Swirl colors top graphicSwirl colors top graphic

How to Stay Safe in DeFi & Protect Your Crypto

Billions and billions of dollars are lost each year by crypto users who fall victim to scams. Unfortunately, if you don’t know what to look out for, it can happen to you in the blink of an eye.

We’d love to help you avoid the pain of having your crypto stolen. That’s why we’ve put together the best practices to protect your cryptocurrency as you navigate the world of decentralized finance (DeFi).

What we’ll cover in this guide:

  • Ways to protect your private key and seed phrase
  • Wallet techniques to protect your crypto
  • How to use Secret Tokens and Secret DeFi
  • Methods to secure your devices and internet connection
  • Why (and how) to do your own research (DYOR)

Ways to protect your private keys & seed phrases

Let’s start with two of the most important things to keep safe in DeFi and crypto: your private key and seed phrase. Both give anyone access to your wallet—and thus your funds. That’s why it’s critical to keep these safe!

Here’s how you can stay safe while DeFi-ing:

Backup & safely store your seed phrase

One of the first things you should do when creating your wallet is to backup your seed phrase, as this is the only way to restore access to your funds if you lose or break your wallet.

The best way to backup your seed phrase is by writing it on a piece of paper or other physical media. You can store your physical seed phrase backup in multiple locations like a personal vault and a deposit box. You can also split your seed phrase into parts and store each one separately.

Ways To Protect Your Private Key And Seed Phrase

Do NOT save your seed phrase & private key in cloud-based or unencrypted storage

Google Drive, DropBox, or your email are NOT reliable storage solutions. You should never use a Word document, TCT, or Notepad apps. Never copy and paste your seed phrase, as it will be exposed to your local memory. Never store it on any digital or unencrypted device like a thumb drive.

Never give your seed phrase or private key to anyone

Support won’t need it; if they ask for it, you’re talking to scammers trying to hack your account. This rule applies to airdrops as well. Don’t do it if you need to share your private key or seed phrase to be eligible.

The only time you’ll need your seed phrase is when “restoring” a wallet to a new device due to broken devices, upgrades, or importing the wallet elsewhere.

Wallet techniques to protect your assets

Which wallet you use and how you use it can make all the difference for the asset’s safety. Here are tips on how to use wallets to protect your cryptocurrency:

Use different wallets for different activities

All wallets have their pros and cons. For example, hardware wallets are the most secure but don’t always easily connect with dApps and can’t serve as on-ramps. Software wallets make sending and receving crypto a breeze, but don’t provide the highest level of security like hardware wallets do.

Wallet Techniques To Keep Your Assets Safe
The solution:

Create different wallets for different purposes! Here’s how:

  • Use a hardware wallet for your long-term investments that you make as secure as possible and never save, copy, or use its seed phrase on a device connected to the internet. To maximize your security, create a private wallet that can’t be linked to your other wallets
  • Have a software wallet for interacting with dApps and active trading. Your trade wallet is for using vetted projects but should not contain the majority of your funds
  • Create a different wallet with very little crypto in it—just enough to cover gas fees—to vet new dApps & services and participate in giveaways. If it gets compromised, quarantine it and create a new wallet

Note: if you hold high-value NFTs, we recommend creating an extra long-hold wallet for these NFTs because their non-fungibility can quickly reveal your identity.

Be extra careful when using software wallets

Software wallets are only as secure as your device and usage. Most wallets save the private key of your wallets on the device memory you are using, so it’s important not to use a device that you visit questionable websites with.

If you’re using a mobile wallet, have a good security suite with antivirus/malware and a link checker. There are many good paid products and even free ones on Google Play for link checking. Most free services also have premium options available.

Be aware of what you are signing with your wallet

Most crypto transactions ask for a signature, but beware! Some may be malicious smart contracts, designed to appear like any other transaction, that steal your keys and give the scammer access to your wallet when signing. So check transaction details and do your own research (DYOR) on projects before trusting them!

Remember: not your keys, not your crypto

It’s a common phrase in crypto, but it often sinks in too late. If you hold your crypto assets in a custodial wallet where you don’t hold your private keys, like an exchange or lending platform, you risk losing your assets if the platform is hacked or goes bankrupt. That’s why it’s critical to, at any time, only hold a small portion of your portfolio on any of these platforms.

How to use Secret Tokens and Secret DeFi

Privacy is essential to keeping your financial details—and crypto—safe. Here’s why and how to use Secret’s privacy features to protect your crypto while participating in DeFi:

Store your tokens and coins as Secret Tokens

When your assets are on Secret Network—as SCRT, Secret Tokens, or Secret NFTs—you get to decide who can see the assets in your wallet. Secret’s privacy-preserving technology keeps your assets hidden on the blockchain and protects you from phishing attacks.

