When participating in DeFi, we need to perform frequent operations on the blockchain. The risks of on-chain operations include: computers being hacked or remotely controlled, hot wallets being stolen directly (many experienced users have encountered this while using blockchain.info), and there may also be targeted phishing emails, instant messages, or attacks by acquaintances. For example, someone might send you a link, and if you click it, your computer could be infected with a trojan. If your computer is already compromised and you only use hot wallets like MetaMask for mining, hackers can immediately transfer coins from your hot wallet.
The purpose of a hardware wallet is to isolate the private key from the internet, separating your public key and private key. Each time you perform an operation on the blockchain, you need to confirm it using the physical button on the hardware wallet to invoke the private key for signing, thereby isolating the private key from the internet. Since mobile wallets or browser plugins have both public and private keys integrated, they could be manipulated and stolen by hackers.
However, no matter how skilled a hacker is, they cannot reach out from the computer to press the button on your hardware wallet. Therefore, larger funds greatly benefit from the protection that a hardware cold wallet provides. Using the OneKey hardware wallet to participate in DeFi can significantly enhance the security of your funds.
Compared to software wallets, most hardware wallets have the following features:
● Use secure chips to generate and store private keys
● Have physical buttons and screens to display transaction information
● All transactions are signed through the hardware wallet and do not touch the private key
Point One
A hardware wallet is merely a tool to protect your private keys (recovery phrases); the private key (recovery phrase) is the wallet itself. Anyone who knows your private key (recovery phrase) can withdraw your coins. Thus, the private key (recovery phrase) is unlike traditional passwords. Neither OneKey officials nor any other wallet providers can recover your private key (recovery phrase). You must back up and securely store your private key (recovery phrase) multiple times.
Point Two
The private key (recovery phrase) must never be exposed to the internet. The definition of exposure includes, but is not limited to, using copy-paste functions, recording it in Word or Notepad on a computer, taking photos of it, or uploading it to WeChat and various cloud storage or note-taking services. The safest method is to physically write it down on paper and keep multiple copies in a safe place or hand them over to a trusted individual for safekeeping.
Point Three
Given that the private key (recovery phrase) is the wallet itself, if a hardware wallet is damaged, you can import the recovery phrase into another wallet to restore access (do not import the hardware wallet's recovery phrase into hot wallets like MetaMask or Rabby). Additionally, if you need to reset the wallet, you must confirm that there are no coins in it or that the recovery phrase is safely backed up for recovery.