Opsec tips for those with meaningful crypto holdings but self-custody…
1. Separate device just for smart contract interactions (VMs for the more tech savvy)
2. Hardware wallets ONLY
3. Back up your seed offline, can shamir secret share it and secure in diff locations
4. Separate phone number(s) for all accounts tied to crypto, including PW manager
5. Separate email(s) and passwords for each exchange
6. Authy and Yubikeys - never text based SMS
7. Practice safe aping: revoke contract approval post aping with @DeBankDeFi
8. Don’t wear crypto merch to avoid dollar wrench attack. The comfy @Not3Lau_Capital hoodies stay at home!
9. Use multiple addresses (rip degen score), and multiple wallets
10. No cash deals in person
11. PO box for inbound mail, never send crypto merch to home address because @Ledger might leak your data again
12. Disable multi device on Authenticator apps
13. Destroy old devices, never trade ins (overkill maybe)
14. Don't use paper to back up your seed as your biggest risk might be yourself (accidentally destroying your seed). Use unobtrusive stainless steel. Figure out how to do this.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
How to Get Rich in Crypto (without getting lucky):
Inspired by @naval's timeless thread, here are some lessons from 100s of convos I had as an investor and as an interviewer on @theBlockcrunch speaking to people in crypto who "made it".
Whether you're a founder, investor, trader, operator, developer - most people in crypto get rich by the same thing: owning assets that appreciate in value over time.
✅The idea of onboarding billions while preventing sybil via biometrics is powerful.
🚩If profitable enough retinal scans could probably be spoofed and operators have no incentives to stop fraud as they earn commission (ht @richardchen39). Wells Fargo anyone?
✅Using ZKP to preserve biometrics <> address privacy is reassuring.
🚩If biometrics data is stored in a central repository could be a massive honeypot?