Security 101: Experts’ Top 3 tips

Arthera’s Security Ethos: By Design and By Default

We invited a plethora of speakers, experts, OGs, partners and combinations of all of these categories to discuss security in Web3. Why is it important? What can be improved? What has happened to make it such an important topic?

Click for the Space recording

The Space lasted for longer than the allocated time (sorry not sorry!) and more remains to be discussed. And discussed, agreed, solved and investigated it shall be in DMs, groups, further Spaces and in product roll-outs and operational procedures throughout the Arthera ecosystem.

Listen to the Roundtable here: https://twitter.com/i/spaces/1jMJgmWlnbOKL?s=20

What can everyone do about Web3 Security?

We asked for three takeaways from the discussion, and wider appreciation of the topic from those in attendance and this is what they came up with:

@y3tiCrypto: Web3 Security Auditing

My top 3 security basics (the simplest options):

1. Don’t click on any links from users or emails you don’t know. Also if you hover over links it will usually show where it intends to send you — make sure you want to go there!
2. Keep your devices up-to-date and antivirus programs up-to-date as well. This will help protect against 0 day attacks (brand new, in the wild)
3. Don’t connect your wallets to services (dex/dApps etc) that you don’t know or don’t trust. Do your research and always ask questions!

@SerpentXTech: Computer Information Systems Administrator

1. Browser security — Wallet backup and protection
2. Confirm the addresses you are interacting with, and know the difference between a contract address and a user wallet, using the explorer to better understand (etherscan, bscscan, etc.)
3. Use verified or vetted Dex’es, or Cex’es, for transacting, trading, sending, and receiving. Confirm contract address before importing into Dex’s like uniswap, sushiswap, pancake, etc.

Kleanthi: CMO of Lossless (@kleokl7)

Simple security tips:

1. Never click links from people you don’t know, anyone can fake accounts

2. Triple-check that you are on the correct website, never click/sign without knowing to whom you give permission.

3. Ethereum and Metamask don’t have customer support, triple-check to send funds to the correct address.

Ddimitrov22: Smart Contract Security Researcher

1. Be very careful with the links you click — anything that says there is a free NFT or airdrop is almost 100% a scam.

2. Be careful how you store your private key/seed phrase — use hardware wallets, password managers, or even a piece of paper.

3. Always do your own research before you connect your wallet and send funds.

How about you?

What are your security habits? Do they need to be stricter or have you got everything tied up with the neatest and most secure bow possible. A double bow maybe?