|
|
Edited by Kapil334 at 23-12-2023 05:26 AM
Cryptocurrency Dark Forest Survival Tips: Wallet Security Strategies and Risk Tier Management
Risk tiering, asset isolation, and the occasional asset theft are not as terrifying as having all your assets wiped out in one fell swoop.
""In the world of cryptocurrency, the most tragic thing is to wake up one day and discover your assets have been stolen, and all the hard work you put in vanishes into thin air. I used to feel the fear, just like when I saw others experiencing similar incidents. I deeply questioned myself: Do I have any risks of losing assets? Will I wake up one morning and find all my Bitcoin and Ethereum gone?""
For a long time, it was almost like a nightmare for me. However, over the past few years, I've gradually gained the power to combat this insecurity in the cryptocurrency world. I've adopted encryption technology, created a security line that fits my own situation, and engaged in numerous attack and defense exercises in my mind. I know when I might be under attack, how much asset loss could occur, and the probability of such incidents. Once I understood these, I was finally able to put my mind at ease, quietly watching the coins in my monitored account and enjoying the benefits that the blockchain world offers.
My strategy might not be the safest, but it's a process of continuous improvement and learning. This is just my perspective, and I welcome fellow risk management experts to share their experiences. Here, I'd like to recommend a comprehensive guide for blockchain security created by COS Yu, the founder of SlowMist. It provides a detailed overview of cryptocurrency security and can be considered a blockchain security bible. Every cryptocurrency participant should study it carefully.
To get straight to the point, here's the hardware and risk management layer structure I use:
Hardware: Apple MacBook Pro + Trezor or other hardware wallets
I avoid using Windows computers as much as possible. While even Apple systems aren't immune to computer viruses, the likelihood is much lower.
Now, here's the risk management layer structure for my hot and cold wallets:
1. The Airdrop Layer (Google Account 1 or Computer 1)
This is where I manage various hot wallets with the lowest security level. They exist for interacting with potential airdrop projects, such as installing various Chrome wallet plugins, participating in education, translation, AI, and more. Some of these plugins can't guarantee their security, so I've created a separate, less frequently used Google account and installed these plugins there. My airdrop wallets contain minimal funds, which I use solely for trying out other wallets or interacting with Layer 2 solutions. Even if they were hacked, it wouldn't affect the overall security of my assets. For those on a scientific level, there should be another, more comprehensive risk management approach; this article doesn't discuss that.
If you also have entertainment or gaming needs, it's best to use a separate computer for these activities to avoid mixing gaming and wallet interactions on the same device.
2. The Trading Layer (Google Account 2 or Computer 2)
This layer is different from the Airdrop Layer and contains several hot wallets for legitimate DeFi trading. I use the MetaMask Chrome browser extension here. In this Google account, besides MetaMask, I only have 1Password, a necessary password management plugin. I recommend removing all other plugins to avoid any malicious ones or vulnerabilities that could compromise your wallet's security. Therefore, the Chrome browser in this account is kept clean and only used for wallet operations.
The percentage of assets here is larger and is used for various DeFi operations, signature authorizations, NFT trading, and so on. I put what I consider the amount of assets I can afford to lose in these hot wallets. For unlimited authorizations for stablecoins, I periodically check and revoke them on revoke.cash. The best practice is to never grant unlimited authorizations; you should only authorize as much as you need, unless it's for a DeFi blue-chip project that you have high confidence in.
Generally, these hot wallets are also ranked by risk level. You can have the lowest-risk wallets for Dogecoin (which I don't have), wallets for participating in high-quality airdrops (widely interacted DeFi projects), and wallets for interacting with large-cap DeFi projects, such as Curve, Convex, Uniswap, Liquity, Lido, and more. For any project, be wary of phishing websites. I encountered a phishing site for Rocket Pool that looked exactly the same. But once you connected your wallet, it would automatically ask you to sign a transaction, and upon closer examination of the transaction contents, I discovered it was transferring all your ETH. So, make sure to carefully review transaction details like the amount and destination address before signing.
There are many similar details to be aware of, so please continue learning and studying. This article primarily focuses on wallet risk management. |
|
Post time 14-10-2023 20:25:46
