How prepared are you anon?

Computer Pepe shares his backup seed phrase to a hood hacker Pepe because his discord DM said to do so

From near-weekly protocol exploits to Discords imposters there are plenty of shadowy hackers out there looking to drain your hard-earned shitcoins and shitpics. Here at YC, we’re no strangers to these risks and it’s why we take security very seriously. With the markets back up and NFTs on a real tear now is as good a time as any to re-evaluate your own op-sec. Here are some tips for keeping your funds safu as we (hopefully) continue to see numbers go up.

Never Ever Ever Share Your Seed Phrase

No, really. Never do this ever. Never share your seed phrase with anyone. Never save your seed phrase in a password manager. Never save your seed phrase on your machine. If you don’t want to use one of the fancy metal tubes then write it on paper, put it in a fireproof bag, and then put that bag in a fireproof safe. This will run you around a hundred bucks on Amazon but save you much more in future pain and frustration.

Hardware Is Non-Negotiable

If you are reading this and you do not own and use a hardware wallet then please stop and go buy one. Using hardware is table stakes in this space. The Ledger Nano S or the Trezor Model One are both sufficient. The bottom line is do not rely on MetaMask hot wallets to be secure. While a hardware wallet might seem like a pain I can assure you it’s worth the hassle. As someone who has been on the receiving end of hot wallet attacks the threats are real and if your portfolio value is worth anywhere in excess of low to mid-five figures a hardware wallet is simply non-optional.

If your portfolio is approaching six figures or more, or you’re heavily invested in the NFT space, then consider getting two and treating one as cold storage. Again, it may feel annoying but consider this insurance. You pay premiums on everything from auto to home to health insurance. Why would you care any less about your crypto assets? If you are new to hardware wallets and are looking to transfer NFTs I wrote a guide that walks anons through moving NFTs from a hot wallet to a hardware wallet via OpenSea. You can check it out here!

Finally once you have your hardware setup in place pleez stop using MetaMask on mobile to make transactions. Mobile networks are the least secure and SIM swaps are a common attack vector. If you absolutely must make a purchase on mobile then only transfer ETH into a hot wallet for that purchase and once you’re finished immediately transfer whatever you bought and any remaining ETH to your hardware wallet. Mobile might be convenient for many but that convenience comes with a cost.

Buy A Crypto Only Machine

One computer to rule them all might be convenient but you’re opening yourself up to extra risk. Every site you visit, every attachment you download, every piece of software you install is a potential new attack vector. Much like hardware wallets, if your portfolio is in the mid-five figures or more isolating risk by having a dedicated machine for crypto is a cheap insurance policy.

While any dedicated machine is better than none at YC we recommend going with Linux. Short of that MacOS. Windows should be avoided. While the software used to access Web3 will be common among all of these operating systems the smaller market share of Linux helps reduce your risk further. Whatever machine you do decide to go with we advise a full factory reset and wipe out-of-the-box before you begin to use it.

Install nothing more than the bare essentials of Chrome with the MetaMask extension, and potentially something like Ledger Live. Only use this machine for executing crypto trades and keep it disconnected from the internet when you’re not using it. While this may seem a bit paranoid remember that in a space where this much wealth is being created this quickly a healthy amount of paranoia can go a long way towards keeping you safe and your assets secure. Plus however smart and safe you think you’re being motivated anons looking to steal your money are smarter.

Turn Off Your Discord DMs

Anyone who has spent any time in this space knows that Discord is perhaps our most important tool. After all, it's where so much of the magic happens in Crypto! This also means it’s the perfect medium for all kinds of scum and villainy. Whether it’s social engineering via impersonation or bots spamming you with malicious links Discord’s default settings leave users exposed to all kinds of unnecessary risk.

Fortunately, the solution is quite simple: just turn off your DMs! This can be done in User Settings under Privacy & Security. From here you can toggle Allow direct messages from server members to an off position. But ser, what about my new frens? Or Captcha bots? How am I going to get the OG role if I cannot verify?!?! Easy: you’ll have to manually toggle DMs to “on” should you need to accept messages from a server bot or wait for your new frens to send you a fren request first.

Always remain skeptical of new fren requests, especially from those with who you haven’t interacted with before. I always will check the “Mutual Servers” before accepting to get an idea of where this person might know me from. I don’t accept every request sent my way, and likely neither should you.

There you have it. While this isn’t exhaustive it’s a good place to start. If this feels slightly too inconvenient then grow the fuck up. You wanna make the big bucks? Spend a bit of time and effort (and money) on minimizing common attack vectors. No matter how tedious some of this seems or no matter how much you don’t feel like spending the extra money I can guarantee it’s a lot cheaper and easier to do this the right way rather than the easy way. So suck it up anon, if you wanna make it.

Meet BEW, a wine collecting web developer who moonlights as an amateur chef. BEW's passion for wine is evident in his vast collection of bottles from all over the world. He also has a great interest in web development and is known for his skills in multiple programming languages such as Python, JavaScript and HTML/CSS. He is able to combine his love for wine and web development by creating visually appealing and user-friendly websites for wineries and wine shops. He is also an amateur chef and loves experimenting in the kitchen and pairing wine with his dishes. In his free time, BEW enjoys 3D glasses and the immersive experience it gives him when watching movies and playing video games.