Take the OpenSea phishing attack in February 2022, where hackers targeted Ethereum users. Since Ethereum is a public blockchain, scammers could see what wallets held expensive NFTs. They tracked interactions made with these wallets (recorded on-chain), uncovered the owner’s identities, and performed targeted phishing attacks.

How To Use Secret Tokens And Secret DeFi

Use Secret DeFi apps for swaps, lending, and borrowing

Using DeFi apps on public-by-default blockchains exposes all of your activity. DeFi apps on Secret Network encrypt your sensitive data to ensure your financial information stays safe.

You can, for example, use a lending app like Sienna that can check your eligibility for a loan while keeping your data encrypted—and thus hidden—on-chain. Each Secret dApp utilizes the network’s privacy-enhancing capabilities. What data is kept private and made public can differ per Secret DeFi app, so check out the documentation of the specific DeFi app you want to use.

💡Want to know more about Secret DeFi? Check out our Secret DeFi page.

Regenerate your viewing keys regularly

Viewing keys are useful tools that give trusted third parties, like your accountant, viewing access to your funds if needed. But sharing viewing keys can create the risk of giving too many people access to your funds even when it stops being necessary.

That’s why we advise you to regenerate your viewing keys regularly. Creating new keys revokes viewing access for anyone who holds the old key, ensuring as few people as necessary can access your funds and maximizing your security.

💡 To learn how to regenerate, e.g. create a new viewing key, check out this tutorial.

Methods to secure your devices & internet connection

The internet enables you to connect with anyone. However, it also allows scammers to connect with you—and if you’re not careful, drain your wallet. Here are some tips to make using the internet as safe as possible:

Use a dedicated device

Use a dedicated device when trading your crypto or accessing your more significant accounts. This device doesn’t need to be expensive or top quality. An old laptop is usually fine, as most blockchain dApps are not intensive on spec requirements.

What’s important to remember is that the fewer apps and data traffic on the device, the safer your funds are. Use your dedicated device only for your DeFi activities and don’t share it with others.

Use strong passwords and two-factor authentication (2FA)

Especially on custodial accounts like Coinbase or Binance!

Use a 2FA app like Yubikey, Authy, or Google authenticator instead of SMS. Use strong passwords with 12 or more characters, including symbols and numbers. The easiest way to create and store passwords is to use generators like 1Password and LastPass.

Consider setting your mobile account to only allow SIM card changes in-store to protect against SIM swap attacks.

Use a VPN

This method is one of the easiest and most efficient ways to block a bad actor’s ability to track you. A VPN changes your IP address, making it look like you are accessing the internet from another location than where you actually are. VPNs are essential to basic online security and have many benefits.

There are free VPNs, but we recommend using a paid version like NordVPN as many free VPNs farm data to pay their bills, which goes against the whole purpose of a VPN. You can use a decentralized alternative like Sentinel, built on Cosmos. It might take you a little more time to set up, but Sentinel works great with all things Secret.

Methods To Secure Your Devices And Internet Connection

Why (and how) to DYOR

In crypto, you are in control, and you have the responsibility for your assets. The best way to stay safe in crypto is to triple-check everything. “Don’t trust, but verify!”—always.

Double-check EVERYTHING

One of the most common reasons people lose funds is user errors such as transfers to the wrong address or network. Check your address and network carefully, and fill out any necessary memo fields before making a transaction. If you’re making a high-value transfer, do a test transfer first with a small amount of crypto.

Read URLs and only click links from trusted sources. Phishing links can look a lot more believable than you’d think. Manually check the sender of any message to make sure they are the legitimate contact. Check website URL addresses to make sure they look correct. Example: make sure app.osmosis.zone is NOT app.ozmosis.zone.

Be very careful when responding to DMs

Do NOT answer direct messages that are asking for financial or personal details! Project developers and support never message you first. Private sales and doubling events do not happen in Telegram or Discord! Nobody will send you 2 BTC if you send them 1 BTC. You’ll just lose your 1 BTC. Like with most things in life, if it seems too good to be true, it probably is.

To sum it up

Those are our tips to stay safe in DeFi and protect your crypto. Here’s a quick summary of our recommendations:

  • Buy a hardware wallet to store your long-term holdings, create several backups of your seed phrase—on paper or engraved on flame-resistant steel—and keep them in secure areas such as a deposit box or a safe
  • Download a link checker and antivirus/malware protection installed and use a VPN. Only contact support via official channels and be very wary of fake Telegram/Twitter/etc. accounts. Your best bet is to search Google for the official website. Remember that support will never require your seed phrase or private key
  • Use separate wallets for your long-term investments. Use different wallets for dApps, yield farming, and vetting new tools

That’s it, folks. Stay safe, and stay SECRET!