3. General advice
● Generally, seek to hold your own private key, or you don't technically own
the token
● Don't hold more than 15% of portfolio in any single location, unless maybe
a hardware wallet
● Be weary of holding too much USD tether (more than 20% of portfolio)
● Double check destination address / dont send ETH from exchange to
exchange or ICO
● Use VPN on public networks - NordVPN
● Use a firewall (especially on Windows) - LittleSnitch
5. Exchange safety
Notable hacks: MtGox, BTC-E, Bitfinex, Bitstamp
Refer to Exchange Breakdown in Crypto Sheet:
https://docs.google.com/spreadsheets/d/1rahak4f3iRR8gdzGqLMOrKBs949m
OK1VwT3v0r46VX8/edit#gid=1531924450
Use 2-factor authentication (2FA) + IP whitelisting
Beware SMS auth - forgable
Beware backup email without 2FA
6. Software wallet
More secure than an exchange
iOS more secure than alternatives due to security constraints
Windows most compromisable
Android also compromisable without TEE chip (Trusted Execution
Environment) (Rivetz)
7. Hardware wallet (get one)
Uses a double chip system so that the chip signing your transactions cannot
expose your keys
There are a number of ways to check the authenticity of your device:
● Refer to manufacturer for up-to-date instructions
● Check packaging
● Check broken seal
● Use verification software
● Always change default seed
8. Paper wallets
Clone open source project
1. Disconnect internet
2. Restart computer
3. Generate keys
4. Restart computer
5. Connect internet
Brain wallet = memorizing a passphrase
9. Investing safety
Don't click on links you don't know - the link could be malicious (EtherDelta XSS
attack)
Use multiple addresses just incase one is compromised
Hardware wallets make this easy as you can use a different password to login
(ie the ICO name), giving you an entirely new wallet