We’ve talked about smart contracts before and how they are at risk of being exploited, even if they are audited by 3rd party security farms. For each decentralized app (dapp), you engage with your digital wallet (such as Meta Mask) enter a smart contract.

Let’s say you are taking advantage of some juicy defi yields on platforms like Popsicle Finance by putting $5,000 worth of $ETH and $USDC into a liquidity pool for a juicy 40%+ APR.

APR 46%+ sounds great but having your $ETH stolen.. not so much.

Participating in the liquidity pool means you’re using a smart contract in which Popsicle Finance holds onto the aforementioned $ETH and $USDC. If a hacker finds a bug and hacks the smart contract, they may be able to steal the part of or all of your $ETH and $USDC that Popsicle Finance has.

How to mitigate smart contract exploit risks

  • Only engage with dapps that 3rd party companies like Certik have audited
  • Find older, most established projects that have a high total value locked (TVL)
  • Research the team behind the dapp to ensure its a trustworthy team
  • Follow the project on Twitter and join the project’s discord. When hacks happen, projects will usually let their users know what they can do to secure their assets

asd
Top 5 Leading Projects & their Security scores atm according to Certik

2. Accidental Permission

To engage with a dapp and a smart contract, you need to opt-in to requests by granting permission. While this is not a big risk with trustworthy dapps, there are plenty of dapps that want to take your cryptocurrency.

Many people don’t fully read what they are agreeing to when they grant permission for dapps to interact with their digital wallet. These malicious dapps can sneakily:

  • Ask for assets that are unrelated to the intended transaction

For example, let’s say the dapp through your browser says it wants to access your $ETH, but in the actual request, it requests access to $ETH, $USDC, and $MIM. If you say yes, all 3 assets are at risk as the $dapp now has your permission to engage with all 3 cryptocurrencies.

a
Always gotta be careful what permissions we give.
  • Drain your wallet by asking for permission for more of an asset than you expect

An example of this is if the dapp through the browser says it will take .1 $ETH, but it actually asks for 10 $ETH in the request. This is quite common, actually, as many people skim over the numbers.

How to mitigate accidental permission risk:

  • Engage with trustworthy dapps
  • Read every request carefully to make sure you know what you are granting permission to
  • If you’re not sure, ask around in the discord about the language you are confused or uncertain about

3. Computer Exploits, Viruses & Malware

The total malware infections have been on the rise for the last decade.

While this one is actually not unique to cryptocurrency, it is common enough for us to mention it. Viruses can log everything that happens to your computer, including your cryptocurrency transactions.

If your computer is hacked or has a virus, the hackers may be able to drain your cryptocurrency assets.

How to mitigate computer exploits, viruses, & malware:

  • Be wary of the sites you visit, as they can put viruses or malware on your computer
  • Be wary of anything you download, as downloaded files can also lead to exploits

Different Ways to Store Your Cryptocurrency

There are a number of ways to store cryptocurrency, each with varying levels of convenience and safety.

Centralized Exchanges

A centralized exchange (CEX) is an application where you can buy cryptocurrency with fiats such as Coinbase and the Crypto.com mentioned before.

Many cryptocurrency holders hold at least some of their cryptocurrency on centralized exchanges, and most beginners hold all of their cryptocurrency assets on CEXs. Holding your crypto on a CEX is considered the least secure method of the 3 we discuss here, as a CEX can be hacked, and your account on the CEX can be compromised.

Southpark knows.

While CEXs will likely reimburse you to protect their reputation, there is no guarantee they will. It’ll be an annoying headache to figure out how and when you will be reimbursed even if they do.

If you are holding your assets at a CEX, you are not engaging in any smart contracts, so you don’t have to worry about the first 2 risks we mentioned in the previous section.

Digital Wallets

Digital wallets are online wallets that hold your cryptocurrency. If you follow proper wallet management, digital wallets are more secure than CEXs.

The most popular is MetaMask, which is a digital wallet for Ethereum and ERC-20 tokens. However, you may need different digital wallets for different coins and chains, such as Phantom for Solana ($SOL).

You need a digital or hardware wallet to interact with dapps.

