Best Practices for Managing Web3 Wallets (An Infographic)
There's a lot of information out there.
The Webacy team has put together an infographic on the latest best practices for managing web3 wallets.
Here's the graphic translated into text:
- Keep at least 3 wallets: 1 hot, and 2 cold.
- Never store seed phrases on computers or phones.
- Disconnect wallets from sites before you sign off. Go to your wallet's "connected sites" or "trusted apps" section to disconnect.
Hot Wallets: A hot wallet is connected to the internet, or may be browser-based. The private key is typically stored online, making it less secure by default.
You might have a few kinds of hot wallets:
- Burner Wallet: Never store more than you're willing to lose on this wallet. This wallet is for experimentation prior to minting from potentially suspect projects. If you're minting a free NFT, this is the wallet to use.
- Degen Wallet: Use this address for higher-risk degen purchases. If you have to keep ETH on this wallet, keep the smallest amount possible. If you keep NFTs on this wallet, only hold NFTs that you can afford to lose.
- Minting Wallet: Submit this address when participating in allowlists / whitelists. Only store the ETH you need for minting and competing in gas wars. Keep few NFTs in here.
Cold Wallets: In a cold wallet, the private keys are stored offline. Hardware wallets are often considered cold wallets (Arculus, Ledger, Trezor, etc.)
Some people also sub-categorize cold wallets:
- Warm Wallet: Store NFTs in this wallet that require frequent usage. Rely on this wallet while transacting on OpenSea, verifying on Collabland, and visiting other trustworthy sites. Consider using a smart contract protection on this wallet (like Webacy) in order to evacuate assets in case of an emergency.
- Ice Cold Wallet: Think of this as your vault. This wallet is best for storing prized NFTs and long term crypto holdings. There should be little to no interactions with this wallet (no signing beyond the initial setup). Send and receive only. Set up smart contract triggers (like Webacy) in the event of dormant assets (ex. assets left untouched longer than 4 years typically fall under this law).