Staying safe in the crypto world requires a combination of vigilance and good habits. Here are the best practices to protect your wallet and assets:
Keep your Seed Phrase and private keys secure
Your Seed Phrase and private keys are the most sensitive parts of your wallet.
- Never share them with anyone or enter them on websites, apps, or messages.
- Avoid copying and pasting them, as clipboard data can be exposed to malicious software.
- Store them offline in a secure location, such as a hardware wallet backup or a written note stored in a safe place.
Check your approvals regularly
Approvals give smart contracts or Dapps permission to access or transfer your tokens and NFTs.
- Revoke approvals for contracts you no longer use or don’t recognize.
- Rabby makes this easy with its Approval feature. Review your approvals weekly or after each transaction.
- Act immediately when Rabby flags a risky or malicious approval.
Unchecked approvals can lead to unauthorized transfers. Regularly reviewing them ensures your assets stay safe.
Avoid connecting to untrustworthy websites
Be cautious about the websites you connect your wallet to.
- Rabby flags known phishing sites to protect you from scams.
- Rabby provides credibility insights about websites. You’ll see factors like whether the website is listed on trusted platforms (e.g., CoinMarketCap, DeFiLlama) and its popularity.
Websites with low credibility are often scams, and we recommend avoiding them. However, newly launched websites may also show low credibility because they haven’t yet built a strong reputation. In such cases, carefully evaluate whether you trust the website before deciding to connect your wallet.
Examine every signature before signing
Always make sure that what you’re signing matches what you expect to sign. You need to understand what you’re doing and the consequences of the transaction.
- For example, if you’re claiming an airdrop, you should not be signing a transaction that transfers your valuable tokens to an unknown address. This indicates a scam. In such cases, reject the transaction and disconnect from the Dapp.
- Rabby’s transaction page helps you understand what you’re signing by clearly showing details like balance changes or the contracts you’re interacting with.
- Gasless transactions aren’t always safe. For instance, “permit” transactions often don’t require gas but can be used by malicious websites to trick you into giving approvals for your valuable assets. Rabby decodes such transactions and helps you understand them with ease.
- When you sign transactions, Rabby scans for potential risks and displays a warning if any are detected. If you see any risk, stop and review it.
Take a moment to carefully review all transaction details and avoid signing anything unexpected or suspicious.
Use the Whitelist feature for trusted addresses
Rabby’s Whitelist feature allows you to add trusted addresses. Once enabled:
- You’ll need to re-confirm transactions to non-whitelisted addresses by entering your password.
- This extra layer of security prevents accidental transfers to unknown addresses.
While the Whitelist feature provides added convenience and security, it does not block unauthorized transactions initiated by someone else if they have access to your private key or Seed Phrase. Stick to your trusted list to minimize risks and always safeguard your private keys.
By following these best practices and leveraging Rabby Wallet’s security tools, you can confidently navigate the crypto world while keeping your assets safe.