Blockchain wallets, including Bitcoin wallets and Ethereum wallets, come in a variety of flavours, each designed to suit different user preferences and security needs. Wallet security depends on a number of factors, including the type of wallet you use, how often you use it, and what types of applications you are interacting with.
The zkBob wallet is a specific type of wallet which relies on smart contracts for its safety and functionality. It is also non-custodial, which means you control your own private keys. A popular saying in the blockchain world is "Not your keys, not your crypto". With non-custodial wallets like zkBob, only you have access to the keys, and only you can access your crypto with those keys. Learn more about non-custodial, smart contract wallet features.
Wallet security can depend on the type of wallet used as well as best practices to keep assets safe.
Types of Bitcoin Wallets
There are several different kinds of wallets available for blockchain users. Bitcoin wallets typically fit into 3 broad categories.
- Hardware Wallets: These are considered the most secure type of Bitcoin wallet. They are physical devices that store your private keys offline, making them less susceptible to online threats like hacking and malware.
- Software Wallets: Software wallets, including mobile, desktop, and web wallets, can vary in security. Some are well-designed with strong encryption and security features, while others may have vulnerabilities.
- Paper Wallets: A paper wallet involves storing your private keys on a physical piece of paper. They are secure as long as the paper is kept safe from physical damage and prying eyes.
In addition to the wallet types above, the Ethereum Virtual Machine (EVM) provides the ability to add programability to wallets. Rather than just a way to store and transfer assets, EVM wallets can introduce additional features. This can take the form of a generalized web wallet, or a more specialized smart contract wallet.
The most well-know smart contract wallet is probably a multi-signature (or multi-sig) wallet. With a multi-sig wallet, multiple users (the number of users can be changed via calls to the smart contract) are needed to sign and authorize a transaction, enhancing security and offering shared control.
zkBob is a next generation smart-contract wallet, using advanced zero-knowledge cryptography to provide privacy for senders and receivers. zkBob app users can setup their wallets with either a stand alone seed phrase, or use the private key from a secondary wallet. Either way, security is in the hands of the user, and it is their responsibility to keep their wallet secure.
Keeping your Bitcoin Wallet Secure
There are several steps you should take to enhance the security of your wallet. These top 10 basic steps (plus 1 bonus step for EVM wallets) apply to all types of blockchain wallets.
- Secure Backups: If you lose access to your wallet, you can lose your assets forever. It's crucial to have secure backups of your wallet's private keys or recovery phrases.
- Updates: Keep your wallet software up to date to ensure you have the latest security patches.
- Two-Factor Authentication (2FA): If your wallet supports 2FA, enable it to add an extra layer of security.
- Beware of Phishing: Be cautious of phishing attacks where malicious actors impersonate legitimate wallet services to steal your information. Always double check urls, and if there is an offer that is too good to be true or expires very quickly, be wary and diligent before you try it.
- Password and PIN Protection:
- Use strong, unique passwords and PINs for your wallet. Avoid using easily guessable information.
- Enable password protection for your wallet app or device, if available.
- Offline Storage: If you're holding a significant amount of Bitcoin, consider using a hardware wallet or paper wallet for offline storage. This reduces the risk of online attacks.
- Security Updates: Stay informed about security best practices and potential vulnerabilities in the wallet software you use. Regularly update your knowledge and wallet software as needed.
- Physical Security: For hardware wallets and paper wallets, physical security is essential. Keep them in a safe place, protected from theft, damage, or loss. A fireproof safe or copies of your seed phrase in a safe deposit box provide additional piece of mind.
- Public Wi-Fi and Untrusted Devices: Be cautious when accessing your wallet or making transactions on public Wi-Fi networks or untrusted devices. These environments can expose you to security risks.
- Diversify Storage: Consider spreading your Bitcoin holdings across multiple wallets, both online and offline, reduce the risk of a single point of failure.
- Bonus: Revoke Access after using a service (EVM wallets): When you grant access to contracts to access your wallet, you may give them more access than needed (the ability to remove more assets or even unlimited assets from your wallet). If the service is ever compromised than hackers will have access to all your funds. Use tools like Revoke.cash or the revoke app in some instances of Blockscout to check your allowances and access settings and remove any you aren't using.
Keeping your zkBob Wallet Secure
In addition to the points above, you can add additional protection to your zkBob wallet by adding an access password. You will enter this password every time you access the zkBob smart contract wallet.
1) Go to your account and click Settings.
2) Click Set password.
3) Enter information and confirm. Next time you visit app.zkBob.com, you will be asked to provide this password.
Always check the web address when you are signing a message to deposit funds to zkBob. You can check in your MetaMask or other attached wallet to ensure you aren't interacting with a phishing site.
If anything goes wrong during your zkBob transfers, contact zkBob developers with your Support ID and they can help troubleshoot the issues.
Remember that no system is entirely foolproof, and the security of your assets ultimately depends on your diligence in following best practices and choosing secure wallet options. It's essential to research and select reputable wallet providers and stay informed about evolving security threats in the cryptocurrency space.