What exactly does safety and security mean as it relates to NFTs? How do we avoid crypto scams and NFT rug pulls?
Today, NFT owners continue to experience scams, hacks and other security threats. We are proud to present our security 101, aiming to educate both experts and beginners. If you want to know what an NFT wallet is, how to protect your NFT Collection and how to avoid scams; here are some NFT security fundamentals!
Avoid NFT Scams With Web3 Security Basics
Before we can get to how you can make sure your NFTs are fully secure, you need to know the basics of NFT Security. That starts with education, so let’s take a look at some basic NFT knowledge you might need to know.
Firstly, your wallet is protected by a password. This is called a seedphrase or private key. Let’s start with a recap of what each of these are, and what it means for your NFT security.
Let’s start at the beginning – What is a private key?
Owning crypto means owning the private key for the address on the blockchain where that crypto is kept. Whether you’re interested in coins, tokens or NFTs, the private key is what defines your ownership of that asset.
However, watch out! Losing access to your private key – or letting it fall into the wrong hands – means losing access to your crypto wallet and all of your NFTs it contains! If you want to learn more about private keys, make sure to check out Ledger’s extensive guide on what a private key really is.
The key takeaway is this: how you store your private key determines the security of your entire NFT collection. This is where NFT wallets come in.
What is an NFT Wallet?
Basically, an NFT wallet is a digital crypto wallet which allows you to store the private keys for your NFTs . To properly secure your own NFT collection, you should understand the difference between the following types of crypto wallet:
Firstly, Hardware vs Software wallets, and then; Custodial vs. Non-custodial wallets. Let’s start with a recap of what each of these is, and what it means for your NFT security.
Custodial VS Non-custodial wallets
In a basic sense, crypto wallets can either be custodial or non-custodial. A custodial wallet is a software wallet, the private keys of which are held by a platform. One major example is Coinbase, which offers its own crypto wallet. The benefit of using a custodial wallet is simplicity: the platform controls the private keys and you the user simply “log in” when you want to access your wallet. But since you don’t control the private keys, you don’t really control the contents of the wallet either, and this means you sacrifice security and control for convenience.
In contrast, a non-custodial wallet is one whose private keys are controlled solely by you, the owner. This means you retain absolute control over your NFTs – but it also means you’re responsible for how you manage those all important keys, and keeping them safe.
There is more than one type of non-custodial wallet, each offering a different level of protection. Let’s take a deep dive into those now.
Software wallets: High Convenience, Poor Security
Software wallets like MetaMask exist on your computer or phone, and are a convenient way for users to control their own private keys (more on that to come). However, they come with major disadvantages which make them a less secure way to store NFTs.
The fact that they are online – which is why they’re also known as hot wallets – makes them susceptible to all kinds of attacks that are deployed via your internet connection. In the past, all MetaMask users on iCloud were put at risk due to a major phishing attack. Attacks like these can compromise your NFT security by targeting your software wallet (and the private keys stored within them). As long as that interface exists on a connected device, this will always be a risk.
Hardware wallets: Maximum Security, Reduced Convenience
Hardware wallets are much safer. First, what exactly is a hardware wallet? Hardware wallets are physical devices where you secure your private keys that exist separately from your computer or phone. The point of doing this is that they remain isolated from your internet connection and the risks that are deployed there, making them, and your NFTs, much more secure. Anybody actively acquiring NFTs or other crypto assets should really be using a hardware wallet to keep those assets secure.
If you want to dig deeper into hardware wallet security, Ledger have a great guide on how to secure your NFTs. For an in-depth breakdown on all other types of NFT wallets, check out our guide on choosing an NFT wallet.
The Key To Avoiding NFT Scams
You’ve probably understood by this point that managing your NFTs involves striking a careful balance between two big considerations: security and ease of use. Admittedly, it can be hard to find the sweet spot between these two things. Ease of use tends to mean securing your private keys using a software interface on a connected device, while proper security means keeping those keys offline. So how can you interact seamlessly with Web3 while enjoying complete peace of mind?
The answer is: by using a system that combines the security of a hardware wallet with the convenience of an online management interface.