During last months, there have been a lot of talks about web/mobile wallet security. In this article, we will briefly cover more specific risks, which are actual, according to recent exploits.
So, letβs take a look at the main risks:
Wallet app keeps your private keys/seed phrases unencrypted on a centralized server
Some wallets may keep your seed phrases on the centralized servers and store them unencrypted, making them visible to anyone with access to the server.
Management of the private key by the wallet source code
If the private key is managed by the wallet app source code, the developer of the app can access every wallet in the app by releasing a new wallet update that has the function of sending all private keys to him.
These two factors do not depend on you. The only thing you can do is use so-called βbattle-testedβ wallets. Those which exist for at least 1-2 years and have a crystal reputation.Β
Letβs continue with other factors, which can be under your control:
Copying your seed phrase when creating the wallet
After copying your seed phrase on your device, it goes to the clipboard. Copying seed phrases shouldnβt be possible because other applications or websites can access your clipboard and steal seed phrases.
Generating and copying your private keyΒ
Itβs pretty much the same problem as the previous one but dedicated to the private key. When copying your private key to the clipboard, it also becomes possible for other applications and websites to steal it.
Clipboard history on some OS
Some operational systems, such as Windows and Android, have a built-in clipboard history function, so every application or website which gets access to the clipboard and its history can easily access your seed phrase or private key, which you may have copied long before.
Sending your seed phrase to your email when creating your wallet
Some of the wallet apps have a function to send your seed phrase to your email at the stage of wallet creation. It creates additional risk because, as a user, you canβt be sure that a wallet application makes it in a safe and encrypted way, so it is better to avoid such functions.
These factors depend only on you, so better to remember all of them to keep your wallet secure.Β
All the facts mentioned in the article have equal importance in your wallet security.Β
Most of these factors are not appropriately considered in wallet security, but they are of critical importance in your wallet security.
