backback
back
backback
backback
backback

The key to bringing down the traditional application wall - Web3's Seed Phrase / Mnemonic

#NFT#Security
2022-01-17
image-cover

With Facebook officially entering the MetaVerse, people from all walks of life getting involved in the issuance and promotion of NFT, and the booming decentralized finance in 2021, more and more people are entering the cryptocurrency market.

The abstraction, usability, and security of accounts are completely different for cryptocurrencies compared to the way people interact with traditional financial institutions.

Web 3.0: For the first time, we will truly own our assets

In the past, with all the Internet services we used, data storage and control were held centrally. On top of the blockchain infrastructure, everyone can have an identical copy of our data, which is synchronized by consensus between network nodes, so that as long as the blockchain nodes exist, we can ensure the availability of our data, which is accessed using our public and private keys on top of the blockchain, rather than through traditional centralized accounts. We have a direct relationship with the underlying protocol, which relieves us of the dependency of accessing a centralized database through an intermediate node.

This means that we will actually own that data, and unless there is a 51% attack on the network or a vulnerability in the protocol layer, which hasn't happened yet, no one can revoke or interfere with our relationship with these crypto assets.

This is both incredible and terrifying (and we will be responsible for it), and that's the beauty of Web 3.

1_rPO_JUrG1D5XRe0sPwjVng.png

Ref: Introduction to SSI — Finema Documentation

Seed phrase gave us FREEDOM on the internet

Since the birth of Bitcoin in 2008, we've heard a lot about the early days when people kept their private keys on a hard drive that was damaged or forgot the name of the folder, or maybe it was copied on a piece of paper and forgotten where to put it over time all because of the lack of awareness and understanding for the importance of private keys. According to research, the ratio of bitcoins that will never be used again because of forgotten private keys could be as high as 20% of the total volume.

In 2022, seed phrase, which is responsible for deriving private keys, brings greater portability and mobility to our entire Web3 application, your assets move with your wallet, and the walls between web applications come down.

Times have changed, and now more people are beginning to understand the importance of private keys, and people are becoming concerned about the best way to protect them.

The fundamental differences of Web 3: How to protect your seed phrase?

Seed phrase has helped us to get back the autonomy of the internet, but at the same time, there are still many problems caused by the difficulty of managing the seed phrase. However, it seems inevitable that the vast majority of people don't want to take these steps or understand the principles, don't want to think too much about security rights, and want to leave it to third-party services to help. This is the paradox of Web 3, can we really go completely decentralized?

True freedom comes from knowledge, and when we want to have our own autonomy, we have to really acquire that knowledge and consider our rights to our assets, even if we entrust them to third-party services, we have to take the time to understand how those services are going to help me keep my assets, how they are going to help me retrieve them if I forget the seed phrase, and how secure the whole thing is.

Read More: Things you should know about financial security in the Web3 era: How does token, private key, and wallet (account) work?

Even if the underlying protocol is secure, you can still be scammed

Directly setting up a malicious node for a trading attack has never happened in history, but it is possible to get the funds in your wallet through deception or social engineering. Just as few people actually break into a bank and remove the money from the vault, most funds are lost by accidentally providing personal information to or transferring money to a fraudulent company.

When you encounter customer service that claims to be from an exchange or wallet, ask for official verification through the contact information on the website or app. Don't give out seed phrase or private keys to anyone! Anyone who induces you to reveal such information is a scammer.

Almost all blockchain applications that involve private keys have such statements because crypto assets are managed in a completely different way than traditional account passwords, so many people can be scammed in the absence of knowledge.

Read More: What To Know About Cryptocurrency and Scams

1*YE7Z8XuxjCZUzdqoPUyEcQ.png

Ref: https://www.programmersought.com/article/21031311244/

If we recreate a Metamask wallet, we will be asked to keep this seed phrase, and after it is created we can create more blockchain addresses under this account, each corresponding to a pair of public and private keys.

Do not use screenshots or photos to save the helper, and do not save it on a networked device or cloud server.

1 Use a cold wallet to ensure that the seed phrase is stored only on a hardware device

2 Use write it on a piece of paper and store in a safe place

3 Use tools such as waterproof, fireproof and anti-corrosive seed phrase capsule to physically store the words

4 Use your own known encryption method to synchronize in the cloud

5 Split the fragment and put it in a different cloud to reduce the chance of exposure

Other Referential Methods: Asset Ownership Backup Security Solution

You should never give your seed phrase or private key to anyone, there is no reason to do so.

Conclusion

Just like in Twitter where you have a username and an email, you can change the email and keep the username, or change the username and keep the email. That's because there's a unique ID in the system behind it.

Seed phrase helps us to create such a system so that if people lose their keys, they don't lose the web links, transactions, or assets they've created in the past.

Even if in the end most people still choose to trust a particular organization or third party, the helper still gives us a choice: to keep control of things in your own hands, and that is the most desirable about Web3.

(This article is mainly inspired by a16z Podcast, this episode is strongly recommended: https://www.listennotes.com/de/podcasts/a16z-podcast/crypto-security-and-the-new-f6Inq7lCbO2/)