One of the best parts of having an Ethereum wallet like Rainbow is that you are in total control of your money. Unlike a bank account from Wells Fargo or a crypto exchange like Coinbase, we do not hold your assets on your behalf. Instead, your money is actually yours thanks to the power of cryptography. You can do whatever you want with it, whenever you want. No one is standing in your way!
Because of this, it's important for you to be on guard and keep your information secure and properly backed up. Thankfully, it’s relatively easy to stay safe as long as you understand the ways in which crypto is different from traditional finance.
An overview:
To get started, the world of crypto and Web3 is a bit different than how we're used to surfing the traditional internet. A crypto wallet doesn’t typically have a username or password associated with it. Instead, it has 3 things — none of which are chosen by the owner:
Public wallet address:
Anyone who knows your public address can see your transaction history and what assets you have inside of your wallet. They can also send things to your wallet without your permission.
Secret phrase
Private cryptographic key:
A private key or secret phrase on the other hand grants control over everything inside of a wallet.
Doing your part to keep access to your wallet:
If you lose your wallet's private key and secret phrase, there's no way of recovering access to the wallet. You can't just click a "forgot password" button, and there's no 2-factor authentication. Wallet providers like Rainbow don't even know your private key, so we can't retrieve it for you either.
Instead, you need to personally backup your private key and/or secret phrase. There are many ways of doing this, and each method gives you a different level of protection. Here are a few examples:
Rainbow's iCloud Backup feature for iOS
Rainbow’s Google Drive Backup feature for Android
Password Manager
Written on a piece of paper
Stamped onto a piece of metal
Memorization
With Rainbow, you can automatically create a secure backup of your wallet or copy the secret phrase down on a piece of paper or in a password manager.
📌 It is recommended that you make sure your wallet is backed up regularly. If you opt to not backup your wallet on your device, you’ll want to ensure your secret phrase is separately properly secured. Remember, if you lose your wallet's private key and secret phrase, there's no way of recovering access to the wallet.
Hello Interoperability!
One of the other big differences between crypto and the traditional internet is that you can actually take your wallet's private key or secret phrase and use them with a totally different wallet app. If you decided Rainbow wasn't for you, then you could easily take your credentials and use them somewhere else. You could even have your wallet (and thus all the assets contained by it) in two places or apps at once.
A term used to describe this kind of tech is the word interoperable. It means that data and software made by totally different organizations can work together seamlessly.
The traditional internet doesn't typically work this way, and it's usually not good for consumers. For example, you can't take your Meta data and move it over to Twitter. You're locked in, and the burden of leaving is heavy.
In the new world of Ethereum and Web3, your identities and data go with you.
You can connect your wallet to decentralized apps (Dapps) to do lots of fun and useful things. You can also sign-in to websites using your wallet instead of having to create new accounts and passwords for each one.
In fact, the term "wallet" isn't really that great of a name for what apps like Rainbow can do. It’s kind of like how we call our devices “phones” but they’re so much more than just a phone. Crypto wallets are more like portals, passports, and digital identities for a whole new world. The possibilities are endless.
The Staying Safe Checklist:
Now that you have a better understanding of how the new world of Ethereum and crypto works, lets talk about specific steps you can take to be safe:
1. Only share a wallet address if you’re comfortable tying your identity to it and exposing everything inside of it.
Because the blockchain is public and decentralized, anyone with your address can see your entire transaction history. Is that something you’re okay with?
2. Consider having more than one wallet.
Many people choose to have multiple wallets that serve different purposes. The most common example is having a “social wallet” that is tied to their public identity while also having a “hardware wallet” that is anonymous. Rainbow lets you create as many wallets as you need.
3. Backup your secret phrase or private key somewhere safe.
As we mentioned earlier, these two things are what give control over a wallet. You must back them up someplace safe because they are the only thing that could let you back into your wallet if you lose access.
4. Never share your secret phrase or private key with anyone.
There may be some rare exceptions to this rule, but for the most part you should be the only person who can control your wallet. Accidentally leaking or sharing your private key and secret phrase means your wallet is permanently compromised. It’s not like the traditional internet where you can simply reset your password. Private keys and secret phrases are unchangeable. Your only course of action would be to start a new wallet.
5. Consider investing in a hardware wallet.
If you have a very large amount of money, getting a "cold" hardware wallet like a Trezor or Ledger and following its security practices can give you even greater protection. These kinds of wallets are meant for longer term holding of assets that you aren't going to be using on a regular basis. A software wallet like Rainbow is still very secure and best for being your “daily driver” or “social wallet”.
6. Follow the tips outlined in our “Avoiding Crypto Scams” guide.
Just like in the traditional finance world, there are some bad actors looking to steal your assets. It’s not hard to avoid these scams though if you know what to look for. We have a helpful guide to avoiding crypto scams that you can read following the link below.