Safety and Security
Make sure your work is as protected as possible
Your Manifold Creator contract represents all of your work so it is extremely important that you keep it as secure as possible.
We've seen first hand how not following the best security practices can compromise not only your assets but also the ownership over all your work, so at Manifold we very strongly recommend and encourage you to use a hardware wallet for deploying and minting on your contract.
Software wallets like MetaMask store your seed phrase on your computer and browser. If an attacker compromises your computer, they get access to your wallet and can do transactions from your wallet. A hardware wallet prevents this.
You should also never store your seed phrase on a computer or anything connected to the internet (or in any digital form). If someone gets access to your seed phrase, they can rebuild your wallet and do transactions from your wallet, even if it’s a hardware wallet!
Never store your seed phrase on a computer.
Do NOT buy from Amazon or secondary vendors. There are known supply chain attacks, where hackers return compromised hardware wallets to Amazon, waiting for them to get resold to unsuspecting customers. Buy directly from the website.
Set up your hardware wallet and write down your seed phrase. DO NOT store this digitally.
Once set up, get your wallet address and write it down.
Then reset your device and try to restore it using your seed phrase.
You should get the same wallet address back. This is an important step to ensure that you wrote your seed phrase down properly. If you don’t get the same wallet back, go back to step 1.
Connect to your hardware wallet.
You should use this new hardware wallet address for most of your transactions and transfer your assets here. Expect that your existing metamask wallet can be compromised.
You will need to reach out to Foundation, OpenSea, Nifty Gateway, Makersplace, Superrare, Rarible to migrate your profiles to this new wallet.
ONLY consider this if you already have existing crypto profiles that are hard to migrate. Otherwise, skip to “BEST SECURITY”!
Only do this if:
- You have never stored your metamask seed phrase on your computer
- You are very certain you are not currently compromised
- Ensure that your seed phrase is stored in multiple secure locations (e.g. two bank vaults). The reason for multiple locations is to ensure that if one location gets destroyed, you can still restore your wallet.
Set up your hardware wallet and choose the option to restore it from your seed phrase.
Make sure the wallet address that shows up on your hardware wallet matches your metamask wallet.
This will remove all traces of the seed phrase from every device. Make sure you uninstall metamask: https://metamask.zendesk.com/hc/en-us/articles/360042515731-How-Can-I-Delete-My-MetaMask-Wallet-#:~:text=If%20you'd%20like%20to,mobile%20simply%20remove%20the%20app.&text=Join%20the%20discussions%20on%20Community%20to%20learn%20more.
When you install metamask, set up a new wallet address. Metamask will generate a new set of addresses. You will not be using these. After it generates a new set of addresses, connect to your hardware wallet.
Your old wallet should now show up in metamask, and every future transaction will require your hardware wallet to sign each transaction. This means that even if someone compromises your computer, they cannot send transactions because they don’t have access to your hardware wallet.
Write down your 12 or 24 word seed phrase on a piece of paper. Make sure it is never stored on a computer where hackers can access it. The seed phrase is the key to your kingdom.
Once again, since this is important: DO NOT EVER, EVER, EVER, STORE YOUR SEED PHRASE ON YOUR COMPUTER WHERE HACKERS CAN ACCESS IT.
Once you’ve written it down, ensure you have multiple copies stored in various secured locations (e.g. safety deposit box at two separate banks). This is to ensure that if one location gets destroyed, you can still recover your wallet.
If you want to be even more secure, split your seed phrase in half, and store two copies (4 halves) across 4 bank vaults. This ensures that even if a bank vault gets robbed, they will not be able to access your wallet.
You should also do this for your 2FA authentication codes in case you lose access to your 2FA apps.
It’s not recommended that you keep a copy of the seed phrase with you - your own residence is also vulnerable to robbery.
Listen to Batman. NEVER TYPE IN YOUR SEED PHRASE!
The setup described above, while secure, does not remove all attack vectors. Since you need to transact with your hardware wallet you will always need to keep it nearby. However, this presents risk - someone could physically attack you and force you to transact from your hardware wallet. This is known as the $5 wrench attack.
It’s a good idea to create another wallet to secure your funds. This is a hardware wallet that will only be used to receive transfers. The main differentiation between this hardware wallet and the prior one is that this one is difficult to physically access for a potential attacker. This hardware wallet would also be kept in a safe.
To do this, simply repeat step 3 and 4 to create a completely new hardware wallet. Use this new hardware wallet to receive funds, and lock up your hardware wallet somewhere secure but hard to access.