Web3 is a once-in-a-generation opportunity to shift how citizens of the world interact, transact, and entertain themselves. Like with any new journey, participating in this movement is not without risks.
There will be people who try and trick you, similar to bad actors who prey on gullible tourists. Theft and scams are not new, they’ve been around for ages and just permeate industries in different ways. What’s comforting despite that fact is how in web3, you are in control and with awareness, you can learn how to safely navigate this new world with best practices. In this lesson, we’ll discuss some of the key principles you should internalize before embarking on your web3 odyssey.
Attack vectors and how to avoid them
Remember our lesson on self-custody? Well, there’s a reason we covered it early on. One of the most common ways users are exploited in web3 is while navigating the transition from a web2 mental model—you have a username and password, and entrust their safekeeping to a platform—to a web3, self-custody model. Self-custody, empowering as it is, is not without risk.
If you lost your password to your online banking app, your bank, as the custodian of your account and money, could reset it on your behalf, as long as you could prove your identity. With self-custody, however, you hold the only means of proving your identity: your Secret Recovery Phrase (seed phrase). No one else can reset your account for you.
Security in Web3
remaining to claim this limited-time offer
Let’s try staking your ETH, choose your preferred staking provider
Mega Staked ETH
Lido Staked ETH
Rocket Pool Staked ETH
Self-custody, while empowering, has risks and requires proper security measures on my end
The two most common web3 attacks I could face are bad actors trying to get my Secret Recovery Phrase and obtaining unwanted token approvals from me
A hardware wallet is a good first step toward enhancing my web3 security.
Ready to take the next step?Explore MetaMask