Digital wallets are more secure than CEXs if you take good care of your passwords and seed phrases, a unique set of words used to grant permission to digital wallets, similar to a password. However, seed phrases can’t be changed. Ever.

Funny til it happens to you.

Using Multiple Digital Wallets

Let’s say you have 2 $ETH, 1,500 $USDC, and 5,000 $MIM, and you want to take advantage of defi with a dapp called BADDIE, which involves staking your 1,500 $USDC.

Let’s also say you have a MetaMask wallet which we’ll call WalletA.

If you use WalletA to engage with BADDIE, you could be risking all of your assets… But you don’t have to.

This is where having multiple digital wallets can be helpful. You create a second wallet, WalletB, and send the $USDC to WalletB. Then you use WalletB to interact with BADDIE.

This way, you never grant BADDIE permission to WalletA, which holds your 2 $ETH and 5,000 $MIM. Because only WalletB interacted with BADDIE, it’s just the 1500 $USDC that is at risk.

You can create as many wallets as you need to as well, and the more you have, the more secure your assets will be.

Hardware Wallets

Hardware wallets are physical devices that let you hold and manage multiple coins. The two leading companies are Trezor and Ledger. Hardware wallets are the safest of the 3 ways to secure your cryptocurrency.

Is making a device shaped like a standard wallet too meta?

They help secure your cryptocurrency assets by requiring the physical wallet to be connected to the computer in order to interact with your cryptocurrency. As long as you have the physical device, you can log in and access your wallet anywhere.

Like with digital wallets, hardware wallets let you create multiple wallets to store your cryptocurrency. This allows you to still follow best practices to never have your primary wallet connected to dapps and just use intermediary wallets, like walletB in the example we provided in the previous section.

This way, it makes it much more difficult to steal cryptocurrency from hardware wallets because the physical device is needed, making it almost impossible for overseas bad actors to interact with your wallet.

However, in cases where your computer has a virus or malware, your hardware wallet can still be compromised.

Wrapping Up

It’s not hard to keep your cryptocurrency secure. It just requires some common sense, research, and not being lazy. If you follow the tips laid out here, you should be able to avoid the most common risks of cryptocurrency.

Definitely consider getting a hardware wallet to lock down your cryptocurrency and minimize the chances of getting your wallets drained. And remember – if something is too good to be true, then it probably is.

Many dapps are bad actors with malicious intent – always do your own research.

Share

Author

Colin Ma

Colin Ma

Colin Ma is an Alts contributor. He has bought, managed and sold multiple digital businesses across various sizes, including high 5 and 6 figure deals, and is active in crypto communities. In the past he has worked with investing.io, Domain Magnate, and founded Makujin Media, a digital marketing and asset holding company. His strengths lie in analyzing various market opportunities and growing businesses with several different models, including ad-based websites, affiliate marketing blogs, and successful e-commerce brands across a variety of niches. In his spare time, Colin can be found breakdancing around Southern California and cooking up a storm in the kitchen.

Related Posts

moonbird 2754

Moonbird #2754

Today we dive into NFTs index, XCOPY
s Bottom Feeder, NFTs on OpenSea, projects minting, and this week’s fractional IPOs.
-Moonbird #2754
-Tom Sachs Rocket Factory “Gamechanger”

aswang preview image

Aswang Tribe, Azuki controversy & more

Today’s dive gives you some perspective on the overall NFT fractional market, NFTs dropped on marketplaces, projects minting this week, and some industry news.

$luna

Our take on $UST, $LUNA & the depegging

Today, we’re looking $UST TerraUSD & $LUNA Terra. How the depegging of one of the fastest-growing stablecoins happened? What are the risks of $UST not repegging & what’s our take?

Recently Published

Curious about investing in NFTs?

Get notified on hot new NFT drops and DAOs worth exploring.


Join the club. Start here.

    Join thousands of subscribers.
    Absolutely spam-free.

    Curious about investing in Crypto?

    Crypto doesn't have to be confusing. We explain it like you're 12 years old.


    Join the club. Start here.

      Join thousands of subscribers.
      Absolutely spam-free.